urlscan.io logo urlscan.io
SecurityTrails logo

helpmyhtc.com Open in urlscan Pro
2a0a:2b43:6d:d6f2::  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
Effective URL: https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
Submission: On November 01 via manual from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 5 countries across 27 domains to perform 95 HTTP transactions. The main IP is 2a0a:2b43:6d:d6f2::, located in Russian Federation and belongs to SPRINTHOST, RU. The main domain is helpmyhtc.com.
TLS certificate: Issued by R3 on October 29th 2021. Valid for: 3 months.
This is the only time helpmyhtc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13 2a0a:2b43:6d:... 35278 (SPRINTHOST)
4 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 12 2a02:6b8::1:119 208722 (YNDX)
2 3 88.212.201.198 39134 (UNITEDNET)
2 21 2a02:6b8::90 208722 (YNDX)
2 11 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a02:6b8:20::215 208722 (YNDX)
2 2a02:6b8::184 208722 (YNDX)
1 2a02:6b8::5:114 208722 (YNDX)
1 1 212.11.152.207 8901 (Moscow Ma...)
4 5 95.217.109.66 24940 (HETZNER-AS)
3 3 35.190.16.14 15169 (GOOGLE)
1 81.222.128.213 20597 (ELTEL-AS)
1 1 142.250.185.98 15169 (GOOGLE)
2 2 185.15.175.144 43226 (SAFEDATA ...)
1 1 80.64.106.148 20764 (RASCOM-AS...)
1 1 80.64.106.149 20764 (RASCOM-AS...)
2 2 89.108.119.28 197695 (AS-REG)
2 2 95.216.101.186 24940 (HETZNER-AS)
1 1 91.192.149.30 42481 (BEGUN-AS)
1 2 54.171.163.246 16509 (AMAZON-02)
1 37.18.16.16 205675 (HYBRID-AS)
1 1 2001:6d0:4001... 52016 (TNSMSK-)
2 2 148.251.78.49 24940 (HETZNER-AS)
1 1 136.243.48.22 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 7 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6b8:a::a 208722 (YNDX)
2 3 142.250.184.226 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
95 23
13    2a0a:2b43:6d:d6f2:: (Russian Federation)

ASN35278 (SPRINTHOST, RU)
helpmyhtc.com
4    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
6    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
12    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
3    88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
counter.yadro.ru
21    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
an.yandex.ru
11    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.it
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
7    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
yastatic.net
2    2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
avatars.mds.yandex.net
1    2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
ysa-static.passport.yandex.ru
1    212.11.152.207 (Moscow, Russian Federation)

ASN8901 (Moscow Mayors Office, RU)
stats.mos.ru
5    95.217.109.66 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de
sonar.semantiqo.com
cdn3.caltat.com
sync.magnitent.com
3    35.190.16.14 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com
redirect.frontend.weborama.fr
1    81.222.128.213 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad13.adriver.ru
ssp.adriver.ru
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
2    185.15.175.144 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
dmg.digitaltarget.ru
1    80.64.106.148 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr3.rutarget.ru
yandex-dmp-sync.rutarget.ru
1    80.64.106.149 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr4.rutarget.ru
yandex-sync.rutarget.ru
2    89.108.119.28 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru
x01.aidata.io
2    95.216.101.186 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.186.101.216.95.clients.your-server.de
sync.1dmp.io
1    91.192.149.30 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru
profile.ssp.rambler.ru
2    54.171.163.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-163-246.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    37.18.16.16 (Russian Federation)

ASN205675 (HYBRID-AS, RU)
dm.hybrid.ai
1    2001:6d0:4001::226 (Russian Federation)

ASN52016 (TNSMSK-, RU)
cm.tns-counter.ru
2    148.251.78.49 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-8.community.moscow
sync.upravel.com
1    136.243.48.22 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-22.community.moscow
fad0d7e2-f14e-4fb0-acd7-7baba313e103.sync.upravel.com
2    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
yandex.ru
3    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googleadservices.com
6    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.it
Apex Domain
Subdomains		 Transfer
35 yandex.ru
mc.yandex.ru
an.yandex.ru
ysa-static.passport.yandex.ru
yandex.ru
206 KB
13 helpmyhtc.com
helpmyhtc.com
234 KB
12 doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
13 KB
8 google.com
adservice.google.com
www.google.com
3 KB
8 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
182 KB
7 yastatic.net
yastatic.net
263 KB
7 google.it
adservice.google.it
www.google.it
2 KB
4 googleadservices.com
partner.googleadservices.com
www.googleadservices.com
16 KB
4 bootstrapcdn.com
maxcdn.bootstrapcdn.com
100 KB
3 upravel.com
sync.upravel.com
fad0d7e2-f14e-4fb0-acd7-7baba313e103.sync.upravel.com
2 KB
3 weborama.fr
redirect.frontend.weborama.fr
698 B
3 semantiqo.com
sonar.semantiqo.com
1 KB
3 yadro.ru
counter.yadro.ru
2 KB
2 demdex.net
dpm.demdex.net
2 KB
2 1dmp.io
sync.1dmp.io
1023 B
2 aidata.io
x01.aidata.io
1 KB
2 rutarget.ru
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
847 B
2 digitaltarget.ru
dmg.digitaltarget.ru
1 KB
2 yandex.net
avatars.mds.yandex.net
16 KB
1 tns-counter.ru
cm.tns-counter.ru
387 B
1 hybrid.ai
dm.hybrid.ai
238 B
1 rambler.ru
profile.ssp.rambler.ru
244 B
1 adriver.ru
ssp.adriver.ru
201 B
1 magnitent.com
sync.magnitent.com
778 B
1 caltat.com
cdn3.caltat.com
334 B
1 mos.ru
stats.mos.ru
335 B
1 cloudflare.com
cdnjs.cloudflare.com
14 KB
95 27
Domain Requested by
21 an.yandex.ru 2 redirects helpmyhtc.com
an.yandex.ru
13 helpmyhtc.com 1 redirects helpmyhtc.com
12 mc.yandex.ru 1 redirects helpmyhtc.com
mc.yandex.ru
yastatic.net
11 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
www.googleadservices.com
7 www.google.com 2 redirects tpc.googlesyndication.com
7 yastatic.net an.yandex.ru
yastatic.net
helpmyhtc.com
6 www.google.it
6 pagead2.googlesyndication.com helpmyhtc.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 maxcdn.bootstrapcdn.com helpmyhtc.com
maxcdn.bootstrapcdn.com
3 www.googleadservices.com 2 redirects yastatic.net
3 redirect.frontend.weborama.fr 3 redirects
3 sonar.semantiqo.com 2 redirects
3 counter.yadro.ru 2 redirects helpmyhtc.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 sync.upravel.com 2 redirects
2 dpm.demdex.net 1 redirects
2 sync.1dmp.io 2 redirects
2 x01.aidata.io 2 redirects
2 dmg.digitaltarget.ru 2 redirects
2 avatars.mds.yandex.net helpmyhtc.com
1 yandex.ru yastatic.net
1 fad0d7e2-f14e-4fb0-acd7-7baba313e103.sync.upravel.com 1 redirects
1 cm.tns-counter.ru 1 redirects
1 dm.hybrid.ai helpmyhtc.com
1 profile.ssp.rambler.ru 1 redirects
1 yandex-sync.rutarget.ru 1 redirects
1 yandex-dmp-sync.rutarget.ru 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 ssp.adriver.ru helpmyhtc.com
1 sync.magnitent.com 1 redirects
1 cdn3.caltat.com 1 redirects
1 stats.mos.ru 1 redirects
1 ysa-static.passport.yandex.ru helpmyhtc.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.it pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdnjs.cloudflare.com helpmyhtc.com
95 37

This site contains links to these domains. Also see Links.

Domain
twitter.com
vk.com
www.question2answer.org
Subject Issuer Validity Valid
helpmyhtc.com
R3		 2021-10-29 -
2022-01-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
bs.yandex.ru
Yandex CA		 2021-05-31 -
2021-11-29		 6 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.it
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.yastatic.net
Yandex CA		 2021-08-18 -
2022-02-16		 6 months crt.sh
avatars.mds.yandex.net
Yandex CA		 2021-08-31 -
2022-03-01		 6 months crt.sh
ysa-static.passport.yandex.net
Yandex CA		 2021-08-21 -
2022-02-19		 6 months crt.sh
*.adriver.ru
RapidSSL RSA CA 2018		 2020-04-03 -
2022-04-24		 2 years crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
yandex.ru
Yandex CA		 2021-08-30 -
2022-02-28		 6 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
Frame ID: 37B3E13198C91EFE7CEB96503ADCEAF5
Requests: 46 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211027/r20190131/zrt_lookup.html
Frame ID: A996F9A6AE999532F75923DA8278BD6B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7962056155172876&output=html&h=90&slotname=3768496415&adk=3858468489&adf=1534226932&pi=t.ma~as.3768496415&w=1140&fwrn=4&fwrnh=100&lmt=1635765831&rafmt=2&psa=0&format=1140x90&url=https%3A%2F%2Fhelpmyhtc.com%2Findex.php%3Fqa%3Duser%26qa_1%3Dwealthbumper06&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635765831317&bpp=6&bdt=306&idt=108&shv=r20211027&mjsv=m202110260101&ptt=9&saldr=aa&abxe=1&correlator=6121118939938&frm=20&pv=2&ga_vid=835429032.1635765831&ga_sid=1635765831&ga_hid=7424967&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=373&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063300&oid=2&pvsid=3764534340672582&pem=596&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=hxm5p42ROf&p=https%3A//helpmyhtc.com&dtd=125
Frame ID: 658817C58355300391703025769F8C48
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7962056155172876&output=html&h=280&slotname=6241691445&adk=3080909161&adf=250596137&pi=t.ma~as.6241691445&w=1110&fwrn=4&fwrnh=100&lmt=1635765831&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fhelpmyhtc.com%2Findex.php%3Fqa%3Duser%26qa_1%3Dwealthbumper06&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635765831323&bpp=1&bdt=311&idt=136&shv=r20211027&mjsv=m202110260101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x90&correlator=6121118939938&frm=20&pv=1&ga_vid=835429032.1635765831&ga_sid=1635765831&ga_hid=7424967&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=1161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063300&oid=2&pvsid=3764534340672582&pem=596&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8BJ4UVi6Kk&p=https%3A//helpmyhtc.com&dtd=139
Frame ID: 00F88D1DA6EBE92BCAC28FCB8DF2C34F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7962056155172876&output=html&h=280&slotname=3950306698&adk=3499651113&adf=2620375575&pi=t.ma~as.3950306698&w=1110&fwrn=4&fwrnh=100&lmt=1635765831&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fhelpmyhtc.com%2Findex.php%3Fqa%3Duser%26qa_1%3Dwealthbumper06&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635765831324&bpp=1&bdt=312&idt=160&shv=r20211027&mjsv=m202110260101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x90%2C1110x280&correlator=6121118939938&frm=20&pv=1&ga_vid=835429032.1635765831&ga_sid=1635765831&ga_hid=7424967&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063300&oid=2&pvsid=3764534340672582&pem=596&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0ks1dKy2yf&p=https%3A//helpmyhtc.com&dtd=163
Frame ID: 326C4581B1883D3980B5108251C842E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7962056155172876&output=html&adk=1812271804&adf=3025194257&lmt=1635765831&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhelpmyhtc.com%2Findex.php%3Fqa%3Duser%26qa_1%3Dwealthbumper06&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635765831333&bpp=1&bdt=321&idt=160&shv=r20211027&mjsv=m202110260101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x90%2C1110x280%2C1110x280&nras=1&correlator=6121118939938&frm=20&pv=1&ga_vid=835429032.1635765831&ga_sid=1635765831&ga_hid=7424967&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063300&oid=2&pvsid=3764534340672582&pem=596&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=165
Frame ID: C60137E866FBD44204D3046C96819C0B
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.82/1-1-0/render.html
Frame ID: 533F5185657641F8677CD966172FCEA1
Requests: 38 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: B2EE1BC2C0F94395B3CAEBDE27FD06B6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 150D6C6CFABA42955E63B3B56BFF15B5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Пользователь wealthbumper06 - Вопросы и ответы по HTC на HelpMyHTC.com

