drinktime.ru Open in urlscan Pro
2a00:f940:2:2:1:4:0:117 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://autoden.ru/
Effective URL:
https://drinktime.ru/
Submission: On July 14 via api (July 14th 2022, 5:36:01 pm UTC) from US — Scanned from DE

Summary HTTP 118 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 31 IPs in 7 countries across 45 domains to perform 118 HTTP transactions. The main IP is 2a00:f940:2:2:1:4:0:117, located in Russian Federation and belongs to AS-REG, RU. The main domain is drinktime.ru.
TLS certificate: Issued by R3 on May 29th 2022. Valid for: 3 months.

This is the only time drinktime.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	188.127.230.8 188.127.230.8	56694 (SMARTAPE) (SMARTAPE)
1 35	2a00:f940:2:2... 2a00:f940:2:2:1:4:0:117	197695 (AS-REG) (AS-REG)
7	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2 18	46.4.114.109 46.4.114.109	24940 (HETZNER-AS) (HETZNER-AS)
1 2	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
2 3	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
1 1	159.69.64.48 159.69.64.48	24940 (HETZNER-AS) (HETZNER-AS)
2 2	193.232.150.149 193.232.150.149	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2 2	195.209.108.49 195.209.108.49	52007 (ADRIVER-AS) (ADRIVER-AS)
2	195.209.111.19 195.209.111.19	52007 (ADRIVER-AS) (ADRIVER-AS)
1	2606:4700:303... 2606:4700:3032::6815:3b42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	194.190.117.94 194.190.117.94	204600 (REPUBLER-AS) (REPUBLER-AS)
1	37.18.103.21 37.18.103.21	205675 (HYBRID-AS) (HYBRID-AS)
2	185.15.175.147 185.15.175.147	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	195.201.152.104 195.201.152.104	24940 (HETZNER-AS) (HETZNER-AS)
2 2	78.46.16.13 78.46.16.13	24940 (HETZNER-AS) (HETZNER-AS)
1 1	176.9.8.252 176.9.8.252	24940 (HETZNER-AS) (HETZNER-AS)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1 1	109.248.237.37 109.248.237.37	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
1	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	185.147.80.35 185.147.80.35	41722 (MIRAN-AS ...) (MIRAN-AS Miran DC)
1 2	136.243.148.229 136.243.148.229	24940 (HETZNER-AS) (HETZNER-AS)
1 1	45.9.24.193 45.9.24.193	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 1	5.200.43.131 5.200.43.131	48096 (ITGRAD) (ITGRAD)
1 1	37.9.245.57 37.9.245.57	16345 (BEE-AS Ru...) (BEE-AS Russia)
1 2	89.108.97.2 89.108.97.2	197695 (AS-REG) (AS-REG)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
5 5	217.66.147.168 217.66.147.168	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
2 2	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
2 4	89.108.119.28 89.108.119.28	197695 (AS-REG) (AS-REG)
1 1	144.76.118.233 144.76.118.233	24940 (HETZNER-AS) (HETZNER-AS)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	65.108.236.88 65.108.236.88	24940 (HETZNER-AS) (HETZNER-AS)
1	217.65.2.150 217.65.2.150	29076 (CITYTELEC...) (CITYTELECOM-AS Filanco LTD)
1	93.95.102.105 93.95.102.105	48347 (MTW-AS) (MTW-AS)
1 1	130.193.58.13 130.193.58.13	200350 (YANDEXCLOUD) (YANDEXCLOUD)
2 2	142.132.209.138 142.132.209.138	24940 (HETZNER-AS) (HETZNER-AS)
1 3	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1 2	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 1	23.111.107.44 23.111.107.44	39134 (UNITEDNET) (UNITEDNET)
9	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2 4	185.15.175.159 185.15.175.159	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
15	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
118	31

1 188.127.230.8 (Estonia) 1 redirects

ASN56694 (SMARTAPE, RU)
PTR: shared-24.smartape.ru

autoden.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:f940:2:2:1:4:0:117 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)

drinktime.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 46.4.114.109 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1271137.aucourant.info

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.191.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.64.48 (Berlin, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1397437.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.149 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp4.senders.ntvplus.ru

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.49 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.111.19 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:3b42 (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.190.117.94 (Russian Federation)

ASN204600 (REPUBLER-AS, RU)
PTR: carp.bspb2.kavanga.ru

sync.republer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.103.21 (Netherlands)

ASN205675 (HYBRID-AS, DE)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.147 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.152.104 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.104.152.201.195.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.16.13 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-2.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.8.252 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-21.community.moscow

c3878baa-ed33-44a9-9b2d-964088a1322b.sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.37 (Moscow, Russian Federation) 1 redirects

ASN201009 (SUPPORTIT-AS, RU)

stat.adlabs.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.66.35 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

adlmerge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.147.80.35 (Russian Federation) 1 redirects

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: ssp2.bestssp.com

ssp.bestssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.148.229 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.229.148.243.136.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.9.24.193 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.200.43.131 (Moscow, Russian Federation) 1 redirects

ASN48096 (ITGRAD, RU)

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.9.245.57 (Russian Federation) 1 redirects

ASN16345 (BEE-AS Russia, RU)

0a0909b0fc53d0620b01cb8202430a08-sp.ops.beeline.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.97.2 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru

ut.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 217.66.147.168 (St Petersburg, Russian Federation) 5 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-168-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.87.44.187 (Russian Federation) 2 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 89.108.119.28 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.118.233 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.233.118.76.144.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.108.236.88 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88.236.108.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Russian Federation)

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

fcgi4.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.193.58.13 (Russian Federation) 1 redirects

ASN200350 (YANDEXCLOUD, RU)

pixel.konnektu.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.132.209.138 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.138.209.132.142.clients.your-server.de

dmp.gotechnology.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.158 (Germany) 1 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.107.44 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

cs.agency2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.15.175.159 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	drinktime.ru 1 redirects drinktime.ru	1 MB
21	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 128 tpc.googlesyndication.com — Cisco Umbrella Rank: 166	453 KB
18	acint.net 2 redirects www.acint.net — Cisco Umbrella Rank: 31348 acint.net — Cisco Umbrella Rank: 23696	16 KB
9	doubleclick.net cm.g.doubleclick.net — Cisco Umbrella Rank: 223 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67	79 KB
7	mts.ru 7 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 29421 tech.rtb.mts.ru — Cisco Umbrella Rank: 29297	4 KB
6	digitaltarget.ru 2 redirects tag.digitaltarget.ru — Cisco Umbrella Rank: 110190 dmg.digitaltarget.ru — Cisco Umbrella Rank: 21809	22 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	43 KB
4	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 13394	2 KB
4	adriver.ru 2 redirects ad.adriver.ru — Cisco Umbrella Rank: 18570 ssp.adriver.ru — Cisco Umbrella Rank: 14530	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 81	2 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 103 www.google.com — Cisco Umbrella Rank: 17	972 B
3	yandex.ru 1 redirects an.yandex.ru — Cisco Umbrella Rank: 2468	747 B
3	upravel.com 3 redirects sync.upravel.com — Cisco Umbrella Rank: 29332 c3878baa-ed33-44a9-9b2d-964088a1322b.sync.upravel.com	2 KB
3	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2431	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 196	85 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 6937	915 B
2	bumlam.com 1 redirects sync.bumlam.com — Cisco Umbrella Rank: 3440	1 KB
2	gotechnology.io 2 redirects dmp.gotechnology.io — Cisco Umbrella Rank: 42403	590 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 9928	511 B
2	rktch.com 1 redirects ut.rktch.com — Cisco Umbrella Rank: 53208	683 B
2	1dmp.io 1 redirects sync.1dmp.io — Cisco Umbrella Rank: 11915	817 B
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 12383	828 B
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 8351	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 957	645 B
1	agency2.ru 1 redirects cs.agency2.ru — Cisco Umbrella Rank: 99370	753 B
1	konnektu.ru 1 redirects pixel.konnektu.ru — Cisco Umbrella Rank: 81533	239 B
1	gnezdo.ru fcgi4.gnezdo.ru — Cisco Umbrella Rank: 52727	191 B
1	new-programmatic.com match.new-programmatic.com — Cisco Umbrella Rank: 29474	215 B
1	bidvol.com 1 redirects ssp.bidvol.com — Cisco Umbrella Rank: 29699	457 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 4088	209 B
1	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 17949	176 B
1	beeline.ru 1 redirects 0a0909b0fc53d0620b01cb8202430a08-sp.ops.beeline.ru	636 B
1	adlook.me 1 redirects ads.adlook.me — Cisco Umbrella Rank: 39108	188 B
1	rutarget.ru 1 redirects sape-sync.rutarget.ru — Cisco Umbrella Rank: 165811	411 B
1	bestssp.com 1 redirects ssp.bestssp.com — Cisco Umbrella Rank: 63836	304 B
1	adlmerge.com adlmerge.com — Cisco Umbrella Rank: 141042	116 B
1	adlabs.ru 1 redirects stat.adlabs.ru — Cisco Umbrella Rank: 188715	109 B
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 14380	70 B
1	hybrid.ai dm-eu.hybrid.ai — Cisco Umbrella Rank: 11124	240 B
1	republer.com sync.republer.com — Cisco Umbrella Rank: 53674	69 B
1	utraff.com a.utraff.com — Cisco Umbrella Rank: 42744	860 B
1	mail.ru ad.mail.ru — Cisco Umbrella Rank: 10355	764 B
1	sape.ru 1 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 30644	633 B
1	autoden.ru 1 redirects autoden.ru	202 B
0	advarkads.com Failed s3.advarkads.com Failed
118	45

	Domain	Requested by
35	drinktime.ru	1 redirects drinktime.ru
15	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com drinktime.ru
14	www.acint.net	2 redirects drinktime.ru www.acint.net
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	pagead2.googlesyndication.com	drinktime.ru pagead2.googlesyndication.com www.googletagservices.com
5	sm.rtb.mts.ru	5 redirects
4	dmg.digitaltarget.ru	2 redirects www.acint.net
4	x01.aidata.io	2 redirects www.acint.net
4	acint.net	www.acint.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net tpc.googlesyndication.com
3	an.yandex.ru	1 redirects www.acint.net
3	ads.betweendigital.com	2 redirects www.acint.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	sync.bumlam.com	1 redirects www.acint.net
2	dmp.gotechnology.io	2 redirects
2	tech.rtb.mts.ru	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	ut.rktch.com	1 redirects www.acint.net
2	sync.1dmp.io	1 redirects www.acint.net
2	sync.upravel.com	2 redirects
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	ssp.adriver.ru	www.acint.net
2	ad.adriver.ru	2 redirects
2	px.adhigh.net	2 redirects
2	counter.yadro.ru	1 redirects drinktime.ru
1	fonts.gstatic.com	fonts.googleapis.com
1	www.google.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cs.agency2.ru	1 redirects
1	pixel.konnektu.ru	1 redirects
1	fcgi4.gnezdo.ru	www.acint.net
1	match.new-programmatic.com	www.acint.net
1	ssp.bidvol.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	exchange.buzzoola.com	1 redirects
1	0a0909b0fc53d0620b01cb8202430a08-sp.ops.beeline.ru	1 redirects
1	ads.adlook.me	1 redirects
1	sape-sync.rutarget.ru	1 redirects
1	ssp.bestssp.com	1 redirects
1	adlmerge.com	www.acint.net
1	stat.adlabs.ru	1 redirects
1	cm.g.doubleclick.net	www.acint.net
1	c3878baa-ed33-44a9-9b2d-964088a1322b.sync.upravel.com	1 redirects
1	sync.dmp.otm-r.com	www.acint.net
1	dm-eu.hybrid.ai	www.acint.net
1	sync.republer.com	www.acint.net
1	a.utraff.com	www.acint.net
1	ad.mail.ru	www.acint.net
1	ssp-rtb.sape.ru	1 redirects
1	autoden.ru	1 redirects
0	s3.advarkads.com Failed	www.acint.net
118	54

This site contains links to these domains. Also see Links.

