garticphone.com Open in urlscan Pro
2606:4700:10::ac43:281c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://garticphone.com/ru/?c=080432e8e
Effective URL:
https://garticphone.com/ru?c=080432e8e
Submission: On April 17 via manual (April 17th 2021, 6:24:43 am UTC) from US

Summary HTTP 124 Redirects Behaviour Indicators

Summary

This website contacted 43 IPs in 8 countries across 33 domains to perform 124 HTTP transactions. The main IP is 2606:4700:10::ac43:281c, located in United States and belongs to CLOUDFLARENET, US. The main domain is garticphone.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 30th 2020. Valid for: a year.

This is the only time garticphone.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 31	2606:4700:10:... 2606:4700:10::ac43:281c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:f6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
10	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3037::ac43:d515	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3	2a02:6ea0:c70... 2a02:6ea0:c700::2	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
2	87.230.98.74 87.230.98.74	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	198.24.170.52 198.24.170.52	19437 (SS-ASH) (SS-ASH)
1 2	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	23.218.208.200 23.218.208.200	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.218.208.187 23.218.208.187	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	213.155.156.168 213.155.156.168	1299 (TELIANET ...) (TELIANET Telia Carrier)
8	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
8 9	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.189.249 185.64.189.249	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
2 2	34.252.218.184 34.252.218.184	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
1 1	185.29.132.69 185.29.132.69	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3 3	35.156.223.207 35.156.223.207	16509 (AMAZON-02) (AMAZON-02)
2 2	18.192.249.156 18.192.249.156	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 2	52.51.10.244 52.51.10.244	16509 (AMAZON-02) (AMAZON-02)
2	54.171.0.58 54.171.0.58	16509 (AMAZON-02) (AMAZON-02)
3 5	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
3	52.212.6.165 52.212.6.165	16509 (AMAZON-02) (AMAZON-02)
5	54.163.187.117 54.163.187.117	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
3	52.39.214.89 52.39.214.89	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
7	104.111.229.87 104.111.229.87	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba1a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
124	43

31 2606:4700:10::ac43:281c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

garticphone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:f6b (United States)

ASN13335 (CLOUDFLARENET, US)

api.adinplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:d515 (United States)

ASN13335 (CLOUDFLARENET, US)

country.adinplay.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

cdn.consentmanager.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.230.98.74 (Germany)

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: ma5037422.psmanaged.com

consentmanager.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.24.170.52 (Ashburn, United States)

ASN19437 (SS-ASH, US)

server.cpmstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.11 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.208.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-200.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.208.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-187.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.168 (Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.66 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.252.218.184 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-218-184.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.24 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.69 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.156.223.207 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-223-207.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.249.156 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-249-156.eu-central-1.compute.amazonaws.com

prod.perf-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.10.244 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-10-244.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.0.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-0-58.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.218.208.246 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.212.6.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-6-165.eu-west-1.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.163.187.117 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-187-117.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.39.214.89 (Boardman, United States)

ASN16509 (AMAZON-02, US)

ads.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.111.229.87 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)

dco-assets.everestads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba1a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	garticphone.com 1 redirects garticphone.com	1 MB
19	googlesyndication.com f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	74 KB
17	doubleclick.net 8 redirects securepubads.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	156 KB
14	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com aud.pubmatic.com simage2.pubmatic.com simage4.pubmatic.com	32 KB
12	adsafeprotected.com 1 redirects fw.adsafeprotected.com pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	189 KB
7	everestads.net dco-assets.everestads.net	794 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
5	consensu.org cdn.consentmanager.mgr.consensu.org consentmanager.mgr.consensu.org	68 KB
4	googletagservices.com www.googletagservices.com	82 KB
3	everesttech.net ads.everesttech.net	25 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	adnxs.com 1 redirects ib.adnxs.com acdn.adnxs.com	19 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	perf-serving.com 2 redirects prod.perf-serving.com	1 KB
2	adform.net 2 redirects c1.adform.net	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	990 B
2	fiftyt.com 2 redirects visitor.fiftyt.com	992 B
2	semasio.net 1 redirects uipglob.semasio.net	923 B
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	adinplay.com api.adinplay.com	105 KB
1	createjs.com code.createjs.com	63 KB
1	cloudflare.com cdnjs.cloudflare.com	22 KB
1	mathtag.com 1 redirects sync.mathtag.com	680 B
1	simpli.fi um.simpli.fi	611 B
1	zeotap.com mwzeom.zeotap.com	595 B
1	criteo.com dis.criteo.com	284 B
1	google.com adservice.google.com	165 B
1	google.ch adservice.google.ch	799 B
1	googleapis.com imasdk.googleapis.com	115 KB
1	cpmstar.com server.cpmstar.com	483 B
1	workers.dev country.adinplay.workers.dev	753 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	googletagmanager.com www.googletagmanager.com	37 KB
124	33