Page URL History Show full URLs

  1. http://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06 HTTP 301
    https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06 Page URL

Page Statistics

95
Requests

82 %
HTTPS

49 %
IPv6

27
Domains

37
Subdomains

23
IPs

5
Countries

1047 kB
Transfer

3109 kB
Size

41
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06 HTTP 301
    https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://counter.yadro.ru/hit?t44.3;r;s1600*1200*24;uhttps%3A//helpmyhtc.com/index.php%3Fqa%3Duser%26qa_1%3Dwealthbumper06;0.7261421118935087 HTTP 302
  • https://counter.yadro.ru/hit?q;t44.3;r;s1600*1200*24;uhttps%3A//helpmyhtc.com/index.php%3Fqa%3Duser%26qa_1%3Dwealthbumper06;0.7261421118935087
Request Chain 27
  • https://mc.yandex.ru/watch/25886303?wmode=7&page-url=https%3A%2F%2Fhelpmyhtc.com%2Findex.php%3Fqa%3Duser%26qa_1%3Dwealthbumper06&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyymqkmijljhdjn%3Afp%3A557%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A1%3Adp%3A0%3Als%3A670929337928%3Ahid%3A444449069%3Az%3A0%3Ai%3A20211101112351%3Aet%3A1635765831%3Ac%3A1%3Arn%3A62130568%3Arqn%3A1%3Au%3A1635765831368866457%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1635765830649%3Ads%3A0%2C134%2C84%2C31%2C142%2C0%2C%2C211%2C1%2C%2C%2C%2C574%3Adsn%3A0%2C134%2C84%2C31%2C142%2C0%2C%2C183%2C0%2C%2C%2C%2C575%3Aco%3A0%3Arqnl%3A1%3Ast%3A1635765831%3At%3A%D0%9F%D0%BE%D0%BB%D1%8C%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%20wealthbumper06%20-%20%D0%92%D0%BE%D0%BF%D1%80%D0%BE%D1%81%D1%8B%20%D0%B8%20%D0%BE%D1%82%D0%B2%D0%B5%D1%82%D1%8B%20%D0%BF%D0%BE%20HTC%20%D0%BD%D0%B0%20HelpMyHTC.com&t=gdpr(14)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/25886303/1?wmode=7&page-url=https%3A%2F%2Fhelpmyhtc.com%2Findex.php%3Fqa%3Duser%26qa_1%3Dwealthbumper06&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyymqkmijljhdjn%3Afp%3A557%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A1%3Adp%3A0%3Als%3A670929337928%3Ahid%3A444449069%3Az%3A0%3Ai%3A20211101112351%3Aet%3A1635765831%3Ac%3A1%3Arn%3A62130568%3Arqn%3A1%3Au%3A1635765831368866457%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1635765830649%3Ads%3A0%2C134%2C84%2C31%2C142%2C0%2C%2C211%2C1%2C%2C%2C%2C574%3Adsn%3A0%2C134%2C84%2C31%2C142%2C0%2C%2C183%2C0%2C%2C%2C%2C575%3Aco%3A0%3Arqnl%3A1%3Ast%3A1635765831%3At%3A%D0%9F%D0%BE%D0%BB%D1%8C%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%20wealthbumper06%20-%20%D0%92%D0%BE%D0%BF%D1%80%D0%BE%D1%81%D1%8B%20%D0%B8%20%D0%BE%D1%82%D0%B2%D0%B5%D1%82%D1%8B%20%D0%BF%D0%BE%20HTC%20%D0%BD%D0%B0%20HelpMyHTC.com&t=gdpr%2814%29ti%282%29
Request Chain 49
  • https://stats.mos.ru/gc/ynd/ HTTP 302
  • https://an.yandex.ru/mapuid/ditmsk/?time=1635765832.435
Request Chain 50
  • https://sonar.semantiqo.com/dmp/scr.php HTTP 302
  • https://counter.yadro.ru/id127/reff-id.gif?sid=961fee51ea3149f28ce6a5e44009a64b HTTP 302
  • https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=BEC52D21279CB787&sid=961fee51ea3149f28ce6a5e44009a64b HTTP 302
  • https://cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/sess.php?sid=961fee51ea3149f28ce6a5e44009a64b&spid=BEC52D21279CB787&v= HTTP 302
  • https://sync.magnitent.com/fbfli/ct_sync.php?ct=01d38996106e419b810c60c87a7dd758&sonar=961fee51ea3149f28ce6a5e44009a64b&spid=BEC52D21279CB787&v= HTTP 302
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsonar.semantiqo.com%2F983we%2Fspixel.php%3Fsid%3D961fee51ea3149f28ce6a5e44009a64b%26c%3D01d38996106e419b810c60c87a7dd758%26w%3D={WEBO_CID} HTTP 302
  • https://sonar.semantiqo.com/983we/spixel.php?sid=961fee51ea3149f28ce6a5e44009a64b&c=01d38996106e419b810c60c87a7dd758&w==n9wYZvzwwX6.5op9wLHKGu
Request Chain 52
  • https://an.yandex.ru/mapuid/google/ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=B2F95B7690E69DEA&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 53
  • https://dmg.digitaltarget.ru/1/119/i/i?i=1635765831 HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&i=1635765831 HTTP 307
  • https://an.yandex.ru/mapuid/dmpamberdata/yKrrIoXv25aY5kB7fulr
Request Chain 54
  • https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
  • https://an.yandex.ru/mapuid/dmpsegmento/YW6dKX_ySNJJ?sign=1191660367
Request Chain 55
  • https://yandex-sync.rutarget.ru/sync HTTP 302
  • https://an.yandex.ru/mapuid/rutargetis/eXBXMooWq7Hv
Request Chain 56
  • https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
  • https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 HTTP 302
  • https://an.yandex.ru/mapuid/dmpaidatame/VvVRi35JHWTL8qyYlZrXug?sign=3125275997
Request Chain 57
  • https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1 HTTP 302
  • https://an.yandex.ru/mapuid/dmpcleverdata/313b3890-3b06-11ec-ad67-f832e4719dd9?sign=589095577
Request Chain 58
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 302
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=1978430738 HTTP 302
  • https://an.yandex.ru/mapuid/dmpweborama/n9wYZvzwwX6.5op9wLHKGu
Request Chain 59
  • https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
  • https://an.yandex.ru/mapuid/ramblerssp/
Request Chain 60
  • https://an.yandex.ru/mapuid/adobedmp/ HTTP 302
  • https://dpm.demdex.net/ibs:dpid=423652&dpuuid=E99FA9A7C3E47142 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=E99FA9A7C3E47142
Request Chain 62
  • https://cm.tns-counter.ru/yacm HTTP 302
  • https://an.yandex.ru/mapuid/mediascope/c48721199f09cc738b767b1cfdfa541acde552f003f1c009b3a85e0ee29e9a53
Request Chain 63
  • https://sync.upravel.com/yandex/sync HTTP 302
  • https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
  • https://fad0d7e2-f14e-4fb0-acd7-7baba313e103.sync.upravel.com/yandex/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIiwiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
  • https://an.yandex.ru/mapuid/upravelis/fad0d7e2-f14e-4fb0-acd7-7baba313e103
Request Chain 76
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Ss5_YamAGYO57gPHno_oCQ&random=499521893&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=499521893&crd=&is_vtc=1&random=3099687439 HTTP 302
  • https://www.google.it/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=499521893&crd=&is_vtc=1&random=3099687439&ipr=y
Request Chain 77
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Ss5_YeSDGYvjgQeksIqQAQ&random=776042332&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=776042332&crd=&is_vtc=1&random=2105224410 HTTP 302
  • https://www.google.it/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=776042332&crd=&is_vtc=1&random=2105224410&ipr=y

95 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
helpmyhtc.com/
Redirect Chain
  • http://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
  • https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
32 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:2b43:6d:d6f2:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software
openresty /
Resource Hash
d790d30849c8f43e87205524a3b6c92ffc9aa0c24a0d1161b5bfadcfefe7129b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9

Response headers

server
openresty
date
Mon, 01 Nov 2021 11:23:50 GMT
content-type
text/html; charset=utf-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-encoding
gzip
vary
Accept-Encoding

Redirect headers

Server
openresty
Date
Mon, 01 Nov 2021 11:23:50 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
340
Connection
keep-alive
Location
https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/ 		120 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
Requested by
Host: helpmyhtc.com
URL: https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 718, 718
age
16629238
cdn-cachedat
2021-04-22 22:41:28
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
6e08ece97fd0499ee53ff19bcef79745
cf-ray
6a74c0dc4f510f4e-MXP
cdn-requestcountrycode
IT
cdn-requestpullsuccess
True
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Requested by
Host: helpmyhtc.com
URL: https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 718, 718
age
16629412
cdn-cachedat
2021-04-23 01:57:02
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
bc98edc0feb133441927eb4a27a7732a
cf-ray
6a74c0dc4f540f4e-MXP
cdn-requestcountrycode
IT
cdn-requestpullsuccess
True
open-sans.css
helpmyhtc.com/qa-theme/Donut-theme/css/ 		2 KB
507 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://helpmyhtc.com/qa-theme/Donut-theme/css/open-sans.css?2.0.4
Requested by
Host: helpmyhtc.com
URL: https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:2b43:6d:d6f2:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software
openresty /
Resource Hash
41fd616ac7238e04bb88107b622dde56c225292677048a9c1b804f55cd80c4de

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:51 GMT
content-encoding
gzip
last-modified
Sat, 06 Apr 2019 13:43:34 GMT
server
openresty
etag
W/"5ca8ad06-795"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
expires
Mon, 08 Nov 2021 11:23:51 GMT
donut.min.css
helpmyhtc.com/qa-theme/Donut-theme/css/ 		84 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://helpmyhtc.com/qa-theme/Donut-theme/css/donut.min.css?2.0.4
Requested by
Host: helpmyhtc.com
URL: https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:2b43:6d:d6f2:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software
openresty /
Resource Hash
708ac35f1fb1183f3f71e3c53b7d0f7848ec5561339cadd14eb20ae58c64c403

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:51 GMT
content-encoding
gzip
last-modified
Sun, 21 Apr 2019 14:29:45 GMT
server
openresty
etag
W/"5cbc7e59-151a2"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
expires
Mon, 08 Nov 2021 11:23:51 GMT
default.css
helpmyhtc.com/qa-plugin/q2a-breadcrumbs-master/css/ 		915 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://helpmyhtc.com/qa-plugin/q2a-breadcrumbs-master/css/default.css
Requested by
Host: helpmyhtc.com
URL: https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:2b43:6d:d6f2:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software
openresty /
Resource Hash
736ebe62481b6e26e2ab4253380d6ee4e586ab20d54dddf5919d5ac7ba8b24f3

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:51 GMT
last-modified
Sun, 10 Mar 2019 13:58:00 GMT
server
openresty
etag
"5c8517e8-393"
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
915
expires
Mon, 08 Nov 2021 11:23:51 GMT
jquery-3.3.1.min.js
helpmyhtc.com/qa-content/ 		85 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://helpmyhtc.com/qa-content/jquery-3.3.1.min.js
Requested by
Host: helpmyhtc.com
URL: https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:2b43:6d:d6f2:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software
openresty /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:51 GMT
content-encoding
gzip
last-modified
Sat, 06 Apr 2019 13:39:05 GMT
server
openresty
etag
W/"5ca8abf9-1538f"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=604800
expires
Mon, 08 Nov 2021 11:23:51 GMT
qa-global.js
helpmyhtc.com/qa-content/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://helpmyhtc.com/qa-content/qa-global.js?1.8.3
Requested by
Host: helpmyhtc.com
URL: https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:2b43:6d:d6f2:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software
openresty /
Resource Hash
e48e4db5ebf7ec63a028eb6fa5ad8f5265c4b1cb7bd887517e7230474d8d2b67

