minecraft-inside.ru Open in urlscan Pro
138.201.190.105 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://minecraft-inside.ru/mods/158057-simple-hats.html
Submission Tags: falconsandbox
Submission: On August 29 via api (August 29th 2022, 7:06:13 pm UTC) from US — Scanned from DE

Summary HTTP 127 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 19 domains to perform 127 HTTP transactions. The main IP is 138.201.190.105, located in Germany and belongs to HETZNER-AS, DE. The main domain is minecraft-inside.ru. The Cisco Umbrella rank of the primary domain is 467491.
TLS certificate: Issued by R3 on August 24th 2022. Valid for: 3 months.

This is the only time minecraft-inside.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	138.201.190.105 138.201.190.105	24940 (HETZNER-AS) (HETZNER-AS)
1	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
13	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1 5	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	81.19.89.16 81.19.89.16	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
12	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
3	81.19.89.17 81.19.89.17	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 2	154.47.36.139 154.47.36.139	174 (COGENT-174) (COGENT-174)
3	2a00:1450:400... 2a00:1450:400c:c08::5f	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400a:802::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4002:819::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.110.157 142.250.110.157	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:11::8	15169 (GOOGLE) (GOOGLE)
127	28

27 138.201.190.105 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.105.190.201.138.clients.your-server.de

minecraft-inside.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.163.52.67 (Russian Federation) 1 redirects

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.19.89.16 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

st.top100.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 81.19.89.17 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.47.36.139 (United States) 1 redirects

ASN174 (COGENT-174, US)

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c08::5f (Brussels, Belgium)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400a:802::200a (Zurich, Switzerland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4002:819::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.110.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wf-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:11::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r3---sn-4g5lznez.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	483 KB
27	minecraft-inside.ru minecraft-inside.ru — Cisco Umbrella Rank: 467491	1 MB
25	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 static.doubleclick.net — Cisco Umbrella Rank: 398 bid.g.doubleclick.net — Cisco Umbrella Rank: 474	211 KB
8	yandex.ru 3 redirects yandex.ru — Cisco Umbrella Rank: 1426 mc.yandex.ru — Cisco Umbrella Rank: 3880	153 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	88 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54 imasdk.googleapis.com — Cisco Umbrella Rank: 440	129 KB
5	mail.ru 1 redirects top-fwz1.mail.ru — Cisco Umbrella Rank: 11366	16 KB
4	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 88 www.google.com — Cisco Umbrella Rank: 9	1 KB
4	yastatic.net yastatic.net — Cisco Umbrella Rank: 6925	139 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 970 r3---sn-4g5lznez.c.2mdn.net — Cisco Umbrella Rank: 446824	1 KB
3	rambler.ru kraken.rambler.ru — Cisco Umbrella Rank: 30061	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	87 KB
2	webvisor.org 1 redirects mc.webvisor.org — Cisco Umbrella Rank: 22152	712 B
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9849	1 KB
2	top100.ru st.top100.ru — Cisco Umbrella Rank: 37399	35 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	20 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 422	92 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8811	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 882	648 B
127	19

	Domain	Requested by
27	minecraft-inside.ru	minecraft-inside.ru
18	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com pagead2.googlesyndication.com
13	pagead2.googlesyndication.com	minecraft-inside.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	static.doubleclick.net	googleads.g.doubleclick.net
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	mc.yandex.ru	3 redirects cdn.jsdelivr.net minecraft-inside.ru
5	top-fwz1.mail.ru	1 redirects minecraft-inside.ru
4	fonts.gstatic.com	fonts.googleapis.com
4	yastatic.net	yandex.ru
3	www.google.com	2 redirects tpc.googlesyndication.com
3	fonts.googleapis.com	googleads.g.doubleclick.net tpc.googlesyndication.com
3	kraken.rambler.ru	st.top100.ru minecraft-inside.ru
2	r3---sn-4g5lznez.c.2mdn.net
2	csi.gstatic.com	imasdk.googleapis.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	mc.webvisor.org	1 redirects minecraft-inside.ru
2	counter.yadro.ru	1 redirects minecraft-inside.ru
2	st.top100.ru	minecraft-inside.ru st.top100.ru
2	www.google-analytics.com	minecraft-inside.ru www.google-analytics.com
2	cdn.jsdelivr.net	minecraft-inside.ru
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	yandex.ru	minecraft-inside.ru
127	28

This site contains links to these domains. Also see Links.

Domain
www.curseforge.com
vk.com
www.facebook.com
twitter.com
connect.mail.ru
connect.ok.ru
t.me
top.mail.ru
top100.rambler.ru
www.liveinternet.ru
mcpe-inside.ru

Subject Issuer	Validity	Valid
minecraft-inside.ru R3	`2022-08-24` - `2022-11-22`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2022-08-19` - `2023-02-16`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-21` - `2023-04-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.top100.ru RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-02-03` - `2023-02-14`	a year	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-04-01` - `2022-09-29`	6 months	crt.sh
*.rambler.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-05-16` - `2023-05-06`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-08-16` - `2022-10-25`	2 months	crt.sh

This page contains 13 frames:

Primary Page: https://minecraft-inside.ru/mods/158057-simple-hats.html
Frame ID: 32F94AA885A3C737E16AAD1986FB7EF3
Requests: 69 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/zrt_lookup.html
Frame ID: 9B4519C66B3392D1673897E327474332
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7673549827074128&output=html&adk=1812271804&adf=3025194257&lmt=1661799966&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&ea=0&pra=5&wgl=1&easpf=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=300&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661799966557&bpp=3&bdt=366&idt=316&shv=r20220822&mjsv=m202208220101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6206825017255&frm=20&pv=2&ga_vid=26973624.1661799966&ga_sid=1661799967&ga_hid=383258159&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069004%2C31069063%2C31069082&oid=2&pvsid=4352117667725084&tmod=1246930238&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=355
Frame ID: 69948582B2DDF6653BD3D5182BAC57DB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7673549827074128&output=html&h=90&slotname=7179367094&adk=962948829&adf=2665882539&pi=t.ma~as.7179367094&w=728&lmt=1661799966&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661799966560&bpp=2&bdt=369&idt=359&shv=r20220822&mjsv=m202208220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6206825017255&frm=20&pv=1&ga_vid=26973624.1661799966&ga_sid=1661799967&ga_hid=383258159&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=281&ady=134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069004%2C31069063%2C31069082&oid=2&pvsid=4352117667725084&tmod=1246930238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pwY4uGqraO&p=https%3A//minecraft-inside.ru&dtd=372
Frame ID: 3ECEF6D65FA5F64CE2CA70C5DDDB5EF7
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7673549827074128&output=html&h=280&slotname=4792270699&adk=743495184&adf=1817241583&pi=t.ma~as.4792270699&w=336&lmt=1661799966&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661799966562&bpp=1&bdt=371&idt=379&shv=r20220822&mjsv=m202208220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=6206825017255&frm=20&pv=1&ga_vid=26973624.1661799966&ga_sid=1661799967&ga_hid=383258159&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=479&ady=1880&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069004%2C31069063%2C31069082&oid=2&pvsid=4352117667725084&tmod=1246930238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=SJ9G5J3riz&p=https%3A//minecraft-inside.ru&dtd=384
Frame ID: B28F8EB50D9ACB9ADF527E73C3C97E41
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7673549827074128&output=html&h=600&slotname=1272434295&adk=1490946491&adf=2518690131&pi=t.ma~as.1272434295&w=300&lmt=1661799966&rafmt=12&psa=0&format=300x600&url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661799966563&bpp=1&bdt=372&idt=396&shv=r20220822&mjsv=m202208220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C336x280&nras=1&correlator=6206825017255&frm=20&pv=1&ga_vid=26973624.1661799966&ga_sid=1661799967&ga_hid=383258159&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069004%2C31069063%2C31069082&oid=2&pvsid=4352117667725084&tmod=1246930238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=k9r8TBwz6F&p=https%3A//minecraft-inside.ru&dtd=401
Frame ID: C0BAC6552D0462A2BEB1765BA11DF6CE
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B25C921B8830B499DA53CD8DE8AA0650
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5145173248429606039/index.html
Frame ID: E8921F3E5F88925C9D040350611D3FA2
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2129C4B485440FE632EA3BB6F434C319
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js
Frame ID: 0E73C57A6557977D138567EF2E94BBE5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 19151308BA4E44B093ABB8CDAC5F5AFA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A969B18C0E96C76543ACADE695EA8DBB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FBE3AB45023C6F40BBA68276C20B5944
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Simple Hats [1.19.2] [1.18.2] / Моды для Майнкрафт / Minecraft Inside

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js
cdn\.jsdelivr\.net/npm/yandex\-metrica\-watch/watch\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

127
Requests

95 %
HTTPS

71 %
IPv6

19
Domains

28
Subdomains

28
IPs

6
Countries

2570 kB
Transfer

5636 kB
Size

32
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.curseforge.com/minecraft/mc-mods/simplehats
Title: Publication Source

Search URL Search Domain Scan URL

URL: https://vk.com/share.php?url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&title=Simple%20Hats%20%5B1.19.2%5D%20%5B1.18.2%5D&description=%D0%9A%D0%BE%D1%81%D0%BC%D0%B5%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%BC%D0%BE%D0%B4%2C%20%D0%B2%D0%B2%D0%BE%D0%B4%D1%8F%D1%89%D0%B8%D0%B9%20%D0%B2%20%D0%B8%D0%B3%D1%80%D1%83%20%D0%B4%D0%B5%D0%BA%D0%BE%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B5%20%D1%88%D0%BB%D1%8F%D0%BF%D1%8B.%20%D0%9D%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%B2%D1%8B%D0%B1%D0%BE%D1%80%20%D0%B2%20%D0%BC%D0%BE%D0%B4%D0%B8%D1%84%D0%B8%D0%BA%D0%B0%D1%86%D0%B8%D0%B8%20%D0%B8%D0%BC%D0%B5%D0%B5%D1%82%D1%81%D1%8F%20%D0%B4%D0%B2%D0%B5%D1%81%D1%82%D0%B8%20%D0%B2%D1%81%D1%82%D1%80%D0%BE%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D1%88%D0%BB%D1%8F%D0%BF%2C%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D0%B5%20%D0%B8%D0%B3%D1%80%D0%BE%D0%BA%D0%B8%20%D0%BC%D0%BE%D0%B3%D1%83%D1%82%20%D0%B4%D0%BE%D0%B1%D0%B0%D0%B2%D0%BB%D1%8F%D1%82%D1%8C%2F%D0%B8%D0%B7%D0%BC%D0%B5%D0%BD%D1%8F%D1%82%D1%8C%2F%D1%83%D0%B4%D0%B0%D0%BB%D1%8F%D1%82%D1%8C%20%D0%BF%D0%BE%20%D1%81%D0%B2%D0%BE%D0%B5%D0%BC%D1%83%20%D1%83%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D0%BD%D0%B8%D1%8E.&image=http%3A%2F%2Fminecraft-inside.ru%2Fimages%2Fcube_x100.png&utm_source=share2
Title: ВКонтакте

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?src=sp&u=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&title=Simple%20Hats%20%5B1.19.2%5D%20%5B1.18.2%5D&description=%D0%9A%D0%BE%D1%81%D0%BC%D0%B5%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%BC%D0%BE%D0%B4%2C%20%D0%B2%D0%B2%D0%BE%D0%B4%D1%8F%D1%89%D0%B8%D0%B9%20%D0%B2%20%D0%B8%D0%B3%D1%80%D1%83%20%D0%B4%D0%B5%D0%BA%D0%BE%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B5%20%D1%88%D0%BB%D1%8F%D0%BF%D1%8B.%20%D0%9D%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%B2%D1%8B%D0%B1%D0%BE%D1%80%20%D0%B2%20%D0%BC%D0%BE%D0%B4%D0%B8%D1%84%D0%B8%D0%BA%D0%B0%D1%86%D0%B8%D0%B8%20%D0%B8%D0%BC%D0%B5%D0%B5%D1%82%D1%81%D1%8F%20%D0%B4%D0%B2%D0%B5%D1%81%D1%82%D0%B8%20%D0%B2%D1%81%D1%82%D1%80%D0%BE%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D1%88%D0%BB%D1%8F%D0%BF%2C%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D0%B5%20%D0%B8%D0%B3%D1%80%D0%BE%D0%BA%D0%B8%20%D0%BC%D0%BE%D0%B3%D1%83%D1%82%20%D0%B4%D0%BE%D0%B1%D0%B0%D0%B2%D0%BB%D1%8F%D1%82%D1%8C%2F%D0%B8%D0%B7%D0%BC%D0%B5%D0%BD%D1%8F%D1%82%D1%8C%2F%D1%83%D0%B4%D0%B0%D0%BB%D1%8F%D1%82%D1%8C%20%D0%BF%D0%BE%20%D1%81%D0%B2%D0%BE%D0%B5%D0%BC%D1%83%20%D1%83%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D0%BD%D0%B8%D1%8E.&picture=http%3A%2F%2Fminecraft-inside.ru%2Fimages%2Fcube_x100.png&utm_source=share2
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Simple%20Hats%20%5B1.19.2%5D%20%5B1.18.2%5D&url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&utm_source=share2
Title: Twitter

Search URL Search Domain Scan URL

URL: https://connect.mail.ru/share?url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&title=Simple%20Hats%20%5B1.19.2%5D%20%5B1.18.2%5D&description=%D0%9A%D0%BE%D1%81%D0%BC%D0%B5%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%BC%D0%BE%D0%B4%2C%20%D0%B2%D0%B2%D0%BE%D0%B4%D1%8F%D1%89%D0%B8%D0%B9%20%D0%B2%20%D0%B8%D0%B3%D1%80%D1%83%20%D0%B4%D0%B5%D0%BA%D0%BE%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B5%20%D1%88%D0%BB%D1%8F%D0%BF%D1%8B.%20%D0%9D%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%B2%D1%8B%D0%B1%D0%BE%D1%80%20%D0%B2%20%D0%BC%D0%BE%D0%B4%D0%B8%D1%84%D0%B8%D0%BA%D0%B0%D1%86%D0%B8%D0%B8%20%D0%B8%D0%BC%D0%B5%D0%B5%D1%82%D1%81%D1%8F%20%D0%B4%D0%B2%D0%B5%D1%81%D1%82%D0%B8%20%D0%B2%D1%81%D1%82%D1%80%D0%BE%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D1%88%D0%BB%D1%8F%D0%BF%2C%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D0%B5%20%D0%B8%D0%B3%D1%80%D0%BE%D0%BA%D0%B8%20%D0%BC%D0%BE%D0%B3%D1%83%D1%82%20%D0%B4%D0%BE%D0%B1%D0%B0%D0%B2%D0%BB%D1%8F%D1%82%D1%8C%2F%D0%B8%D0%B7%D0%BC%D0%B5%D0%BD%D1%8F%D1%82%D1%8C%2F%D1%83%D0%B4%D0%B0%D0%BB%D1%8F%D1%82%D1%8C%20%D0%BF%D0%BE%20%D1%81%D0%B2%D0%BE%D0%B5%D0%BC%D1%83%20%D1%83%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D0%BD%D0%B8%D1%8E.&utm_source=share2
Title: Мой Мир