	Domain	Requested by
31	garticphone.com	1 redirects garticphone.com
10	pagead2.googlesyndication.com	securepubads.g.doubleclick.net f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net www.googletagservices.com
9	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net
7	dco-assets.everestads.net	ads.everesttech.net dco-assets.everestads.net
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
5	dt.adsafeprotected.com	f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	securepubads.g.doubleclick.net f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com fw.adsafeprotected.com
4	simage2.pubmatic.com	ads.pubmatic.com
4	image2.pubmatic.com	ads.pubmatic.com
3	ads.everesttech.net	ad.doubleclick.net ads.everesttech.net dco-assets.everestads.net
3	static.adsafeprotected.com	f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com pixel.adsafeprotected.com
3	x.bidswitch.net	3 redirects
3	cdn.consentmanager.mgr.consensu.org	api.adinplay.com consentmanager.mgr.consensu.org
3	securepubads.g.doubleclick.net	api.adinplay.com securepubads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com garticphone.com
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	pixel.adsafeprotected.com	f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com
2	fw.adsafeprotected.com	1 redirects f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com
2	googleads.g.doubleclick.net	f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com garticphone.com
2	prod.perf-serving.com	2 redirects
2	c1.adform.net	2 redirects
2	match.adsrvr.org	2 redirects
2	visitor.fiftyt.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	ads.pubmatic.com	api.adinplay.com ads.pubmatic.com
2	f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	ib.adnxs.com	1 redirects api.adinplay.com
2	consentmanager.mgr.consensu.org	api.adinplay.com
2	api.adinplay.com	garticphone.com api.adinplay.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	code.createjs.com	dco-assets.everestads.net
1	cdnjs.cloudflare.com	dco-assets.everestads.net
1	ad.doubleclick.net	www.googletagservices.com
1	sync.mathtag.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	dis.criteo.com	ads.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	acdn.adnxs.com	api.adinplay.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.ch	securepubads.g.doubleclick.net
1	imasdk.googleapis.com	api.adinplay.com
1	server.cpmstar.com	api.adinplay.com
1	hbopenbid.pubmatic.com	api.adinplay.com
1	country.adinplay.workers.dev	api.adinplay.com
1	cdn.jsdelivr.net	api.adinplay.com
1	www.googletagmanager.com	garticphone.com
124	50

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-09-30` - `2021-09-30`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
adinplay.com Cloudflare Inc ECC CA-3	`2020-08-22` - `2021-08-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-04-13` - `2022-03-26`	a year	crt.sh
1376624012.rsc.cdn77.org R3	`2021-02-08` - `2021-05-09`	3 months	crt.sh
consentmanager.mgr.consensu.org R3	`2021-03-05` - `2021-06-03`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
server.cpmstar.com Go Daddy Secure Certificate Authority - G2	`2020-06-30` - `2022-09-18`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.ch GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2021-03-09` - `2022-04-10`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2020-05-20` - `2021-06-20`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.everesttech.net DigiCert SHA2 Secure Server CA	`2020-03-24` - `2022-03-29`	2 years	crt.sh
www.adobetag.com DigiCert SHA2 High Assurance Server CA	`2020-03-11` - `2022-01-18`	2 years	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh

This page contains 14 frames:

Primary Page: https://garticphone.com/ru?c=080432e8e
Frame ID: A7F12312B86F3EE9C6B6B675924390EA
Requests: 58 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 54AEE60822FA99028231D3C73BDC0D36
Requests: 15 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 13A10118F5AE6F13F90817724877CB59
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 834847268923B4CF2473E64456AF56E1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6397536861168189870
Frame ID: 7AC1FBD6BE71D1771D7176CA86E6B84E
Requests: 1 HTTP requests in this frame