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:51 GMT
content-encoding
gzip
last-modified
Sat, 06 Apr 2019 13:39:05 GMT
server
openresty
etag
W/"5ca8abf9-4d04"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=604800
expires
Mon, 08 Nov 2021 11:23:51 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js
Requested by
Host: helpmyhtc.com
URL: https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 718, 718
age
16629238
cdn-cachedat
2021-04-23 01:41:04
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
600554f3d6995081dfbd97f727a3c9da
cf-ray
6a74c0dc4f570f4e-MXP
cdn-requestcountrycode
IT
cdn-requestpullsuccess
True
donut.js
helpmyhtc.com/qa-theme/Donut-theme/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://helpmyhtc.com/qa-theme/Donut-theme/js/donut.js?2.0.4
Requested by
Host: helpmyhtc.com
URL: https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:2b43:6d:d6f2:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software
openresty /
Resource Hash
3a3ba2b0e01ce58a85831e1dd578e7e29ea8cdb46613900df89a11a33964a980

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:51 GMT
content-encoding
gzip
last-modified
Sat, 06 Apr 2019 13:43:40 GMT
server
openresty
etag
W/"5ca8ad0c-d8c"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=604800
expires
Mon, 08 Nov 2021 11:23:51 GMT
logo.png
helpmyhtc.com/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://helpmyhtc.com/images/logo.png
Requested by
Host: helpmyhtc.com
URL: https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:2b43:6d:d6f2:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software
openresty /
Resource Hash
7a2d9d8a2755776e512e56e6214c8c61550f909c10f3215f1400ca911d5225a7

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:51 GMT
last-modified
Sat, 06 Apr 2019 16:42:16 GMT
server
openresty
etag
"5ca8d6e8-3a08"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
14856
expires
Mon, 08 Nov 2021 11:23:51 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: helpmyhtc.com
URL: https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c489985679ae91858873e2201f9ff939caf128cb18cb9d12f4956e780fa490e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51564
x-xss-protection
0
server
cafe
etag
14653376799556675459
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 01 Nov 2021 11:23:51 GMT
/
helpmyhtc.com/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://helpmyhtc.com/?qa=image&qa_blobid=3769769590626227310&qa_size=200
Requested by
Host: helpmyhtc.com
URL: https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:2b43:6d:d6f2:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software
openresty /
Resource Hash
f62c20cec722b86dc980ce86be42516302180d4bb7c02889ebf6a7dba8a261eb

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:51 GMT
cache-control
max-age=2592000, public
server
openresty
content-length
5350
content-type
image/jpeg
mobile-detect.min.js
cdnjs.cloudflare.com/ajax/libs/mobile-detect/1.3.5/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/mobile-detect/1.3.5/mobile-detect.min.js
Requested by
Host: helpmyhtc.com
URL: https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdfa9a147ae8d8357855515bab5291b8c9342eeed9d638b47103c19d9d9aaf36
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3336160
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13258
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f25-92a8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XtPT1cgbgz5mzLV4u2Mk8Km78Cc2cMmpHhn9KB%2BNINd4p2kGg6W2%2FOklLBPvyZzzofxAPmpu%2FkenyAJcYocBk9FaQOqElXHOGbt4D%2Bn3nOVL5bVvp%2BwMRloej4unJ8Ya5INNklvw0ZYTalGmmX8T1bRQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a74c0dcda3559a1-MXP
expires
Sat, 22 Oct 2022 11:23:51 GMT
watch.js
mc.yandex.ru/metrika/ 		130 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: helpmyhtc.com
URL: https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
286d7b1513330a2584731e1073d5346e1193de768356ccd3fbf0c24365f52ad0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:51 GMT
content-encoding
br
last-modified
Mon, 25 Oct 2021 12:24:54 GMT
etag
"617677e6-b7c6"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
47046
expires
Mon, 01 Nov 2021 12:23:51 GMT
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t44.3;r;s1600*1200*24;uhttps%3A//helpmyhtc.com/index.php%3Fqa%3Duser%26qa_1%3Dwealthbumper06;0.7261421118935087
  • https://counter.yadro.ru/hit?q;t44.3;r;s1600*1200*24;uhttps%3A//helpmyhtc.com/index.php%3Fqa%3Duser%26qa_1%3Dwealthbumper06;0.7261421118935087
140 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t44.3;r;s1600*1200*24;uhttps%3A//helpmyhtc.com/index.php%3Fqa%3Duser%26qa_1%3Dwealthbumper06;0.7261421118935087
Requested by
Host: helpmyhtc.com
URL: https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
Protocol
HTTP/1.1
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
fef8f68fcb81d77a04bb91d8acf35c8fa1bdb9cf1694657fdd0f2d240e018333
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 11:23:59 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
140
Expires
Sat, 31 Oct 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 11:23:59 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t44.3;r;s1600*1200*24;uhttps%3A//helpmyhtc.com/index.php%3Fqa%3Duser%26qa_1%3Dwealthbumper06;0.7261421118935087
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Sat, 31 Oct 2020 21:00:00 GMT
OpenSans-Bold.woff2
helpmyhtc.com/qa-theme/Donut-theme/fonts/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://helpmyhtc.com/qa-theme/Donut-theme/fonts/OpenSans-Bold.woff2?v=1.1.0
Requested by
Host: helpmyhtc.com
URL: https://helpmyhtc.com/qa-theme/Donut-theme/css/open-sans.css?2.0.4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:2b43:6d:d6f2:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software
openresty /
Resource Hash
c1c24d6a7ce4bd24b1f3f51ab6f74667c94263fa4b109cc3ff32f4f22848087f

Request headers

Referer
https://helpmyhtc.com/qa-theme/Donut-theme/css/open-sans.css?2.0.4
Origin
https://helpmyhtc.com
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:51 GMT
last-modified
Sat, 06 Apr 2019 13:43:37 GMT
server
openresty
etag
"5ca8ad09-b654"
content-type
application/octet-stream
cache-control
max-age=604800
accept-ranges
bytes
content-length
46676
expires
Mon, 08 Nov 2021 11:23:51 GMT
OpenSans-Regular.woff2
helpmyhtc.com/qa-theme/Donut-theme/fonts/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://helpmyhtc.com/qa-theme/Donut-theme/fonts/OpenSans-Regular.woff2?v=1.1.0
Requested by
Host: helpmyhtc.com
URL: https://helpmyhtc.com/qa-theme/Donut-theme/css/open-sans.css?2.0.4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:2b43:6d:d6f2:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software
openresty /
Resource Hash
4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3

Request headers

Referer
https://helpmyhtc.com/qa-theme/Donut-theme/css/open-sans.css?2.0.4
Origin
https://helpmyhtc.com
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:51 GMT
last-modified
Sat, 06 Apr 2019 13:43:39 GMT
server
openresty
etag
"5ca8ad0b-b7a8"
content-type
application/octet-stream
cache-control
max-age=604800
accept-ranges
bytes
content-length
47016
expires
Mon, 08 Nov 2021 11:23:51 GMT
fontawesome-webfont.woff
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/ 		64 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Origin
https://helpmyhtc.com
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
722, 617, 617
age
85037
cdn-cachedat
2021-04-23 12:17:46
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
65452
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
dc1c0917e375d5a9a0664d3852e771bd
accept-ranges
bytes
cf-ray
6a74c0dd3c1959ad-MXP
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
context.js
an.yandex.ru/system/ 		304 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/context.js
Requested by
Host: helpmyhtc.com
URL: https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
086945ddf05fb23f795e75591190dc6640a5a413af4381d4a2af0f46203cff83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
strict-transport-security
max-age=31536000
content-encoding
br
etag
3732766907
x-yandex-req-id
1635765831372524-1237045568974488007300285-production-app-host-sas-pcode-184
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 01 Nov 2021 12:23:51 GMT
OpenSans-Italic.woff2
helpmyhtc.com/qa-theme/Donut-theme/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://helpmyhtc.com/qa-theme/Donut-theme/fonts/OpenSans-Italic.woff2?v=1.1.0
Requested by
Host: helpmyhtc.com
URL: https://helpmyhtc.com/qa-theme/Donut-theme/css/open-sans.css?2.0.4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:2b43:6d:d6f2:: , Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS
Software
openresty /
Resource Hash
0163d9a5241a1ff3ecf2aa5f8e4f613756acf2d315fe5271acaf54876313c2e2