Domain
vk.com
uvao.ru
kuban.info
www.liveinternet.ru

Subject Issuer	Validity	Valid
drinktime.ru R3	`2022-05-29` - `2022-08-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.acint.net R3	`2022-06-17` - `2022-09-15`	3 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-18` - `2023-05-18`	a year	crt.sh
sync.republer.com R3	`2022-06-03` - `2022-09-01`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
tag.digitaltarget.ru R3	`2022-07-14` - `2022-10-12`	3 months	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G2	`2022-05-27` - `2023-06-28`	a year	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
new-programmatic.com R3	`2022-04-20` - `2022-07-19`	3 months	crt.sh
fcgi4.gnezdo.ru R3	`2022-07-09` - `2022-10-07`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://drinktime.ru/
Frame ID: F6D6E0298EE1A15F5B3F5816BEF45A2C
Requests: 47 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=10&tc=1
Frame ID: BD05F6E08CE231E489D8B11BD809D8C7
Requests: 36 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0A0909B0FC53D0620B01CB8202430A08
Frame ID: 7DA5CDB42F651509E37629A60B487D9E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/zrt_lookup.html
Frame ID: EDE31357E51F81972E218844678E6E5E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3647142099467834&output=html&h=250&slotname=4215446423&adk=2228976511&adf=3016081916&pi=t.ma~as.4215446423&w=300&lmt=1657820156&psa=0&format=300x250&url=https%3A%2F%2Fdrinktime.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657820156356&bpp=3&bdt=415&idt=141&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&correlator=1728050952929&frm=20&pv=2&ga_vid=383259194.1657820157&ga_sid=1657820157&ga_hid=100784624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1112&ady=15&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767167%2C44766559%2C21066428%2C31067528%2C42531606&oid=2&pvsid=3953131833805587&tmod=485001919&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=I5Qpe6eQm6&p=https%3A//drinktime.ru&dtd=157
Frame ID: F52A3C7FC5DA6ABE534CEE763DF44BAB
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3647142099467834&output=html&h=400&slotname=2599112422&adk=2177618931&adf=311940359&pi=t.ma~as.2599112422&w=240&lmt=1657820156&psa=0&format=240x400&url=https%3A%2F%2Fdrinktime.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657820156359&bpp=1&bdt=419&idt=168&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=1728050952929&frm=20&pv=1&ga_vid=383259194.1657820157&ga_sid=1657820157&ga_hid=100784624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767167%2C44766559%2C21066428%2C31067528%2C42531606&oid=2&pvsid=3953131833805587&tmod=485001919&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9YLdk1cp32&p=https%3A//drinktime.ru&dtd=171
Frame ID: DB5790906A5773CD1E66F7A3B3115302
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3647142099467834&output=html&adk=1812271804&adf=3025194257&lmt=1657820156&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdrinktime.ru%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657820156372&bpp=1&bdt=431&idt=160&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C240x400&nras=1&correlator=1728050952929&frm=20&pv=1&ga_vid=383259194.1657820157&ga_sid=1657820157&ga_hid=100784624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767167%2C44766559%2C21066428%2C31067528%2C42531606&oid=2&pvsid=3953131833805587&tmod=485001919&uas=0&nvt=1&fsapi=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=168
Frame ID: B8BD58C1AA051C41CF02C4EC035667AF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html
Frame ID: CCA47D7F518B01626820AE118BA6E0CB
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FC53C23E564FE08CABB837319A012B9E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5B5C8031EB1D17EFBD0291CCA1285242
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: C4BE3EE2E5B44FA580D0F8BD692B9FF2
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/_j1ezhpSwBWUHEITOmC2IR4vOiGfDYio7V63aY1ETrc.js
Frame ID: B1E85CBC446C2AFE63151824AB5B1EF9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Drinktime – новости алкогольной отраслиstararchivebadcacalendarcatcomsdislikedowndown2favfbgpinfoleftlikeloginlogolovemailodpassrelreplyrightsearchsetsharesort_downsort_uptoptwupviewsvkvotescrossphonelocya

Page URL History Show full URLs

http://autoden.ru/ HTTP 301
http://drinktime.ru/ HTTP 301
https://drinktime.ru/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

118
Requests

78 %
HTTPS

25 %
IPv6

45
Domains

54
Subdomains

31
IPs

7
Countries

2109 kB
Transfer

3460 kB
Size

76
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://vk.com/drinktime_ru

Search URL Search Domain Scan URL

URL: https://uvao.ru/

Search URL Search Domain Scan URL

URL: https://kuban.info/

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://autoden.ru/ HTTP 301
http://drinktime.ru/ HTTP 301
https://drinktime.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://counter.yadro.ru/hit?t14.18;r;s1600*1200*24;uhttps%3A//drinktime.ru/;0.4780802942950113 HTTP 302
https://counter.yadro.ru/hit?q;t14.18;r;s1600*1200*24;uhttps%3A//drinktime.ru/;0.4780802942950113

Request Chain 36

https://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10&tc=1

Request Chain 38

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0A0909B0FC53D0620B01CB8202430A08 HTTP 302
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0A0909B0FC53D0620B01CB8202430A08&crf=1

Request Chain 39

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=02035A9DFC53D0620700286402E59BD2

Request Chain 40

https://px.adhigh.net/p/cm/sape?u=0A0909B0FC53D0620B01CB8202430A08 HTTP 302
https://px.adhigh.net/p/cm/sape?u=0A0909B0FC53D0620B01CB8202430A08&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=6AzsHxRNLko.AikABlGB_cgR0g

Request Chain 42

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5395300863 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=AJt8jEFmzgOAHKinQztJO7Q&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0A0909B0FC53D0620B01CB8202430A08

Request Chain 48

https://sync.upravel.com/sape/sync HTTP 302
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP 302
https://c3878baa-ed33-44a9-9b2d-964088a1322b.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19 HTTP 302
https://www.acint.net/match?dp=71&euid=c3878baa-ed33-44a9-9b2d-964088a1322b

Request Chain 50

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0A0909B0FC53D0620B01CB8202430A08 HTTP 302
https://adlmerge.com/merge_gpsid/?sid=50&id=0A0909B0FC53D0620B01CB8202430A08

Request Chain 52

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP 302
https://www.acint.net/match?dp=95&euid=QEDGEYQT

Request Chain 53

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0A0909B0FC53D0620B01CB8202430A08 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0A0909B0FC53D0620B01CB8202430A08&cs=1

Request Chain 54

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=gz6D1c47ST3H

Request Chain 55

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=107&euid=7ae466c7-3ce6-52c3-8c7f-b66beeafe597

Request Chain 56

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP 302
https://acint.net/match?dp=110&euid=febd3236b1fa4e8bb88f586fdfb929cc

Request Chain 57

https://0a0909b0fc53d0620b01cb8202430a08-sp.ops.beeline.ru/p?ssp=sp&id=0A0909B0FC53D0620B01CB8202430A08 HTTP 301
https://www.acint.net/match?dp=111&euid=bd45349c-94b4-4491-b4fd-26a5bbc152ae

Request Chain 58

https://ut.rktch.com/matchspm?pi=1000005&pui=0A0909B0FC53D0620B01CB8202430A08 HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=374810588 HTTP 302
https://ut.rktch.com/matchspm?pi=1000006&pui=tzMwXOI0K8ed78ZiTjBkb.&noredirect

Request Chain 59

https://sm.rtb.mts.ru/p?ssp=sape&id=0A0909B0FC53D0620B01CB8202430A08 HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=30&exu=0A0909B0FC53D0620B01CB8202430A08 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=13542572-d7e7-4581-93ca-f7c8577feb0b&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D30%2526em%253D2%2526ssp%253Daidata%2526id%253D%2524UID HTTP 302
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID

Request Chain 60

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=b6c70a11-b398-4df2-6c7d-89894e399a7f

Request Chain 61

https://s.uuidksinc.net/match/396/?remote_uid=0A0909B0FC53D0620B01CB8202430A08 HTTP 302
https://www.acint.net/match?dp=127&euid=fJvczPU2Qa1TSXPJd8pk

Request Chain 62

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1 HTTP 302
https://www.acint.net/match?dp=129&euid=gyfdn67lyy

Request Chain 65

https://x01.aidata.io/0.gif?pid=9401454&id=0A0909B0FC53D0620B01CB8202430A08 HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=0A0909B0FC53D0620B01CB8202430A08&bounce=1 HTTP 302
https://sm.rtb.mts.ru/p?ssp=aidata&id=XUhSHfpBJXP45VirtTZ%2BDQ HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=51&exu=XUhSHfpBJXP45VirtTZ%2BDQ HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=13542572-d7e7-4581-93ca-f7c8577feb0b&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D51%2526em%253D1%2526ssp%253Dkonnektu%2526exu%253DXUhSHfpBJXP45VirtTZ%25252BDQ%2526id%253D%257BUSER_ID%257D HTTP 302
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D1%26ssp%3Dkonnektu%26exu%3DXUhSHfpBJXP45VirtTZ%252BDQ%26id%3D%7BUSER_ID%7D HTTP 302
https://sm.rtb.mts.ru/em?next=51&em=1&ssp=konnektu&exu=XUhSHfpBJXP45VirtTZ%2BDQ&id= HTTP 301
https://x01.aidata.io/0.gif?pid=9503528&uid=13542572-d7e7-4581-93ca-f7c8577feb0b&exu=XUhSHfpBJXP45VirtTZ%!B(string=%20%20)DQ

Request Chain 66

https://dmp.gotechnology.io/match/sape?id=0A0909B0FC53D0620B01CB8202430A08 HTTP 302
https://dmp.gotechnology.io/match/sape?id=0A0909B0FC53D0620B01CB8202430A08&chk=1 HTTP 302
https://an.yandex.ru/mapuid/gonetdspis/NTdiNDg1N2VhZjE3N2Q0Zg

Request Chain 67

https://sync.bumlam.com/?src=sap1&uid=0A0909B0FC53D0620B01CB8202430A08 HTTP 302
https://sync.bumlam.com/?src=sap1&s_data=CAIQARj8p8GWBmIgMEEwOTA5QjBGQzUzRDA2MjBCMDFDQjgyMDI0MzBBMDiiARBq7RaQA5sR7YbgACWQwGR8

Request Chain 68

https://an.yandex.ru/mapuid/sapeis/0A0909B0FC53D0620B01CB8202430A08 HTTP 302
https://an.yandex.ru/mapuid/sapeis/0A0909B0FC53D0620B01CB8202430A08?redir-setuniq=1

Request Chain 69

https://cs.agency2.ru/p?ssp=sp&uid=0A0909B0FC53D0620B01CB8202430A08 HTTP 301
https://www.acint.net/match?dp=186&euid=f4d0b3d9-0950-4183-981b-564c1d4c7dda

Request Chain 81

https://dmg.digitaltarget.ru/1/1093/i/i?i=656113168353059.716141898544613&a=77&e=0A0909B0FC53D0620B01CB8202430A08&pref=https%3A%2F%2Fdrinktime.ru%2F&c=ss:77.up:0A0909B0FC53D0620B01CB8202430A08.sync:up.xdua:duE5fbAgW_opQKgCj63cH_cj.xps:xpsd8YAfkaoV4xKVgDKIlQiP4.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=656113168353059.716141898544613&a=77&e=0A0909B0FC53D0620B01CB8202430A08&pref=https%3A%2F%2Fdrinktime.ru%2F&c=ss:77.up:0A0909B0FC53D0620B01CB8202430A08.sync:up.xdua:duE5fbAgW_opQKgCj63cH_cj.xps:xpsd8YAfkaoV4xKVgDKIlQiP4.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Request Chain 82

https://dmg.digitaltarget.ru/1/1093/i/i?i=656113168353059.278000281377231&a=77&e=0A0909B0FC53D0620B01CB8202430A08&pref=https%3A%2F%2Fdrinktime.ru%2F&c=ss:77.up:0A0909B0FC53D0620B01CB8202430A08.sync:up.xdua:duE5fbAgW_opQKgCj63cH_cj.xps:xpsd8YAfkaoV4xKVgDKIlQiP4.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=656113168353059.278000281377231&a=77&e=0A0909B0FC53D0620B01CB8202430A08&pref=https%3A%2F%2Fdrinktime.ru%2F&c=ss:77.up:0A0909B0FC53D0620B01CB8202430A08.sync:up.xdua:duE5fbAgW_opQKgCj63cH_cj.xps:xpsd8YAfkaoV4xKVgDKIlQiP4.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Request Chain 92

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

118 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
drinktime.ru/
Redirect Chain

http://autoden.ru/
http://drinktime.ru/
https://drinktime.ru/

23 KB
8 KB

225ms
130ms

Document
text/html

2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx / PHP/5.5.38
Resource Hash: b924dff2492efffe361cc8830b0d962fb207d149be782c2abd85c73480d04186