Search URL Search Domain Scan URL

URL: https://connect.ok.ru/offer?url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&title=Simple%20Hats%20%5B1.19.2%5D%20%5B1.18.2%5D&description=%D0%9A%D0%BE%D1%81%D0%BC%D0%B5%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%BC%D0%BE%D0%B4%2C%20%D0%B2%D0%B2%D0%BE%D0%B4%D1%8F%D1%89%D0%B8%D0%B9%20%D0%B2%20%D0%B8%D0%B3%D1%80%D1%83%20%D0%B4%D0%B5%D0%BA%D0%BE%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B5%20%D1%88%D0%BB%D1%8F%D0%BF%D1%8B.%20%D0%9D%D0%B0%20%D0%B2%D0%B0%D1%88%20%D0%B2%D1%8B%D0%B1%D0%BE%D1%80%20%D0%B2%20%D0%BC%D0%BE%D0%B4%D0%B8%D1%84%D0%B8%D0%BA%D0%B0%D1%86%D0%B8%D0%B8%20%D0%B8%D0%BC%D0%B5%D0%B5%D1%82%D1%81%D1%8F%20%D0%B4%D0%B2%D0%B5%D1%81%D1%82%D0%B8%20%D0%B2%D1%81%D1%82%D1%80%D0%BE%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D1%88%D0%BB%D1%8F%D0%BF%2C%20%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D0%B5%20%D0%B8%D0%B3%D1%80%D0%BE%D0%BA%D0%B8%20%D0%BC%D0%BE%D0%B3%D1%83%D1%82%20%D0%B4%D0%BE%D0%B1%D0%B0%D0%B2%D0%BB%D1%8F%D1%82%D1%8C%2F%D0%B8%D0%B7%D0%BC%D0%B5%D0%BD%D1%8F%D1%82%D1%8C%2F%D1%83%D0%B4%D0%B0%D0%BB%D1%8F%D1%82%D1%8C%20%D0%BF%D0%BE%20%D1%81%D0%B2%D0%BE%D0%B5%D0%BC%D1%83%20%D1%83%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D0%BD%D0%B8%D1%8E.&imageUrl=http%3A%2F%2Fminecraft-inside.ru%2Fimages%2Fcube_x100.png&utm_source=share2
Title: Одноклассники

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&text=Simple%20Hats%20%5B1.19.2%5D%20%5B1.18.2%5D&utm_source=share2
Title: Telegram

Search URL Search Domain Scan URL

URL: http://top.mail.ru/jump?from=2448787

Search URL Search Domain Scan URL

URL: https://top100.rambler.ru/home?id=3039121

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: https://vk.com/minecraft_inside_ru
Title: ВКонтакте

Search URL Search Domain Scan URL

URL: https://t.me/MinecraftInsideRu
Title: Телеграм

Search URL Search Domain Scan URL

URL: https://mcpe-inside.ru/
Title: mcpe-inside.ru

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://top-fwz1.mail.ru/counter?id=2448787;t=442;l=1 HTTP 302
https://top-fwz1.mail.ru/counter2?id=2448787;t=442;l=1

Request Chain 26

https://counter.yadro.ru/hit?t44.5;r;s1600*1200*24;uhttps%3A//minecraft-inside.ru/mods/158057-simple-hats.html;0.12885149092581183 HTTP 302
https://counter.yadro.ru/hit?q;t44.5;r;s1600*1200*24;uhttps%3A//minecraft-inside.ru/mods/158057-simple-hats.html;0.12885149092581183

Request Chain 47

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr946emzh8e0%3Afp%3A317%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A2%3Adp%3A0%3Als%3A10432906784%3Ahid%3A1063553779%3Az%3A0%3Ai%3A20220829190606%3Aet%3A1661799967%3Ac%3A1%3Arn%3A857287536%3Arqn%3A1%3Au%3A1661799967278050165%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661799966080%3Ads%3A9%2C51%2C46%2C1%2C0%2C0%2C%2C299%2C25%2C%2C%2C%2C408%3Aco%3A0%3Ast%3A1661799967&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr946emzh8e0%3Afp%3A317%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A2%3Adp%3A0%3Als%3A10432906784%3Ahid%3A1063553779%3Az%3A0%3Ai%3A20220829190606%3Aet%3A1661799967%3Ac%3A1%3Arn%3A857287536%3Arqn%3A1%3Au%3A1661799967278050165%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661799966080%3Ads%3A9%2C51%2C46%2C1%2C0%2C0%2C%2C299%2C25%2C%2C%2C%2C408%3Aco%3A0%3Ast%3A1661799967&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29ti%282%29

Request Chain 48

https://mc.yandex.ru/watch/23571196?wmode=7&page-url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr946emzh8e0%3Afp%3A317%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A272066725147%3Ahid%3A1063553779%3Az%3A0%3Ai%3A20220829190606%3Aet%3A1661799967%3Ac%3A1%3Arn%3A362438593%3Arqn%3A1%3Au%3A1661799967278050165%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661799966080%3Ads%3A9%2C51%2C46%2C1%2C0%2C0%2C%2C299%2C25%2C%2C%2C%2C408%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661799967%3At%3ASimple%20Hats%20%5B1.19.2%5D%20%5B1.18.2%5D%20%2F%20%D0%9C%D0%BE%D0%B4%D1%8B%20%D0%B4%D0%BB%D1%8F%20%D0%9C%D0%B0%D0%B9%D0%BD%D0%BA%D1%80%D0%B0%D1%84%D1%82%20%2F%20Minecraft%20Inside&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/23571196/1?wmode=7&page-url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr946emzh8e0%3Afp%3A317%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A272066725147%3Ahid%3A1063553779%3Az%3A0%3Ai%3A20220829190606%3Aet%3A1661799967%3Ac%3A1%3Arn%3A362438593%3Arqn%3A1%3Au%3A1661799967278050165%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661799966080%3Ads%3A9%2C51%2C46%2C1%2C0%2C0%2C%2C299%2C25%2C%2C%2C%2C408%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661799967%3At%3ASimple%20Hats%20%5B1.19.2%5D%20%5B1.18.2%5D%20%2F%20%D0%9C%D0%BE%D0%B4%D1%8B%20%D0%B4%D0%BB%D1%8F%20%D0%9C%D0%B0%D0%B9%D0%BD%D0%BA%D1%80%D0%B0%D1%84%D1%82%20%2F%20Minecraft%20Inside&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Request Chain 61

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9745.eP8BEMfQ6YnsWxFvfEfKpp6sNAye8Hw84vkbP5RySNtg3Qr6PgJ9WL1XOAOSUPBs.ud_LsVjjHrj6p-q3Nvbhoom6aHY%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=9745.AUpyhIUXQ85R_jUKH8UjVf8r5C4FNQ4TQmeL5yORMNfebR4tvIB93Sz8jCMUJzra3QyPReVTv4c2oWoMBML1iWLMzB4FKe-73DZ0_XjBSm8%2C.ZReXOud7CFrsONfBhqZ7mcbMX6k%2C

Request Chain 81

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 94

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 125

https://gcdn.2mdn.net/videoplayback/id/7a19311de55a1d60/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1693335968/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/BAF41301CDB2542EF6C31A4598BE90E859AAE822.A795AD1DCD67DAC9839EB87BBF164F1E4447E0A0/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-4g5lznez.c.2mdn.net/videoplayback/id/7a19311de55a1d60/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1693335968/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/23A8413CF134B2B06A6D2EDB4EE908C13FC752A2.6AB950D341E59B5A46010DAE075BAE522F6FE7DD/key/cms1/cms_redirect/yes/mh/3l/mip/2001:1b60:2:240:3247::6/mm/42/mn/sn-4g5lznez/ms/onc/mt/1661799669/mv/m/mvi/3/pl/29/file/file.mp4

127 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 158057-simple-hats.html Show response
minecraft-inside.ru/mods/ 50 KB
11 KB 107ms
46ms Document
text/html 138.201.190.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://minecraft-inside.ru/mods/158057-simple-hats.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.190.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.190.201.138.clients.your-server.de
Software: nginx /
Resource Hash: ea91389b5dbe27df3f4eb9068bfff86569cf168cec7c20c17c8a82b481296740

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-language: ru, uk, kk, be, mo, ky, uz
content-type: text/html; charset=UTF-8
date: Mon, 29 Aug 2022 19:06:06 GMT
link: </assets/21e921c19a557ebc02156e3e61ed76f8.css>; rel=preload; as=style
server: nginx

GET
H2 200 21e921c19a557ebc02156e3e61ed76f8.css
minecraft-inside.ru/assets/ 111 KB
22 KB 39ms
38ms Stylesheet
text/css 138.201.190.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://minecraft-inside.ru/assets/21e921c19a557ebc02156e3e61ed76f8.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.190.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.190.201.138.clients.your-server.de
Software: nginx /
Resource Hash: d71f9328e947a4990f9ea57da682786f9139827fd18af6a74b4dfe9a526929a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/mods/158057-simple-hats.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
content-encoding: gzip
last-modified: Tue, 16 Aug 2022 13:11:43 GMT
server: nginx
etag: W/"62fb978f-1ba95"
content-type: text/css
cache-control: max-age=31536000
expires: Tue, 29 Aug 2023 19:06:06 GMT

GET
H2 200 437dcd7406b4126e1fcc77a116815845.js Show response
minecraft-inside.ru/assets/ 241 KB
74 KB 62ms
61ms Script
application/javascript 138.201.190.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://minecraft-inside.ru/assets/437dcd7406b4126e1fcc77a116815845.js
Requested by: Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.190.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.190.201.138.clients.your-server.de
Software: nginx /
Resource Hash: f109362a5aff7dcf196ac7d43eab3cf776d01d2ffe47d37f221385753e153a37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/mods/158057-simple-hats.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
content-encoding: gzip
last-modified: Tue, 16 Aug 2022 13:11:42 GMT
server: nginx
etag: W/"62fb978e-3c408"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
expires: Tue, 29 Aug 2023 19:06:06 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 291 KB
79 KB 238ms
73ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

fb24093f014ef44231f41e21be490162391f23204697b836e7e9c2541c2c2f8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1661799966492317-6231553220303339266-vla1-2174-vla-l7-balancer-8080-BAL-7472
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 29 Aug 2022 20:06:06 GMT

GET
H2 200 logo.png
minecraft-inside.ru/images/ 37 KB
37 KB 31ms
28ms Image
image/png 138.201.190.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minecraft-inside.ru/images/logo.png
Requested by: Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.190.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.190.201.138.clients.your-server.de
Software: nginx /
Resource Hash: 28771ce953bd7986325638b7e9e349ee61b7e2672ced541f1cda8acb26cad049

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/mods/158057-simple-hats.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
last-modified: Tue, 03 Jan 2017 11:13:02 GMT
server: nginx
etag: "586b873e-92fe"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 37630
expires: Tue, 29 Aug 2023 19:06:06 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
57 KB 128ms
73ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7673549827074128

Requested by

Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3cab891d4970eec9af52024c814434ac56a51e754036157dbe26fbcacfaaac66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minecraft-inside.ru/
Origin: https://minecraft-inside.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57593
x-xss-protection: 0
server: cafe
etag: 12753953758695057503
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 19:06:06 GMT

GET
H2 200 158057_62a6ee1c55463.png
minecraft-inside.ru/uploads/files/2022-06/ 61 KB
61 KB 32ms
30ms Image
image/png 138.201.190.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minecraft-inside.ru/uploads/files/2022-06/158057_62a6ee1c55463.png
Requested by: Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.190.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.190.201.138.clients.your-server.de
Software: nginx /
Resource Hash: 886d350d1c3f708262a07d4c5c6e7d1f71c4c34d6c762b6365bf3a8e56e329d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/mods/158057-simple-hats.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
last-modified: Tue, 14 Jun 2022 03:00:16 GMT
server: nginx
etag: "62a7f9c0-f283"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 62083
expires: Tue, 29 Aug 2023 19:06:06 GMT

GET
H2 200 simplehats-img1.PNG
minecraft-inside.ru/uploads/files/2022-06/thumb/ 661 KB
662 KB 33ms
31ms Image
image/png 138.201.190.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minecraft-inside.ru/uploads/files/2022-06/thumb/simplehats-img1.PNG
Requested by: Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.190.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.190.201.138.clients.your-server.de
Software: nginx /
Resource Hash: e389645d18c87a1062c3a007ba8254a66aba8b94de868fb8e751df51e16d0560

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/mods/158057-simple-hats.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
last-modified: Sun, 12 Jun 2022 12:55:32 GMT
server: nginx
etag: "62a5e244-a54a9"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 677033
expires: Tue, 29 Aug 2023 19:06:06 GMT

GET
H2 200 avatar_259461.png
minecraft-inside.ru/uploads/avatars/ 4 KB
4 KB 33ms
31ms Image
image/png 138.201.190.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minecraft-inside.ru/uploads/avatars/avatar_259461.png
Requested by: Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.190.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.190.201.138.clients.your-server.de
Software: nginx /
Resource Hash: 4f3c89e9df65781f2298a396907a5d1fe91bba8dbf2187c9310fc4758b3983ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/mods/158057-simple-hats.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
last-modified: Fri, 15 Oct 2021 12:36:24 GMT
server: nginx
etag: "616975c8-e12"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3602
expires: Tue, 29 Aug 2023 19:06:06 GMT

GET
H2 200 galleria-1.5.1.min.js Show response
minecraft-inside.ru/js/galleria_1.5.1/ 71 KB
23 KB 48ms
48ms Script
application/javascript 138.201.190.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://minecraft-inside.ru/js/galleria_1.5.1/galleria-1.5.1.min.js
Requested by: Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.190.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.190.201.138.clients.your-server.de
Software: nginx /
Resource Hash: 8643192cb8d6d9312c0ff92d2622ca57e27ff10da622ae2b6a6e8b21e1217fff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/mods/158057-simple-hats.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
content-encoding: gzip
last-modified: Thu, 08 Dec 2016 12:31:54 GMT
server: nginx
etag: W/"584952ba-11c8b"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
expires: Tue, 29 Aug 2023 19:06:06 GMT

GET
H2 200 galleria.classic.min.js Show response
minecraft-inside.ru/js/galleria_1.5.1/themes/classic/ 2 KB
858 B 26ms
25ms Script
application/javascript 138.201.190.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://minecraft-inside.ru/js/galleria_1.5.1/themes/classic/galleria.classic.min.js
Requested by: Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.190.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.190.201.138.clients.your-server.de
Software: nginx /
Resource Hash: 187c1b5dd3c03030f3f05342c3eb25843d1e8143c843d782f4c4f133c882ab69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/mods/158057-simple-hats.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
content-encoding: gzip
last-modified: Thu, 18 Jul 2019 09:53:20 GMT
server: nginx
etag: W/"5d304190-63e"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
expires: Tue, 29 Aug 2023 19:06:06 GMT

GET
H2 200 share.js Show response
cdn.jsdelivr.net/npm/yandex-share2/ 100 KB
28 KB 90ms
25ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-share2/share.js

Requested by

Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c2e9789d8d67df6a6c53a000d036c7ce03139f275395d03aa8c9512d6f433ae1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 3631
x-jsd-version: 3.1.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 28308
etag: W/"18fb1-E6EcOXtf49Exy3+AxB6z5Bkvomc"
x-served-by: cache-fra19174-FRA, cache-hhn4041-HHN
x-jsd-version-type: version
date: Mon, 29 Aug 2022 19:06:06 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 creeper.png
minecraft-inside.ru/images/avatar/ 6 KB
6 KB 33ms
32ms Image
image/png 138.201.190.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minecraft-inside.ru/images/avatar/creeper.png
Requested by: Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.190.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.190.201.138.clients.your-server.de
Software: nginx /
Resource Hash: a0c7e44fb2908b2de0e67a320724ffd13e7e4e64caa19a557d1baf653d206419

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/mods/158057-simple-hats.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
last-modified: Wed, 08 Jan 2014 11:29:08 GMT
server: nginx
etag: "52cd3684-17e3"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6115
expires: Tue, 29 Aug 2023 19:06:06 GMT

GET
H2 200 vkontakte.png
minecraft-inside.ru/images/2013/icons/oauth/ 601 B
776 B 34ms
33ms Image
image/png 138.201.190.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minecraft-inside.ru/images/2013/icons/oauth/vkontakte.png
Requested by: Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.190.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.190.201.138.clients.your-server.de
Software: nginx /
Resource Hash: f9960a99e6e715c31d0f1bdaba32b55e8337a5e6d079953ff7015d2007901c0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/mods/158057-simple-hats.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
last-modified: Thu, 22 May 2014 08:36:28 GMT
server: nginx
etag: "537db70c-259"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 601
expires: Tue, 29 Aug 2023 19:06:06 GMT