Request headers

Referer
https://helpmyhtc.com/qa-theme/Donut-theme/css/open-sans.css?2.0.4
Origin
https://helpmyhtc.com
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:51 GMT
last-modified
Sat, 06 Apr 2019 13:43:38 GMT
server
openresty
etag
"5ca8ad0a-dd64"
content-type
application/octet-stream
cache-control
max-age=604800
accept-ranges
bytes
content-length
56676
expires
Mon, 08 Nov 2021 11:23:51 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/ 		269 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7962056155172876&plah=helpmyhtc.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
67a31912bf6be55ddf4067735f392d7225d8041f544ed291df0296f343df524e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98748
x-xss-protection
0
server
cafe
etag
4081438700763933312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 01 Nov 2021 11:23:51 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211027/r20190131/ Frame A996 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211027/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ba6c99545dd22a1ceac617b8abf42bd5347ea8a3c6c2baaf9e4ce98da8c2e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 01 Nov 2021 00:44:07 GMT
expires
Mon, 15 Nov 2021 00:44:07 GMT
content-type
text/html; charset=UTF-8
etag
3095056338170221291
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4754
x-xss-protection
0
age
38384
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		203 B
636 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=helpmyhtc.com&callback=_gfp_s_&client=ca-pub-7962056155172876
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7962056155172876&plah=helpmyhtc.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
f1de79663cc81ff14d235b98bbbdd9e677123b5ed5f24ca5a9d91c0b63783a26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
integrator.js
adservice.google.it/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.it/adsid/integrator.js?domain=helpmyhtc.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7962056155172876&plah=helpmyhtc.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Nov 2021 11:23:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=helpmyhtc.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7962056155172876&plah=helpmyhtc.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Nov 2021 11:23:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6588 		436 B
416 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7962056155172876&output=html&h=90&slotname=3768496415&adk=3858468489&adf=1534226932&pi=t.ma~as.3768496415&w=1140&fwrn=4&fwrnh=100&lmt=1635765831&rafmt=2&psa=0&format=1140x90&url=https%3A%2F%2Fhelpmyhtc.com%2Findex.php%3Fqa%3Duser%26qa_1%3Dwealthbumper06&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635765831317&bpp=6&bdt=306&idt=108&shv=r20211027&mjsv=m202110260101&ptt=9&saldr=aa&abxe=1&correlator=6121118939938&frm=20&pv=2&ga_vid=835429032.1635765831&ga_sid=1635765831&ga_hid=7424967&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=230&ady=373&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063300&oid=2&pvsid=3764534340672582&pem=596&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=hxm5p42ROf&p=https%3A//helpmyhtc.com&dtd=125
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7962056155172876&plah=helpmyhtc.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eddd850bd69b44d68235649d64b66d5028a396baafae1f1bedde427be5f58b75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 01 Nov 2021 11:23:51 GMT
server
cafe
content-length
214
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 01 Nov 2021 11:23:51 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 00F8 		436 B
382 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7962056155172876&output=html&h=280&slotname=6241691445&adk=3080909161&adf=250596137&pi=t.ma~as.6241691445&w=1110&fwrn=4&fwrnh=100&lmt=1635765831&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fhelpmyhtc.com%2Findex.php%3Fqa%3Duser%26qa_1%3Dwealthbumper06&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635765831323&bpp=1&bdt=311&idt=136&shv=r20211027&mjsv=m202110260101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x90&correlator=6121118939938&frm=20&pv=1&ga_vid=835429032.1635765831&ga_sid=1635765831&ga_hid=7424967&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=1161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063300&oid=2&pvsid=3764534340672582&pem=596&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8BJ4UVi6Kk&p=https%3A//helpmyhtc.com&dtd=139
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7962056155172876&plah=helpmyhtc.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
433e5bfc5d76947a617b06b331835516e67fc3ecf60803e0b07b5a5015a3a802
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 01 Nov 2021 11:23:51 GMT
server
cafe
content-length
212
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 01 Nov 2021 11:23:51 GMT
cache-control
private
1
mc.yandex.ru/watch/25886303/
Redirect Chain
  • https://mc.yandex.ru/watch/25886303?wmode=7&page-url=https%3A%2F%2Fhelpmyhtc.com%2Findex.php%3Fqa%3Duser%26qa_1%3Dwealthbumper06&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyymqkmijljhd...
  • https://mc.yandex.ru/watch/25886303/1?wmode=7&page-url=https%3A%2F%2Fhelpmyhtc.com%2Findex.php%3Fqa%3Duser%26qa_1%3Dwealthbumper06&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyymqkmijlj...
331 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/25886303/1?wmode=7&page-url=https%3A%2F%2Fhelpmyhtc.com%2Findex.php%3Fqa%3Duser%26qa_1%3Dwealthbumper06&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyymqkmijljhdjn%3Afp%3A557%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A1%3Adp%3A0%3Als%3A670929337928%3Ahid%3A444449069%3Az%3A0%3Ai%3A20211101112351%3Aet%3A1635765831%3Ac%3A1%3Arn%3A62130568%3Arqn%3A1%3Au%3A1635765831368866457%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1635765830649%3Ads%3A0%2C134%2C84%2C31%2C142%2C0%2C%2C211%2C1%2C%2C%2C%2C574%3Adsn%3A0%2C134%2C84%2C31%2C142%2C0%2C%2C183%2C0%2C%2C%2C%2C575%3Aco%3A0%3Arqnl%3A1%3Ast%3A1635765831%3At%3A%D0%9F%D0%BE%D0%BB%D1%8C%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%20wealthbumper06%20-%20%D0%92%D0%BE%D0%BF%D1%80%D0%BE%D1%81%D1%8B%20%D0%B8%20%D0%BE%D1%82%D0%B2%D0%B5%D1%82%D1%8B%20%D0%BF%D0%BE%20HTC%20%D0%BD%D0%B0%20HelpMyHTC.com&t=gdpr%2814%29ti%282%29
Requested by
Host: helpmyhtc.com
URL: https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
7a10430b5b3935a977ad22025cfa07a6b0f1ba0983625f30177f1f847f036d11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 01-Nov-2021 11:23:51 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://helpmyhtc.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Mon, 01-Nov-2021 11:23:51 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:51 GMT
last-modified
Mon, 01-Nov-2021 11:23:51 GMT
location
/watch/25886303/1?wmode=7&page-url=https%3A%2F%2Fhelpmyhtc.com%2Findex.php%3Fqa%3Duser%26qa_1%3Dwealthbumper06&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyymqkmijljhdjn%3Afp%3A557%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A1%3Adp%3A0%3Als%3A670929337928%3Ahid%3A444449069%3Az%3A0%3Ai%3A20211101112351%3Aet%3A1635765831%3Ac%3A1%3Arn%3A62130568%3Arqn%3A1%3Au%3A1635765831368866457%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1635765830649%3Ads%3A0%2C134%2C84%2C31%2C142%2C0%2C%2C211%2C1%2C%2C%2C%2C574%3Adsn%3A0%2C134%2C84%2C31%2C142%2C0%2C%2C183%2C0%2C%2C%2C%2C575%3Aco%3A0%3Arqnl%3A1%3Ast%3A1635765831%3At%3A%D0%9F%D0%BE%D0%BB%D1%8C%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%20wealthbumper06%20-%20%D0%92%D0%BE%D0%BF%D1%80%D0%BE%D1%81%D1%8B%20%D0%B8%20%D0%BE%D1%82%D0%B2%D0%B5%D1%82%D1%8B%20%D0%BF%D0%BE%20HTC%20%D0%BD%D0%B0%20HelpMyHTC.com&t=gdpr%2814%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://helpmyhtc.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 01-Nov-2021 11:23:51 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 326C 		436 B
381 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7962056155172876&output=html&h=280&slotname=3950306698&adk=3499651113&adf=2620375575&pi=t.ma~as.3950306698&w=1110&fwrn=4&fwrnh=100&lmt=1635765831&rafmt=1&psa=0&format=1110x280&url=https%3A%2F%2Fhelpmyhtc.com%2Findex.php%3Fqa%3Duser%26qa_1%3Dwealthbumper06&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635765831324&bpp=1&bdt=312&idt=160&shv=r20211027&mjsv=m202110260101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x90%2C1110x280&correlator=6121118939938&frm=20&pv=1&ga_vid=835429032.1635765831&ga_sid=1635765831&ga_hid=7424967&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=245&ady=1441&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063300&oid=2&pvsid=3764534340672582&pem=596&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=0ks1dKy2yf&p=https%3A//helpmyhtc.com&dtd=163
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7962056155172876&plah=helpmyhtc.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c0b6a8fcf5a1a458f4172e48f4db23531b25a59f7f71f19d0978c46f61ad78e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 01 Nov 2021 11:23:51 GMT
server
cafe
content-length
211
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 01 Nov 2021 11:23:51 GMT
cache-control
private
advert.gif
mc.yandex.ru/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif?t=ti(4)
Requested by
Host: helpmyhtc.com
URL: https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:51 GMT
last-modified
Mon, 25 Oct 2021 12:24:54 GMT
etag
"617677e6-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Mon, 01 Nov 2021 12:23:51 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C601 		4 KB
924 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7962056155172876&output=html&adk=1812271804&adf=3025194257&lmt=1635765831&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhelpmyhtc.com%2Findex.php%3Fqa%3Duser%26qa_1%3Dwealthbumper06&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635765831333&bpp=1&bdt=321&idt=160&shv=r20211027&mjsv=m202110260101&ptt=9&saldr=aa&abxe=1&prev_fmts=1140x90%2C1110x280%2C1110x280&nras=1&correlator=6121118939938&frm=20&pv=1&ga_vid=835429032.1635765831&ga_sid=1635765831&ga_hid=7424967&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063300&oid=2&pvsid=3764534340672582&pem=596&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=165
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7962056155172876&plah=helpmyhtc.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d107d7bde7ad74baddd89582b894be27ff1efa8054474a75376f35a00b04824d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 01 Nov 2021 11:23:51 GMT
server
cafe
content-length
753
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 01 Nov 2021 11:23:51 GMT
cache-control
private
a2e67a9c558726ce1e46.js
yastatic.net/partner-code-bundles/46959/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/46959/a2e67a9c558726ce1e46.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
a9fabc7f7fcd8e9266a45272028db7bb1f5fbc3aaac0cbaf5772ffcd9bfc7c09
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://helpmyhtc.com/
Origin
https://helpmyhtc.com
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:51 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4458
last-modified
Fri, 29 Oct 2021 15:16:57 GMT
server
nginx/1.17.9
etag
"2a80627b944075afb64db2408b4fb600"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Nov 2051 17:56:21 GMT
89e3d349b73df39e332c.js
yastatic.net/partner-code-bundles/46959/ 		81 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/46959/89e3d349b73df39e332c.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
02b875aa5683bc417baf6270aee64e7f8d5daacbfd83ef9e3ffa323b653d9640
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://helpmyhtc.com/
Origin
https://helpmyhtc.com
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:51 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
17458
last-modified
Fri, 29 Oct 2021 15:16:57 GMT
server
nginx/1.17.9
etag
"261b650643cc7173c9da84889d24d74e"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Nov 2051 17:56:29 GMT
host.js
yastatic.net/safeframe-bundles/0.82/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.82/host.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
10c861bc88c25be1f3ee98f7652bc7fbb35857f42f923e00c6037b757c77685e
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://helpmyhtc.com/
Origin
https://helpmyhtc.com
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:51 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8879
last-modified
Mon, 28 Jun 2021 10:29:24 GMT
server
nginx/1.17.9
etag
"e4627697ff619d2b610d2b2fee975531"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Nov 2051 17:59:50 GMT
357431
an.yandex.ru/meta/ 		84 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/357431?target-ref=https%3A%2F%2Fhelpmyhtc.com%2Findex.php%3Fqa%3Duser%26qa_1%3Dwealthbumper06&charset=utf-8&pcode-test-ids=439696%2C0%2C93%3B440954%2C0%2C99%3B440128%2C0%2C34%3B445393%2C0%2C94%3B444055%2C0%2C11%3B436280%2C0%2C42%3B434214%2C0%2C30%3B444618%2C0%2C80%3B445743%2C0%2C15%3B204306%2C0%2C37&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%2C%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22439696%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22444972%22%2C%22testId%22%3A%22446544%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22445452%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22445452%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445452%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22445452%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22ENABLE_ACTION_PANEL_WITH_ARROW%22%3A%5B%7B%22value%22%3A%22OUTSTREAM%22%2C%22testId%22%3A%22439696%22%7D%5D%2C%22SMART_MOSAIC_GRID%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22440954%22%7D%5D%2C%22SMART_BANNER_HIDEABLE_BUTTONS%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22440128%22%7D%5D%2C%22COMBO_INPAGE_LOAD_MODULE_DIRECT_REVERSE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445393%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22444055%22%7D%5D%2C%22WIDGET_Z_INDEX%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436280%22%7D%5D%2C%22POSTER_COLLECTION%22%3A%5B%7B%22value%22%3A%22exp-icon-1%22%2C%22testId%22%3A%22434214%22%7D%5D%2C%22BANNER_SURVEY_ID_NUMBER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22444618%22%7D%5D%2C%22BANNER_SURVEY_PROBABILITY%22%3A%5B%7B%22value%22%3A0.15%2C%22testId%22%3A%22444618%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2246959%22%2C%22testId%22%3A%22445743%22%7D%5D%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=%2Ft6F9RSdooXxKpEAzZzBYtH6bDaIN7ANTQ50NkEOx%2FouQXFWYunvmYe3CB0o9r6PZGv3QQ%2BaJ3NmSNnr0Q%2BpuMrPdFs%3D&duid=MTYzNTc2NTgzMTM2ODg2NjQ1Nw%3D%3D&imp-id=9&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=483286900015106&ad-session-id=5536221635765831572&target-id=26068683&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fhelpmyhtc.com&top-ancestor-undetermined=0&pcode-version=46959&pcodever=46959&flash-ver=0&available-width=100&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A100%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A980%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=316&grab=dNCf0L7Qu9GM0LfQvtCy0LDRgtC10LvRjCB3ZWFsdGhidW1wZXIwNiAtINCS0L7Qv9GA0L7RgdGLINC4INC-0YLQstC10YLRiyDQv9C-IEhUQyDQvdCwIEhlbHBNeUhUQy5jb20KMSDQn9C-0LvRjNC30L7QstCw0YLQtdC70Ywgd2VhbHRoYnVtcGVyMDYgCjLQkNC60YLQuNCy0L3QvtGB0YLRjCB3ZWFsdGhidW1wZXIwNiAKMtCh0YLQtdC90LAg0YHQvtC-0LHRidC10L3QuNC5INC00LvRjyB3ZWFsdGhidW1wZXIwNiAK&uniformat=true&callback=Ya%5B7454542034960%5D
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
6d9bb299a3c3636cb83e86bd49acd6ca687843a6f7723361afdb4a9874c07dbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://helpmyhtc.com/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 01 Nov 2021 11:23:51 GMT
content-encoding
gzip
ssr
true
x-yandex-req-id
1635765831628715-572704599997095280800291-production-app-host-vla-pcode-215
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type
Direct
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 01 Nov 2021 11:23:51 GMT
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://helpmyhtc.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
uniformat
true
expires
Mon, 01 Nov 2021 11:23:51 GMT
6c190a7115cf2b648766.js
yastatic.net/partner-code-bundles/46959/ 		624 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/46959/6c190a7115cf2b648766.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
51e56dbe1a379fc4c55c702be7ff75c361cb6f7d6d45de15ce5092e027deed10
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://helpmyhtc.com/
Origin
https://helpmyhtc.com
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:51 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
128643
last-modified
Fri, 29 Oct 2021 15:16:57 GMT
server
nginx/1.17.9
etag
"0a58b3c9e62ada60ab01acab7e4a3b21"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Nov 2051 17:56:29 GMT
5931f557f6073458047a.js
yastatic.net/partner-code-bundles/46959/ 		338 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/46959/5931f557f6073458047a.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
8e84b6654d2e53e9965bca348f66ea95bc252e1d63a046b0a8cfc3c578f8a0c6
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://helpmyhtc.com/
Origin
https://helpmyhtc.com
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:51 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
62553
last-modified
Fri, 29 Oct 2021 15:16:57 GMT
server
nginx/1.17.9
etag
"65030a4061e794e2e8d59a1dd513a84a"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Nov 2051 17:56:29 GMT
1
mc.yandex.ru/watch/25886303/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/25886303/1?page-url=https%3A%2F%2Fhelpmyhtc.com%2Findex.php%3Fqa%3Duser%26qa_1%3Dwealthbumper06&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A9ezyymqkmijljhdjn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A1%3Adp%3A1%3Als%3A670929337928%3Ahid%3A444449069%3Az%3A0%3Ai%3A20211101112351%3Aet%3A1635765832%3Ac%3A1%3Arn%3A349381574%3Arqn%3A2%3Au%3A1635765831368866457%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1635765830649%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1635765832&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://helpmyhtc.com/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:51 GMT
last-modified
Mon, 01-Nov-2021 11:23:51 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://helpmyhtc.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 01-Nov-2021 11:23:51 GMT
event_confirmation
an.yandex.ru/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://helpmyhtc.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