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=windows-1251
date: Thu, 14 Jul 2022 17:35:55 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
x-powered-by: PHP/5.5.38

Redirect headers

Connection: keep-alive
Content-Length: 229
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 14 Jul 2022 17:35:55 GMT
Location: https://drinktime.ru/
Server: nginx

GET
H2 200 jquery.js Show response
drinktime.ru/engine/classes/js/ 84 KB
29 KB 66ms
65ms Script
application/javascript 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://drinktime.ru/engine/classes/js/jquery.js
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
content-encoding: gzip
last-modified: Thu, 26 Jan 2017 13:03:15 GMT
server: nginx
content-type: application/javascript

GET
H2 200 jqueryui.js Show response
drinktime.ru/engine/classes/js/ 92 KB
26 KB 156ms
155ms Script
application/javascript 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://drinktime.ru/engine/classes/js/jqueryui.js
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 00c58a2a9ac9ca117e8bcf3cbf4abccfc3e6ed5d290a418472868bc99d037b63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
content-encoding: gzip
last-modified: Thu, 26 Jan 2017 13:03:15 GMT
server: nginx
content-type: application/javascript

GET
H2 200 dle_js.js Show response
drinktime.ru/engine/classes/js/ 29 KB
7 KB 115ms
114ms Script
application/javascript 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://drinktime.ru/engine/classes/js/dle_js.js
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 158873c5e04ee251fe9c802d24f43601cc466a45e68ed5c5cac65ae61f8e81f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
content-encoding: gzip
last-modified: Thu, 26 Jan 2017 13:03:11 GMT
server: nginx
content-type: application/javascript

GET
H2 200 engine.css
drinktime.ru/templates/Dttemp/css/ 57 KB
22 KB 155ms
154ms Stylesheet
text/css 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://drinktime.ru/templates/Dttemp/css/engine.css
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 9e280de8bc0d7702f02e9f422fda22ec8d11a8949e7015043d26fb3b86865851

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
content-encoding: gzip
last-modified: Thu, 26 Jan 2017 13:23:00 GMT
server: nginx
content-type: text/css

GET
H2 200 styles.css
drinktime.ru/templates/Dttemp/css/ 68 KB
15 KB 66ms
65ms Stylesheet
text/css 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://drinktime.ru/templates/Dttemp/css/styles.css
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 81c673682205d4e4cb2e404ae7177f5a375d72545f92d56b78845aaaec8f990d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
content-encoding: gzip
last-modified: Wed, 05 Dec 2018 14:51:04 GMT
server: nginx
content-type: text/css

GET
H2 200 logo.gif
drinktime.ru/templates/Dttemp/images/ 5 KB
5 KB 62ms
62ms Image
image/gif 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drinktime.ru/templates/Dttemp/images/logo.gif
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 779ce0f21560e4c992234a4d6d730a51ec80cacbc073c383fe30c786e40e6c0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Thu, 26 Jan 2017 13:23:04 GMT
server: nginx
accept-ranges: bytes
content-length: 5325
content-type: image/gif

GET
H2 200 1657806844_3294723894723874238947238972439411111111111.jpg
drinktime.ru/uploads/posts/2022-07/ 57 KB
58 KB 94ms
90ms Image
image/jpeg 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drinktime.ru/uploads/posts/2022-07/1657806844_3294723894723874238947238972439411111111111.jpg
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 4befdf1cc89a143b5bb4d625983f9c344ee898fe903f46c8927c25a37711510e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Thu, 14 Jul 2022 13:52:58 GMT
server: nginx
accept-ranges: bytes
content-length: 58747
content-type: image/jpeg

GET
H2 200 1657719820_2342389472398478293749237241111111111111111.jpg
drinktime.ru/uploads/posts/2022-07/ 40 KB
41 KB 95ms
90ms Image
image/jpeg 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drinktime.ru/uploads/posts/2022-07/1657719820_2342389472398478293749237241111111111111111.jpg
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 43f3372b9dc176e9e41a4de7bca63476fe43f3f3ac739ada99b0d5fe576e4774

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Wed, 13 Jul 2022 13:43:02 GMT
server: nginx
accept-ranges: bytes
content-length: 41360
content-type: image/jpeg

GET
H2 200 1657632700_389372849723974923847238974239784333333333331111111.jpg
drinktime.ru/uploads/posts/2022-07/ 58 KB
58 KB 68ms
64ms Image
image/jpeg 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drinktime.ru/uploads/posts/2022-07/1657632700_389372849723974923847238974239784333333333331111111.jpg
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: c69978397fec82ba52571bc2e7d698c04de9f884022a216053d364d556fbf80c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Tue, 12 Jul 2022 13:30:22 GMT
server: nginx
accept-ranges: bytes
content-length: 59376
content-type: image/jpeg

GET
H2 200 1657547036_89374238472394723784239478211111111111111.jpg
drinktime.ru/uploads/posts/2022-07/ 47 KB
47 KB 95ms
90ms Image
image/jpeg 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drinktime.ru/uploads/posts/2022-07/1657547036_89374238472394723784239478211111111111111.jpg
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 132b6e59443a5f686ddc71058d5aaa8d9d1797a08748a5818f0201a8c52f6ccc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Mon, 11 Jul 2022 13:43:23 GMT
server: nginx
accept-ranges: bytes
content-length: 48401
content-type: image/jpeg

GET
H2 200 1657459152_238947238947274923742739237411111111111111.jpg
drinktime.ru/uploads/posts/2022-07/ 64 KB
64 KB 68ms
63ms Image
image/jpeg 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drinktime.ru/uploads/posts/2022-07/1657459152_238947238947274923742739237411111111111111.jpg
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: a876778e1701eea2751f287a2f058957b2f9c608e353d1743d0ec91c5b4534b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Sun, 10 Jul 2022 13:17:58 GMT
server: nginx
accept-ranges: bytes
content-length: 65381
content-type: image/jpeg

GET
H2 200 1657373365_238923897489274827489228347111111111111155555555.jpg
drinktime.ru/uploads/posts/2022-07/ 35 KB
35 KB 94ms
90ms Image
image/jpeg 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drinktime.ru/uploads/posts/2022-07/1657373365_238923897489274827489228347111111111111155555555.jpg
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 9a4229b71d0af1401c92e0549b46ecd19f07ed3bdc8bc7c0a16eefcb39e026ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Sat, 09 Jul 2022 13:28:03 GMT
server: nginx
accept-ranges: bytes
content-length: 35414
content-type: image/jpeg

GET
H2 200 1657287094_2389472398472384723947823489723422222222111111.jpg
drinktime.ru/uploads/posts/2022-07/ 66 KB
66 KB 94ms
90ms Image
image/jpeg 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drinktime.ru/uploads/posts/2022-07/1657287094_2389472398472384723947823489723422222222111111.jpg
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 977202705d8345c650d58fd0d4275287b58ac77280a99de94753fdd7ce3073bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Fri, 08 Jul 2022 13:31:32 GMT
server: nginx
accept-ranges: bytes
content-length: 67624
content-type: image/jpeg

GET
H2 200 1657203294_328947238974239472378424892374333333333333333.jpg
drinktime.ru/uploads/posts/2022-07/ 53 KB
53 KB 93ms
89ms Image
image/jpeg 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drinktime.ru/uploads/posts/2022-07/1657203294_328947238974239472378424892374333333333333333.jpg
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: d4b5793ca927bb793ef1a9fb897eeea0f64e3629c5c0c430473f75a79638112f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Thu, 07 Jul 2022 14:14:01 GMT
server: nginx
accept-ranges: bytes
content-length: 54295
content-type: image/jpeg

GET
H2 200 1657113877_23478929472384723897423742397842222222222.jpg
drinktime.ru/uploads/posts/2022-07/ 43 KB
44 KB 162ms
158ms Image
image/jpeg 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drinktime.ru/uploads/posts/2022-07/1657113877_23478929472384723897423742397842222222222.jpg
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5425a0c45d02e64aadc1e467010a721feefe2d5d940553364fb63a583ceb32a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Wed, 06 Jul 2022 13:24:19 GMT
server: nginx
accept-ranges: bytes
content-length: 44502
content-type: image/jpeg

GET
H2 200 1657029931_234897234823742378942379489372433333333333333333.jpg
drinktime.ru/uploads/posts/2022-07/ 34 KB
34 KB 162ms
159ms Image
image/jpeg 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drinktime.ru/uploads/posts/2022-07/1657029931_234897234823742378942379489372433333333333333333.jpg
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 693790b8e61580435a0dc977cb7b416c66a09a38a99ef24ff1978281b3048bd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Tue, 05 Jul 2022 14:04:39 GMT
server: nginx
accept-ranges: bytes
content-length: 34618
content-type: image/jpeg

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
56 KB 164ms
72ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: drinktime.ru
URL: https://drinktime.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc58b71327c05aef336cad0e94787582b6ccd16e4607158b5e93791f7ec08fe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56656
x-xss-protection: 0
server: cafe
etag: 16254937324123388587
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 17:35:56 GMT

GET
H2 200 1655383610_89723894237423897423894723894723849711111111111.jpg
drinktime.ru/uploads/posts/2022-06/ 28 KB
28 KB 160ms
157ms Image
image/jpeg 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drinktime.ru/uploads/posts/2022-06/1655383610_89723894237423897423894723894723849711111111111.jpg
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 480b8043a4e3234d781f70a0cb01919519d84cffc80dd47a43d9caaae8a5c4d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Thu, 16 Jun 2022 12:45:22 GMT
server: nginx
accept-ranges: bytes
content-length: 28416
content-type: image/jpeg

GET
H2 200 1655554330_348972398472347289374829742343333333331111111.jpg
drinktime.ru/uploads/posts/2022-06/ 41 KB
41 KB 160ms
156ms Image
image/jpeg 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drinktime.ru/uploads/posts/2022-06/1655554330_348972398472347289374829742343333333331111111.jpg
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 85fef378c279b83fde4c76de2c96fec39a20e7eadafbfb18e34a529ab1f01761

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Sat, 18 Jun 2022 12:11:40 GMT
server: nginx
accept-ranges: bytes
content-length: 41946
content-type: image/jpeg

GET
H2 200 1655730093_32894723942738947234234871111111111.jpg
drinktime.ru/uploads/posts/2022-06/ 30 KB
30 KB 161ms
158ms Image
image/jpeg 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drinktime.ru/uploads/posts/2022-06/1655730093_32894723942738947234234871111111111.jpg
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: b8e9f03eacae7f353c23e52fcfdbdcd71773a17f1f2a8d0d970ebc224d5e7c79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Mon, 20 Jun 2022 13:01:30 GMT
server: nginx
accept-ranges: bytes
content-length: 30906
content-type: image/jpeg

GET
H2 200 1655900164_32894723894237482734927348723894723333333333333.jpg
drinktime.ru/uploads/posts/2022-06/ 41 KB
41 KB 158ms
155ms Image
image/jpeg 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drinktime.ru/uploads/posts/2022-06/1655900164_32894723894237482734927348723894723333333333333.jpg
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 318047e0161167d428a2f5035e6fed84fbef4f813a8d8c5f86799cf236e175f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Wed, 22 Jun 2022 12:14:47 GMT
server: nginx
accept-ranges: bytes
content-length: 41840
content-type: image/jpeg

GET
H2 200 1656072675_2389723894723748237482394723411111111111.jpg
drinktime.ru/uploads/posts/2022-06/ 53 KB
53 KB 163ms
160ms Image
image/jpeg 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drinktime.ru/uploads/posts/2022-06/1656072675_2389723894723748237482394723411111111111.jpg
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 62256ac25cf98f6d7ab6975162a8f14315e4790b69380e40abb75bf5282775e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Fri, 24 Jun 2022 12:10:14 GMT
server: nginx
accept-ranges: bytes
content-length: 54575
content-type: image/jpeg

GET
H2 200 1656767415_328947239472374298374284723433333333222222111111.jpg
drinktime.ru/uploads/posts/2022-07/ 51 KB
52 KB 162ms
159ms Image
image/jpeg 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drinktime.ru/uploads/posts/2022-07/1656767415_328947239472374298374284723433333333222222111111.jpg
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 85cae17c2011e827eee9f7627938612723fc92c8c707c62565f1a442b10c3a42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Sat, 02 Jul 2022 13:09:25 GMT
server: nginx
accept-ranges: bytes
content-length: 52572
content-type: image/jpeg