GET
H2

200

counter2
top-fwz1.mail.ru/
Redirect Chain

https://top-fwz1.mail.ru/counter?id=2448787;t=442;l=1
https://top-fwz1.mail.ru/counter2?id=2448787;t=442;l=1

1 KB
2 KB

65ms
65ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=2448787;t=442;l=1

Requested by

Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

56e2c27ea4daa3fa5927c0e3cd29d78eb58ddc791ffbbf275179271a47a9a553

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 1428
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Mon, 29 Aug 2022 19:06:06 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
location: https://top-fwz1.mail.ru/counter2?id=2448787;t=442;l=1
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 70ms
20ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 9
date: Mon, 29 Aug 2022 19:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 29 Aug 2022 21:05:57 GMT

GET
H2 200 jquery.easytabs.js Show response
minecraft-inside.ru/js/ 26 KB
7 KB 30ms
27ms Script
application/javascript 138.201.190.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://minecraft-inside.ru/js/jquery.easytabs.js
Requested by: Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.190.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.190.201.138.clients.your-server.de
Software: nginx /
Resource Hash: 71ea761879823f1e9e6f3bbb50517936b638eb244b9b6a895331e67955119742

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/mods/158057-simple-hats.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
content-encoding: gzip
last-modified: Tue, 08 Nov 2016 19:47:38 GMT
server: nginx
etag: W/"58222bda-6957"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
expires: Tue, 29 Aug 2023 19:06:06 GMT

GET
H2 200 background.jpg
minecraft-inside.ru/images/2016/ 104 KB
105 KB 33ms
31ms Image
image/jpeg 138.201.190.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minecraft-inside.ru/images/2016/background.jpg
Requested by: Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/assets/21e921c19a557ebc02156e3e61ed76f8.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.190.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.190.201.138.clients.your-server.de
Software: nginx /
Resource Hash: 92c2e92a677fb4125342fff617477b3aa748028eacb07c367e20ffaaaa398e23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/assets/21e921c19a557ebc02156e3e61ed76f8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
last-modified: Fri, 13 Apr 2018 11:31:54 GMT
server: nginx
etag: "5ad0952a-1a1e8"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 106984
expires: Tue, 29 Aug 2023 19:06:06 GMT

GET
H2 200 header_background.jpg
minecraft-inside.ru/images/2016/ 80 KB
80 KB 33ms
32ms Image
image/jpeg 138.201.190.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minecraft-inside.ru/images/2016/header_background.jpg
Requested by: Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/assets/21e921c19a557ebc02156e3e61ed76f8.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.190.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.190.201.138.clients.your-server.de
Software: nginx /
Resource Hash: 2ac252daf639d2c5aaa6baa12ad043f4dec7abd5c08ab09fb84b329db84b5a5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/assets/21e921c19a557ebc02156e3e61ed76f8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
last-modified: Sat, 12 Sep 2020 10:01:12 GMT
server: nginx
etag: "5f5c9c68-1403c"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 81980
expires: Tue, 29 Aug 2023 19:06:06 GMT

GET
H2 200 box_grass_heading.png
minecraft-inside.ru/images/2016/ 3 KB
3 KB 52ms
52ms Image
image/png 138.201.190.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minecraft-inside.ru/images/2016/box_grass_heading.png
Requested by: Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/assets/21e921c19a557ebc02156e3e61ed76f8.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.190.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.190.201.138.clients.your-server.de
Software: nginx /
Resource Hash: 8c488f7ac743d3f2fe3211ae50bf54af535672b62fc3d506369b6d7cc2927825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/assets/21e921c19a557ebc02156e3e61ed76f8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
last-modified: Tue, 03 Jan 2017 11:03:49 GMT
server: nginx
etag: "586b8515-a10"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2576
expires: Tue, 29 Aug 2023 19:06:06 GMT

GET
H2 200 box_body_background.png
minecraft-inside.ru/images/2016/ 4 KB
4 KB 53ms
52ms Image
image/png 138.201.190.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minecraft-inside.ru/images/2016/box_body_background.png
Requested by: Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/assets/21e921c19a557ebc02156e3e61ed76f8.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.190.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.190.201.138.clients.your-server.de
Software: nginx /
Resource Hash: 785afd306f0c4a0aa12afa035094efdeff4e1fe2965f6919b5d9698859929e32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/assets/21e921c19a557ebc02156e3e61ed76f8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
last-modified: Tue, 03 Jan 2017 11:03:28 GMT
server: nginx
etag: "586b8500-fca"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4042
expires: Tue, 29 Aug 2023 19:06:06 GMT

GET
H2 200 circle_arrow.png
minecraft-inside.ru/images/2016/icons/ 274 B
448 B 52ms
50ms Image
image/png 138.201.190.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minecraft-inside.ru/images/2016/icons/circle_arrow.png
Requested by: Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/assets/21e921c19a557ebc02156e3e61ed76f8.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.190.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.190.201.138.clients.your-server.de
Software: nginx /
Resource Hash: c5d88cf5ab481795933edb0a92842b134d9a967fda15644152d83504e9f0b15d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/assets/21e921c19a557ebc02156e3e61ed76f8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
last-modified: Wed, 03 Jul 2019 19:53:28 GMT
server: nginx
etag: "5d1d07b8-112"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 274
expires: Tue, 29 Aug 2023 19:06:06 GMT

GET
H2 200 icons.png
minecraft-inside.ru/images/2016/ 5 KB
6 KB 74ms
73ms Image
image/png 138.201.190.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minecraft-inside.ru/images/2016/icons.png
Requested by: Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/assets/21e921c19a557ebc02156e3e61ed76f8.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.190.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.190.201.138.clients.your-server.de
Software: nginx /
Resource Hash: 7104456a61535672afa853f7ada3fc5ea0961ebea54b2c4dbed642b284a61ff0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/assets/21e921c19a557ebc02156e3e61ed76f8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
last-modified: Wed, 11 May 2022 17:57:35 GMT
server: nginx
etag: "627bf90f-15ad"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5549
expires: Tue, 29 Aug 2023 19:06:06 GMT

GET
H2 200 thumbs-down.svg
minecraft-inside.ru/images/2016/icons/ 1 KB
1 KB 42ms
39ms Image
image/svg+xml 138.201.190.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minecraft-inside.ru/images/2016/icons/thumbs-down.svg
Requested by: Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/assets/21e921c19a557ebc02156e3e61ed76f8.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.190.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.190.201.138.clients.your-server.de
Software: nginx /
Resource Hash: 65064d8b8fe9b453f428cfc529f6e83a85dea3e34c1b30b0080fe96181050e0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/assets/21e921c19a557ebc02156e3e61ed76f8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
last-modified: Fri, 08 Oct 2021 11:06:28 GMT
server: nginx
etag: "61602634-409"
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1033
expires: Tue, 29 Aug 2023 19:06:06 GMT

GET
H2 200 thumbs-up.svg
minecraft-inside.ru/images/2016/icons/ 1 KB
1 KB 43ms
39ms Image
image/svg+xml 138.201.190.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minecraft-inside.ru/images/2016/icons/thumbs-up.svg
Requested by: Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/assets/21e921c19a557ebc02156e3e61ed76f8.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.190.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.190.201.138.clients.your-server.de
Software: nginx /
Resource Hash: 977bdb828a1c750d66ec1f740985ecb11eee534846b241f44531fe7a379ec99a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/assets/21e921c19a557ebc02156e3e61ed76f8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
last-modified: Fri, 08 Oct 2021 11:06:28 GMT
server: nginx
etag: "61602634-40c"
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1036
expires: Tue, 29 Aug 2023 19:06:06 GMT

GET
H2 200 sidebarmenu_item_icon.png
minecraft-inside.ru/images/2016/ 2 KB
2 KB 43ms
39ms Image
image/png 138.201.190.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minecraft-inside.ru/images/2016/sidebarmenu_item_icon.png
Requested by: Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/assets/21e921c19a557ebc02156e3e61ed76f8.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.190.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.190.201.138.clients.your-server.de
Software: nginx /
Resource Hash: e8efabe02b1c6730e453b4fd8d3ef1e59c753fa22f9e3d057d48372755d2a5d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/assets/21e921c19a557ebc02156e3e61ed76f8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
last-modified: Tue, 03 Jan 2017 11:11:14 GMT
server: nginx
etag: "586b86d2-868"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2152
expires: Tue, 29 Aug 2023 19:06:06 GMT

GET
H2 200 top100.js Show response
st.top100.ru/top100/ 97 KB
31 KB 281ms
113ms Script
application/javascript 81.19.89.16
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/top100.js
Requested by: Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: 67005aa74f766796f4fd26a1600d707545c198a99cc06b66dcdf42317b3f2bfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
content-encoding: gzip
last-modified: Fri, 26 Aug 2022 10:39:03 GMT
server: nginx/1.19.4
x-amz-request-id: tx00000000000012db4fb55-00630d0c9c-f8aa9c-default
etag: W/"16962cfedd3d5a261289de5886bd1317"
vary: Accept-Encoding
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: max-age=3600
x-rgw-object-type: Normal
content-type: application/javascript
expires: Mon, 29 Aug 2022 20:06:06 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t44.5;r;s1600*1200*24;uhttps%3A//minecraft-inside.ru/mods/158057-simple-hats.html;0.12885149092581183
https://counter.yadro.ru/hit?q;t44.5;r;s1600*1200*24;uhttps%3A//minecraft-inside.ru/mods/158057-simple-hats.html;0.12885149092581183

140 B
626 B

56ms
56ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t44.5;r;s1600*1200*24;uhttps%3A//minecraft-inside.ru/mods/158057-simple-hats.html;0.12885149092581183

Requested by

Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

f2b40e19ac0740435c32100248f52d6df60c9862156b764a2d6f71c9376eff82

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Aug 2022 19:06:06 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 140
Expires: Sat, 28 Aug 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 Aug 2022 19:06:06 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t44.5;r;s1600*1200*24;uhttps%3A//minecraft-inside.ru/mods/158057-simple-hats.html;0.12885149092581183
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sat, 28 Aug 2021 21:00:00 GMT

GET
H2 200 watch.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 158 KB
64 KB 28ms
26ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Requested by

Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7b9bfe14b38f7f56f3ffd48252cad5b579b9a029f5ca36b40de49504d8180f95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 31827
x-jsd-version: 1.242.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 65436
etag: W/"27996-GGqJ7B/Rn25ZlAVgS9w1JIFSkYA"
x-served-by: cache-fra19155-FRA, cache-hhn4041-HHN
x-jsd-version-type: version
date: Mon, 29 Aug 2022 19:06:06 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 25 KB
11 KB 150ms
121ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

6afbae562f93323f529b5f62690cedc0989f0f4ec989863a5ccddb4930290ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Fri, 26 Aug 2022 22:38:07 GMT
server: nginx
etag: W/"63094b4f-6452"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *
expires: Mon, 29 Aug 2022 20:06:06 GMT

GET
DATA 200
OK truncated
/ 551 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad9b95dc8aec99a5335567c6f5f6df98de9a73db72d236b20363d94674ec65f8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 chevron-down.svg
minecraft-inside.ru/images/2016/icons/ 539 B
718 B 32ms
22ms Image
image/svg+xml 138.201.190.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minecraft-inside.ru/images/2016/icons/chevron-down.svg
Requested by: Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/assets/21e921c19a557ebc02156e3e61ed76f8.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.190.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.190.201.138.clients.your-server.de
Software: nginx /
Resource Hash: b0c72a07e310114f1da6157793b6bad8c14ec07e6480eddb9d596f2e4849b715

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/assets/21e921c19a557ebc02156e3e61ed76f8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
last-modified: Mon, 25 Nov 2019 16:05:09 GMT
server: nginx
etag: "5ddbfbb5-21b"
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 539
expires: Tue, 29 Aug 2023 19:06:06 GMT

GET
H2 200 chevron-right.svg
minecraft-inside.ru/images/2016/icons/ 543 B
722 B 32ms
22ms Image
image/svg+xml 138.201.190.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minecraft-inside.ru/images/2016/icons/chevron-right.svg
Requested by: Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/assets/21e921c19a557ebc02156e3e61ed76f8.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.190.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.190.201.138.clients.your-server.de
Software: nginx /
Resource Hash: bf51da9571d476b469bee420a82f86785794df42f63523eb74fc99b53601690e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/assets/21e921c19a557ebc02156e3e61ed76f8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
last-modified: Mon, 25 Nov 2019 15:55:41 GMT
server: nginx
etag: "5ddbf97d-21f"
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 543
expires: Tue, 29 Aug 2023 19:06:06 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 72ms
27ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=383258159&t=pageview&_s=1&dl=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&ul=en-us&de=UTF-8&dt=Simple%20Hats%20%5B1.19.2%5D%20%5B1.18.2%5D%20%2F%20%D0%9C%D0%BE%D0%B4%D1%8B%20%D0%B4%D0%BB%D1%8F%20%D0%9C%D0%B0%D0%B9%D0%BD%D0%BA%D1%80%D0%B0%D1%84%D1%82%20%2F%20Minecraft%20Inside&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=737726078&gjid=186210668&cid=26973624.1661799966&tid=UA-46941493-1&_gid=2405052.1661799966&_r=1&_slc=1&z=1249248425

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://minecraft-inside.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 19:06:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://minecraft-inside.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 324.png
minecraft-inside.ru/js/crafting-widget/images-1.17/ 565 B
739 B 28ms
27ms Image
image/png 138.201.190.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minecraft-inside.ru/js/crafting-widget/images-1.17/324.png
Requested by: Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.190.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.190.201.138.clients.your-server.de
Software: nginx /
Resource Hash: c8c55a8d018f0dd36ac09582debb580dd5e280fdf152c5530c2552334814cae2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/mods/158057-simple-hats.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
last-modified: Tue, 08 Jun 2021 06:19:50 GMT
server: nginx
etag: "60bf0c06-235"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 565
expires: Tue, 29 Aug 2023 19:06:06 GMT

GET
H2 200 143.png
minecraft-inside.ru/js/crafting-widget/images-1.17/ 276 B
450 B 31ms
30ms Image
image/png 138.201.190.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minecraft-inside.ru/js/crafting-widget/images-1.17/143.png
Requested by: Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.190.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.190.201.138.clients.your-server.de
Software: nginx /
Resource Hash: 159b8c2976a314bd2bdb55c3f18cdc241731036afeaa35c00f7168ec0a5f79fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/mods/158057-simple-hats.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
last-modified: Tue, 08 Jun 2021 06:19:55 GMT
server: nginx
etag: "60bf0c0b-114"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 276
expires: Tue, 29 Aug 2023 19:06:06 GMT

GET
H2 200 959.png
minecraft-inside.ru/js/crafting-widget/images-1.17/ 800 B
974 B 31ms
30ms Image
image/png 138.201.190.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minecraft-inside.ru/js/crafting-widget/images-1.17/959.png
Requested by: Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.190.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.190.201.138.clients.your-server.de
Software: nginx /
Resource Hash: fa004ddf172fe543210b8a8c7fd243f83bdbfb9c14a4a5a2b4ca0787472162a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/mods/158057-simple-hats.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
last-modified: Tue, 08 Jun 2021 06:20:02 GMT
server: nginx
etag: "60bf0c12-320"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 800
expires: Tue, 29 Aug 2023 19:06:06 GMT

GET
H2 200 235.png
minecraft-inside.ru/js/crafting-widget/images-1.17/ 491 B
665 B 31ms
31ms Image
image/png 138.201.190.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minecraft-inside.ru/js/crafting-widget/images-1.17/235.png
Requested by: Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.190.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.190.201.138.clients.your-server.de
Software: nginx /
Resource Hash: e3a30dc2f2fffdefb1132279d56aaf8a5f0669c55fc2c5528a0e00c397b0fed7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/mods/158057-simple-hats.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
last-modified: Tue, 08 Jun 2021 06:19:58 GMT
server: nginx
etag: "60bf0c0e-1eb"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 491
expires: Tue, 29 Aug 2023 19:06:06 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 205 KB
70 KB 243ms
118ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-share2/share.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d09935c94b4577fff4e1de0daf084674937f708d4fcfcf689d131d5d9b5a7852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
content-encoding: br
last-modified: Mon, 29 Aug 2022 14:17:45 GMT
etag: "630ca059-118f0"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71920
expires: Mon, 29 Aug 2022 20:06:06 GMT

GET
DATA 200
OK truncated
/ 799 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2751eb32e3720b540ff8210d70e6af4c916a255ff05d96130d0125576b14afa5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 285 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ea8ef6a20a2f7307560b9fee2788613b13492d30582c95b6f57bc53383b68bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 520 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb2b18ff7b82cdbab0ba5f095448f16c159526ff504699042f8069f1a70ae7f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 603 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9be7e931e5978b27a1428050d2045f7759ae34424b2a60a021d57a7af6d981f6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 595 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7a754dc68b051e1b18bbf37fc0f5557196bc8db1c5f1c31ce5d242ea5c95ed6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f88bb57db2810d820bcc9b1e24a9cbb036c1a8d64268f53243f78dc2c40b3525

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20f2d6255fe749341e6543047782811c5977380c562e7163efa64594d88c6b3d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/ 343 KB
120 KB 124ms
84ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7673549827074128&plah=minecraft-inside.ru&bust=31069082

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7673549827074128

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1f3432e50849a4441e0ed30b773a7b5cab00716a62fb4cde1af95cd094d04da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123236
x-xss-protection: 0
server: cafe
etag: 4946512336755621879
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 19:06:06 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/ Frame 9B45 10 KB
5 KB 70ms
20ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7673549827074128

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minecraft-inside.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4129
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 17:57:17 GMT
etag: 8616628553774171045
expires: Mon, 12 Sep 2022 17:57:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr946emzh8e...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr946emzh8...