timing-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
date
Mon, 01 Nov 2021 11:23:52 GMT
access-control-max-age
1728000
access-control-allow-headers
content-type
access-control-allow-origin
https://helpmyhtc.com
access-control-allow-credentials
true
x-xss-protection
1; mode=block
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding
gzip
strict-transport-security
max-age=31536000
event_confirmation
an.yandex.ru/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://helpmyhtc.com/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:52 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 11:23:52 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://helpmyhtc.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 01 Nov 2021 11:23:52 GMT
357431
mc.yandex.ru/watch/ 		295 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/357431?wmode=7&page-url=https%3A%2F%2Fhelpmyhtc.com%2Findex.php%3Fqa%3Duser%26qa_1%3Dwealthbumper06&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyymqkmijljhdjn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A2%3Adp%3A1%3Als%3A447678582432%3Ahid%3A444449069%3Az%3A0%3Ai%3A20211101112351%3Aet%3A1635765832%3Ac%3A1%3Arn%3A770612911%3Au%3A1635765831368866457%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1635765830649%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1635765832%3At%3A%D0%9F%D0%BE%D0%BB%D1%8C%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%20wealthbumper06%20-%20%D0%92%D0%BE%D0%BF%D1%80%D0%BE%D1%81%D1%8B%20%D0%B8%20%D0%BE%D1%82%D0%B2%D0%B5%D1%82%D1%8B%20%D0%BF%D0%BE%20HTC%20%D0%BD%D0%B0%20HelpMyHTC.com&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
5e2a2283238129452df299333c53e83a1cd687dd090230035f2e1e312f7c183e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 01-Nov-2021 11:23:51 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://helpmyhtc.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
295
x-xss-protection
1; mode=block
expires
Mon, 01-Nov-2021 11:23:51 GMT
x160
avatars.mds.yandex.net/get-direct/2798093/WLm6pNBXpYZHTpbzTmzusw/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/2798093/WLm6pNBXpYZHTpbzTmzusw/x160
Requested by
Host: helpmyhtc.com
URL: https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
d02d04de6e2964656d3aafbeb7c520d9de520e28a4c6c4af20d93fe17065e744

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:52 GMT
last-modified
Fri, 02 Oct 2020 12:46:47 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=604800,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
5178
x-request-id
3b5ee88a6f41edc0
wx300
avatars.mds.yandex.net/get-direct/2754878/dq9OwNTKBNwIhid50vxsBQ/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/2754878/dq9OwNTKBNwIhid50vxsBQ/wx300
Requested by
Host: helpmyhtc.com
URL: https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
c67903e6583d458f478230ef3acc11b2949eca5f05f63ba0291b1267a107696b

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:52 GMT
last-modified
Thu, 25 Mar 2021 21:33:48 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=604800,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
10580
x-request-id
576b715ad05987a0
render.html
yastatic.net/safeframe-bundles/0.82/1-1-0/ Frame 533F 		24 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.82/1-1-0/render.html
Requested by
Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.82/host.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/

Response headers

server
nginx/1.17.9
date
Mon, 01 Nov 2021 11:23:52 GMT
content-type
text/html
content-length
6262
access-control-allow-origin
*
cache-control
public, max-age=946708560
content-encoding
br
etag
"eb77de48712912aadc9aa8171ac75ede"
expires
Wed, 01 Nov 2051 17:55:32 GMT
last-modified
Mon, 28 Jun 2021 10:29:24 GMT
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
vary
Accept-Encoding
x-robots-tag
noindex, noarchive, nofollow
accept-ranges
bytes
1
mc.yandex.ru/watch/357431/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/357431/1?page-url=https%3A%2F%2Fhelpmyhtc.com%2Findex.php%3Fqa%3Duser%26qa_1%3Dwealthbumper06&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A9ezyymqkmijljhdjn%3Afp%3A557%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A2%3Adp%3A1%3Als%3A447678582432%3Ahid%3A444449069%3Az%3A0%3Ai%3A20211101112352%3Aet%3A1635765832%3Ac%3A1%3Arn%3A1024830370%3Arqn%3A1%3Au%3A1635765831368866457%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1635765830649%3Ads%3A0%2C134%2C84%2C31%2C142%2C0%2C%2C211%2C1%2C%2C%2C%2C574%3Adsn%3A0%2C134%2C84%2C31%2C142%2C0%2C%2C183%2C0%2C%2C%2C%2C575%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1635765832&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://helpmyhtc.com/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:52 GMT
last-modified
Mon, 01-Nov-2021 11:23:52 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://helpmyhtc.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 01-Nov-2021 11:23:52 GMT
357431
mc.yandex.ru/watch/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/357431?page-url=https%3A%2F%2Fhelpmyhtc.com%2Findex.php%3Fqa%3Duser%26qa_1%3Dwealthbumper06&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A9ezyymqkmijljhdjn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A2%3Adp%3A1%3Als%3A447678582432%3Ahid%3A444449069%3Az%3A0%3Ai%3A20211101112352%3Aet%3A1635765832%3Ac%3A1%3Arn%3A880664278%3Arqn%3A2%3Au%3A1635765831368866457%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1635765830649%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1635765832%3At%3A%D0%9F%D0%BE%D0%BB%D1%8C%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%20wealthbumper06%20-%20%D0%92%D0%BE%D0%BF%D1%80%D0%BE%D1%81%D1%8B%20%D0%B8%20%D0%BE%D1%82%D0%B2%D0%B5%D1%82%D1%8B%20%D0%BF%D0%BE%20HTC%20%D0%BD%D0%B0%20HelpMyHTC.com&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:52 GMT
last-modified
Mon, 01-Nov-2021 11:23:52 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://helpmyhtc.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 01-Nov-2021 11:23:52 GMT
event_confirmation
an.yandex.ru/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://helpmyhtc.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

timing-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
date
Mon, 01 Nov 2021 11:23:52 GMT
access-control-max-age
1728000
access-control-allow-headers
content-type
access-control-allow-origin
https://helpmyhtc.com
access-control-allow-credentials
true
x-xss-protection
1; mode=block
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding
gzip
strict-transport-security
max-age=31536000
event_confirmation
an.yandex.ru/ 		0
51 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://helpmyhtc.com/
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:52 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 11:23:52 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://helpmyhtc.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 01 Nov 2021 11:23:52 GMT
d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame 533F 		95 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes
Requested by
Host: helpmyhtc.com
URL: https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 11:23:52 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=315360000; includeSubDomains
X-RT-IH
0.0001
Content-Type
image/png
Cache-Control
private
Connection
close
X-RT-IQ
0.0001
Content-Length
95
Expires
Tue, 02 Nov 2021 11:23:52 GMT
/
an.yandex.ru/mapuid/ditmsk/ Frame 533F
Redirect Chain
  • https://stats.mos.ru/gc/ynd/
  • https://an.yandex.ru/mapuid/ditmsk/?time=1635765832.435
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/ditmsk/?time=1635765832.435
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:52 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 11:23:52 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 01 Nov 2021 11:23:52 GMT

Redirect headers

Location
https://an.yandex.ru/mapuid/ditmsk/?time=1635765832.435
Date
Mon, 01 Nov 2021 11:23:52 GMT
Server
nginx/1.14.0
Connection
keep-alive
Content-Length
161
Content-Type
text/html
spixel.php
sonar.semantiqo.com/983we/ Frame 533F
Redirect Chain
  • https://sonar.semantiqo.com/dmp/scr.php
  • https://counter.yadro.ru/id127/reff-id.gif?sid=961fee51ea3149f28ce6a5e44009a64b
  • https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=BEC52D21279CB787&sid=961fee51ea3149f28ce6a5e44009a64b
  • https://cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/sess.php?sid=961fee51ea3149f28ce6a5e44009a64b&spid=BEC52D21279CB787&v=
  • https://sync.magnitent.com/fbfli/ct_sync.php?ct=01d38996106e419b810c60c87a7dd758&sonar=961fee51ea3149f28ce6a5e44009a64b&spid=BEC52D21279CB787&v=
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsonar.semantiqo.com%2F983we%2Fspixel.php%3Fsid%3D961fee51ea3149f28ce6a5e44009a64b%26c%3D01d38996106e419b810c60c87a7dd758%26w%3D={WEBO_CID}
  • https://sonar.semantiqo.com/983we/spixel.php?sid=961fee51ea3149f28ce6a5e44009a64b&c=01d38996106e419b810c60c87a7dd758&w==n9wYZvzwwX6.5op9wLHKGu
0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sonar.semantiqo.com/983we/spixel.php?sid=961fee51ea3149f28ce6a5e44009a64b&c=01d38996106e419b810c60c87a7dd758&w==n9wYZvzwwX6.5op9wLHKGu
Protocol
H2
Server
95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.66.109.217.95.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:53 GMT
content-encoding
gzip
server
nginx/1.20.1
mode
no-cors
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:52 GMT
via
1.1 google
last-modified
Mon, 01 Nov 2021 11:23:52 GMT
server
nginx/1.12.0
location
https://sonar.semantiqo.com/983we/spixel.php?sid=961fee51ea3149f28ce6a5e44009a64b&c=01d38996106e419b810c60c87a7dd758&w==n9wYZvzwwX6.5op9wLHKGu
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 533F 		42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109
Requested by
Host: helpmyhtc.com
URL: https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.213 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad13.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 11:23:52 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
spacer.gif
an.yandex.ru/resource/ Frame 533F
Redirect Chain
  • https://an.yandex.ru/mapuid/google/
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=B2F95B7690E69DEA&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Nov 2021 11:23:52 GMT
content-encoding
gzip
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif
x-xss-protection
1; mode=block
expires
Mon, 17 Oct 2022 11:23:52 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://an.yandex.ru/resource/spacer.gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
yKrrIoXv25aY5kB7fulr
an.yandex.ru/mapuid/dmpamberdata/ Frame 533F
Redirect Chain
  • https://dmg.digitaltarget.ru/1/119/i/i?i=1635765831
  • https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&i=1635765831
  • https://an.yandex.ru/mapuid/dmpamberdata/yKrrIoXv25aY5kB7fulr
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmpamberdata/yKrrIoXv25aY5kB7fulr
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:52 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 11:23:52 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 01 Nov 2021 11:23:52 GMT

Redirect headers

Date
Mon, 01 Nov 2021 11:23:52 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
https://an.yandex.ru/mapuid/dmpamberdata/yKrrIoXv25aY5kB7fulr
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
master-only
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
86400
Connection
keep-alive
Request-Time
38
Content-Length
0
X-Content-Type-Options
nosniff
YW6dKX_ySNJJ
an.yandex.ru/mapuid/dmpsegmento/ Frame 533F
Redirect Chain
  • https://yandex-dmp-sync.rutarget.ru/sync
  • https://an.yandex.ru/mapuid/dmpsegmento/YW6dKX_ySNJJ?sign=1191660367
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmpsegmento/YW6dKX_ySNJJ?sign=1191660367
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:52 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 11:23:52 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 01 Nov 2021 11:23:52 GMT

Redirect headers

Location
https://an.yandex.ru/mapuid/dmpsegmento/YW6dKX_ySNJJ?sign=1191660367
Date
Mon, 01 Nov 2021 11:23:52 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
eXBXMooWq7Hv
an.yandex.ru/mapuid/rutargetis/ Frame 533F
Redirect Chain
  • https://yandex-sync.rutarget.ru/sync
  • https://an.yandex.ru/mapuid/rutargetis/eXBXMooWq7Hv
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/rutargetis/eXBXMooWq7Hv
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:52 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 11:23:52 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 01 Nov 2021 11:23:52 GMT