GET
H2 200 1656249503_234897234723472394723489722222222222222111111.jpg
drinktime.ru/uploads/posts/2022-06/ 36 KB
36 KB 160ms
157ms Image
image/jpeg 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drinktime.ru/uploads/posts/2022-06/1656249503_234897234723472394723489722222222222222111111.jpg
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3a92882b7e5caa7566ee58975dc895837abcf861af9f8e7df8eca6a0adfbaaf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Sun, 26 Jun 2022 13:17:18 GMT
server: nginx
accept-ranges: bytes
content-length: 36748
content-type: image/jpeg

GET
H2 200 1656425194_97349283472387423974923872341111111111111.jpg
drinktime.ru/uploads/posts/2022-06/ 44 KB
45 KB 158ms
156ms Image
image/jpeg 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drinktime.ru/uploads/posts/2022-06/1656425194_97349283472387423974923872341111111111111.jpg
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: ce1d8120a4f6916895082f92c1bc05a463bdadd3d05304004f8bf7ee5693ef52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Tue, 28 Jun 2022 14:05:45 GMT
server: nginx
accept-ranges: bytes
content-length: 45420
content-type: image/jpeg

GET
H2 200 1656594521_23894723894723789423742389472342222211111111111.jpg
drinktime.ru/uploads/posts/2022-06/ 59 KB
59 KB 162ms
159ms Image
image/jpeg 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drinktime.ru/uploads/posts/2022-06/1656594521_23894723894723789423742389472342222211111111111.jpg
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: d7ca93261a836c80b9625ec96d3b0e4f5a2cc9dc2fa8a01e347cf7fffd64b20a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Thu, 30 Jun 2022 13:07:58 GMT
server: nginx
accept-ranges: bytes
content-length: 60186
content-type: image/jpeg

GET
H2 200 logo_uvao8.png
drinktime.ru/uploads/ 16 KB
16 KB 162ms
160ms Image
image/png 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drinktime.ru/uploads/logo_uvao8.png
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 70c85e3a745b137a52da9a1874a2ee6aca9419cb6b2a57cdc30010f2bd920c2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Thu, 26 Jan 2017 13:23:56 GMT
server: nginx
accept-ranges: bytes
content-length: 16120
content-type: image/png

GET
H2 200 kuban_info.png
drinktime.ru/uploads/ 12 KB
12 KB 161ms
159ms Image
image/png 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drinktime.ru/uploads/kuban_info.png
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3616c237c101854b6f73dc2bc88f1721c055b68b5492ada4d9da1fff53f30a27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Thu, 26 Jan 2017 13:23:55 GMT
server: nginx
accept-ranges: bytes
content-length: 11776
content-type: image/png

GET
H2 200 danger.gif
drinktime.ru/uploads/ 7 KB
7 KB 157ms
155ms Image
image/gif 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drinktime.ru/uploads/danger.gif
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 17d10327c2d844189190751f74a10dee12eb07a62100788e8c9e8b859541dc80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Thu, 26 Jan 2017 13:23:55 GMT
server: nginx
accept-ranges: bytes
content-length: 7381
content-type: image/gif

GET
H2 200 lib.js Show response
drinktime.ru/templates/Dttemp/js/ 14 KB
4 KB 63ms
63ms Script
application/javascript 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://drinktime.ru/templates/Dttemp/js/lib.js
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 512f2fc2840f26f25a6a8cbeeed78810603db942c472675b0bd76f06aa194792

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
content-encoding: gzip
last-modified: Thu, 26 Jan 2017 13:23:09 GMT
server: nginx
content-type: application/javascript

GET
H2 200 aci.js Show response
www.acint.net/ 22 KB
7 KB 46ms
14ms Script
application/x-javascript 46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 16:58:23 GMT
server: openresty
etag: "62a0d52f-1d25"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 7461
expires: Fri, 15 Jul 2022 05:35:56 GMT

GET
H2 404 logo_03.jpg
drinktime.ru/uploads/ 64 KB
64 KB 157ms
156ms Image
text/html 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drinktime.ru/uploads/logo_03.jpg
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/templates/Dttemp/css/styles.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: e4dac023803cde7e63cfd3a2d92e2cdfa38c07fd4b387845432fc66186514f0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/templates/Dttemp/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 07:43:05 GMT
server: nginx
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t14.18;r;s1600*1200*24;uhttps%3A//drinktime.ru/;0.4780802942950113
https://counter.yadro.ru/hit?q;t14.18;r;s1600*1200*24;uhttps%3A//drinktime.ru/;0.4780802942950113

209 B
695 B

46ms
45ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t14.18;r;s1600*1200*24;uhttps%3A//drinktime.ru/;0.4780802942950113

Requested by

Host: drinktime.ru
URL: https://drinktime.ru/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

1fe82a582e74eebfadb3bce81db534f3d9ee9036422afffb5e829bd9e4250db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jul 2022 17:35:56 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 209
Expires: Tue, 13 Jul 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 14 Jul 2022 17:35:56 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t14.18;r;s1600*1200*24;uhttps%3A//drinktime.ru/;0.4780802942950113
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Tue, 13 Jul 2021 21:00:00 GMT

GET
H2 404 shelter.png
drinktime.ru/templates/Dttemp/images/ 231 KB
231 KB 147ms
147ms Image
text/html 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drinktime.ru/templates/Dttemp/images/shelter.png
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/templates/Dttemp/css/styles.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: a2d3d84c6198ad848b841187d67fad7357f13adc75a5a5da5c43b9761df74187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/templates/Dttemp/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 07:43:05 GMT
server: nginx
content-type: text/html; charset=utf-8

GET
H2 404 line-topmenu.png
drinktime.ru/templates/Dttemp/images/ 64 KB
64 KB 147ms
146ms Image
text/html 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drinktime.ru/templates/Dttemp/images/line-topmenu.png
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/templates/Dttemp/css/styles.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: e4dac023803cde7e63cfd3a2d92e2cdfa38c07fd4b387845432fc66186514f0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/templates/Dttemp/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 07:43:05 GMT
server: nginx
content-type: text/html; charset=utf-8

GET
H2 200 sprite.svg Show response
drinktime.ru/templates/Dttemp/images/ 27 KB
7 KB 750ms
750ms XHR
image/svg+xml 2a00:f940:2:2:1:4:0:117
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://drinktime.ru/templates/Dttemp/images/sprite.svg
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/engine/classes/js/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:4:0:117 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 2301dc512249e7b6c825f1963d458bfd7927dfad39ad400faaac5e16b44a2277

Request headers

Accept: */*
Referer: https://drinktime.ru/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
content-encoding: gzip
last-modified: Thu, 26 Jan 2017 13:23:09 GMT
server: nginx
content-type: image/svg+xml

GET
H2

200

/ Show response
www.acint.net/mc/ Frame BD05
Redirect Chain

https://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10&tc=1

4 KB
4 KB

13ms
12ms

Document
text/html

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=10&tc=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: 73c34400793fe80e21e2f553429c5ec2d886a123a55e1179d2364b479f0e5b21

Request headers

Referer: https://drinktime.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 14 Jul 2022 17:35:56 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
server: openresty

Redirect headers

content-length: 154
content-type: text/html
date: Thu, 14 Jul 2022 17:35:56 GMT
location: /mc/?dp=10&tc=1
server: openresty

GET
H2 200 /
www.acint.net/hit/ 43 B
341 B 12ms
11ms Image
image/gif 46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.4.0&uid=47c63bae-7e08-4062-9282-3df2e4d9d22f&dp=10&tz=%2B00%3A00&nc=58468638&u=https%3A%2F%2Fdrinktime.ru%2F&r=&rs=1600x1200&t=Drinktime%20%E2%80%93%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B0%D0%BB%D0%BA%D0%BE%D0%B3%D0%BE%D0%BB%D1%8C%D0%BD%D0%BE%D0%B9%20%D0%BE%D1%82%D1%80%D0%B0%D1%81%D0%BB%D0%B8&oE=1&oP=1&dT=2022-07-14T17%3A35%3A56.175&fu=912d25ee-e777-4b4d-8732-0f56d457ea5a
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame BD05
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0A0909B0FC53D0620B01CB8202430A08
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0A0909B0FC53D0620B01CB8202430A08&crf=1

68 B
607 B

17ms
17ms

Image
image/png

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0A0909B0FC53D0620B01CB8202430A08&crf=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=73&external_user_id=0A0909B0FC53D0620B01CB8202430A08&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame BD05
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=02035A9DFC53D0620700286402E59BD2

43 B
270 B

24ms
11ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=02035A9DFC53D0620700286402E59BD2
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Thu, 14 Jul 2022 17:35:56 GMT
Server: openresty
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Location: https://acint.net/match?dp=14&euid=02035A9DFC53D0620700286402E59BD2
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: text/html
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame BD05
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=0A0909B0FC53D0620B01CB8202430A08
https://px.adhigh.net/p/cm/sape?u=0A0909B0FC53D0620B01CB8202430A08&bounced=1
https://acint.net/match?dp=17&euid=6AzsHxRNLko.AikABlGB_cgR0g

43 B
270 B

13ms
13ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=6AzsHxRNLko.AikABlGB_cgR0g
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Jul 2022 17:35:56 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f16-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://acint.net/match?dp=17&euid=6AzsHxRNLko.AikABlGB_cgR0g
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame BD05 43 B
764 B 161ms
50ms Image
image/gif 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=0A0909B0FC53D0620B01CB8202430A08
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 17:35:56 GMT
Last-Modified: Thu, 14 Jul 2022 17:35:56 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Thu, 14 Jul 2022 23:35:56 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame BD05
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5395300863
https://www.acint.net/rmatch?dp=45&euid=AJt8jEFmzgOAHKinQztJO7Q&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0A0909B0FC53D0620B01CB8202430A08

42 B
201 B

243ms
108ms

Image
image/gif

195.209.111.19
ADRIVER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0A0909B0FC53D0620B01CB8202430A08
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 195.209.111.19 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 17:35:56 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Thu, 14 Jul 2022 17:35:56 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0A0909B0FC53D0620B01CB8202430A08
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 sync
a.utraff.com/ Frame BD05 0
860 B 54ms
22ms Image
text/plain 2606:4700:3032::6815:3b42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=sape
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:3b42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hb0OYAIboOAUoXxA9Wx%2FfVcCodCgmwvFFYuCYg8loV44J4pxQSX7qG2Cv6olhi%2BskF1TvmVe8Ahs30EetEYemTenRLlx4MNfSRzJZkx4y5bv9cFgX%2BofbMyGOk3VKOQliewWInRbM2I9D3A%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 72ac0488ac9e9226-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 match
sync.republer.com/ Frame BD05 0
69 B 219ms
51ms Image
text/plain 194.190.117.94
REPUBLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.republer.com/match?dsp=sape

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.190.117.94 , Russian Federation, ASN204600 (REPUBLER-AS, RU),

Reverse DNS

carp.bspb2.kavanga.ru

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:43:54 GMT
strict-transport-security: max-age=0
server: nginx

GET
H2 204 match
dm-eu.hybrid.ai/ Frame BD05 0
240 B 59ms
15ms Image
text/plain 37.18.103.21
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=106&vid=0A0909B0FC53D0620B01CB8202430A08

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.103.21 , Netherlands, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 17:35:56 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 519
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame BD05 3 KB
3 KB 164ms
50ms Script
application/javascript 185.15.175.147
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.147 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 17:35:56 GMT
Last-Modified: Thu, 14 Jul 2022 17:04:59 GMT
Server: nginx
ETag: "62d04cbb-beb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3051

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame BD05 0
70 B 95ms
30ms Image
text/plain 195.201.152.104
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=0A0909B0FC53D0620B01CB8202430A08
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.152.104 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.104.152.201.195.clients.your-server.de
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 14 Jul 2022 17:35:56 GMT
server: nginx/1.17.6

GET
H2

200

match
www.acint.net/ Frame BD05
Redirect Chain

https://sync.upravel.com/sape/sync
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
https://c3878baa-ed33-44a9-9b2d-964088a1322b.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
https://www.acint.net/match?dp=71&euid=c3878baa-ed33-44a9-9b2d-964088a1322b