167 B
202 B

78ms
72ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr946emzh8e0%3Afp%3A317%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A2%3Adp%3A0%3Als%3A10432906784%3Ahid%3A1063553779%3Az%3A0%3Ai%3A20220829190606%3Aet%3A1661799967%3Ac%3A1%3Arn%3A857287536%3Arqn%3A1%3Au%3A1661799967278050165%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661799966080%3Ads%3A9%2C51%2C46%2C1%2C0%2C0%2C%2C299%2C25%2C%2C%2C%2C408%3Aco%3A0%3Ast%3A1661799967&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29ti%282%29

Requested by

Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

0edf334bc09ae8709e09984bcf393f5eca61a79df7d88073185bcfbd3fbe765a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 19:06:06 GMT
x-content-type-options: nosniff
last-modified: Mon, 29-Aug-2022 19:06:06 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://minecraft-inside.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Mon, 29-Aug-2022 19:06:06 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Aug 2022 19:06:06 GMT
last-modified: Mon, 29-Aug-2022 19:06:06 GMT
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr946emzh8e0%3Afp%3A317%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A2%3Adp%3A0%3Als%3A10432906784%3Ahid%3A1063553779%3Az%3A0%3Ai%3A20220829190606%3Aet%3A1661799967%3Ac%3A1%3Arn%3A857287536%3Arqn%3A1%3Au%3A1661799967278050165%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661799966080%3Ads%3A9%2C51%2C46%2C1%2C0%2C0%2C%2C299%2C25%2C%2C%2C%2C408%3Aco%3A0%3Ast%3A1661799967&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://minecraft-inside.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 29-Aug-2022 19:06:06 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/23571196/
Redirect Chain

https://mc.yandex.ru/watch/23571196?wmode=7&page-url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr946emzh8e0%3...
https://mc.yandex.ru/watch/23571196/1?wmode=7&page-url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr946emzh8e0...

382 B
464 B

115ms
115ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/23571196/1?wmode=7&page-url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr946emzh8e0%3Afp%3A317%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A272066725147%3Ahid%3A1063553779%3Az%3A0%3Ai%3A20220829190606%3Aet%3A1661799967%3Ac%3A1%3Arn%3A362438593%3Arqn%3A1%3Au%3A1661799967278050165%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661799966080%3Ads%3A9%2C51%2C46%2C1%2C0%2C0%2C%2C299%2C25%2C%2C%2C%2C408%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661799967%3At%3ASimple%20Hats%20%5B1.19.2%5D%20%5B1.18.2%5D%20%2F%20%D0%9C%D0%BE%D0%B4%D1%8B%20%D0%B4%D0%BB%D1%8F%20%D0%9C%D0%B0%D0%B9%D0%BD%D0%BA%D1%80%D0%B0%D1%84%D1%82%20%2F%20Minecraft%20Inside&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Requested by

Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

3eb81809276af61c110a493177192ef5a84d5ad42578ad2e79e53dae49fd43ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 19:06:06 GMT
x-content-type-options: nosniff
last-modified: Mon, 29-Aug-2022 19:06:06 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://minecraft-inside.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 382
x-xss-protection: 1; mode=block
expires: Mon, 29-Aug-2022 19:06:06 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Aug 2022 19:06:06 GMT
last-modified: Mon, 29-Aug-2022 19:06:06 GMT
location: /watch/23571196/1?wmode=7&page-url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr946emzh8e0%3Afp%3A317%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A272066725147%3Ahid%3A1063553779%3Az%3A0%3Ai%3A20220829190606%3Aet%3A1661799967%3Ac%3A1%3Arn%3A362438593%3Arqn%3A1%3Au%3A1661799967278050165%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661799966080%3Ads%3A9%2C51%2C46%2C1%2C0%2C0%2C%2C299%2C25%2C%2C%2C%2C408%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661799967%3At%3ASimple%20Hats%20%5B1.19.2%5D%20%5B1.18.2%5D%20%2F%20%D0%9C%D0%BE%D0%B4%D1%8B%20%D0%B4%D0%BB%D1%8F%20%D0%9C%D0%B0%D0%B9%D0%BD%D0%BA%D1%80%D0%B0%D1%84%D1%82%20%2F%20Minecraft%20Inside&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://minecraft-inside.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 29-Aug-2022 19:06:06 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 188ms
179ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
last-modified: Mon, 29 Aug 2022 14:17:45 GMT
etag: "630ca059-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 29 Aug 2022 20:06:06 GMT

GET
H2 200 counter
top-fwz1.mail.ru/ 43 B
961 B 70ms
70ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=2448787;u=https%3A//minecraft-inside.ru/mods/158057-simple-hats.html;st=1661799966488;title=Simple%20Hats%20%5B1.19.2%5D%20%5B1.18.2%5D%20%2F%20%D0%9C%D0%BE%D0%B4%D1%8B%20%D0%B4%D0%BB%D1%8F%20%D0%9C%D0%B0%D0%B9%D0%BD%D0%BA%D1%80%D0%B0%D1%84%D1%82%20%2F%20Minecraft%20Inside;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=7adebf7a023d7673;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.3//4g/0/0/;lvid=1661799966627%3A1661799966646%3A1%3A25a576b6563ffb7af137550f604e2fb0;visible=true;_=0.5918824677819703

Requested by

Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 986a262be55cf7354afa.js Show response
yastatic.net/partner-code-bundles/638448/ 13 KB
5 KB 205ms
66ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/638448/986a262be55cf7354afa.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e730839302f6c240ebb93ea1f39006665235640216fbb81a6c6054ebe3c6f9a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://minecraft-inside.ru/
Origin: https://minecraft-inside.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4477
last-modified: Fri, 26 Aug 2022 19:44:33 GMT
server: nginx/1.17.9
etag: "203add6270f8caeb26d3bb88440189a6"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Aug 2052 01:41:28 GMT

GET
H2 200 28f054311a24fcd2b74f.js Show response
yastatic.net/partner-code-bundles/638448/ 88 KB
19 KB 277ms
140ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/638448/28f054311a24fcd2b74f.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

c98d29e7c0bc13dfadbbeac3aaeb089025595c741b0583f370c1fecc39bbabd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://minecraft-inside.ru/
Origin: https://minecraft-inside.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 18510
last-modified: Fri, 26 Aug 2022 19:44:33 GMT
server: nginx/1.17.9
etag: "97e220e11474c3d61fe439f088074acd"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Aug 2052 01:38:51 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 371ms
234ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://minecraft-inside.ru/
Origin: https://minecraft-inside.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Aug 2052 01:38:12 GMT

GET
H2 200 a1d74b368e13cda51387.js Show response
yastatic.net/partner-code-bundles/638448/ 533 KB
106 KB 369ms
235ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/638448/a1d74b368e13cda51387.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

68649b3f977bf1866aa20d3b5386bce62cb2d6951d71ff8f6f7908a4294bbc20

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://minecraft-inside.ru/
Origin: https://minecraft-inside.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 108147
last-modified: Fri, 26 Aug 2022 19:44:33 GMT
server: nginx/1.17.9
etag: "f341b0bfb624ee396d37dd2680736634"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Aug 2052 01:38:42 GMT

GET
H2 200 userip Show response
kraken.rambler.ru/ 14 B
420 B 186ms
56ms XHR
text/plain 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kraken.rambler.ru/userip
Requested by: Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: 5b9c8f5dc08007f4b85224a326a9da1d674df10957a95982e205f9735c650fa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: https://minecraft-inside.ru
date: Mon, 29 Aug 2022 19:06:06 GMT
x-srv: 0node0010.top100.rambler.tech
content-type: application/octet-stream, text/plain
content-length: 14
server: nginx/1.19.4
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"

GET
H2 200 media.js Show response
st.top100.ru/top100/3.9.2/ 11 KB
5 KB 57ms
57ms Script
application/javascript 81.19.89.16
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/3.9.2/media.js
Requested by: Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: 545d2c8a3ee1659bd01be41ad5f7b1010be5c88a0eb1a8e4be6262e24ed4a260

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:06 GMT
content-encoding: gzip
last-modified: Fri, 26 Aug 2022 10:39:03 GMT
server: nginx/1.19.4
x-amz-request-id: tx00000000000012db4d154-00630d0c40-f8aa9c-default
etag: W/"7090bde0648f47bbdc4344cfaa399ef6"
vary: Accept-Encoding
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: max-age=315360000
x-rgw-object-type: Normal
content-type: application/javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 223 B
648 B 174ms
98ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=minecraft-inside.ru&callback=_gfp_s_&client=ca-pub-7673549827074128

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7673549827074128&plah=minecraft-inside.ru&bust=31069082

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

c8417c04362116851e98c231dd766d7fad18d1cbc382fd00d4769f2e7811881d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 177ms
108ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=minecraft-inside.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Aug 2022 19:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 448ms
26ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=minecraft-inside.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Aug 2022 19:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6994 0
19 B 169ms
124ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7673549827074128&output=html&adk=1812271804&adf=3025194257&lmt=1661799966&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&ea=0&pra=5&wgl=1&easpf=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=300&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661799966557&bpp=3&bdt=366&idt=316&shv=r20220822&mjsv=m202208220101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6206825017255&frm=20&pv=2&ga_vid=26973624.1661799966&ga_sid=1661799967&ga_hid=383258159&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069004%2C31069063%2C31069082&oid=2&pvsid=4352117667725084&tmod=1246930238&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=355

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minecraft-inside.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 19:06:07 GMT
expires: Mon, 29 Aug 2022 19:06:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9745.eP8BEMfQ6YnsWxFvfEfKpp6sNAye8Hw84vkbP5RySNtg3Qr6PgJ9WL1XOAOSUPBs.ud_LsVjjHrj6p-q3Nvbhoom6aHY%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=9745.AUpyhIUXQ85R_jUKH8UjVf8r5C4FNQ4TQmeL5yORMNfebR4tvIB93Sz8jCMUJzra3QyPReVTv4c2oWoMBML1iWLMzB4FKe-73DZ0_XjBSm8%2C.ZReXOud7CFrsONfBhqZ7mcbMX6...

43 B
359 B

104ms
70ms

Image
image/gif

154.47.36.139
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=9745.AUpyhIUXQ85R_jUKH8UjVf8r5C4FNQ4TQmeL5yORMNfebR4tvIB93Sz8jCMUJzra3QyPReVTv4c2oWoMBML1iWLMzB4FKe-73DZ0_XjBSm8%2C.ZReXOud7CFrsONfBhqZ7mcbMX6k%2C

Requested by

Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html

Protocol

Server

154.47.36.139 , United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:07 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=9745.AUpyhIUXQ85R_jUKH8UjVf8r5C4FNQ4TQmeL5yORMNfebR4tvIB93Sz8jCMUJzra3QyPReVTv4c2oWoMBML1iWLMzB4FKe-73DZ0_XjBSm8%2C.ZReXOud7CFrsONfBhqZ7mcbMX6k%2C
date: Mon, 29 Aug 2022 19:06:07 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3ECE 82 KB
30 KB 528ms
502ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7673549827074128&output=html&h=90&slotname=7179367094&adk=962948829&adf=2665882539&pi=t.ma~as.7179367094&w=728&lmt=1661799966&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661799966560&bpp=2&bdt=369&idt=359&shv=r20220822&mjsv=m202208220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6206825017255&frm=20&pv=1&ga_vid=26973624.1661799966&ga_sid=1661799967&ga_hid=383258159&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=281&ady=134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069004%2C31069063%2C31069082&oid=2&pvsid=4352117667725084&tmod=1246930238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pwY4uGqraO&p=https%3A//minecraft-inside.ru&dtd=372

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9c886432aef6b0c4130d2183d18d019236627771a17c6d17f7dc638c884c45f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minecraft-inside.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31024
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 19:06:07 GMT
expires: Mon, 29 Aug 2022 19:06:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B28F 77 KB
24 KB 739ms
728ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7673549827074128&output=html&h=280&slotname=4792270699&adk=743495184&adf=1817241583&pi=t.ma~as.4792270699&w=336&lmt=1661799966&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661799966562&bpp=1&bdt=371&idt=379&shv=r20220822&mjsv=m202208220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=6206825017255&frm=20&pv=1&ga_vid=26973624.1661799966&ga_sid=1661799967&ga_hid=383258159&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=479&ady=1880&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069004%2C31069063%2C31069082&oid=2&pvsid=4352117667725084&tmod=1246930238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=SJ9G5J3riz&p=https%3A//minecraft-inside.ru&dtd=384

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f20218d4dddc33f0129a891206e7ca00c3cbd302c393678bb88c7a297493292

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minecraft-inside.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 24622
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 19:06:07 GMT
expires: Mon, 29 Aug 2022 19:06:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C0BA 120 KB
42 KB 623ms
618ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7673549827074128&output=html&h=600&slotname=1272434295&adk=1490946491&adf=2518690131&pi=t.ma~as.1272434295&w=300&lmt=1661799966&rafmt=12&psa=0&format=300x600&url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661799966563&bpp=1&bdt=372&idt=396&shv=r20220822&mjsv=m202208220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C336x280&nras=1&correlator=6206825017255&frm=20&pv=1&ga_vid=26973624.1661799966&ga_sid=1661799967&ga_hid=383258159&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069004%2C31069063%2C31069082&oid=2&pvsid=4352117667725084&tmod=1246930238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=k9r8TBwz6F&p=https%3A//minecraft-inside.ru&dtd=401

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a848220d9ab25e1f0beb3b49724594483ac04cc69565068e6cc6933e0737ba0