Redirect headers

Location
https://an.yandex.ru/mapuid/rutargetis/eXBXMooWq7Hv
Date
Mon, 01 Nov 2021 11:23:52 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
VvVRi35JHWTL8qyYlZrXug
an.yandex.ru/mapuid/dmpaidatame/ Frame 533F
Redirect Chain
  • https://x01.aidata.io/0.gif?pid=YANDEX
  • https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1
  • https://an.yandex.ru/mapuid/dmpaidatame/VvVRi35JHWTL8qyYlZrXug?sign=3125275997
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmpaidatame/VvVRi35JHWTL8qyYlZrXug?sign=3125275997
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:52 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 11:23:52 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 01 Nov 2021 11:23:52 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:52 GMT
last-modified
Mon, 01 Nov 2021 11:23:51 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location
https://an.yandex.ru/mapuid/dmpaidatame/VvVRi35JHWTL8qyYlZrXug?sign=3125275997
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 01 Nov 2021 11:23:51 GMT
313b3890-3b06-11ec-ad67-f832e4719dd9
an.yandex.ru/mapuid/dmpcleverdata/ Frame 533F
Redirect Chain
  • https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au
  • https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1
  • https://an.yandex.ru/mapuid/dmpcleverdata/313b3890-3b06-11ec-ad67-f832e4719dd9?sign=589095577
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmpcleverdata/313b3890-3b06-11ec-ad67-f832e4719dd9?sign=589095577
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:52 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 11:23:52 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 01 Nov 2021 11:23:52 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/dmpcleverdata/313b3890-3b06-11ec-ad67-f832e4719dd9?sign=589095577
date
Mon, 01 Nov 2021 11:23:52 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate, private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-length
0
expires
0, 0
n9wYZvzwwX6.5op9wLHKGu
an.yandex.ru/mapuid/dmpweborama/ Frame 533F
Redirect Chain
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID}
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=1978430738
  • https://an.yandex.ru/mapuid/dmpweborama/n9wYZvzwwX6.5op9wLHKGu
43 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmpweborama/n9wYZvzwwX6.5op9wLHKGu
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:52 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 11:23:52 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 01 Nov 2021 11:23:52 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:52 GMT
via
1.1 google
last-modified
Mon, 01 Nov 2021 11:23:52 GMT
server
nginx/1.12.0
location
https://an.yandex.ru/mapuid/dmpweborama/n9wYZvzwwX6.5op9wLHKGu
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
/
an.yandex.ru/mapuid/ramblerssp/ Frame 533F
Redirect Chain
  • https://profile.ssp.rambler.ru/sync3.302?pid=188
  • https://an.yandex.ru/mapuid/ramblerssp/
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/ramblerssp/
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:52 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 11:23:52 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 01 Nov 2021 11:23:52 GMT

Redirect headers

date
Mon, 01 Nov 2021 11:23:52 GMT
server
nginx
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location
//an.yandex.ru/mapuid/ramblerssp/
x-passed
1bal2
content-type
application/x-javascript; charset=Windows-1251
content-length
0
demconf.jpg
dpm.demdex.net/ Frame 533F
Redirect Chain
  • https://an.yandex.ru/mapuid/adobedmp/
  • https://dpm.demdex.net/ibs:dpid=423652&dpuuid=E99FA9A7C3E47142
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=E99FA9A7C3E47142
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=E99FA9A7C3E47142
Protocol
HTTP/1.1
Server
54.171.163.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-163-246.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v019-02486b1d5.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
1qEkNbhYTwk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v019-02e73bb60.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
xHU7/qX/SCE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=E99FA9A7C3E47142
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
yandexdmp-match
dm.hybrid.ai/ Frame 533F 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/yandexdmp-match
Requested by
Host: helpmyhtc.com
URL: https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.16 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:52 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
121
x-xss-protection
1; mode=block
expires
-1
c48721199f09cc738b767b1cfdfa541acde552f003f1c009b3a85e0ee29e9a53
an.yandex.ru/mapuid/mediascope/ Frame 533F
Redirect Chain
  • https://cm.tns-counter.ru/yacm
  • https://an.yandex.ru/mapuid/mediascope/c48721199f09cc738b767b1cfdfa541acde552f003f1c009b3a85e0ee29e9a53
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/mediascope/c48721199f09cc738b767b1cfdfa541acde552f003f1c009b3a85e0ee29e9a53
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:52 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 11:23:52 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 01 Nov 2021 11:23:52 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:52 GMT
server
ms-counter-3.2.14/1.20.1
content-type
text/html
location
https://an.yandex.ru/mapuid/mediascope/c48721199f09cc738b767b1cfdfa541acde552f003f1c009b3a85e0ee29e9a53
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
fad0d7e2-f14e-4fb0-acd7-7baba313e103
an.yandex.ru/mapuid/upravelis/ Frame 533F
Redirect Chain
  • https://sync.upravel.com/yandex/sync
  • https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
  • https://fad0d7e2-f14e-4fb0-acd7-7baba313e103.sync.upravel.com/yandex/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIiwiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
  • https://an.yandex.ru/mapuid/upravelis/fad0d7e2-f14e-4fb0-acd7-7baba313e103
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/upravelis/fad0d7e2-f14e-4fb0-acd7-7baba313e103
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:52 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 11:23:52 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 01 Nov 2021 11:23:52 GMT