43 B
270 B

12ms
12ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=71&euid=c3878baa-ed33-44a9-9b2d-964088a1322b
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Thu, 14 Jul 2022 17:35:56 GMT
server: nginx
location: https://www.acint.net/match?dp=71&euid=c3878baa-ed33-44a9-9b2d-964088a1322b
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame BD05 170 B
503 B 142ms
48ms Image
image/png 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=CgkJsPxT0GILAcuCAkMKCA

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 17:35:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
adlmerge.com/merge_gpsid/ Frame BD05
Redirect Chain

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0A0909B0FC53D0620B01CB8202430A08
https://adlmerge.com/merge_gpsid/?sid=50&id=0A0909B0FC53D0620B01CB8202430A08

43 B
116 B

55ms
15ms

Image
image/gif

95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adlmerge.com/merge_gpsid/?sid=50&id=0A0909B0FC53D0620B01CB8202430A08
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

iseu: eu
server: nginx/1.16.0
date: Thu, 14 Jul 2022 17:35:56 GMT
content-type: image/gif

Redirect headers

location: //adlmerge.com/merge_gpsid/?sid=50&id=0A0909B0FC53D0620B01CB8202430A08
date: Thu, 14 Jul 2022 17:35:56 GMT
server: nginx
content-length: 0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame BD05 42 B
201 B 458ms
112ms Image
image/gif 195.209.111.19
ADRIVER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0A0909B0FC53D0620B01CB8202430A08
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.209.111.19 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 17:35:56 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

match
www.acint.net/ Frame BD05
Redirect Chain

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
https://www.acint.net/match?dp=95&euid=QEDGEYQT

43 B
270 B

16ms
16ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=95&euid=QEDGEYQT
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=95&euid=QEDGEYQT
Date: Thu, 14 Jul 2022 17:35:56 GMT
Server: nginx/1.16.1
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame BD05
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0A0909B0FC53D0620B01CB8202430A08
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0A0909B0FC53D0620B01CB8202430A08&cs=1

35 B
377 B

14ms
13ms

Image
image/gif

136.243.148.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0A0909B0FC53D0620B01CB8202430A08&cs=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 136.243.148.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.148.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0A0909B0FC53D0620B01CB8202430A08&cs=1
date: Thu, 14 Jul 2022 17:35:56 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2

200

match
www.acint.net/ Frame BD05
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=gz6D1c47ST3H

43 B
270 B

15ms
15ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=gz6D1c47ST3H
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=gz6D1c47ST3H
Date: Thu, 14 Jul 2022 17:35:56 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame BD05
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=107&euid=7ae466c7-3ce6-52c3-8c7f-b66beeafe597

43 B
270 B

14ms
14ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=7ae466c7-3ce6-52c3-8c7f-b66beeafe597
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=7ae466c7-3ce6-52c3-8c7f-b66beeafe597
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame BD05
Redirect Chain

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
https://acint.net/match?dp=110&euid=febd3236b1fa4e8bb88f586fdfb929cc

43 B
270 B

13ms
13ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=110&euid=febd3236b1fa4e8bb88f586fdfb929cc
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=110&euid=febd3236b1fa4e8bb88f586fdfb929cc
date: Thu, 14 Jul 2022 17:35:56 GMT
server: Kestrel
content-length: 0

GET
H2

200

match
www.acint.net/ Frame BD05
Redirect Chain

https://0a0909b0fc53d0620b01cb8202430a08-sp.ops.beeline.ru/p?ssp=sp&id=0A0909B0FC53D0620B01CB8202430A08
https://www.acint.net/match?dp=111&euid=bd45349c-94b4-4491-b4fd-26a5bbc152ae

43 B
270 B

13ms
13ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=111&euid=bd45349c-94b4-4491-b4fd-26a5bbc152ae
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Thu, 14 Jul 2022 17:35:56 GMT
x-route: http://upstream_cookiesync
server: nginx
location: https://www.acint.net/match?dp=111&euid=bd45349c-94b4-4491-b4fd-26a5bbc152ae
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true, true
x-host: 192.168.152.32
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

matchspm
ut.rktch.com/ Frame BD05
Redirect Chain

https://ut.rktch.com/matchspm?pi=1000005&pui=0A0909B0FC53D0620B01CB8202430A08
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=374810588
https://ut.rktch.com/matchspm?pi=1000006&pui=tzMwXOI0K8ed78ZiTjBkb.&noredirect

88 B
88 B

44ms
44ms

Image
image/png

89.108.97.2
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=1000006&pui=tzMwXOI0K8ed78ZiTjBkb.&noredirect
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d50603.reg.regrucolo.ru
Software: nginx/1.22.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 17:35:56 GMT
Server: nginx/1.22.0
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: image/png
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Content-Length: 88

Redirect headers

pragma: no-cache
date: Thu, 14 Jul 2022 17:35:56 GMT
via: 1.1 google
last-modified: Thu, 14 Jul 2022 17:35:56 GMT
server: Weborama Collect Frontend
location: https://ut.rktch.com/matchspm?pi=1000006&pui=tzMwXOI0K8ed78ZiTjBkb.&noredirect
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

204

0.gif
x01.aidata.io/ Frame BD05
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=0A0909B0FC53D0620B01CB8202430A08
https://sm.rtb.mts.ru/match/second?ssp=30&exu=0A0909B0FC53D0620B01CB8202430A08
https://tech.rtb.mts.ru/?dsp_uid=13542572-d7e7-4581-93ca-f7c8577feb0b&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D3...
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID

0
437 B

44ms
44ms

Image
text/plain

89.108.119.28
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51802.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Thu, 14 Jul 2022 17:35:55 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Thu, 14 Jul 2022 17:35:55 GMT

Redirect headers

Date: Thu, 14 Jul 2022 17:35:56 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

match
www.acint.net/ Frame BD05
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=b6c70a11-b398-4df2-6c7d-89894e399a7f

43 B
270 B

13ms
13ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=b6c70a11-b398-4df2-6c7d-89894e399a7f
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=b6c70a11-b398-4df2-6c7d-89894e399a7f
date: Thu, 14 Jul 2022 17:35:56 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame BD05
Redirect Chain

https://s.uuidksinc.net/match/396/?remote_uid=0A0909B0FC53D0620B01CB8202430A08
https://www.acint.net/match?dp=127&euid=fJvczPU2Qa1TSXPJd8pk

43 B
270 B

12ms
12ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=fJvczPU2Qa1TSXPJd8pk
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=127&euid=fJvczPU2Qa1TSXPJd8pk
date: Thu, 14 Jul 2022 17:35:56 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

match
www.acint.net/ Frame BD05
Redirect Chain

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1
https://www.acint.net/match?dp=129&euid=gyfdn67lyy

43 B
270 B

12ms
11ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=129&euid=gyfdn67lyy
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Jul 2022 17:35:56 GMT
server: nginx/1.23.0
access-control-allow-origin: *
surrogate-control: no-store
vary: Origin
location: https://www.acint.net/match?dp=129&euid=gyfdn67lyy
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
x-request-id: 6bfa6f41-9f06-4a22-97d9-b229d20bbd9b
expires: 0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame BD05 0
215 B 146ms
47ms Image
text/plain 217.65.2.150
CITYTELECOM-AS Fi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=0A0909B0FC53D0620B01CB8202430A08
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 , Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 14 Jul 2022 17:35:56 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 204 0A0909B0FC53D0620B01CB8202430A08
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame BD05 0
191 B 184ms
42ms Image
text/plain 93.95.102.105
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0A0909B0FC53D0620B01CB8202430A08
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H2

204

0.gif
x01.aidata.io/ Frame BD05
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=0A0909B0FC53D0620B01CB8202430A08
https://x01.aidata.io/0.gif?pid=9401454&id=0A0909B0FC53D0620B01CB8202430A08&bounce=1
https://sm.rtb.mts.ru/p?ssp=aidata&id=XUhSHfpBJXP45VirtTZ%2BDQ
https://sm.rtb.mts.ru/match/second?ssp=51&exu=XUhSHfpBJXP45VirtTZ%2BDQ
https://tech.rtb.mts.ru/?dsp_uid=13542572-d7e7-4581-93ca-f7c8577feb0b&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%...
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D1%26ssp%3Dkonnektu%26exu%3DXUhSHfpBJXP45VirtTZ%252BDQ%26id%3D%7BUSER_ID%7D
https://sm.rtb.mts.ru/em?next=51&em=1&ssp=konnektu&exu=XUhSHfpBJXP45VirtTZ%2BDQ&id=
https://x01.aidata.io/0.gif?pid=9503528&uid=13542572-d7e7-4581-93ca-f7c8577feb0b&exu=XUhSHfpBJXP45VirtTZ%!B(string=%20%20)DQ

0
437 B

44ms
43ms

Image
text/plain

89.108.119.28
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=9503528&uid=13542572-d7e7-4581-93ca-f7c8577feb0b&exu=XUhSHfpBJXP45VirtTZ%!B(string=%20%20)DQ
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51802.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 17:35:57 GMT
last-modified: Thu, 14 Jul 2022 17:35:56 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Thu, 14 Jul 2022 17:35:56 GMT

Redirect headers

Date: Thu, 14 Jul 2022 17:34:07 GMT
Server: nginx
Access-Control-Allow-Origin: *
Vary: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Location: https://x01.aidata.io/0.gif?pid=9503528&uid=13542572-d7e7-4581-93ca-f7c8577feb0b&exu=XUhSHfpBJXP45VirtTZ%!B(string= )DQ
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

404

NTdiNDg1N2VhZjE3N2Q0Zg
an.yandex.ru/mapuid/gonetdspis/ Frame BD05
Redirect Chain

https://dmp.gotechnology.io/match/sape?id=0A0909B0FC53D0620B01CB8202430A08
https://dmp.gotechnology.io/match/sape?id=0A0909B0FC53D0620B01CB8202430A08&chk=1
https://an.yandex.ru/mapuid/gonetdspis/NTdiNDg1N2VhZjE3N2Q0Zg

43 B
108 B

142ms
46ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/gonetdspis/NTdiNDg1N2VhZjE3N2Q0Zg

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 17:35:56 GMT
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 17:35:56 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 14 Jul 2022 17:35:56 GMT

Redirect headers

date: Thu, 14 Jul 2022 17:35:56 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
location: http://an.yandex.ru/mapuid/gonetdspis/NTdiNDg1N2VhZjE3N2Q0Zg
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame BD05
Redirect Chain

https://sync.bumlam.com/?src=sap1&uid=0A0909B0FC53D0620B01CB8202430A08
https://sync.bumlam.com/?src=sap1&s_data=CAIQARj8p8GWBmIgMEEwOTA5QjBGQzUzRDA2MjBCMDFDQjgyMDI0MzBBMDiiARBq7RaQA5sR7YbgACWQwGR8

0
523 B

7ms
7ms

Image
text/html

31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=sap1&s_data=CAIQARj8p8GWBmIgMEEwOTA5QjBGQzUzRDA2MjBCMDFDQjgyMDI0MzBBMDiiARBq7RaQA5sR7YbgACWQwGR8
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 17:35:56 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Thu, 14 Jul 2022 17:35:56 GMT
Server: nginx
ETag: 6aed1690-039b-11ed-86e0-002590c0647c
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARj8p8GWBmIgMEEwOTA5QjBGQzUzRDA2MjBCMDFDQjgyMDI0MzBBMDiiARBq7RaQA5sR7YbgACWQwGR8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2

200

0A0909B0FC53D0620B01CB8202430A08
an.yandex.ru/mapuid/sapeis/ Frame BD05
Redirect Chain

https://an.yandex.ru/mapuid/sapeis/0A0909B0FC53D0620B01CB8202430A08
https://an.yandex.ru/mapuid/sapeis/0A0909B0FC53D0620B01CB8202430A08?redir-setuniq=1

43 B
80 B

59ms
59ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0A0909B0FC53D0620B01CB8202430A08?redir-setuniq=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 17:35:56 GMT
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 17:35:56 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 14 Jul 2022 17:35:56 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Jul 2022 17:35:56 GMT
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 17:35:56 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/sapeis/0A0909B0FC53D0620B01CB8202430A08?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 14 Jul 2022 17:35:56 GMT

GET
H2

200

match
www.acint.net/ Frame BD05
Redirect Chain

https://cs.agency2.ru/p?ssp=sp&uid=0A0909B0FC53D0620B01CB8202430A08
https://www.acint.net/match?dp=186&euid=f4d0b3d9-0950-4183-981b-564c1d4c7dda