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5145173248429606039/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5145173248429606039/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIiw6qXf7PkCFZoAXAodNX8M0w&gqi=Hg4NY8jiPPvgx_APr8eBgAU&layout=/sadbundle/%24csp%253Der3%24/5145173248429606039/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minecraft-inside.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 43446
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5145173248429606039/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5145173248429606039/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIiw6qXf7PkCFZoAXAodNX8M0w&gqi=Hg4NY8jiPPvgx_APr8eBgAU&layout=/sadbundle/%24csp%253Der3%24/5145173248429606039/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 19:06:07 GMT
expires: Mon, 29 Aug 2022 19:06:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
kraken.rambler.ru/cnt/ 595 B
1 KB 180ms
57ms Image
image/gif 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/?et=pv&v=3.9.2&pid=3039121&tid=t1.3039121.2037487944.1661799966741&rid=1661799966.74-665021926&fid=pA8AAENKs1dIXyg0AdNNSwA%3D&fip=pA8AAENKs1f42tm%2BAVeIWwA%3D&aduid=90d71a38-0360-451f-8c25-25319a2176a1&aduidsc=minecraft-inside.ru&sn=1&sen=1&en=1&ce=1&bs=1600x1200&rf&pt=Simple%20Hats%20%5B1.19.2%5D%20%5B1.18.2%5D%20%2F%20%D0%9C%D0%BE%D0%B4%D1%8B%20%D0%B4%D0%BB%D1%8F%20%D0%9C%D0%B0%D0%B9%D0%BD%D0%BA%D1%80%D0%B0%D1%84%D1%82%20%2F%20Minecraft%20Inside&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Win32&tz=0&le=2&ct=web&url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=1299414406&eid=605399669731279&meta=%7B%22is_first%22%3A1%7D&stid=1270753369_1661799966742
Requested by: Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: a665c69a46c4dcded8e6fc9bbf440ff6d3f5378e175f9b0e2be473004f1a1c84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:07 GMT
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
x-srv: 2node0043.top100.rambler.tech
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
access-control-allow-headers: content-type
content-length: 595
server: nginx/1.19.4

GET
H2 200 /
kraken.rambler.ru/cnt/ 43 B
585 B 178ms
56ms Image
image/gif 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/?et=pvm&pid=3039121&rid=1661799966.74-665021926&tid=t1.3039121.2037487944.1661799966741&v=3.9.2&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&ct=web&aduid=90d71a38-0360-451f-8c25-25319a2176a1&aduidsc=minecraft-inside.ru&mp=%7B%22sch%22%3A%22ld%22%2C%22title%22%3A%22Simple%20Hats%20%5B1.19.2%5D%20%5B1.18.2%5D%20%2F%20%D0%9C%D0%BE%D0%B4%D1%8B%20%D0%B4%D0%BB%D1%8F%20%D0%9C%D0%B0%D0%B9%D0%BD%D0%BA%D1%80%D0%B0%D1%84%D1%82%20%2F%20Minecraft%20Inside%22%2C%22thm%22%3A%22%22%2C%22arth%22%3A3096%2C%22artst%22%3A0%2C%22arts%22%3A4043%2C%22artw%22%3A472%2C%22img%22%3A9%2C%22url%22%3A%22https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html%22%7D&rf&fid=pA8AAENKs1dIXyg0AdNNSwA%3D&fip=pA8AAENKs1f42tm%2BAVeIWwA%3D&eid=187999669746936&stid=1270753369_1661799966742&sn=1&sen=2&en=2&rn=1462406431
Requested by: Host: minecraft-inside.ru
URL: https://minecraft-inside.ru/mods/158057-simple-hats.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 19:06:07 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
x-srv: 2node0043.top100.rambler.tech
access-control-allow-credentials: true
content-type: image/gif, image/gif
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3ECE 8 KB
1 KB 92ms
34ms Stylesheet
text/css 2a00:1450:400c:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7673549827074128&output=html&h=90&slotname=7179367094&adk=962948829&adf=2665882539&pi=t.ma~as.7179367094&w=728&lmt=1661799966&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661799966560&bpp=2&bdt=369&idt=359&shv=r20220822&mjsv=m202208220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6206825017255&frm=20&pv=1&ga_vid=26973624.1661799966&ga_sid=1661799967&ga_hid=383258159&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=281&ady=134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069004%2C31069063%2C31069082&oid=2&pvsid=4352117667725084&tmod=1246930238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pwY4uGqraO&p=https%3A//minecraft-inside.ru&dtd=372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::5f Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 18:12:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 29 Aug 2022 19:06:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Aug 2022 19:06:07 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220825/r20110914/client/ Frame 3ECE 2 KB
983 B 90ms
26ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220825/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:01:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 19:01:41 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220825/r20110914/ Frame 3ECE 23 KB
10 KB 82ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220825/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f63e08b18115b72e6d2cbe9db5f7527d2731545d38beae54317e10cfe0f58fc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 18:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 885
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9615
x-xss-protection: 0
server: cafe
etag: 5965352936607719246
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 18:51:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220825/r20110914/client/ Frame 3ECE 3 KB
1 KB 88ms
30ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220825/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 18:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 18:45:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3ECE 140 KB
44 KB 84ms
35ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Aug 2022 19:06:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220825/r20110914/client/ Frame 3ECE 17 KB
8 KB 85ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220825/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 18:29:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 18:29:41 GMT

GET
H2 200 e3ca5db921b3b46420ba257a4c2f6b26.js Show response
www.gstatic.com/mysidia/ Frame 3ECE 33 KB
14 KB 65ms
19ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 22:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 419205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 19:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 22:39:22 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3ECE 0
0 67ms
67ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ChTbgHw4NY5ugB5WP8AKcubyYDNLmz4Zs1NTCsLwQtYmqnJwvEAEggIjZI2CVgoCAlAegAaTdmosDyAEBqAMByAPLBKoE4gFP0H-5d5znh7du3OC18j3WVGPZI7Fv7bLhWeOd4lvA9VVa0_f54x85us4_OnxHsBjWZT725ltsmi880ENUlTi1yCtnR48yGwdFj08ExZ2kc-pJNjN8RjISb7rU59XssM74duLeUmRq1yVSnjcUbDXD2r6n4BIK5_k_XljRB7xIWAvnWA04r61GF0QAfaQjxdSUSbJt8lpO4d2d_5OXr_3jAMIW3XaICh1rUPwF5_J91ngZyrvngSwVtfyQ8steoH3uQR1NNecps98t0nwWVJsOhFixwdkCgo3JFZd6rzQDCCLDwASh_dyo7gOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAHxKLldKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOTaAdIIEQiA4YBwEAEYHzIC6wI6AoBAgAoByAsB2BMMiBQB0BUBgBcBshccChoIABIUcHViLTc2NzM1NDk4MjcwNzQxMjgYAA&sigh=pZY_dCtmgRQ&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7673549827074128&output=html&h=90&slotname=7179367094&adk=962948829&adf=2665882539&pi=t.ma~as.7179367094&w=728&lmt=1661799966&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661799966560&bpp=2&bdt=369&idt=359&shv=r20220822&mjsv=m202208220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6206825017255&frm=20&pv=1&ga_vid=26973624.1661799966&ga_sid=1661799967&ga_hid=383258159&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=281&ady=134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069004%2C31069063%2C31069082&oid=2&pvsid=4352117667725084&tmod=1246930238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pwY4uGqraO&p=https%3A//minecraft-inside.ru&dtd=372
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 29 Aug 2022 19:06:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 29 Aug 2022 19:06:07 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B25C 143 B
163 B 19ms
18ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7673549827074128&output=html&h=90&slotname=7179367094&adk=962948829&adf=2665882539&pi=t.ma~as.7179367094&w=728&lmt=1661799966&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661799966560&bpp=2&bdt=369&idt=359&shv=r20220822&mjsv=m202208220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6206825017255&frm=20&pv=1&ga_vid=26973624.1661799966&ga_sid=1661799967&ga_hid=383258159&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=281&ady=134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069004%2C31069063%2C31069082&oid=2&pvsid=4352117667725084&tmod=1246930238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=pwY4uGqraO&p=https%3A//minecraft-inside.ru&dtd=372
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3283
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 29 Aug 2022 18:11:24 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5145173248429606039/ Frame E892 169 KB
26 KB 71ms
24ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5145173248429606039/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7673549827074128&output=html&h=600&slotname=1272434295&adk=1490946491&adf=2518690131&pi=t.ma~as.1272434295&w=300&lmt=1661799966&rafmt=12&psa=0&format=300x600&url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661799966563&bpp=1&bdt=372&idt=396&shv=r20220822&mjsv=m202208220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C336x280&nras=1&correlator=6206825017255&frm=20&pv=1&ga_vid=26973624.1661799966&ga_sid=1661799967&ga_hid=383258159&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069004%2C31069063%2C31069082&oid=2&pvsid=4352117667725084&tmod=1246930238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=k9r8TBwz6F&p=https%3A//minecraft-inside.ru&dtd=401

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c1b7469c7d44919796dcbf739a6c71c4446a5477f7be2060ec914584971f2e4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 556371
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 26591
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 23 Aug 2022 08:33:16 GMT
expires: Wed, 23 Aug 2023 08:33:16 GMT
last-modified: Fri, 05 Nov 2021 09:58:41 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C0BA 0
0 66ms
66ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMfFPHw4NY8ikCJqB8AK1_rGYDfG907lpkoD2jp4OkquV-ZkbEAEggIjZI2CVgoCAlAegAaSlr8UDyAEJqQKxzB85mRqBPqgDAcgDSKoE9AFP0PUFMPXuD1vFMRjPGshkb-G5yqkXns3trEgNqn2fMueBSfBWUjqN7WKU_OVFBmts1clmClKb2GApWqpr7hjGQTFWrjQXKU8POle1riatOqtGjEyrCsLqDMcnr_yOKXrEqPpLh2QVj0po3OfysLPK8ZZwzhOkJIzzFNaC52sqxP1UoN6eYwPnTNLdkgXIl4ZFFKAn5lX6rZofpKq-D7X-BSEUiBpyVxrC9qYO3fsEMdVbSF4f9keEs-lgXu1HK6Hu_DDp0ZmZrGs5cE7ZXLo1XYbhfWgicqBVaKcwDHr3SzbgvuFHlqSw0PT0I_Hcnt-uFm6XwATLqv28kAOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHxNrQOqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCt5gHSCBEIgOGAcBABGB8yAusCOgKAQIAKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi03NjczNTQ5ODI3MDc0MTI4GAA&sigh=1qfrQumDbgo&uach_m=[UACH]&template_id=531

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7673549827074128&output=html&h=600&slotname=1272434295&adk=1490946491&adf=2518690131&pi=t.ma~as.1272434295&w=300&lmt=1661799966&rafmt=12&psa=0&format=300x600&url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661799966563&bpp=1&bdt=372&idt=396&shv=r20220822&mjsv=m202208220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C336x280&nras=1&correlator=6206825017255&frm=20&pv=1&ga_vid=26973624.1661799966&ga_sid=1661799967&ga_hid=383258159&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069004%2C31069063%2C31069082&oid=2&pvsid=4352117667725084&tmod=1246930238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=k9r8TBwz6F&p=https%3A//minecraft-inside.ru&dtd=401
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 29 Aug 2022 19:06:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame C0BA 23 KB
9 KB 64ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 18:59:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 18:59:56 GMT

GET
DATA 200
OK truncated
/ Frame 3ECE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61c2239cb0874ee43b4a8d0b3cc6b2fb5408e2935daadd927699acd4a5338413

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 3ECE 28 KB
28 KB 67ms
19ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 469283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 08:44:44 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B25C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

30ms
30ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 19:06:07 GMT
expires: Mon, 29 Aug 2022 19:06:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 19:06:07 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame B28F 23 KB
9 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7673549827074128&output=html&h=280&slotname=4792270699&adk=743495184&adf=1817241583&pi=t.ma~as.4792270699&w=336&lmt=1661799966&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661799966562&bpp=1&bdt=371&idt=379&shv=r20220822&mjsv=m202208220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=6206825017255&frm=20&pv=1&ga_vid=26973624.1661799966&ga_sid=1661799967&ga_hid=383258159&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=479&ady=1880&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069004%2C31069063%2C31069082&oid=2&pvsid=4352117667725084&tmod=1246930238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=SJ9G5J3riz&p=https%3A//minecraft-inside.ru&dtd=384

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 18:59:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 18:59:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B28F 8 KB
716 B 88ms
33ms Stylesheet
text/css 2a00:1450:400c:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::5f Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 18:19:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 29 Aug 2022 19:06:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Aug 2022 19:06:07 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220822_RC00/ Frame B28F 14 KB
3 KB 106ms
25ms Stylesheet
text/css 2a00:1450:400a:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220822_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:802::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 13:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19563
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 10:41:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 13:40:04 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220822_RC00/ Frame B28F 357 KB
123 KB 107ms
25ms Script
text/javascript 2a00:1450:400a:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220822_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:802::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f32dffd9527dbaf143a31a4d853ae7ef258ce4ef6f2de04b9cbe7e838473887

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 13:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19563
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126294
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 10:41:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 13:40:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame B28F 17 KB
7 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 18:55:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 18:55:42 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E892 1 KB
477 B 56ms
31ms Stylesheet
text/css 2a00:1450:400c:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Varela+Round:regular

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5145173248429606039/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::5f Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ddbed2d2048ca083a3993dfca1f5c49075a256d003ee78d444c9a397a40f41ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 18:47:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 29 Aug 2022 19:06:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Aug 2022 19:06:07 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E892 16 KB
6 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5145173248429606039/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 04:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53523
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 30 Aug 2022 04:14:04 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E892 26 KB
10 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5145173248429606039/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 04:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53523
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 30 Aug 2022 04:14:04 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2129 143 B
163 B 19ms
18ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7673549827074128&output=html&h=600&slotname=1272434295&adk=1490946491&adf=2518690131&pi=t.ma~as.1272434295&w=300&lmt=1661799966&rafmt=12&psa=0&format=300x600&url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661799966563&bpp=1&bdt=372&idt=396&shv=r20220822&mjsv=m202208220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C336x280&nras=1&correlator=6206825017255&frm=20&pv=1&ga_vid=26973624.1661799966&ga_sid=1661799967&ga_hid=383258159&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069004%2C31069063%2C31069082&oid=2&pvsid=4352117667725084&tmod=1246930238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=k9r8TBwz6F&p=https%3A//minecraft-inside.ru&dtd=401
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3283
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 29 Aug 2022 18:11:24 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame C0BA 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 18:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 18:53:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame C0BA 17 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 18:55:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Sep 2022 18:55:42 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C0BA 140 KB
43 KB 82ms
37ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Aug 2022 19:06:07 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2129
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

33ms
32ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 19:06:07 GMT
expires: Mon, 29 Aug 2022 19:06:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 19:06:07 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C0BA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9a85c9a4ae0fe1cb73709cd6841035325775b4b4de84451516c1e9b9d592fc3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 w8gdH283Tvk__Lua32TysjIfp8uP.woff2
fonts.gstatic.com/s/varelaround/v19/ Frame E892 20 KB
20 KB 62ms
21ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/varelaround/v19/w8gdH283Tvk__Lua32TysjIfp8uP.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Varela+Round:regular

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcf86d95e543e9748b28362562cdbce0c7be01b48dd54191912e15f820daf4aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 19:50:36 GMT
x-content-type-options: nosniff
age: 429331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20636
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:30:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 19:50:36 GMT

GET
H3 200 sprite.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5145173248429606039/ Frame E892 103 KB
103 KB 24ms
22ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5145173248429606039/sprite.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5145173248429606039/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5f0f39cc34fd8eda01be761ef8a37e10f5aa7761b60ab204554fe893fee50ec

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 470126
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105023
x-xss-protection: 0
last-modified: Fri, 05 Nov 2021 09:58:41 GMT
server: sffe
date: Wed, 24 Aug 2022 08:30:41 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Aug 2023 08:30:41 GMT

GET
H3 200 ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js Show response
pagead2.googlesyndication.com/bg/ Frame 0E73 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a69cecfa8fe80d32f2b04184919ae8201e75220c7300d0148148cafd8f155fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 18:58:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15877
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 18:58:39 GMT