Redirect headers

date
Mon, 01 Nov 2021 11:23:52 GMT
server
nginx
location
https://an.yandex.ru/mapuid/upravelis/fad0d7e2-f14e-4fb0-acd7-7baba313e103
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
false
content-type
image/png
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211027&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7962056155172876&plah=helpmyhtc.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce24344a34bd43a9eaf9649a490d5934e570e978b1fe410178918f5fb12224d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Nov 2021 11:23:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9246
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7962056155172876&plah=helpmyhtc.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 01 Nov 2021 11:23:52 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame B2EE 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Mon, 01 Nov 2021 11:04:18 GMT
expires
Tue, 01 Nov 2022 11:04:18 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1174
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 150D 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
661371ab7d8a54d45160961957d5896c4b8a7090d2498f68d58c7e3481888ccb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dp/Z1CqKD0uTeWRcw+Wuwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 01 Nov 2021 11:23:52 GMT
date
Mon, 01 Nov 2021 11:23:52 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-dp/Z1CqKD0uTeWRcw+Wuwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js
pagead2.googlesyndication.com/bg/ Frame B2EE 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c52e89074cb0440a6db05393e4b9641f39325b0585a580914cd400dc42ea206e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 21:14:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
396572
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13354
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 27 Oct 2022 21:14:20 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 150D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211027&jk=3764534340672582&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211027&jk=3764534340672582&bg=!_f6l_rrNAAZzbWp4c207ACkAdvg8WpOWbOX6BRCvNuyAbhn0Yaf0Bup6QsI0VOIRv4bISyqnYPMRYgIAAABiUgAAAAxoAQcKADfVNiH8fZeCg_2uAn-pKcvIdE4LgMka0rWOgV-2us_l7crIvWv1G5ol79krwoexBLO7NgU5MWFtmQJwoUcU5YvMQlbJY2D62FPikgmSqogDCRpx0eEOvxSyHGRTAjufZr1bPGtCopN7hg4B1HYGKm3fotNcaCCGg8JwgN3LRVqC2Oht8ydCOy9Wg67XQ3WxI0fa2vwtACDdXqDPz5vzdbzi1JX31Hm7irVVSfeFBBcdXshoJDj2gU6Od9JhRykukW61aKry1Ahw1wsHaMjDFxPE28TWdBQCJBqetPYJqaNlfY5Hi5YtuMA-glpuOhfORJ3w_o4yOvWn0ty2iNa6FaVZABHzW8tFTcYn6lPla6rZQGaPkHXHOejA0BYiKfTY-qZvod8gonsCfFzW_nRhmzyUdeXaDvwoBGJXRmOBvxt-_qWcra6CZq8uR88S5v-Q34YwUIQ-0sbx7jeK1E-6ii5kt5rTsqHx8-wNm20LPiQKw5vN_FUWlXN2JCuW6okB5_boHcnvePT4JeiiXQsJZrQTx1-4YOwnxIAZ1iRIyQKhDoQmQyIRxbHEg5Xhp09vnz9-QyVX6jDixaoaUPowAOc_97t50Vu0eTgdx-aaKV_D7EILpQcvhXe-WWlN6xony_kPOtOOCggPUFUeprNydmHbOHhqjX5Z_fAJN97KVU4O1FigDoTWAvuZSDcGH7AATAYvCEpTe-j4Stw-xuHE6EpYS14zTtfO0rRPvDOk_wRp-JVt_An--KZDVec5Mbg6GILYMeA3VT_uOyMDwW5VjkFTNf5uXgCbrVrCd7mw2dqWdQd6e2srC-7K-iFDgkYL-ZoIA7kShGkn_sgiWq6t7x5lyYIRp3RY3cQcDkGZkL8VbHRjU-etDdzzDXRqnQ43eiT2nRPA-RpBJLev
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bundle.js
yastatic.net/q/set/s/rsya-tag-users/ Frame 533F 		105 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Requested by
Host: helpmyhtc.com
URL: https://helpmyhtc.com/index.php?qa=user&qa_1=wealthbumper06
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/safeframe-bundles/0.82/1-1-0/render.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:53 GMT
content-encoding
br
last-modified
Fri, 29 Oct 2021 11:19:01 GMT
server
nginx/1.17.9
etag
W/"82bdc8db563d3e71c35534315f8a9fd5"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
expires
Wed, 03 Nov 2021 23:21:31 GMT
cache-control
public, max-age=31556952
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
x-nginx-request-id
739f21980d0f4b65
watch.js
mc.yandex.ru/metrika/ Frame 533F 		130 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
286d7b1513330a2584731e1073d5346e1193de768356ccd3fbf0c24365f52ad0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:54 GMT
content-encoding
br
last-modified
Mon, 25 Oct 2021 12:24:54 GMT
etag
"617677e6-b7c6"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
47046
expires
Mon, 01 Nov 2021 12:23:54 GMT
data
yandex.ru/set/s/rsya-tag-users/ Frame 533F 		403 B
949 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fhelpmyhtc.com%2F
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
ecf2994518b190a7cb17b68d09c77143b61f5695d2b3ec82c3c35f5abc1c7365
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
public,max-age=300
access-control-allow-credentials
true
x-xss-protection
1; mode=block
1VjtLhzK0P0100000000U9nJT3UIEsLspAd2CE_yYgRJahiZBTtFrISo084dJ2HKF-97KQnv2Ij3AYDGF3FlF4CDIBoK4yYhFGiaMXb1v5IWh0B3JCRSao1b30mB6LdY8QoLZBUhm0o6lOn_xWWn70NphpA2PEyoCiWmCFnbdCN4m32N2IHobka_4BnY4bZvMlKLq...
an.yandex.ru/rtbcount/ 		43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/rtbcount/1VjtLhzK0P0100000000U9nJT3UIEsLspAd2CE_yYgRJahiZBTtFrISo084dJ2HKF-97KQnv2Ij3AYDGF3FlF4CDIBoK4yYhFGiaMXb1v5IWh0B3JCRSao1b30mB6LdY8QoLZBUhm0o6lOn_xWWn70NphpA2PEyoCiWmCFnbdCN4m32N2IHobka_4BnY4bZvMlKLq386oxgGp1tdMHd-Ch60B6Dc1PAzp8eWAvb16kOoCu4i0P8AO4isCazfNtxNRiuLdvFCCFzT1Qky2oP_CZiuyKESoAAwInpCMi7oTXBx3XRc0ooC5rXcVhqvULlthPjYDraWplvW_v0b3GoksRzb0Jb-0IldILR-5ZQmz4rMzrit3NvAT2j_PGMvVGBRyIS_Bhmvjd5XnGAs9yyxktTyMViWRoKRp8X7RBoXhevM4L5fWIbHeQ7cBzbWrW00wWE00m00?confirmTime=2100000&confirmRatio=1000000&test-tag=483286900015106&format-type=104&actual-format=14&rnd=8092215773571&pcode-active-testids=444618%2C0%2C80%3B444055%2C0%2C11&banner-sizes=eyI3MjA1NzYwMzc2MjM2OTA0NyI6IjE1OHgyOTYiLCI3MjA1NzYwNDU5NDY2OTMzMiI6IjE1OHgyOTYifQ%3D%3D&width=1600&height=599
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:54 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 11:23:54 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 01 Nov 2021 11:23:54 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame 533F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
69f1addb7f037e6b3b2d59f14eb42d8ba4a4e0fdc51e1334aebf2c0247e1703d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14368
x-xss-protection
0
server
cafe
etag
7958953853577552369
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 01 Nov 2021 11:23:54 GMT
/
www.google.it/pagead/1p-user-list/1014923426/ Frame 533F
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Ss5_YamAGYO57gPHno_oCQ...
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=499521893&crd=&is_vtc=1&random=3099687439
  • https://www.google.it/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=499521893&crd=&is_vtc=1&random=3099687439&ipr=y
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.it/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=499521893&crd=&is_vtc=1&random=3099687439&ipr=y
Protocol
H2
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:54 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.it/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=499521893&crd=&is_vtc=1&random=3099687439&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.it/pagead/1p-user-list/1014923426/ Frame 533F
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Ss5_YeSDGYvjgQeksIqQAQ...
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=776042332&crd=&is_vtc=1&random=2105224410
  • https://www.google.it/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=776042332&crd=&is_vtc=1&random=2105224410&ipr=y
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.it/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=776042332&crd=&is_vtc=1&random=2105224410&ipr=y
Protocol
H2
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:54 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.it/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=776042332&crd=&is_vtc=1&random=2105224410&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3
mc.yandex.ru/watch/ Frame 533F 		167 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.82%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fhelpmyhtc.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A9ezyymqkmijljhdjn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A1%3Adp%3A0%3Als%3A862892365582%3Ahid%3A617868918%3Az%3A0%3Ai%3A20211101112354%3Aet%3A1635765834%3Ac%3A1%3Arn%3A372455462%3Arqn%3A1%3Au%3A1635765834342604109%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1635765832004%3Ads%3A0%2C123%2C61%2C7%2C0%2C0%2C%2C15%2C0%2C202%2C202%2C0%2C202%3Adsn%3A0%2C123%2C61%2C7%2C0%2C0%2C%2C10%2C0%2C202%2C202%2C0%2C202%3Aco%3A0%3Ast%3A1635765834&t=gdpr()ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
9ecafc6fa1de166480689d0944d4b8ff6c29096fd74638358e03c67f2f6fb1e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:54 GMT
x-content-type-options
nosniff
last-modified
Mon, 01-Nov-2021 11:23:54 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
167
x-xss-protection
1; mode=block
expires
Mon, 01-Nov-2021 11:23:54 GMT
advert.gif
mc.yandex.ru/metrika/ Frame 533F 		43 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif?t=ti(4)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 11:23:54 GMT
last-modified
Mon, 25 Oct 2021 12:24:54 GMT
etag
"617677e6-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Mon, 01 Nov 2021 12:23:54 GMT
37412095
mc.yandex.ru/watch/ Frame 533F 		350 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.82%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fhelpmyhtc.com%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3A9ezyymqkmijljhdjn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A2%3Adp%3A1%3Als%3A1185126233330%3Ahid%3A617868918%3Az%3A0%3Ai%3A20211101112354%3Aet%3A1635765834%3Ac%3A1%3Arn%3A459968966%3Arqn%3A1%3Au%3A1635765834342604109%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1635765832004%3Ads%3A0%2C123%2C61%2C7%2C0%2C0%2C%2C15%2C0%2C202%2C202%2C0%2C202%3Adsn%3A0%2C123%2C61%2C7%2C0%2C0%2C%2C10%2C0%2C202%2C202%2C0%2C202%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1635765834%3At%3A&t=gdpr(6)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
ba993f042d9006cf1f51f3187eceaced51d211e04e577f82895a323285ae2cc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:54 GMT
x-content-type-options
nosniff
last-modified
Mon, 01-Nov-2021 11:23:54 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Mon, 01-Nov-2021 11:23:54 GMT
WJ8ejI_zOB40HGa0f0vo-5WlirurU0K0iG4GW8200J57pdzX000003Zkq2k80Wcv0fEZzFodthFWy0B3c-Jc0y3nRV050Q06cWF91aSo7iesna9ugGTkpm1yoncxMHAg2n2_lkLXRiy009_SL6cupyVa-D3inh6XUAWFxfwZbRYvnjrPa12Tg8AvthlO-N3moAweu...
an.yandex.ru/count/ 		43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/count/WJ8ejI_zOB40HGa0f0vo-5WlirurU0K0iG4GW8200J57pdzX000003Zkq2k80Wcv0fEZzFodthFWy0B3c-Jc0y3nRV050Q06cWF91aSo7iesna9ugGTkpm1yoncxMHAg2n2_lkLXRiy009_SL6cupyVa-D3inh6XUAWFxfwZbRYvnjrPa12Tg8AvthlO-N3moAweu1G1s1N1YlRieu-y_6FmoHRmFu4Ng1S9cHZG627u680Pi1cu6Vy1m1d7jEU6av_6nIFI6H9vOM9pNtDbSdPbSYzoDJSvBJ7e6MJm6O320u8S3LL5GJfOMcPHP5fLLJVf780T_tyJ04zap7KGo0R1G5CmABYhec4ItK88Bp4mbwtC26uLc1H9RezomtrKkfzWn82fdHD4effOG_XZEpd40A40~1=WeiejI_zO0G23HG0j282MAf810F6v-Nwx1k00R6Y4uW1j_69ys6G0Qx8-Rd8W8200fW1hiZvkKYW0UZ7g07en_cvIBW1WlMNeI3O0QQvkvG1u07krvQK0UW1SlW1g9ZUlW6W0gx2d1YO0y24FR03rKE81Qdf7f05jBGYi0Nlimou1U-p3C05pQG4o0NanG7G1VM70-05TvW6wjMVcmge1fe3k0U01P0DyGS00CANeOuCW0e1mGgtawag0wq5GCdP2sxF07pB6RjPw0kfwHw83C3luhu1w0oR1fWDsAcW3i24FO0Gqvh66feG6mX06K0000384C2Ga881q132bwzVeU0HfVHUw16brlp1d8RVefBGbln0qDc7zbqPn3-O4mAe4vdrsPEsYzhP5k0JxxCCY1JalVAkXVd3v2wW5E-p3AWKjBGYi1IKoUOIk1IWbyG6o1G2q1IUZg11s1IqieE81kWKZ0BG5RIoWuW6s1N1YlRieu-y_6EW5f3xoOi6i1Qo0yaMy3_G5i3luhu1s1QTg8AvthlO-N215vWNweIIAxWN0S0NjHBG5z260zWNhwGyw1S1cHYW61Im69M9_ui6k1W1-1ZurjN2aQstY6M06OaP3uG60000002W6Pe3k1d___y1u1a1w1bay1c0mWE16l__1xy-cjR5Y1h0X3sW6lEjwu2Gv-7O9lKQ0G0009WRsAavwHiBx7KwXNr3GV0Rkh-m0_WRYwI20UaSW1t_VvaTu1tBmWMe7W4R03Y4T9YHWJnoT9G1t4F174Mo7o9UtHlns90Gi6LUOqh07JsrGA2L0N3Xx8DtTOCdOjEgg48E1Iq1P95vBZYD64I8Lq86w3a6d5efdI5gvX9i4t00~1=Wf0ejI_zO1G2DHG0H2AUL8rt50EgYuh3uGA00Q6agbM80OUZXz1oa06etDZJpe20W0AO0QZSsDDEe06YsQW1ejdOqqwu0Poq-jWXs07EjlYO0U01reo04kW1s0Ju0Tw9thu1e0ACwhGJe0C4i0FtGOW5beSUa0Nyko2m1SsW2BW5pQ08m0NEwXV81Sg71j05v_42u0MLg0QQ0xW7j0RG1mBO1n3W1uOAyGS00000meQrshRMRtIgt_G_oVWAWBKOsGjkpm1yoncxMUWBbeSUcmQO3TYfi3wW3i24FO0Gfzda7C2mce81eU0HfVHUw16brlp1d8RVefBGbln0vlHFoFM4qJ-O4mAe4vdrsPEsYzhP5k0JpQ08Y1JalVAkXVd3v2wW5CsW2AWK_BiWi1J0YP42q1I__y9Fs1IItz6A1kWKZ0BG5PBVqOe6s1N1YlRieu-y_6EW5f3xoOi6i1Qo0yaMq1RUYTw-0TWMdQY2kTwxsFbmWHUO5xsum1Au5m705xKIq1VGXWFO5w3UF-0Nc9cFzWNe5m7u5zxOdee6cHYW60wm6DJx_ei6k1W2-1ZurjN2aQstY6M06OaP3uG60000002W6Pe3k1d___y1u1a4w1bay1c0mWE16l__ipoeq4f7Y1h0X3sG6e10e1henyY0gTxtnJ_r6W40002O6zYfETWR8EaRy-kYeicTO47m6uIvgn3u6zAZlWxf703mFu0T_t-P7G3mF-0TpzY_1gWU0Hy0G12GUa23mU7deunbmfIXgeZsGsuy7zdcynYhTc75lMaDITPPvfsb1A3eASe88QlULGYe2AY1m2-gbgAdKXH6GSi9Kuqn8D_CSn4WBA3d60IB1Ib1AwNpJisiWsq23W00~1?stat-id=9&test-tag=483287143326241&banner-sizes=eyI3MjA1NzYwMzc2MjM2OTA0NyI6IjE1OHgyOTYiLCI3MjA1NzYwNDU5NDY2OTMzMiI6IjE1OHgyOTYifQ%3D%3D&format-type=104&actual-format=14&pcodever=46959&banner-test-tags=eyI3MjA1NzYwMzc2MjM2OTA0NyI6IjU3MzYxIiwiNzIwNTc2MDQ1OTQ2NjkzMzIiOiI1NzM2MiJ9&pcode-active-testids=444618%2C0%2C80%3B444055%2C0%2C11&width=1600&height=599&confirmTime=2100000&confirmRatio=1000000&wmode=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://helpmyhtc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:54 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 11:23:54 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 01 Nov 2021 11:23:54 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 533F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1635765834452&cv=9&fst=1635765834452&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.82%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fhelpmyhtc.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3281641021293cd2b90a79dc33ca9543e37faa89e2d3140ac5812a2561f7022
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1116
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 533F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1635765834457&cv=9&fst=1635765834457&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.82%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fhelpmyhtc.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45a6a523ed2bba687c708c73e02567796cd1cb4ce0f167065184b2cb46b3f45b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1117
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 533F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1635765834460&cv=9&fst=1635765834460&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.82%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fhelpmyhtc.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd392b6bc76c3e9e34be5d7f283b6b2ce252f177a62b3b239b6d8b7dc7e536fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1116
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 533F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1635765834462&cv=9&fst=1635765834462&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.82%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fhelpmyhtc.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c32ecbdac1c4a0deb5401b6104bdc1f07c7051e4c99a9b7ebb4120dec04f7f96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1115
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/947884341/ Frame 533F 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/947884341/?random=1635765834452&cv=9&fst=1635764400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.82%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fhelpmyhtc.com%2F&async=1&fmt=3&is_vtc=1&random=3615487751&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.it/pagead/1p-user-list/947884341/ Frame 533F 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.it/pagead/1p-user-list/947884341/?random=1635765834452&cv=9&fst=1635764400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.82%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fhelpmyhtc.com%2F&async=1&fmt=3&is_vtc=1&random=3615487751&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/947884341/ Frame 533F 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/947884341/?random=1635765834460&cv=9&fst=1635764400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.82%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fhelpmyhtc.com%2F&async=1&fmt=3&is_vtc=1&random=1542555474&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.it/pagead/1p-user-list/947884341/ Frame 533F 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.it/pagead/1p-user-list/947884341/?random=1635765834460&cv=9&fst=1635764400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.82%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fhelpmyhtc.com%2F&async=1&fmt=3&is_vtc=1&random=1542555474&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/693627671/ Frame 533F 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/693627671/?random=1635765834462&cv=9&fst=1635764400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.82%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fhelpmyhtc.com%2F&async=1&fmt=3&is_vtc=1&random=2846006132&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.it/pagead/1p-user-list/693627671/ Frame 533F 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.it/pagead/1p-user-list/693627671/?random=1635765834462&cv=9&fst=1635764400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.82%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fhelpmyhtc.com%2F&async=1&fmt=3&is_vtc=1&random=2846006132&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/693627671/ Frame 533F 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/693627671/?random=1635765834457&cv=9&fst=1635764400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.82%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fhelpmyhtc.com%2F&async=1&fmt=3&is_vtc=1&random=3278298819&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.it/pagead/1p-user-list/693627671/ Frame 533F 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.it/pagead/1p-user-list/693627671/?random=1635765834457&cv=9&fst=1635764400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.82%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fhelpmyhtc.com%2F&async=1&fmt=3&is_vtc=1&random=3278298819&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 11:23:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler string| qa_root string| qa_request function| $ function| jQuery function| qa_reveal function| qa_conceal function| qa_set_inner_html function| qa_set_outer_html function| qa_show_waiting_after function| qa_hide_waiting function| qa_vote_click function| qa_notice_click function| qa_favorite_click function| qa_ajax_post function| qa_ajax_error function| qa_display_rule_show object| qa_element_revealed function| qa_toggle_element function| qa_submit_answer function| qa_submit_comment function| qa_answer_click function| qa_comment_click function| qa_show_comments function| qa_form_params function| qa_scroll_page_to function| qa_title_change function| qa_html_unescape function| qa_html_escape function| qa_tag_click function| qa_tag_hints function| qa_tags_to_html function| qa_caret_from_end function| qa_tag_typed_parts function| qa_category_select function| set_category_description function| qa_submit_wall_post function| qa_wall_post_click function| qa_pm_click function| Cookies function| toggleSmileyBox function| insertSmiley object| b object| adsbygoogle object| yandexContextAsyncCallbacks function| MobileDetect function| setCookie function| getCookie function| show_advpopup object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_persistent_state_async string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| Ya object| yaCounter25886303 object| pcodeJsonp46959e9pwsdnICc number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| __activeTestIds object| __pcodeAllActiveTestIds object| ya boolean| yandex_context_perf_logging object| layoutConfig object| yaSafeFrameAsyncCallbacks object| yaCounter357431 object| $sf object| GoogleGcLKhOms object| google_image_requests