43 B
270 B

15ms
15ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=186&euid=f4d0b3d9-0950-4183-981b-564c1d4c7dda
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Thu, 14 Jul 2022 17:35:56 GMT
Server: fasthttp
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Location: https://www.acint.net/match?dp=186&euid=f4d0b3d9-0950-4183-981b-564c1d4c7dda
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Host: 23.111.107.44
Connection: keep-alive
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET frame.html
s3.advarkads.com/modules/match/ Frame 7DA5 0
0

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/ 340 KB
120 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3647142099467834&plah=drinktime.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a529685d2accd98c0cc23a3697e992171a34eb9bd7293fcbf72fb1e33737b45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122420
x-xss-protection: 0
server: cafe
etag: 15380585249137143229
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 17:35:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/ Frame EDE3 10 KB
5 KB 122ms
38ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drinktime.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70778
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Jul 2022 21:56:18 GMT
etag: 10429905676100781186
expires: Wed, 27 Jul 2022 21:56:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame BD05 16 KB
16 KB 99ms
99ms Script
application/javascript 185.15.175.147
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=123265478480710
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.147 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3329813e0c2788f727bbb57c75a5751c683649372d99dd1a3627f2f7d95e2e58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 17:35:56 GMT
Last-Modified: Thu, 14 Jul 2022 17:34:45 GMT
Server: nginx
ETag: "62d053b5-3e06"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15878

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
645 B 143ms
38ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=drinktime.ru&callback=_gfp_s_&client=ca-pub-3647142099467834

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3647142099467834&plah=drinktime.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

42b653e4dfcd61a0f2905df25e071b9c85c84292a15502a651aef524e88a0eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
793 B 140ms
45ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=drinktime.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jul 2022 17:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
550 B 128ms
47ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=drinktime.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jul 2022 17:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F52A 78 KB
26 KB 558ms
482ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3647142099467834&output=html&h=250&slotname=4215446423&adk=2228976511&adf=3016081916&pi=t.ma~as.4215446423&w=300&lmt=1657820156&psa=0&format=300x250&url=https%3A%2F%2Fdrinktime.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657820156356&bpp=3&bdt=415&idt=141&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&correlator=1728050952929&frm=20&pv=2&ga_vid=383259194.1657820157&ga_sid=1657820157&ga_hid=100784624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1112&ady=15&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767167%2C44766559%2C21066428%2C31067528%2C42531606&oid=2&pvsid=3953131833805587&tmod=485001919&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=I5Qpe6eQm6&p=https%3A//drinktime.ru&dtd=157

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7df37f64abf57ce88b476728010c9cead2d8776c1448009f125c42f233d9a878

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMjRpaz1-PgCFevNEQgdWX0OVw&gqi=_FPQYpyQJcLz-gajiYTYBg&layout=/sadbundle/%24csp%253Der3%24/164903383637950464/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drinktime.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 26435
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMjRpaz1-PgCFevNEQgdWX0OVw&gqi=_FPQYpyQJcLz-gajiYTYBg&layout=/sadbundle/%24csp%253Der3%24/164903383637950464/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 17:35:57 GMT
expires: Thu, 14 Jul 2022 17:35:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DB57 430 B
228 B 368ms
308ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3647142099467834&output=html&h=400&slotname=2599112422&adk=2177618931&adf=311940359&pi=t.ma~as.2599112422&w=240&lmt=1657820156&psa=0&format=240x400&url=https%3A%2F%2Fdrinktime.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657820156359&bpp=1&bdt=419&idt=168&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=1728050952929&frm=20&pv=1&ga_vid=383259194.1657820157&ga_sid=1657820157&ga_hid=100784624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767167%2C44766559%2C21066428%2C31067528%2C42531606&oid=2&pvsid=3953131833805587&tmod=485001919&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9YLdk1cp32&p=https%3A//drinktime.ru&dtd=171

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e33e08044aa588e1c016ee4de1723636b4009da62fff6bd11aca772b41c916e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drinktime.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 205
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 17:35:56 GMT
expires: Thu, 14 Jul 2022 17:35:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 70ms
70ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fdrinktime.ru%2F&tn=DIV&cls=header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: drinktime.ru
URL: https://drinktime.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 17:35:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B8BD 149 KB
43 KB 446ms
396ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3647142099467834&output=html&adk=1812271804&adf=3025194257&lmt=1657820156&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdrinktime.ru%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657820156372&bpp=1&bdt=431&idt=160&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C240x400&nras=1&correlator=1728050952929&frm=20&pv=1&ga_vid=383259194.1657820157&ga_sid=1657820157&ga_hid=100784624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767167%2C44766559%2C21066428%2C31067528%2C42531606&oid=2&pvsid=3953131833805587&tmod=485001919&uas=0&nvt=1&fsapi=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=168

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6302a5539304f7be15149f2e9fc67a2299b77cfd691a35637e48502e6f81657

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drinktime.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 43974
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 17:35:56 GMT
expires: Thu, 14 Jul 2022 17:35:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame BD05
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=656113168353059.716141898544613&a=77&e=0A0909B0FC53D0620B01CB8202430A08&pref=https%3A%2F%2Fdrinktime.ru%2F&c=ss:77.up:0A0909B0FC53D0620B01CB8202430A08.sync...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=656113168353059.716141898544613&a=77&e=0A0909B0FC53D0620B01CB8202430A08&pref=https%3A%2F%2Fdrinktime.ru%2F&c=ss:77.up:0A0909B0FC53...

49 B
602 B

56ms
56ms

Image
image/gif

185.15.175.159
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=656113168353059.716141898544613&a=77&e=0A0909B0FC53D0620B01CB8202430A08&pref=https%3A%2F%2Fdrinktime.ru%2F&c=ss:77.up:0A0909B0FC53D0620B01CB8202430A08.sync:up.xdua:duE5fbAgW_opQKgCj63cH_cj.xps:xpsd8YAfkaoV4xKVgDKIlQiP4.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Server

185.15.175.159 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 17:35:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 7
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Thu, 14 Jul 2022 17:35:56 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=656113168353059.716141898544613&a=77&e=0A0909B0FC53D0620B01CB8202430A08&pref=https%3A%2F%2Fdrinktime.ru%2F&c=ss:77.up:0A0909B0FC53D0620B01CB8202430A08.sync:up.xdua:duE5fbAgW_opQKgCj63cH_cj.xps:xpsd8YAfkaoV4xKVgDKIlQiP4.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame BD05
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=656113168353059.278000281377231&a=77&e=0A0909B0FC53D0620B01CB8202430A08&pref=https%3A%2F%2Fdrinktime.ru%2F&c=ss:77.up:0A0909B0FC53D0620B01CB8202430A08.sync...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=656113168353059.278000281377231&a=77&e=0A0909B0FC53D0620B01CB8202430A08&pref=https%3A%2F%2Fdrinktime.ru%2F&c=ss:77.up:0A0909B0FC53...

49 B
602 B

62ms
61ms

Image
image/gif

185.15.175.159
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=656113168353059.278000281377231&a=77&e=0A0909B0FC53D0620B01CB8202430A08&pref=https%3A%2F%2Fdrinktime.ru%2F&c=ss:77.up:0A0909B0FC53D0620B01CB8202430A08.sync:up.xdua:duE5fbAgW_opQKgCj63cH_cj.xps:xpsd8YAfkaoV4xKVgDKIlQiP4.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Server

185.15.175.159 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 17:35:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 5
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Thu, 14 Jul 2022 17:35:56 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=656113168353059.278000281377231&a=77&e=0A0909B0FC53D0620B01CB8202430A08&pref=https%3A%2F%2Fdrinktime.ru%2F&c=ss:77.up:0A0909B0FC53D0620B01CB8202430A08.sync:up.xdua:duE5fbAgW_opQKgCj63cH_cj.xps:xpsd8YAfkaoV4xKVgDKIlQiP4.dn:acint__net.adcm:hit.tg:adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 1
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/ 149 KB
53 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3efd7eb504d7979cfb9f05dcf8b734aa9bfb8c39903143996cc136ad03064191

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54360
x-xss-protection: 0
server: cafe
etag: 11995277999580173472
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 17:35:57 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/ Frame CCA4 190 KB
26 KB 130ms
44ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3647142099467834&output=html&h=250&slotname=4215446423&adk=2228976511&adf=3016081916&pi=t.ma~as.4215446423&w=300&lmt=1657820156&psa=0&format=300x250&url=https%3A%2F%2Fdrinktime.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657820156356&bpp=3&bdt=415&idt=141&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&correlator=1728050952929&frm=20&pv=2&ga_vid=383259194.1657820157&ga_sid=1657820157&ga_hid=100784624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1112&ady=15&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767167%2C44766559%2C21066428%2C31067528%2C42531606&oid=2&pvsid=3953131833805587&tmod=485001919&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=I5Qpe6eQm6&p=https%3A//drinktime.ru&dtd=157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f3fc818c7249993eadd02caad3f9a5de47a06ffd04f3f43ee9318eafdb34336

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 167648
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 25104
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Jul 2022 19:01:49 GMT
expires: Wed, 12 Jul 2023 19:01:49 GMT
last-modified: Tue, 22 Jun 2021 12:01:34 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F52A 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVSTb_FPQYsjjJeubx_AP2fq5uAXZpqf2Z46ruuiPDrrH7qDFKBABIL-u4hlgleKQgqAHoAGDpJTQAsgBCakCiEmjQ4y6sD6oAwHIAwKqBP0BT9BSZakNRZrZyHaxEO2dE2BGBYQi5b6IKGgCGA2u7CX7PHK7TJVm1l1LGv_EHuDMm0Bf9Fcedtw0rUOu7iCDiLuhV6mO4JokWRZg13zLyGGAZ7oM_b3NNLIf6ra6jd7LtFPULf8CajoIY2esW55CjfuTDJOvCCMQ5oSWQvK7x3oqP3BLlTcw9WAkzI1wS57kVWwM3FMk8x2nSAtZzViNyRBfHAp7S_RBPNi5pS_VkefMWJncNcHG8GVCIsGbcGqYss41eJfrrhgkNjKnM_wlCYer7E4GcHWs-GPwPxRpCSi_N6c9xSl3I9GeRFjZATRglcwetOJC0D7pZ7v9TcAEzIuOr9YDkgUECAQYAZIFBAgFGASgBl2AB-Xb668BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQpvEG0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwLQFQGAFwGyFxwKGggAEhRwdWItMzY0NzE0MjA5OTQ2NzgzNBgA&sigh=K9N0OZfba0o&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3647142099467834&output=html&h=250&slotname=4215446423&adk=2228976511&adf=3016081916&pi=t.ma~as.4215446423&w=300&lmt=1657820156&psa=0&format=300x250&url=https%3A%2F%2Fdrinktime.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657820156356&bpp=3&bdt=415&idt=141&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&correlator=1728050952929&frm=20&pv=2&ga_vid=383259194.1657820157&ga_sid=1657820157&ga_hid=100784624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1112&ady=15&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767167%2C44766559%2C21066428%2C31067528%2C42531606&oid=2&pvsid=3953131833805587&tmod=485001919&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=I5Qpe6eQm6&p=https%3A//drinktime.ru&dtd=157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 14 Jul 2022 17:35:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 14 Jul 2022 17:35:57 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FC53 143 B
163 B 37ms
36ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3647142099467834&output=html&h=250&slotname=4215446423&adk=2228976511&adf=3016081916&pi=t.ma~as.4215446423&w=300&lmt=1657820156&psa=0&format=300x250&url=https%3A%2F%2Fdrinktime.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657820156356&bpp=3&bdt=415&idt=141&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&correlator=1728050952929&frm=20&pv=2&ga_vid=383259194.1657820157&ga_sid=1657820157&ga_hid=100784624&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1112&ady=15&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44767167%2C44766559%2C21066428%2C31067528%2C42531606&oid=2&pvsid=3953131833805587&tmod=485001919&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=I5Qpe6eQm6&p=https%3A//drinktime.ru&dtd=157
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1652
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 14 Jul 2022 17:08:25 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame F52A 3 KB
1 KB 127ms
43ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 16:48:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2873
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 16:48:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F52A 138 KB
43 KB 142ms
59ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657539323716025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Jul 2022 17:35:57 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 121ms
47ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=drinktime.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jul 2022 17:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 118ms
45ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=drinktime.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jul 2022 17:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/ Frame 5B5C 10 KB
4 KB 36ms
36ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drinktime.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40618
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 06:18:59 GMT
etag: 10429905676100781186
expires: Thu, 28 Jul 2022 06:18:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FC53
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