GET
H3 200 ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js Show response
pagead2.googlesyndication.com/bg/ Frame E892 36 KB
16 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a69cecfa8fe80d32f2b04184919ae8201e75220c7300d0148148cafd8f155fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 18:58:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15877
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 18:58:39 GMT

GET
DATA 200
OK truncated
/ Frame E892 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 4971338193214701466_4054599097275767864.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame E892 5 KB
5 KB 87ms
25ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/83933682/4971338193214701466_4054599097275767864.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6aac26c88d783e4bbd4b965fb6a020cccd7122391154f9eee0fb853ed795ea4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:15:14 GMT
x-content-type-options: nosniff
age: 323454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5414
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 19:04:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 01:15:14 GMT

GET
H2 200 14779884529277471695_5779848087768760067.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame E892 10 KB
10 KB 103ms
41ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/83933682/14779884529277471695_5779848087768760067.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6541fd16277e1cf9e5717386806cdb46b5deb8e306a7bf8225fb3c1309c0658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:10:56 GMT
x-content-type-options: nosniff
age: 557712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9884
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 16:29:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 08:10:56 GMT

GET
H2 200 2593929423060706451_7862155511607586376.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame E892 7 KB
7 KB 97ms
35ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/83933682/2593929423060706451_7862155511607586376.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

837c0b47eba539e0ef4724d2fb18477b210738a308c6ab90e2b712c75a05e782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 07:37:04 GMT
x-content-type-options: nosniff
age: 300544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7174
x-xss-protection: 0
last-modified: Sun, 18 Apr 2021 09:58:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 07:37:04 GMT

GET
H2 200 2053404108990625865_8512760258569459631.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame E892 7 KB
7 KB 106ms
45ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/83933682/2053404108990625865_8512760258569459631.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9913109807b85b5528a2ac48778b08fba07d1251481972131a31c86f90f7b2e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 00:34:08 GMT
x-content-type-options: nosniff
age: 498720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7053
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 16:21:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 00:34:08 GMT

GET
H2 200 16928933512071875018_10649201908143228687.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame E892 5 KB
5 KB 89ms
28ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/83933682/16928933512071875018_10649201908143228687.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77b898909b7d12006bb3887862ed2c38411d407cb6b7c3be0bbd7477f32a5ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 19:00:39 GMT
x-content-type-options: nosniff
age: 518729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5025
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 19:02:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 19:00:39 GMT

GET
H2 200 12407430278564887901_1697777050336446539.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame E892 12 KB
13 KB 82ms
21ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/83933682/12407430278564887901_1697777050336446539.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1d2587db6538bd1faf74218732ae55bc03c2891d2c168a89260475b44e44199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 19:02:12 GMT
x-content-type-options: nosniff
age: 518636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12497
x-xss-protection: 0
last-modified: Wed, 21 Oct 2020 19:25:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 19:02:12 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B28F 0
327 B 1343ms
461ms Ping
image/gif 2404:6800:4002:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l7f4slp1&c=5667197618259&slotId=2833598809129.5&qqid=CNOL6aXf7PkCFUkPXAod-tEL7g&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220822_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4002:819::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 19:06:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B28F 9 KB
9 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:29:43 GMT
x-content-type-options: nosniff
age: 599785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 20:29:43 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B28F 15 KB
15 KB 19ms
18ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 385457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2023 08:01:51 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B28F 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Ca-AhHw4NY5OAB8me8AL6o6_wDqaQsPBrjd6zmqAQ8a_q4qIyEAEggIjZI2CVgoCAlAegAYK9m8QoyAEFqQKdSAaOzIVtPqgDAcgDmwSqBJcCT9D2g6eMNj5-643nRUabcylAet3VoAv7puZfz5F7tmesj_98Utz0v9sYNNd_GMEGElpSzFysLbPcg_-u3DpQPExqrQR_mapnD6VCbmQL_aDfQK_zRb8qzj7LvwoFy9KCMA3WQvMsZA8fCAMyUirYDT7hjWVYW6ZjmSO-XR2CqsLz-dmCk4NbjM9tNWaq1zJlJpXZtnVhbrNrSzqhDBPmKH2ApQlkqz7XxFEKwKs3EbFdRlFvHQziHRQqguiLFSbiE8LbAUlEVBp61gM_I13lVbkiMY528r0g03pk6sj-I7JMtDeqYkzjbDYG0kp1vQqjxPAndsx2IyTl0l8islYWOm8lWLZFfHfkIkxVvLaDi7GprN5Cx2dqwASD8KnYlQTgBAOQBgGgBnaAB4L166MDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YBwEAEYHzIC6wI6AoBAgAoByAsB4AsBgAwBsBP_kpkQyBOGmILhA9gTCogUAtgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1661799968003&ai=Ca-AhHw4NY5OAB8me8AL6o6_wDqaQsPBrjd6zmqAQ8a_q4qIyEAEggIjZI2CVgoCAlAegAYK9m8QoyAEFqQKdSAaOzIVtPqgDAcgDmwSqBJcCT9D2g6eMNj5-643nRUabcylAet3VoAv7puZfz5F7tmesj_98Utz0v9sYNNd_GMEGElpSzFysLbPcg_-u3DpQPExqrQR_mapnD6VCbmQL_aDfQK_zRb8qzj7LvwoFy9KCMA3WQvMsZA8fCAMyUirYDT7hjWVYW6ZjmSO-XR2CqsLz-dmCk4NbjM9tNWaq1zJlJpXZtnVhbrNrSzqhDBPmKH2ApQlkqz7XxFEKwKs3EbFdRlFvHQziHRQqguiLFSbiE8LbAUlEVBp61gM_I13lVbkiMY528r0g03pk6sj-I7JMtDeqYkzjbDYG0kp1vQqjxPAndsx2IyTl0l8islYWOm8lWLZFfHfkIkxVvLaDi7GprN5Cx2dqwASD8KnYlQTgBAOQBgGgBnaAB4L166MDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YBwEAEYHzIC6wI6AoBAgAoByAsB4AsBgAwBsBP_kpkQyBOGmILhA9gTCogUAtgUAdAVAfgWAYAXAQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 19:06:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame B28F 27 KB
16 KB 129ms
57ms XHR
text/xml 142.250.110.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CkDQoljhtfE_osao3W2BoeNVqYd1adjSJl5A3sZK4jx5EbvjTFOhiH8QLw6gw4jCa1cnNmyh4pg9TXiKOavVVgJiu2fA&cry=1&dbm_d=AKAmf-BB0EfVHYHkn7dxWFI0Op6HRIkwxxMlyvZWxHEcPa0W-5E-jY8N2-rSqjq0F4WFfwUJZMd9-sMTLEdQX3R_vrkHrLzebqDh3BfQf7kKxCV9ZcvSxWfoF58WWxCfkmkxWhz4HhPBeM68N3G3ISNZeNxgZb4SJHDUU0Z38dFnqoYl-TotEeMH81VYyCuK4EMBTanetyiXQNzuTMyYuyliNJWlMCEnzOhxRD7BUewj4IgJcJGqpNmVNHpvw4RV9l4XNvMRTpzbWQYq0VMKAvLpNjlUPmw3QP3mQdW6a985OdUT2IiZFtJ9FcISND8rIg27fZWnzwux0R8_LcyA80V68B-jSb-7smXMJD3VuPgIMt_g6y36tl3ByzYTR_Y8NQq-xr71_Lmwrvij38Hvlpb-kBg-mhDFQZUDApXfqieeODLLKvO1mukZHm3VCC3Z8IeXuE-6AJw6Sc1Nq3D8yDBQdZapOGtLACD0yxbHEEC0b3IswYMccGmSeDc5RrI3H2jK649toGlfEBRgySWcwL9pEE6dHQG72Jyic_cOcaQOjUvJPC9suLi_0_QFeH3NpyMdlE4HiW4PxtJM4RJ73W-CkLYPDP2X1QgOJoiI_w67xgrA2tis4on9foPLtabPem0QOZDjfkM-z3_sRPAMkha3vmsZ6ZKTyLx6l-NgAi59GWvl3lrmKs6Ij-p7-01pMFzWDyojemyyppuY-_ZG9_HjcNW_gnR0N092Tht9rGP5kRHDTmlTFGoAsgvC4jnzODxyB_PPPOQn4xD6AFaZ6QS-RfEF6ckQ_z0ldNwiaL8j_PpHzdpZfJaSMmAsGJY6ZyDEQ6FDQ_LWt1wknlAKZk1EJLg6dOjwwtax9aJafYGdvw4UQX7h3UPih1U4PW2GlJofno64iQonDots9xyM2IR2wyIlYuLjcriHD_gSrGJKjQR-z5zq3s9ohZi4uMR8DmkqW5lhF3efdXKYsQFvLnQEJX78OEcfkH1_asqC4IF699l1T6IccgW4ljpLB4oR0uMZd14oAN3QEENOvsvCMrG0v15kUy51Rh18rTeoWPE6nBMwbjMmY22NgR5iBQgDuQ3g0TyFtfu9m78g1GBoBBXdA4lAFi8Qi2Ua0lBNIFBq6ZohS8WWU4Wa4MudE5krSAOYB_URetWeyDHuo-WA8Sha3AvFhcW_OnTi16KVn5GpEG6ZyKwz10E-nRlJ_jIOlD2iUdHSN1DJ4gN9V5KrpWO4jb6K8zWqtoMryOUCQe9DZ4rLEl51QsdLw5K_8F7uU0_IsNBfoghcJN8aajazPFRqOOLrsdPPOSmQ8zv6-j1tKjSBU2xQi_YrRYcjIPzXWscaAd9hNBIhQdB2ABDCOQlMoP9abOUlLMlSc9Z2c0tsYRn5wiSqNyAMY80a8mhAuJKGylJkx7tN7K-vtrUAdhSfpt2hHcb7gqJ-xwOADipiw_YxRppHDcncvcR8NoHaUUWoxxB0EbZFuCbn6BpVBMcwPLELEoTtexQMisNiH7KJOVxVeE994nC8rby4Doy3AWCTKBWM2K7oR3tFILocf3v87efdXi6XWsn1Xsax-Vm6yl7ggryjLSyDzKIPLf6LIB3g4w5DLeqB3Ov9wfc6eGmJlfcrGCZie-qq6HK08JZ5oIN4_vyWJ1Zgikek8xRgGnO-YuJ6_dVuESPTXCfn80u6TXEyDVgUrGsOZQKeXpeOavxikO7gzhkckfhzJlh84_7miWJllh7WqLP5aSlSyDM_lYaT8t1zlpRFsP6Dd4NyCCHvchwTrJ7j1Oxy2iFfsLxT5-MTy3EBXHOxvdnlGOP4adqJ1h5ArHXtMHE-mCLpAe2jW_uvpYsQryGgYBYTL1RGs5YAVG0CbCTSj_iJJSnLE025dJMeztFDCR9QKgJJcbIE3NMyUohX9yhdBDDzXPvKSePwW9NIOsZmmdfkVBzY9jGjE4b4Jw6o6t93orYHcvoNvb-00wCT6Mck5RSh3Ed6CQDSTzCb76sl6hrfNMTlF-lvD4WMHJHNZHozTuGbVK-QkWBKwOSsSDibo8TU6R2WNenrhS5C4zW4MxT-rlD5BYW2Un0-ZHrk67UZgD60KuEZKO0KdmKrEyhf4zg1bcEntGBJughzoa6Is--G02DyI2EbMFBEOHAF6ls2-ULs6w91n1UAGbmRQthWH2TmA8CB0UQgnhdvKHwM_7Ws0Xs1LRA5PLA19gdxuHsfMjT1zbKBTLtL9mQAgxlWa4Xf7ksABM50LHbZgsCaxsyWQRWHRhlOcQZLrur5YpzvpJujER9Q9xNrHEtIHwxPyYwkYbLfW6oKT0Ne_hKlYuGQapoTqV5fQhhy-3g2Az_2Mfb9kfBPZW3H62J3WD-kASrRwGKc-SfY8_BTSyOgah8DQiJObwLyBXv12BWnK4jJ-Un9i3HXR-_TsTotHh6EEBYPeBfWIdYClf3HDr_qkV8BZXmKP_7abRZe1NyrLDBcS0AaLUto022w54gYLHfzN07goFQDfcw5RDUnaMOB2Rjl_rhUBMWrL80etuyQxNSXSOwl7qp_P0tye2YTNpvGDymEzfezkUV59IXCdJlrTu2jzbdnOeIQ5UY_WrlJcMe2p9fpKSG5rQrEhBotgvPs8b3EWCwPmyGgX07c1cVFRgup2fBL7onk8XCyhhgb4tGPJ0KHjxtiU74O_ZMAIjMN7QGCLfXIRr_B0vD6B6bSrzZV8tYlsWtpd4p_6wN3STLLJ2gE-tESgXnePW1EroKsvu3TqqGd3vALeDGAiH3oFBwvKUnn5GgN2QvD_yrw2VhGTBcn1cbnMGnfkqU1kw_A3ZsKvwE3AxYkDoJrTg7v3Ly72PNeP8bBOTfaaRcRLhYq-FDc8QR2F2OuJCmQfOSH7JKmrAh27ALTfzRbVPG0DBU8rxozAXUCKqcfHCBrhfrFl1mJjmu1YpbyuDxcVocAT6L97paeuW6_Kyg4F9Hcf-gDODYCXJxA3N179E-Mxy7HZb1lOrFkSln-Y4uFEnd5Ubg2gmakD585WroMHdZeaakJwF6-3uXFPrpsvHiXpxPT3uIgc5TsWUk_QrYvElhwXZ6BLk8FIceuwtG9eUCsHhiDghyUyZguR6go0TFDalzHq5pr6dfX6zijT8GrBkUHkJd79HwdUIOXwMZQa6gPOaoeKgR1K4Gbd7qeFE3RNsSyNQFfLLBlLxZ8tutfSpUhfUr6vvMdg4A3wqQrrPcQG7n_glZUGytcSPN5UpWGC-LtBU7byrFVZoQbQS3_fjW4yGowuzSYYbR1YQpUkvxJ_Y5IHShG9vj4Z_4SO1rw7yp6QyrU3NIHhG9XjB-ur02d9Vsv4WBQHItR4xfH2r88kkisR8DBQTDYkwdjrDohAXlks6Mssv6k4_dV7Q84s52kCDCmYAt9-84vuK1HHRSoat8D8pyf7qo4A2mcsCpJOc4NsK5apJ0x-urboJ1TktaKUJZviQTPKianvw81Ug-JJjkONm2f9XYF8A0ASK1lpqfljoI9iYQxylVbvSRO6tOAhSsS3rVr7Fz9SX4Bv8cnJiCoMZvJgsX65R5KiVjIBdImHhV0otoKipXak_CaNCz8pNktBEj8YclHSZjxvFI6mrS82FoUxnoIhfZ8iDwDswU3ivCuE9fYCcnlX3UkF4aIGMitePHPEdTg9ardgnVlexCM1zyOWldpMdFUm-YCXbd2qO0Mov_KswpCYq35PFVe3p8wdi9_Kp1JyzBi81hJswJYeBu3pa6-56nBi7vQcdqRlcolwMjJJmia9JYD-ufCajoDMDbiomcSjX5qeDABTXMzFuqmMBmjcMLnhvC9bs5dfx6jiFE6cnLBK1qHQhnqrrOzJ3j7tqOULWSo&cid=CAASBORo0bk&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220822_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.110.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wf-in-f157.1e100.net