41 Cookies

Domain/Path Name / Value
yastatic.net/safeframe-bundles/0.82/1-1-0 Name: afpix
Value: 1
yastatic.net/safeframe-bundles/0.82/1-1-0 Name: pcssspb
Value: 1
yastatic.net/safeframe-bundles/0.82/1-1-0 Name: pcs3
Value: 1
helpmyhtc.com/ Name: PHPSESSID
Value: 919106482e8370bdeb9059c9feb6d9ce
helpmyhtc.com/ Name: qa_key
Value: tnveagu8156h3tro4ddl5u97840ifio8
.yadro.ru/ Name: FTID
Value: 1XVyvF2BbNOB1XVyvF001GEP
.yadro.ru/ Name: VID
Value: 2NW9M40PoE8B1XVyvF001GIx
.helpmyhtc.com/ Name: _ym_uid
Value: 1635765831368866457
.helpmyhtc.com/ Name: _ym_d
Value: 1635765831
.yandex.ru/ Name: yandexuid
Value: 8665706571635765831
.yandex.ru/ Name: yuidss
Value: 8665706571635765831
mc.yandex.ru/ Name: yabs-sid
Value: 409844131635765831
.yandex.ru/ Name: i
Value: pSDIWxq8evLF8K4oIJlMDyMDPhFpT56Oie2vr4Zfu/hPJHT2IkJfC0s6KC5fWLVAn1bkH+gIgPfEUKgUgKiy32wh+EE=
.yandex.ru/ Name: ymex
Value: 1667301831.yrts.1635765831#1667301831.yrtsi.1635765831
.helpmyhtc.com/ Name: _ym_isad
Value: 2
.helpmyhtc.com/ Name: __gads
Value: ID=38c2d21ef1d80eb3-22aa529306cb00c2:T=1635765831:RT=1635765831:S=ALNI_Mb0VgyWYIsvp0dV4zrxCytpfue3DA
.helpmyhtc.com/ Name: _ym_visorc
Value: w
.an.yandex.ru/ Name: yabs-vdrf
Value: A0
.weborama.fr/ Name: AFFICHE_W
Value: xzETCHrZVtPH67
.1dmp.io/ Name: uid
Value: 313b3890-3b06-11ec-ad67-f832e4719dd9
.sonar.semantiqo.com/ Name: semantiqo_a
Value: 961fee51ea3149f28ce6a5e44009a64b
.sonar.semantiqo.com/ Name: check
Value: d47d9302749848289d96953473de071c
.1dmp.io/ Name: ru-seq
Value: null
.doubleclick.net/ Name: IDE
Value: AHWqTUkolUjRyw2WHn5RKW8X-LYbZjvXGVeMe3tUnx2fwIm80fZ4F-ThpIC0bFA57-I
.aidata.io/ Name: __upin
Value: VvVRi35JHWTL8qyYlZrXug
.aidata.io/ Name: __upints
Value: 1635765832
.dmg.digitaltarget.ru/ Name: viuserid
Value: yKrrIoXv25aY5kB7fulr
.demdex.net/ Name: demdex
Value: 43708647892883382501202264518801614897
x01.aidata.io/ Name: yaya
Value: 1
.rutarget.ru/ Name: userId
Value: eXBXMooWq7Hv
.dpm.demdex.net/ Name: dpm
Value: 43708647892883382501202264518801614897
.upravel.com/ Name: session_tptc
Value: 1635765832631
.upravel.com/ Name: user_id
Value: fad0d7e2-f14e-4fb0-acd7-7baba313e103
.caltat.com/ Name: caltat
Value: 01d38996106e419b810c60c87a7dd758
.tns-counter.ru/ Name: guid
Value: 158D6A0B617FCE48X1635765832
.magnitent.com/ Name: sonar
Value: 961fee51ea3149f28ce6a5e44009a64b
.magnitent.com/ Name: ct
Value: 01d38996106e419b810c60c87a7dd758
.magnitent.com/ Name: spid
Value: BEC52D21279CB787
.magnitent.com/ Name: 3db
Value: BEC52D21279CB787
.yandex.ru/ Name: is_gdpr
Value: 1
.yandex.ru/ Name: is_gdpr_b
Value: CNezWRC+ThgB

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.it
an.yandex.ru
avatars.mds.yandex.net
cdn3.caltat.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.tns-counter.ru
counter.yadro.ru
dm.hybrid.ai
dmg.digitaltarget.ru
dpm.demdex.net
fad0d7e2-f14e-4fb0-acd7-7baba313e103.sync.upravel.com
googleads.g.doubleclick.net
helpmyhtc.com
maxcdn.bootstrapcdn.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
profile.ssp.rambler.ru
redirect.frontend.weborama.fr
sonar.semantiqo.com
ssp.adriver.ru
stats.mos.ru
sync.1dmp.io
sync.magnitent.com
sync.upravel.com
tpc.googlesyndication.com
www.google.com
www.google.it
www.googleadservices.com
x01.aidata.io
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
136.243.48.22
142.250.184.226
142.250.185.98
142.250.186.130
148.251.78.49
185.15.175.144
2001:6d0:4001::226
212.11.152.207
2606:4700::6810:135e
2606:4700::6812:bcf
2a00:1450:4001:809::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
2a0a:2b43:6d:d6f2::
35.190.16.14
37.18.16.16
54.171.163.246
80.64.106.148
80.64.106.149
81.222.128.213
88.212.201.198
89.108.119.28
91.192.149.30
95.216.101.186
95.217.109.66
0163d9a5241a1ff3ecf2aa5f8e4f613756acf2d315fe5271acaf54876313c2e2
02b875aa5683bc417baf6270aee64e7f8d5daacbfd83ef9e3ffa323b653d9640
086945ddf05fb23f795e75591190dc6640a5a413af4381d4a2af0f46203cff83
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
10c861bc88c25be1f3ee98f7652bc7fbb35857f42f923e00c6037b757c77685e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1c0b6a8fcf5a1a458f4172e48f4db23531b25a59f7f71f19d0978c46f61ad78e
286d7b1513330a2584731e1073d5346e1193de768356ccd3fbf0c24365f52ad0
2ba6c99545dd22a1ceac617b8abf42bd5347ea8a3c6c2baaf9e4ce98da8c2e49
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
3a3ba2b0e01ce58a85831e1dd578e7e29ea8cdb46613900df89a11a33964a980
41fd616ac7238e04bb88107b622dde56c225292677048a9c1b804f55cd80c4de
433e5bfc5d76947a617b06b331835516e67fc3ecf60803e0b07b5a5015a3a802
45a6a523ed2bba687c708c73e02567796cd1cb4ce0f167065184b2cb46b3f45b
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
51e56dbe1a379fc4c55c702be7ff75c361cb6f7d6d45de15ce5092e027deed10
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5e2a2283238129452df299333c53e83a1cd687dd090230035f2e1e312f7c183e
661371ab7d8a54d45160961957d5896c4b8a7090d2498f68d58c7e3481888ccb
67a31912bf6be55ddf4067735f392d7225d8041f544ed291df0296f343df524e
69f1addb7f037e6b3b2d59f14eb42d8ba4a4e0fdc51e1334aebf2c0247e1703d
6d9bb299a3c3636cb83e86bd49acd6ca687843a6f7723361afdb4a9874c07dbe
708ac35f1fb1183f3f71e3c53b7d0f7848ec5561339cadd14eb20ae58c64c403
736ebe62481b6e26e2ab4253380d6ee4e586ab20d54dddf5919d5ac7ba8b24f3
7a10430b5b3935a977ad22025cfa07a6b0f1ba0983625f30177f1f847f036d11
7a2d9d8a2755776e512e56e6214c8c61550f909c10f3215f1400ca911d5225a7
8e84b6654d2e53e9965bca348f66ea95bc252e1d63a046b0a8cfc3c578f8a0c6
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9ecafc6fa1de166480689d0944d4b8ff6c29096fd74638358e03c67f2f6fb1e3
a3281641021293cd2b90a79dc33ca9543e37faa89e2d3140ac5812a2561f7022
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a9fabc7f7fcd8e9266a45272028db7bb1f5fbc3aaac0cbaf5772ffcd9bfc7c09
ba993f042d9006cf1f51f3187eceaced51d211e04e577f82895a323285ae2cc4
c1c24d6a7ce4bd24b1f3f51ab6f74667c94263fa4b109cc3ff32f4f22848087f
c32ecbdac1c4a0deb5401b6104bdc1f07c7051e4c99a9b7ebb4120dec04f7f96
c489985679ae91858873e2201f9ff939caf128cb18cb9d12f4956e780fa490e7
c52e89074cb0440a6db05393e4b9641f39325b0585a580914cd400dc42ea206e
c67903e6583d458f478230ef3acc11b2949eca5f05f63ba0291b1267a107696b
cdfa9a147ae8d8357855515bab5291b8c9342eeed9d638b47103c19d9d9aaf36
ce24344a34bd43a9eaf9649a490d5934e570e978b1fe410178918f5fb12224d2
d02d04de6e2964656d3aafbeb7c520d9de520e28a4c6c4af20d93fe17065e744
d107d7bde7ad74baddd89582b894be27ff1efa8054474a75376f35a00b04824d
d790d30849c8f43e87205524a3b6c92ffc9aa0c24a0d1161b5bfadcfefe7129b
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48e4db5ebf7ec63a028eb6fa5ad8f5265c4b1cb7bd887517e7230474d8d2b67
ecf2994518b190a7cb17b68d09c77143b61f5695d2b3ec82c3c35f5abc1c7365
eddd850bd69b44d68235649d64b66d5028a396baafae1f1bedde427be5f58b75
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1de79663cc81ff14d235b98bbbdd9e677123b5ed5f24ca5a9d91c0b63783a26
f62c20cec722b86dc980ce86be42516302180d4bb7c02889ebf6a7dba8a261eb
fd392b6bc76c3e9e34be5d7f283b6b2ce252f177a62b3b239b6d8b7dc7e536fa
fef8f68fcb81d77a04bb91d8acf35c8fa1bdb9cf1694657fdd0f2d240e018333