91ms
91ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 14 Jul 2022 17:35:57 GMT
expires: Thu, 14 Jul 2022 17:35:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 14 Jul 2022 17:35:57 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 5B5C 4 KB
1 KB 137ms
46ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 15:49:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 14 Jul 2022 17:35:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Jul 2022 17:35:57 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5B5C 205 B
742 B 130ms
41ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:12:30 GMT
x-content-type-options: nosniff
age: 1407
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 14 Jul 2023 17:12:30 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5B5C 604 B
667 B 204ms
116ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:12:30 GMT
x-content-type-options: nosniff
age: 1407
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 14 Jul 2023 17:12:30 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/elements/html/ Frame 5B5C 19 KB
9 KB 48ms
42ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:19:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 999
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8263
x-xss-protection: 0
server: cafe
etag: 17157773748623750166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 17:19:18 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/elements/html/ Frame 5B5C 13 KB
6 KB 94ms
89ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec794c4c85d4e3a1786886512e57e60b6f6083303a20a19247348cccaf8c09e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 22:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69948
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5835
x-xss-protection: 0
server: cafe
etag: 15486679301775931715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Jul 2022 22:10:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CCA4 2 KB
510 B 77ms
52ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Dosis:700,regular

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ed3bca384bfd98efd0857d80115eec06ba8aada62fe5c184f8c01ec9508344af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 15:52:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 14 Jul 2022 17:35:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Jul 2022 17:35:57 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame CCA4 16 KB
6 KB 117ms
39ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 23:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 14 Jul 2022 23:28:27 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame CCA4 26 KB
10 KB 121ms
44ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 16:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 15 Jul 2022 16:13:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame F52A 17 KB
7 KB 59ms
37ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:28:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 476
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 17:28:01 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C4BE 8 KB
893 B 120ms
46ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 15:45:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 14 Jul 2022 17:35:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Jul 2022 17:35:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame C4BE 2 KB
902 B 72ms
68ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:24:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 17:24:13 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame C4BE 21 KB
8 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 17:33:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame C4BE 3 KB
1 KB 70ms
68ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:28:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 17:28:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C4BE 138 KB
42 KB 133ms
53ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657539323716025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Jul 2022 17:35:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame C4BE 17 KB
7 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:28:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 476
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 17:28:01 GMT

GET
H3 200 b8b39a8a01d591fbf8e8e88b2bbf8fd4.js Show response
www.gstatic.com/mysidia/ Frame C4BE 30 KB
13 KB 114ms
39ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b8b39a8a01d591fbf8e8e88b2bbf8fd4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12830
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 00:22:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 12 Oct 2022 00:48:29 GMT

GET
H2 200 HhyaU5sn9vOmLzloC_U.woff2
fonts.gstatic.com/s/dosis/v27/ Frame CCA4 29 KB
29 KB 121ms
37ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dosis/v27/HhyaU5sn9vOmLzloC_U.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Dosis:700,regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d88c1280c412b1bccb32e6d99da3369feeb3fae8b64900e7066a1829385699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 22:33:31 GMT
x-content-type-options: nosniff
age: 241346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29436
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:56:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 22:33:31 GMT

GET
DATA 200
OK truncated
/ Frame F52A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70308e8b8401079d7d1f1cd3de85cfff05d3cc5dc62c30e44c0d028119879fdd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 _j1ezhpSwBWUHEITOmC2IR4vOiGfDYio7V63aY1ETrc.js Show response
pagead2.googlesyndication.com/bg/ Frame B1E8 35 KB
13 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_j1ezhpSwBWUHEITOmC2IR4vOiGfDYio7V63aY1ETrc.js

Requested by

Host: drinktime.ru
URL: https://drinktime.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe3d5ece1a52c015941c42133a60b6211e2f3a219f0d88a8ed5eb7698d444eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 13:54:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13754
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jul 2023 13:54:23 GMT

GET
H3 200 logo_augletics_small.JPG
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/ Frame CCA4 8 KB
8 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/logo_augletics_small.JPG

Requested by

Host: drinktime.ru
URL: https://drinktime.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

502646476db88824868f4aa280010eb4851107974aa14d493f531154144dd640

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 526314
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8263
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 12:01:34 GMT
server: sffe
date: Fri, 08 Jul 2022 15:24:03 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 08 Jul 2023 15:24:03 GMT

GET
H3 200 AUGLETICS-Eight.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/ Frame CCA4 46 KB
46 KB 42ms
41ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/AUGLETICS-Eight.jpg

Requested by

Host: drinktime.ru
URL: https://drinktime.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

651972d44c5e2297ace77500deda284819df62ec9c2ce5aad51ce19894869957

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 167587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47346
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 12:01:34 GMT
server: sffe
date: Tue, 12 Jul 2022 19:02:50 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 12 Jul 2023 19:02:50 GMT

GET
H3 200 AUGLETICS-Eight2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/ Frame CCA4 45 KB
45 KB 54ms
54ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/AUGLETICS-Eight2.jpg

Requested by

Host: drinktime.ru
URL: https://drinktime.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72cefe9bdcc3c42576fd4427e76fe35450441d5939583688692cb1ef26806000

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 526314
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46135
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 12:01:34 GMT
server: sffe
date: Fri, 08 Jul 2022 15:24:03 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 08 Jul 2023 15:24:03 GMT

GET
H3 200 augletics_eight_small.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/ Frame CCA4 28 KB
28 KB 63ms
62ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/164903383637950464/augletics_eight_small.jpg

Requested by

Host: drinktime.ru
URL: https://drinktime.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ceed88b14c0a87a8834d23fafad5a9ae0f9d442a1a0c91ba54d6a2199057b38

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 526314
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28813
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 12:01:34 GMT
server: sffe
date: Fri, 08 Jul 2022 15:24:03 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 08 Jul 2023 15:24:03 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F52A 42 B
64 B 146ms
73ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssnj-FL7xDCdsZ0kxY81FCEaKuvtsniGG5o-3by4vYa19CJeXkLX5qAXwaskNmTBcjRbPG3PX8kQVLvvDRo6W5NUl-8_Tx9ubrG0wYOiJ45NpVeqtjCpX6xEi6I__TtZz3TJE40GpB5vGwW&sai=AMfl-YQlGH2XSKtgO4KdkBNFZ2Kais1n8jgEZ5VNK8Mxpw2J7dMpi-jLP1oDLnf7UYJPhkNfcoGfFYKUoVI_&sig=Cg0ArKJSzPxXhjRNIQx4EAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220711&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2228976511&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657820156515&rpt=810&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 17:35:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.acint.net/ping/ 43 B
225 B 16ms
16ms Image
image/gif 46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.4.0&uid=47c63bae-7e08-4062-9282-3df2e4d9d22f&dp=10&tz=%2B00%3A00&nc=20114763&dT=2022-07-14T17%3A35%3A59.178
Requested by: Host: drinktime.ru
URL: https://drinktime.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drinktime.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:35:59 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0A0909B0FC53D0620B01CB8202430A08