Software

cafe /

Resource Hash

fcd67e3bad7376dfd1a9d8a098eb895b1472c928f54884dc33577dbb49fd75e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15651
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B28F 0
0 60ms
59ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTXQOHw4NY5OAB8me8AL6o6_wDqaQsPBrjd6zmqAQ8a_q4qIyEAEggIjZI2CVgoCAlAegAYK9m8QoyAEFqQKdSAaOzIVtPqgDAaoElAJP0PaDp4w2Pn7rjedFRptzKUB63dWgC_um5l_PkXu2Z6yP_3xS3PS_2xg0138YwQYSWlLMXKwts9yD_67cOlA8TGqtBH-ZqmcPpUJuZAv9oN9Ar_NFvyrOPsu_CgXL0oIwDdZC8yxkDx8IAzJSKtgNPuGNZVhbpmOZI75dHYKqwvP52YKTg1uMz201ZqrXMmUmldm2dWFus2tLOqEME-YofYClCWSrPtfEUQrAqzcRsV1GUW8dDOIdFCqC6IsVJuITwtsBSURUGnrWAz8jXeVVuSIxjnaqvMKEcR43-WyVeK7L0EheykgRjq3Y9oG3tn-Y0S2gxV87035hIpo73D4Ud6XAWk_AoW4KYE0ISXn0Vst8OMPABIPwqdiVBOAEA4gFk77YskOSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB4L166MDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQwuUBGJfQ1c4B0ggRCIDhgHAQARgfMgLrAjoCgECACgHICwGwE_-SmRDIE4aYguED2BMKiBQC2BQB0BUBgBcBshccChoIABIUcHViLTc2NzM1NDk4MjcwNzQxMjgYAA&sigh=sZ3ZnnB3CMI&uach_m=[UACH]&cid=CAQSGwCsnQUx8_znADdTsytGSv1hEAR1NEDMT6qR0A&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7673549827074128&output=html&h=280&slotname=4792270699&adk=743495184&adf=1817241583&pi=t.ma~as.4792270699&w=336&lmt=1661799966&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fminecraft-inside.ru%2Fmods%2F158057-simple-hats.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661799966562&bpp=1&bdt=371&idt=379&shv=r20220822&mjsv=m202208220101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=6206825017255&frm=20&pv=1&ga_vid=26973624.1661799966&ga_sid=1661799967&ga_hid=383258159&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=479&ady=1880&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069004%2C31069063%2C31069082&oid=2&pvsid=4352117667725084&tmod=1246930238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=SJ9G5J3riz&p=https%3A//minecraft-inside.ru&dtd=384
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 29 Aug 2022 19:06:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B28F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 556d42bf65b93b1d08b2f63c75cfd76e3126c032558331b51adffcaa3707fa37

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38fed64dcdaad49ed286cc1dbe98fac534a9d77167d87c2e7b20c51f01ed8be6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 326 B
0 Image
image/x-icon

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 110a21ee3616bfa86b492bb237eeb946ee4a643d7bb77a7fd2b131311f5ccf72

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/x-icon

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
873 B 67ms
65ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=2448787;u=https%3A//minecraft-inside.ru/mods/158057-simple-hats.html;st=1661799966488;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=7adebf7a023d7673;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1661799966080/////0/2/10/10/62/33/62/108/109/111/408/408/433/2012/2012/;ni=9.3//4g/0/0/;lvid=1661799966627%3A1661799968097%3A2%3A25a576b6563ffb7af137550f604e2fb0;opts=jst-ym;visible=true;_=0.2615659066660849;e=RT/load;et=1661799968093

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:08 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 116ms
72ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220822&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2ffc5c0c40f4aea9256b8ec472591438b5925a01abe22db6aa8f26eb36a8e19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Aug 2022 19:06:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11143
x-xss-protection: 0

GET
H3 200 12407430278564887901_1697777050336446539.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame E892 12 KB
12 KB 64ms
21ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/83933682/12407430278564887901_1697777050336446539.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1d2587db6538bd1faf74218732ae55bc03c2891d2c168a89260475b44e44199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 19:02:12 GMT
x-content-type-options: nosniff
age: 518636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12497
x-xss-protection: 0
last-modified: Wed, 21 Oct 2020 19:25:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 19:02:12 GMT

GET
H3 200 16928933512071875018_10649201908143228687.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame E892 5 KB
5 KB 67ms
25ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/83933682/16928933512071875018_10649201908143228687.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77b898909b7d12006bb3887862ed2c38411d407cb6b7c3be0bbd7477f32a5ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 19:00:39 GMT
x-content-type-options: nosniff
age: 518729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5025
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 19:02:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 19:00:39 GMT

GET
H3 200 4971338193214701466_4054599097275767864.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame E892 5 KB
5 KB 79ms
38ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/83933682/4971338193214701466_4054599097275767864.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6aac26c88d783e4bbd4b965fb6a020cccd7122391154f9eee0fb853ed795ea4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 01:15:14 GMT
x-content-type-options: nosniff
age: 323454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5414
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 19:04:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 01:15:14 GMT

GET
H3 200 2053404108990625865_8512760258569459631.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame E892 7 KB
7 KB 62ms
28ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/83933682/2053404108990625865_8512760258569459631.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9913109807b85b5528a2ac48778b08fba07d1251481972131a31c86f90f7b2e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 00:34:08 GMT
x-content-type-options: nosniff
age: 498720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7053
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 16:21:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 00:34:08 GMT

GET
H3 200 2593929423060706451_7862155511607586376.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame E892 7 KB
7 KB 63ms
30ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/83933682/2593929423060706451_7862155511607586376.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

837c0b47eba539e0ef4724d2fb18477b210738a308c6ab90e2b712c75a05e782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 07:37:04 GMT
x-content-type-options: nosniff
age: 300544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7174
x-xss-protection: 0
last-modified: Sun, 18 Apr 2021 09:58:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 07:37:04 GMT

GET
H3 200 14779884529277471695_5779848087768760067.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame E892 10 KB
10 KB 69ms
36ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/83933682/14779884529277471695_5779848087768760067.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6541fd16277e1cf9e5717386806cdb46b5deb8e306a7bf8225fb3c1309c0658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:10:56 GMT
x-content-type-options: nosniff
age: 557712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9884
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 16:29:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 08:10:56 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame B28F 41 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220822_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 08:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 468469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 08:58:19 GMT

HEAD
H/1.1

200
OK

file.mp4
r3---sn-4g5lznez.c.2mdn.net/videoplayback/id/7a19311de55a1d60/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1693335968/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame B28F
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/7a19311de55a1d60/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1693335968/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r3---sn-4g5lznez.c.2mdn.net/videoplayback/id/7a19311de55a1d60/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1693335968/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

117ms
19ms

Fetch
video/mp4

2a00:1450:4001:11::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5lznez.c.2mdn.net/videoplayback/id/7a19311de55a1d60/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1693335968/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/23A8413CF134B2B06A6D2EDB4EE908C13FC752A2.6AB950D341E59B5A46010DAE075BAE522F6FE7DD/key/cms1/cms_redirect/yes/mh/3l/mip/2001:1b60:2:240:3247::6/mm/42/mn/sn-4g5lznez/ms/onc/mt/1661799669/mv/m/mvi/3/pl/29/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:11::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 19:06:08 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 6389289
Last-Modified: Tue, 05 Jul 2022 12:12:01 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Mon, 29 Aug 2022 19:06:08 GMT

Redirect headers

date: Mon, 29 Aug 2022 19:06:08 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 653
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r3---sn-4g5lznez.c.2mdn.net/videoplayback/id/7a19311de55a1d60/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1693335968/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/23A8413CF134B2B06A6D2EDB4EE908C13FC752A2.6AB950D341E59B5A46010DAE075BAE522F6FE7DD/key/cms1/cms_redirect/yes/mh/3l/mip/2001:1b60:2:240:3247::6/mm/42/mn/sn-4g5lznez/ms/onc/mt/1661799669/mv/m/mvi/3/pl/29/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 1915 23 KB
9 KB 25ms
24ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 436587
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 17:49:41 GMT
expires: Thu, 24 Aug 2023 17:49:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 X5Wcp9Ugq7sZToVDu26YRTjm5OYazRuFrO0o8wz5lEo.js Show response
pagead2.googlesyndication.com/bg/ Frame 1915 36 KB
15 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/X5Wcp9Ugq7sZToVDu26YRTjm5OYazRuFrO0o8wz5lEo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f959ca7d520abbb194e8543bb6e984538e6e4e61acd1b85aced28f30cf9944a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 19:23:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15759
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 19:23:55 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Aug 2022 19:06:08 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A969 13 KB
5 KB 22ms
20ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minecraft-inside.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1470
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 18:41:38 GMT
expires: Tue, 29 Aug 2023 18:41:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FBE3 783 B
535 B 31ms
30ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

08c210cbe96615bb80d5b68a9991a3b34056315dde0d4b70ffcd633f154eedef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_OAyKQ0OApOjcNo60uRFmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://minecraft-inside.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-_OAyKQ0OApOjcNo60uRFmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 19:06:08 GMT
expires: Mon, 29 Aug 2022 19:06:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FBE3 0
0 52ms
52ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220822&jk=4352117667725084&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js Show response
pagead2.googlesyndication.com/bg/ Frame A969 36 KB
14 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 08:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 123825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Aug 2023 08:42:23 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1915 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BTu7ZIA4NY4GzB6rBkdUPpLal0AsAAAAAOAHgBAI&bg=!4OOl46fNAAaXrHhMt6w7ACkAdvg8WmxMsUXkgyN_bTDqUpUELtln6_J1P668BNID7stQWV6TuLZC3gIAAABfUgAAAAJoAQcKABSuRVWCBDCpj-RTycYNcor7HyFNkpkC_iZNyqX3-y0C-ScVNgzdAiFhZDgBbH8WplRv0x9wp6D2eOQ3DrXqKlt3ezp0DceP4lAocETXxQGWSioPdbLo9iKfI_iVMPDUVYEtGroQFNpcDROrtWkWeQ0SUOO9GXn5MpmPcC7eUxU-ySKTFn6vmn9i_1oVupRPzC0Euz-7WhFuPv45YfLp3Fz9oAB8OLFwdTw9OyXDlPpDDM5zARbEns-hk_tfEzpV3niU_HNK0MsTeFTumjeHjN0SIQynXdLTbaLrBT8hZQBhfV689xlyvBH-4FD4klYP0qniCCPE5eyFEOeTK5JRVeUHy8awkQXJKaLSG1Ra10pr14OoBrAoNl4-qhgtP7ClTvksUbD1Pj1GwFAjWna_CgbshK0e5h2f9qLi55EPPivRiWk5dgskXb2m1azZt8LvJMNM0h1MZOgNA7dD9g-ofSmd0XufW3QM2QlKjnl5McuHOQjjW45PRjEFkyrkHCoy1JOL0Da1Q8ACoENCYlEl6L2k5kEkxYw-spKwqkk8oAJLfT7_gPOv-AlEXkQ9UJq6hn819sOm-BjW2Py6YqeWhJ-eF1jBuUlt0Y-pGIB6bQATBjTQLHVhYusHGcot2NPDCpQ6V_vdHLJbvmqfVWkn19T4V1AFy2dzuNZiHg2J4QGcsl7-o-ISjYTMpVO27VMsq5S7w_TrW0cy5lW806pAmLkdUx0Ul5YePe_TlQyVkHVbu1QdYnzpQ1ZrPf2FvtZpi3KV8UETIreziGmLKJ7z3VF4NZ5Pk78XRAUgFN_4jy2ssUAqBtGjES_LqMXEgTt3MJg8yPskQSRfA43EMIi3QnWQidyi1gJegU6VUASfPfZ0Z289t_qgrjQKMRnMZRmxMxPCtukuqQWW1yaOtMQk1zrvzRHgZFOjpkNeCuc8MJHe6RbMijrXzUyIn8y0TdnijKO08F6_xqt3G1nokdUM7zQHfjZ8WQnwnT5dQgnVKEA7h93R7MA65KSoTBuExEz1LT8frN2z-M2Z8vxvCy6M0oLt0cbTeUo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 19:06:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r3---sn-4g5lznez.c.2mdn.net/videoplayback/id/7a19311de55a1d60/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1693335968/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame B28F 160 KB
0 41ms
19ms Media
video/mp4 2a00:1450:4001:11::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:11::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 29 Aug 2022 19:06:08 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-6389288/6389289
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 6389289
expires: Mon, 29 Aug 2022 19:06:08 GMT
last-modified: Tue, 05 Jul 2022 12:12:01 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A969 0
10 B 25ms
24ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bXKiwA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 19:06:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3ECE 42 B
64 B 56ms
55ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEQjVPf7tcYHQ2OGZi6rXgMb43FJOUUSA_DiuixmeWrWj2V7bO2aAXoFbJJSE3WG7r3n-kmaZNtn1fB0Phqhmh5IoEz6we8OdGkFmeX96iuN5L8KqcTqOYTXLr5UTUhv5nLcCsyw&sai=AMfl-YSjFt17GkT1chdbkRIjwzDdiMcI7TeBJthIDUk7IF9syyMX90_88ZQFx47eA7XIMkYLHpD54sevBrii&sig=Cg0ArKJSzBjCnEb5cum_EAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=962948829&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661799966934&rpt=903&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 19:06:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
55ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220822&jk=4352117667725084&bg=!Li2lLWnNAAYUOm8VNDo7ACkAdvg8WqmJOonTR1nUqRNnuFTr8Z7RXhUZ4wlloKJhZFfzFmgz7eyvUQIAAABfUgAAAAJoAQcKAGw44FpknH83nuiPoWnr6uUbkQLZipi57OJCCAQpFB8Oaa2os_aOfK2V0Clbx73FzTNXCOpOZW8ZJeSjQ8kJK0v40cyooekIAHOuzHQxk96xZ0lJEdDXQc3fHrMrQvnIfLfxLc6yrKKziy6QktSZAtwxXhhSN78zwT52X8JfDqxN3UKPTZWpNw76EOxbaExWn9MpG_pSCR3c9JkANHMdSP-qW7wDExY8uouicAc_vl2NsA-dSLow1gTbVpLNtULfNDoXuiA54K2q0xFJadUTlbA4qVxBWUkHN5IhHyLXVUA7hwUWR6fII7QhcW6vAnwwTUXQ4gek7IS1OnGVnLVwZNAR5zyrSAwhk7BXSSB309HeDe5PGclpN-7eKt-kXDueQT8temuRcCWWtOsPkyDTcCygLp_JgJgC6HSp4HUzWXthhH1EYH5XO45e04sN950o78_HIL9zvqxj-NsY67Hm7ivp6oY71EQpDmp0XWrTTznbaXUbdFG0CFMeuj86zr2IwoNwincHZMtFGc69kBwFwaV0FnsXamV7USnrs49vOasuGLtoAJgr_U7J64XCvnnmnjmmssq-Pk2Goio-yJj0L0wKq7JoaIeIm_3dRUoyL25Hv07Lq-2VUnoiwOfLkiI1I6MHPexrcVh2uvWuE5IwU6yoa6qbVLD6e3m-ycQ_fZfXsnGzGcpezvUnA1cMFp5NkB5ia8A9__qs-obd4J2RNwM4NziPgDWjBJAaWZ_skeX5IR4T2YsjGRSX-aHZKTpydmWkGyaehJXrHqR7NkLhlBV6ZhRU7-z1jodn6xuks_5dI5qdG54v0mtHHU2P2kOPPr0PLLceJgYdutmg-2D2z5l9DCF9sViOd-qdX20kkeQ0m-Qv1S7ctSqZTU_Mk27OIptTiJ6MabWVJDtwIpRTV0mGKIdHcixyg2jLoD1bTi2arzHHTmZygDle-tEbYLjoa0K7brpJ8_PNBwy1XlgZvuBOA-mmq2T6D2r3_UKxm4wo_4dpVsrHG-X89f67cSUtzONkNKeAO511TiABu72qezPnIEnkJF-M2y78lvyS_dqV24eDHAZxeBMx0zZ6ngM-dglGdiy1qpyUapZltNcSWTap0Yq3H_kEPodCnoY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft-inside.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C0BA 42 B
64 B 272ms
272ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssDTAHVRQYv9-1cPjMs6ttJ_FrWOOT96Opn5-KxlswKcOWXYd_kfZ-5rjc394gphHGXnUJlIyzWc462iavoyG_gaXbzbBr97ZpsjQ2V3n6Ry2oVSMJ2zlRUgUmmPhTfvFQ0xh99NQ&sai=AMfl-YReEDZ2pB4-MTEh2X-67JkAdTbyghTQZoDDiqHN-zMW6ZImKXQG1FnwcxsXU8PbSGfClzorRTfB_CoH&sig=Cg0ArKJSzISSvQAV9tpvEAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=0.72&if=1&vu=1&app=0&itpl=2&adk=1490946491&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661799966966&rpt=1015&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 19:06:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B28F 0
54 B 568ms
567ms Ping
image/gif 2404:6800:4002:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l7f4slqc&c=5667197618259&slotId=2833598809129.5&qqid=CNOL6aXf7PkCFUkPXAod-tEL7g&fb=outstream-lima&gpm_i=7&gpm_c=7&gpm_a=7&smb=1000&br=963&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=9&vhc=0&msm=1&aits=0%2C18%2C692%2C59%2C342%2C343%2C344%2C345%2C346&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220822_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4002:819::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Aug 2022 19:06:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
minecraft-inside.ru/	1970-01-20 06:21:18	Name: mobile Value: eaa1dd758d8c5d78da751fa16e1c5fa0e5a6fa4af01ccc4c15d2aa7a8fd6211ba%3A2%3A%7Bi%3A0%3Bs%3A6%3A%22mobile%22%3Bi%3A1%3Bs%3A2%3A%22no%22%3B%7D
.minecraft-inside.ru/	1970-01-20 15:12:39	Name: _ga Value: GA1.2.26973624.1661799966
.minecraft-inside.ru/	1970-01-20 05:38:06	Name: _gid Value: GA1.2.2405052.1661799966
.minecraft-inside.ru/	1970-01-20 05:36:40	Name: _gat Value: 1
.minecraft-inside.ru/	1970-01-20 14:22:15	Name: _ym_uid Value: 1661799967278050165
.minecraft-inside.ru/	1970-01-20 14:22:15	Name: _ym_d Value: 1661799967
.yadro.ru/	1970-01-20 14:20:56	Name: FTID Value: 1Z3GuU0b3CeO1Z3GuU0011hE
.minecraft-inside.ru/	1970-01-20 13:36:11	Name: tmr_lvid Value: 25a576b6563ffb7af137550f604e2fb0
.minecraft-inside.ru/	1970-01-20 13:36:11	Name: tmr_lvidTS Value: 1661799966627
.yadro.ru/	1970-01-20 14:20:56	Name: VID Value: 2y_Yyf191b8O1Z3GuU001GFK
.yandex.ru/	1970-01-20 14:22:15	Name: ymex Value: 1693335966.yrts.1661799966#1693335966.yrtsi.1661799966
.minecraft-inside.ru/	1970-01-20 14:22:15	Name: adtech_uid Value: 90d71a38-0360-451f-8c25-25319a2176a1%3Aminecraft-inside.ru
.minecraft-inside.ru/	1970-01-20 14:22:15	Name: top100_id Value: t1.3039121.2037487944.1661799966741
.yandex.ru/	1970-01-20 14:22:15	Name: yandexuid Value: 1905169751661799966
.yandex.ru/	1970-01-20 14:22:15	Name: yuidss Value: 1905169751661799966
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1137392421661799966
.yandex.ru/	1970-01-20 15:12:39	Name: i Value: 4v51iAzgFmIF7tsRojdnGBYqLOf2EPV9xzHnVOIAuKES6Fetw7C7oTAjWzJBdzuuXNHdQ5eKDK3PNHD8bjwEsxvLTS8=
.minecraft-inside.ru/	1970-01-20 05:37:51	Name: _ym_isad Value: 2
.minecraft-inside.ru/	1970-01-20 15:12:39	Name: last_visit Value: 1661799966972%3A%3A1661799966972
.minecraft-inside.ru/	1970-01-20 14:22:15	Name: t3_sid_3039121 Value: s1.1270753369.1661799966742.1661799966975.1.2.2.1
.minecraft-inside.ru/	1970-01-20 14:58:15	Name: __gads Value: ID=ac2205dd79e2d925-22a632580bce0057:T=1661799967:RT=1661799967:S=ALNI_Maa46REH38eyse2q4wyhSJlLc0GTQ
.rambler.ru/	1970-01-20 15:12:39	Name: ruid Value: 1CIAAB8ODWMDqz8ZAVqeNgB=
.mc.webvisor.org/	1970-01-20 05:36:40	Name: sync_cookie_csrf Value: 709636455fake
.mc.yandex.ru/	1970-01-20 05:36:40	Name: sync_cookie_csrf Value: 3682338706fake
.webvisor.org/	1970-01-20 15:12:39	Name: yandexuid Value: 1905169751661799966
.webvisor.org/	1970-01-20 15:12:39	Name: yuidss Value: 1905169751661799966
.mc.webvisor.org/	1970-01-20 05:38:06	Name: sync_cookie_ok Value: synced
.doubleclick.net/	1970-01-20 14:58:15	Name: IDE Value: AHWqTUlrVkDyofFCHZmaRWdg-f3_N-W0Pq1WC_bkzihRRAHlqjO7je5ylVFc3y-pDyo
.doubleclick.net/	1970-01-20 05:36:43	Name: DSID Value: NO_DATA
.minecraft-inside.ru/	1970-01-20 13:36:11	Name: tmr_reqNum Value: 2
.mail.ru/	1970-01-20 14:23:42	Name: VID Value: 2s9hYa12r8YC00000g1KL4IC:::0-0-0-82766de:CAASEGXn2ohXrze_LH_T4JnIFEAaYDeeZhTqefOR8JXpP84MCtW974sdYPWtaMcZofZoe3s_gCAZyK5IGUC9BNPVyIyEYth1UQtD_4PhLjA6Ez8FVJe67BaTDumr0du6_btgaNdBzAWujKcKHX5EmsOw3V8dmw
minecraft-inside.ru/	1970-01-20 05:38:06	Name: tmr_detect Value: 0%7C1661799968944