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

76 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
drinktime.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: e691e0240174415467096b1e6546b9a5
drinktime.ru/	1978-01-11 21:31:40	Name: fid Value: 912d25ee-e777-4b4d-8732-0f56d457ea5a
.acint.net/	1970-01-20 04:30:20	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-25 20:05:16	Name: aid Value: sAkJCmLQU/yCywELCApDAkdsNZp3cP7OH7EaXBhfIOfVe+J1
.acint.net/	1970-01-20 05:13:32	Name: cSyncDp7v2 Value: 1657820156
.acint.net/	1970-01-20 05:13:32	Name: cSyncDp14v3 Value: 1657820156
.acint.net/	1970-01-20 05:13:32	Name: cSyncDp17 Value: 1657820156
.acint.net/	1970-01-20 05:13:32	Name: cSyncDp32 Value: 1657820156
.acint.net/	1970-01-20 04:31:46	Name: cSyncDp45v3 Value: 1657820156
.acint.net/	1970-01-20 05:13:32	Name: cSyncDp53 Value: 1657820156
.acint.net/	1970-01-20 05:13:32	Name: cSyncDp54v2 Value: 1657820156
.acint.net/	1970-01-20 05:13:32	Name: cSyncDp62 Value: 1657820156
.acint.net/	1970-01-20 05:13:32	Name: cSyncDp67v2 Value: 1657820156
.acint.net/	1970-01-20 05:13:32	Name: cSyncDp68 Value: 1657820156
.acint.net/	1970-01-20 05:13:32	Name: cSyncDp71 Value: 1657820156
.acint.net/	1970-01-20 04:50:29	Name: cSyncDp77 Value: 1657820156
.acint.net/	1970-01-20 05:13:32	Name: cSyncDp84 Value: 1657820156
.acint.net/	1970-01-20 05:13:32	Name: cSyncDp85 Value: 1657820156
.acint.net/	1970-01-20 05:13:32	Name: cSyncDp95v3 Value: 1657820156
.acint.net/	1970-01-20 05:13:32	Name: cSyncDp101 Value: 1657820156
.acint.net/	1970-01-20 04:50:29	Name: cSyncDp104v2 Value: 1657820156
.acint.net/	1970-01-20 05:13:32	Name: cSyncDp107 Value: 1657820156
.acint.net/	1970-01-20 05:13:32	Name: cSyncDp110 Value: 1657820156
.acint.net/	1970-01-20 04:50:29	Name: cSyncDp111v2 Value: 1657820156
.acint.net/	1970-01-20 05:13:32	Name: cSyncDp112v2 Value: 1657820156
.acint.net/	1970-01-20 04:51:56	Name: cSyncDp125v2 Value: 1657820156
.acint.net/	1970-01-20 05:13:32	Name: cSyncDp126 Value: 1657820156
.acint.net/	1970-01-20 05:13:32	Name: cSyncDp127 Value: 1657820156
.acint.net/	1970-01-20 05:13:32	Name: cSyncDp129 Value: 1657820156
.acint.net/	1970-01-20 05:13:32	Name: cSyncDp136v2 Value: 1657820156
.acint.net/	1970-01-20 05:13:32	Name: cSyncDp138 Value: 1657820156
.acint.net/	1970-01-20 05:13:32	Name: cSyncDp144 Value: 1657820156
.acint.net/	1970-01-20 05:13:32	Name: cSyncDp146 Value: 1657820156
.acint.net/	1970-01-20 05:13:32	Name: cSyncDp148 Value: 1657820156
.acint.net/	1970-01-20 05:13:32	Name: cSyncDp149 Value: 1657820156
.acint.net/	1970-01-20 05:13:32	Name: cSyncDp151 Value: 1657820156
.acint.net/	1970-01-20 05:13:32	Name: cSyncDp186 Value: 1657820156
.yadro.ru/	1970-01-20 13:14:42	Name: FTID Value: 1Yq5Fy3bS_8M1Yq5Fy003T0s
.ssp-rtb.sape.ru/	1970-01-25 20:05:16	Name: sspuid Value: nVoDAmLQU/xkKAAH0pvlAkvH6UD+vg4hz28iuq/8t4uh8JHr
.utraff.com/	1970-01-20 05:13:42	Name: preutid Value: 1
.betweendigital.com/	1970-01-20 13:15:56	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 13:15:56	Name: tuuid Value: 7ae466c7-3ce6-52c3-8c7f-b66beeafe597
.betweendigital.com/	1970-01-20 13:15:56	Name: ss Value: 1
.yadro.ru/	1970-01-20 13:14:42	Name: VID Value: 3ZWzju3asLuM1Yq5Fy003T1R
.adhigh.net/	1970-01-20 13:15:56	Name: gi_u Value: 6AzsHxRNLko.AikABlGB_cgR0g
.mail.ru/	1970-01-20 13:17:22	Name: VID Value: 1asWkR0twOYB0023n82JK8IB:::0-0-0-7eaacbc:CAASEC_qfF6niWfoYVwMDRA1v_IaYIS0o3RZ6dos-zXtqX-PF66fu9NgCL5GSVohnfG8UbKI9oKZXTXQhkrj2mfF2UuNEuph4NVv_HdFyX9_atSgZ1uEzzsHZKg72kyT1cItTORKg2s2UmweO2Drt-TE3nDCwg
.betweendigital.com/	1970-01-20 13:15:56	Name: ut Value: YtBT_AAGIlCXmRaqv4QxfRCqyeg5Xwmkxf5EYQ==
.upravel.com/	1970-01-20 04:30:20	Name: session_tptc Value: 1657820156366
.1dmp.io/	1970-01-20 13:15:56	Name: uid Value: 6ac234c0-039b-11ed-acfd-901b0e8b2a6e
.adhigh.net/	1970-01-20 13:15:56	Name: sape_sync Value: jaS
.upravel.com/	1970-01-23 20:06:20	Name: user_id Value: c3878baa-ed33-44a9-9b2d-964088a1322b
.rutarget.ru/	1970-01-20 08:49:32	Name: userId Value: gz6D1c47ST3H
ads.adlook.me/	1970-01-20 13:14:42	Name: adlm_userId Value: febd3236b1fa4e8bb88f586fdfb929cc
.rktch.com/	1970-01-20 05:13:32	Name: b_uid Value: f0b288fe5f5c65955f3f3201c97a0bf4e626
.uuidksinc.net/	1970-01-20 13:15:56	Name: jcsuuid Value: fJvczPU2Qa1TSXPJd8pk
.mts.ru/	1970-01-20 13:02:58	Name: dspid Value: 13542572-d7e7-4581-93ca-f7c8577feb0b
.adriver.ru/	1970-01-20 22:01:32	Name: cid Value: AJt8jEFmzgOAHKinQztJO7Q
.drinktime.ru/	1970-01-20 13:51:56	Name: __gads Value: ID=a37a11c750251484-22e45c1acdcd009f:T=1657820156:RT=1657820156:S=ALNI_MZwIHJodG4AgJmXPI0n-DcgS9198A
.weborama.fr/	1970-01-20 13:56:15	Name: AFFICHE_W Value: tUaGC27ovym138
ssp.bidvol.com/	1970-02-14 01:01:43	Name: bvuid Value: gyfdn67lyy
dmp.gotechnology.io/	1969-12-31 23:59:59	Name: chk Value: 1
.gotechnology.io/	1970-01-20 13:15:56	Name: pid Value: NTdiNDg1N2VhZjE3N2Q0Zg
.bumlam.com/	1970-01-27 11:42:20	Name: suuid3 Value: IiQ2YWVkMTY5MC0wMzliLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
.aidata.io/	1970-01-20 22:01:32	Name: __upin Value: XUhSHfpBJXP45VirtTZ+DQ
.aidata.io/	1970-01-20 22:01:32	Name: __upints Value: 1657820156
.gnezdo.ru/	1970-01-25 20:05:16	Name: uid Value: XV9maWLQU/wyCxsPlBZRAg==
x01.aidata.io/	1970-01-20 04:34:39	Name: mts Value: 1
.mts.ru/	1970-01-23 18:54:20	Name: mts_id Value: 13fb1001-bc17-4fe0-901c-af9c583992e3
.mts.ru/	1970-01-23 18:54:20	Name: mts_id_last_sync Value: 1657820156
.yandex.ru/	1970-01-23 20:06:20	Name: yuidss Value: 1288138651657820156
.yandex.ru/	1970-01-23 20:06:20	Name: yandexuid Value: 1288138651657820156
.ops.beeline.ru/	1970-01-20 13:02:58	Name: BeeAID Value: bd45349c-94b4-4491-b4fd-26a5bbc152ae
.agency2.ru/	1970-01-20 13:02:58	Name: uuid Value: f4d0b3d9-0950-4183-981b-564c1d4c7dda
.dmg.digitaltarget.ru/	1970-01-21 06:25:32	Name: viuserid Value: b7k0uCnMu6NPJ6b7klTD
.doubleclick.net/	1970-01-20 13:51:56	Name: IDE Value: AHWqTUl_Hy7M5KvbxIWIjyTlIeS0EfyVdsvSGqGklX03NESDVgOmGT3P6lr63rccUXc
.doubleclick.net/	1970-01-20 04:30:23	Name: DSID Value: NO_DATA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://drinktime.ru/uploads/logo_03.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://drinktime.ru/templates/Dttemp/images/line-topmenu.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://drinktime.ru/templates/Dttemp/images/shelter.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://an.yandex.ru/mapuid/gonetdspis/NTdiNDg1N2VhZjE3N2Q0Zg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0a0909b0fc53d0620b01cb8202430a08-sp.ops.beeline.ru
a.utraff.com
acint.net
ad.adriver.ru
ad.mail.ru
adlmerge.com
ads.adlook.me
ads.betweendigital.com
adservice.google.com
adservice.google.de
an.yandex.ru
autoden.ru
c3878baa-ed33-44a9-9b2d-964088a1322b.sync.upravel.com
cm.g.doubleclick.net
counter.yadro.ru
cs.agency2.ru
dm-eu.hybrid.ai
dmg.digitaltarget.ru
dmp.gotechnology.io
drinktime.ru
exchange.buzzoola.com
fcgi4.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
match.new-programmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.konnektu.ru
px.adhigh.net
redirect.frontend.weborama.fr
s.uuidksinc.net
s3.advarkads.com
sape-sync.rutarget.ru
sm.rtb.mts.ru
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.bestssp.com
ssp.bidvol.com
stat.adlabs.ru
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.republer.com
sync.upravel.com
tag.digitaltarget.ru
tech.rtb.mts.ru
tpc.googlesyndication.com
ut.rktch.com
www.acint.net
www.google.com
www.googletagservices.com
www.gstatic.com
x01.aidata.io
s3.advarkads.com
109.248.237.37
130.193.58.13
136.243.148.229
142.132.209.138
142.250.184.226
144.76.118.233
159.69.64.48
172.217.16.194
176.9.8.252
185.147.80.35
185.15.175.147
185.15.175.159
188.127.230.8
188.42.191.196
193.232.150.149
194.190.117.94
195.201.152.104
195.209.108.49
195.209.111.19
213.87.44.187
217.65.2.150
217.66.147.168
23.111.107.44
2606:4700:3032::6815:3b42
2a00:1148:db00::17
2a00:1450:4001:806::2003
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2002
2a00:f940:2:2:1:4:0:117
2a02:6b8::90
31.172.81.158
31.220.27.134
35.190.24.218
37.18.103.21
37.9.245.57
45.9.24.193
46.4.114.109
5.200.43.131
65.108.236.88
78.46.16.13
88.212.202.52
89.108.119.28
89.108.97.2
93.95.102.105
95.211.66.35
00c58a2a9ac9ca117e8bcf3cbf4abccfc3e6ed5d290a418472868bc99d037b63
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ceed88b14c0a87a8834d23fafad5a9ae0f9d442a1a0c91ba54d6a2199057b38
132b6e59443a5f686ddc71058d5aaa8d9d1797a08748a5818f0201a8c52f6ccc
158873c5e04ee251fe9c802d24f43601cc466a45e68ed5c5cac65ae61f8e81f0
17d10327c2d844189190751f74a10dee12eb07a62100788e8c9e8b859541dc80
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1fe82a582e74eebfadb3bce81db534f3d9ee9036422afffb5e829bd9e4250db3
2301dc512249e7b6c825f1963d458bfd7927dfad39ad400faaac5e16b44a2277
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2e33e08044aa588e1c016ee4de1723636b4009da62fff6bd11aca772b41c916e
318047e0161167d428a2f5035e6fed84fbef4f813a8d8c5f86799cf236e175f8
3329813e0c2788f727bbb57c75a5751c683649372d99dd1a3627f2f7d95e2e58
3616c237c101854b6f73dc2bc88f1721c055b68b5492ada4d9da1fff53f30a27
3a92882b7e5caa7566ee58975dc895837abcf861af9f8e7df8eca6a0adfbaaf4
3efd7eb504d7979cfb9f05dcf8b734aa9bfb8c39903143996cc136ad03064191
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
42b653e4dfcd61a0f2905df25e071b9c85c84292a15502a651aef524e88a0eca
43f3372b9dc176e9e41a4de7bca63476fe43f3f3ac739ada99b0d5fe576e4774
480b8043a4e3234d781f70a0cb01919519d84cffc80dd47a43d9caaae8a5c4d6
4befdf1cc89a143b5bb4d625983f9c344ee898fe903f46c8927c25a37711510e
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
502646476db88824868f4aa280010eb4851107974aa14d493f531154144dd640
512f2fc2840f26f25a6a8cbeeed78810603db942c472675b0bd76f06aa194792
5425a0c45d02e64aadc1e467010a721feefe2d5d940553364fb63a583ceb32a4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5a529685d2accd98c0cc23a3697e992171a34eb9bd7293fcbf72fb1e33737b45
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
62256ac25cf98f6d7ab6975162a8f14315e4790b69380e40abb75bf5282775e3
651972d44c5e2297ace77500deda284819df62ec9c2ce5aad51ce19894869957
693790b8e61580435a0dc977cb7b416c66a09a38a99ef24ff1978281b3048bd1
70308e8b8401079d7d1f1cd3de85cfff05d3cc5dc62c30e44c0d028119879fdd
70c85e3a745b137a52da9a1874a2ee6aca9419cb6b2a57cdc30010f2bd920c2a
72cefe9bdcc3c42576fd4427e76fe35450441d5939583688692cb1ef26806000
73c34400793fe80e21e2f553429c5ec2d886a123a55e1179d2364b479f0e5b21
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
779ce0f21560e4c992234a4d6d730a51ec80cacbc073c383fe30c786e40e6c0d
7df37f64abf57ce88b476728010c9cead2d8776c1448009f125c42f233d9a878
81c673682205d4e4cb2e404ae7177f5a375d72545f92d56b78845aaaec8f990d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
85cae17c2011e827eee9f7627938612723fc92c8c707c62565f1a442b10c3a42
85fef378c279b83fde4c76de2c96fec39a20e7eadafbfb18e34a529ab1f01761
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7
977202705d8345c650d58fd0d4275287b58ac77280a99de94753fdd7ce3073bd
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a4229b71d0af1401c92e0549b46ecd19f07ed3bdc8bc7c0a16eefcb39e026ca
9e280de8bc0d7702f02e9f422fda22ec8d11a8949e7015043d26fb3b86865851
9f3fc818c7249993eadd02caad3f9a5de47a06ffd04f3f43ee9318eafdb34336
a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a2d3d84c6198ad848b841187d67fad7357f13adc75a5a5da5c43b9761df74187
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a876778e1701eea2751f287a2f058957b2f9c608e353d1743d0ec91c5b4534b6
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8e9f03eacae7f353c23e52fcfdbdcd71773a17f1f2a8d0d970ebc224d5e7c79
b924dff2492efffe361cc8830b0d962fb207d149be782c2abd85c73480d04186
b9d88c1280c412b1bccb32e6d99da3369feeb3fae8b64900e7066a1829385699
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c69978397fec82ba52571bc2e7d698c04de9f884022a216053d364d556fbf80c
cc58b71327c05aef336cad0e94787582b6ccd16e4607158b5e93791f7ec08fe3
ce1d8120a4f6916895082f92c1bc05a463bdadd3d05304004f8bf7ee5693ef52
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d4b5793ca927bb793ef1a9fb897eeea0f64e3629c5c0c430473f75a79638112f
d7ca93261a836c80b9625ec96d3b0e4f5a2cc9dc2fa8a01e347cf7fffd64b20a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4dac023803cde7e63cfd3a2d92e2cdfa38c07fd4b387845432fc66186514f0a
ec794c4c85d4e3a1786886512e57e60b6f6083303a20a19247348cccaf8c09e9
ed3bca384bfd98efd0857d80115eec06ba8aada62fe5c184f8c01ec9508344af
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6302a5539304f7be15149f2e9fc67a2299b77cfd691a35637e48502e6f81657
fe3d5ece1a52c015941c42133a60b6211e2f3a219f0d88a8ed5eb7698d444eb7

drinktime.ru Open in urlscan Pro 2a00:f940:2:2:1:4:0:117 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

118 Requests

78 %HTTPS

25 %IPv6

45 Domains

54 Subdomains

31 IPs

7 Countries

2109 kBTransfer

3460 kBSize

76 Cookies

4 Outgoing links

Page URL History

Redirected requests

118 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

drinktime.ru Open in urlscan Pro
2a00:f940:2:2:1:4:0:117 Public Scan

Screenshot
Live screenshot

Full Image

118
Requests

78 %
HTTPS

25 %
IPv6

45
Domains

54
Subdomains

31
IPs

7
Countries

2109 kB
Transfer

3460 kB
Size

76
Cookies

118 HTTP transactions
1 data transactions