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bid.g.doubleclick.net
cdn.jsdelivr.net
counter.yadro.ru
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
imasdk.googleapis.com
kraken.rambler.ru
mc.webvisor.org
mc.yandex.ru
minecraft-inside.ru
pagead2.googlesyndication.com
partner.googleadservices.com
r3---sn-4g5lznez.c.2mdn.net
st.top100.ru
static.doubleclick.net
top-fwz1.mail.ru
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
yandex.ru
yastatic.net
138.201.190.105
142.250.110.157
142.250.186.98
154.47.36.139
2404:6800:4002:819::2003
2a00:1450:4001:11::8
2a00:1450:4001:801::2003
2a00:1450:4001:803::200e
2a00:1450:4001:809::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400a:802::200a
2a00:1450:400c:c08::5f
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8:a::a
2a04:4e42:200::485
81.19.89.16
81.19.89.17
88.212.201.198
95.163.52.67
08c210cbe96615bb80d5b68a9991a3b34056315dde0d4b70ffcd633f154eedef
0edf334bc09ae8709e09984bcf393f5eca61a79df7d88073185bcfbd3fbe765a
0f32dffd9527dbaf143a31a4d853ae7ef258ce4ef6f2de04b9cbe7e838473887
110a21ee3616bfa86b492bb237eeb946ee4a643d7bb77a7fd2b131311f5ccf72
159b8c2976a314bd2bdb55c3f18cdc241731036afeaa35c00f7168ec0a5f79fd
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
187c1b5dd3c03030f3f05342c3eb25843d1e8143c843d782f4c4f133c882ab69
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20f2d6255fe749341e6543047782811c5977380c562e7163efa64594d88c6b3d
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2751eb32e3720b540ff8210d70e6af4c916a255ff05d96130d0125576b14afa5
28771ce953bd7986325638b7e9e349ee61b7e2672ced541f1cda8acb26cad049
2a848220d9ab25e1f0beb3b49724594483ac04cc69565068e6cc6933e0737ba0
2ac252daf639d2c5aaa6baa12ad043f4dec7abd5c08ab09fb84b329db84b5a5b
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
38fed64dcdaad49ed286cc1dbe98fac534a9d77167d87c2e7b20c51f01ed8be6
3cab891d4970eec9af52024c814434ac56a51e754036157dbe26fbcacfaaac66
3eb81809276af61c110a493177192ef5a84d5ad42578ad2e79e53dae49fd43ea
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4f3c89e9df65781f2298a396907a5d1fe91bba8dbf2187c9310fc4758b3983ac
545d2c8a3ee1659bd01be41ad5f7b1010be5c88a0eb1a8e4be6262e24ed4a260
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
556d42bf65b93b1d08b2f63c75cfd76e3126c032558331b51adffcaa3707fa37
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56e2c27ea4daa3fa5927c0e3cd29d78eb58ddc791ffbbf275179271a47a9a553
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5b9c8f5dc08007f4b85224a326a9da1d674df10957a95982e205f9735c650fa8
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f959ca7d520abbb194e8543bb6e984538e6e4e61acd1b85aced28f30cf9944a
61c2239cb0874ee43b4a8d0b3cc6b2fb5408e2935daadd927699acd4a5338413
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65064d8b8fe9b453f428cfc529f6e83a85dea3e34c1b30b0080fe96181050e0b
67005aa74f766796f4fd26a1600d707545c198a99cc06b66dcdf42317b3f2bfb
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
68649b3f977bf1866aa20d3b5386bce62cb2d6951d71ff8f6f7908a4294bbc20
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6aac26c88d783e4bbd4b965fb6a020cccd7122391154f9eee0fb853ed795ea4d
6afbae562f93323f529b5f62690cedc0989f0f4ec989863a5ccddb4930290ac1
6f20218d4dddc33f0129a891206e7ca00c3cbd302c393678bb88c7a297493292
7104456a61535672afa853f7ada3fc5ea0961ebea54b2c4dbed642b284a61ff0
71ea761879823f1e9e6f3bbb50517936b638eb244b9b6a895331e67955119742
77b898909b7d12006bb3887862ed2c38411d407cb6b7c3be0bbd7477f32a5ae8
785afd306f0c4a0aa12afa035094efdeff4e1fe2965f6919b5d9698859929e32
7b9bfe14b38f7f56f3ffd48252cad5b579b9a029f5ca36b40de49504d8180f95
837c0b47eba539e0ef4724d2fb18477b210738a308c6ab90e2b712c75a05e782
8643192cb8d6d9312c0ff92d2622ca57e27ff10da622ae2b6a6e8b21e1217fff
886d350d1c3f708262a07d4c5c6e7d1f71c4c34d6c762b6365bf3a8e56e329d5
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c488f7ac743d3f2fe3211ae50bf54af535672b62fc3d506369b6d7cc2927825
8ea8ef6a20a2f7307560b9fee2788613b13492d30582c95b6f57bc53383b68bd
92c2e92a677fb4125342fff617477b3aa748028eacb07c367e20ffaaaa398e23
977bdb828a1c750d66ec1f740985ecb11eee534846b241f44531fe7a379ec99a
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9913109807b85b5528a2ac48778b08fba07d1251481972131a31c86f90f7b2e4
9be7e931e5978b27a1428050d2045f7759ae34424b2a60a021d57a7af6d981f6
9c1b7469c7d44919796dcbf739a6c71c4446a5477f7be2060ec914584971f2e4
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0c7e44fb2908b2de0e67a320724ffd13e7e4e64caa19a557d1baf653d206419
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1d2587db6538bd1faf74218732ae55bc03c2891d2c168a89260475b44e44199
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6541fd16277e1cf9e5717386806cdb46b5deb8e306a7bf8225fb3c1309c0658
a665c69a46c4dcded8e6fc9bbf440ff6d3f5378e175f9b0e2be473004f1a1c84
a69cecfa8fe80d32f2b04184919ae8201e75220c7300d0148148cafd8f155fd2
ad9b95dc8aec99a5335567c6f5f6df98de9a73db72d236b20363d94674ec65f8
b0c72a07e310114f1da6157793b6bad8c14ec07e6480eddb9d596f2e4849b715
b9a85c9a4ae0fe1cb73709cd6841035325775b4b4de84451516c1e9b9d592fc3
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bcf86d95e543e9748b28362562cdbce0c7be01b48dd54191912e15f820daf4aa
bf51da9571d476b469bee420a82f86785794df42f63523eb74fc99b53601690e
c2e9789d8d67df6a6c53a000d036c7ce03139f275395d03aa8c9512d6f433ae1
c2ffc5c0c40f4aea9256b8ec472591438b5925a01abe22db6aa8f26eb36a8e19
c5d88cf5ab481795933edb0a92842b134d9a967fda15644152d83504e9f0b15d
c8417c04362116851e98c231dd766d7fad18d1cbc382fd00d4769f2e7811881d
c8c55a8d018f0dd36ac09582debb580dd5e280fdf152c5530c2552334814cae2
c98d29e7c0bc13dfadbbeac3aaeb089025595c741b0583f370c1fecc39bbabd8
c9c886432aef6b0c4130d2183d18d019236627771a17c6d17f7dc638c884c45f
cb2b18ff7b82cdbab0ba5f095448f16c159526ff504699042f8069f1a70ae7f4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d09935c94b4577fff4e1de0daf084674937f708d4fcfcf689d131d5d9b5a7852
d71f9328e947a4990f9ea57da682786f9139827fd18af6a74b4dfe9a526929a1
ddbed2d2048ca083a3993dfca1f5c49075a256d003ee78d444c9a397a40f41ef
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e1f3432e50849a4441e0ed30b773a7b5cab00716a62fb4cde1af95cd094d04da
e389645d18c87a1062c3a007ba8254a66aba8b94de868fb8e751df51e16d0560
e3a30dc2f2fffdefb1132279d56aaf8a5f0669c55fc2c5528a0e00c397b0fed7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f0f39cc34fd8eda01be761ef8a37e10f5aa7761b60ab204554fe893fee50ec
e730839302f6c240ebb93ea1f39006665235640216fbb81a6c6054ebe3c6f9a4
e7a754dc68b051e1b18bbf37fc0f5557196bc8db1c5f1c31ce5d242ea5c95ed6
e8efabe02b1c6730e453b4fd8d3ef1e59c753fa22f9e3d057d48372755d2a5d3
ea91389b5dbe27df3f4eb9068bfff86569cf168cec7c20c17c8a82b481296740
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f109362a5aff7dcf196ac7d43eab3cf776d01d2ffe47d37f221385753e153a37
f2b40e19ac0740435c32100248f52d6df60c9862156b764a2d6f71c9376eff82
f63e08b18115b72e6d2cbe9db5f7527d2731545d38beae54317e10cfe0f58fc6
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f88bb57db2810d820bcc9b1e24a9cbb036c1a8d64268f53243f78dc2c40b3525
f9960a99e6e715c31d0f1bdaba32b55e8337a5e6d079953ff7015d2007901c0a
fa004ddf172fe543210b8a8c7fd243f83bdbfb9c14a4a5a2b4ca0787472162a9
fb24093f014ef44231f41e21be490162391f23204697b836e7e9c2541c2c2f8c
fcd67e3bad7376dfd1a9d8a098eb895b1472c928f54884dc33577dbb49fd75e8

minecraft-inside.ru Open in urlscan Pro 138.201.190.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

127 Requests

95 %HTTPS

71 %IPv6

19 Domains

28 Subdomains

28 IPs

6 Countries

2570 kBTransfer

5636 kBSize

32 Cookies

13 Outgoing links

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

minecraft-inside.ru Open in urlscan Pro
138.201.190.105 Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

95 %
HTTPS

71 %
IPv6

19
Domains

28
Subdomains

28
IPs

6
Countries

2570 kB
Transfer

5636 kB
Size

32
Cookies

127 HTTP transactions
14 data transactions