Frame: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 34C49928CC58D3E7D4566082AD2450FE
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCDspoBGLalhJoBMAE&v=APEucNW4WcRIr39QhR4aKzAOGjxg56hK8PJ2Wnj0TZZxLfUmYlTsk-RoPlDC3I8Mrskz_F2BJdtsXU1Abiz0nTkzN4XxE7dQJnUddBjVgoGXHTWo1tGQd_o
Frame ID: B52C60F98A0B78B83C66169475AB9715
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 36DBF2D2926C381CA469ABC491A547B7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 546FF1AE0D5E22F8A5714B1907E9D161
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 6639F1332B40DC19BE2F432D4C807CA9
Requests: 1 HTTP requests in this frame

Frame: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=YHp_HAAAAN8xI0ML
Frame ID: D62854E916AEC36D1BAE20E4111B5FDF
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: A73425BA4CE8708BF44F12A8B3830E61
Requests: 1 HTTP requests in this frame

Frame: https://dco-assets.everestads.net/ics-campaign//5031/t/8581/3/z160x600.html
Frame ID: C74BBC3F36711E2DE89DA35432CCD12B
Requests: 2 HTTP requests in this frame

Frame: https://dco-assets.everestads.net/ics-campaign//5031/t/8581/3/YoungProfCouch/M365_FY21Q3WR3_USA_160x600_BAN_YPCouch_EN_NA_Standard_ANI_BN_NA_1.htm
Frame ID: 14014FE48A85005B31AF7C9761A424D1
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://garticphone.com/ru/?c=080432e8e HTTP 308
https://garticphone.com/ru?c=080432e8e Page URL

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

124
Requests

100 %
HTTPS

37 %
IPv6

33
Domains

50
Subdomains

43
IPs

8
Countries

2960 kB
Transfer

6325 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://garticphone.com/ru/?c=080432e8e HTTP 308
https://garticphone.com/ru?c=080432e8e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6397536861168189870

Request Chain 58

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tGQKbwi8RZyM2IEv7_SSQg%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tGQKbwi8RZyM2IEv7_SSQg%3D%3D&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 60

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B4640A6F-08BC-459C-8CD8-812FEFF49242&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B4640A6F-08BC-459C-8CD8-812FEFF49242&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 61

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B4640A6F-08BC-459C-8CD8-812FEFF49242&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B4640A6F-08BC-459C-8CD8-812FEFF49242&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B4640A6F-08BC-459C-8CD8-812FEFF49242&addseg=31

Request Chain 62

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjQ2NDBBNkYtMDhCQy00NTlDLThDRDgtODEyRkVGRjQ5MjQy&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjQ2NDBBNkYtMDhCQy00NTlDLThDRDgtODEyRkVGRjQ5MjQy&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 63

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG_j_CFJ4oqO9X0ZrfZOVIM&google_cver=1

Request Chain 65

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=780dbf57-20c2-4f36-bdd5-981e42fe8a95

Request Chain 66

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1503849221104888881

Request Chain 67

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:3021607a-7f1a-4100-8e84-0677b16085f5&gdpr=0&gdpr_consent=

Request Chain 68

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8787957892869768967&gdpr=0&gdpr_consent=

Request Chain 69

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=edfa0b8b-c8b0-4076-a394-7eb2ab80b4f6&ssp=pubmatic&user_group=1 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=899afc4f-9e9b-489e-8549-adf278c77e2a&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEISa19Hp9OOXRSv06AS10lM&google_cver=1&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEISa19Hp9OOXRSv06AS10lM&google_cver=1&gdpr=0&C=1

Request Chain 85

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHp-G5Zh8X.muhZoOa-cCwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEISa19Hp9OOXRSv06AS10lM&google_cver=1&google_hm=2

Request Chain 91

https://fw.adsafeprotected.com/rfw/www.googletagservices.com/551415/51042438/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fgarticphone.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:44008411-acd7-6009-d536-d6e158aad172,c:a1BBES,sl:na,em:true,fr:false,mn:app08ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,fm:suOLhGN+11%7C12%7C13%7C14%7C151%7C152%7C16%7C17*.551415-51042438%7C171%7C1721%7C18%7C19,idMap:17*,pl:,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:25,oid:8f8415ae-9f45-11eb-9427-025e58922a4e,v:19.8.188,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://www.googletagservices.com/dcm/dcmads.js

124 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request ru Show response
garticphone.com/
Redirect Chain

https://garticphone.com/ru/?c=080432e8e
https://garticphone.com/ru?c=080432e8e

46 KB
9 KB

123ms
122ms

Document
text/html

2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garticphone.com/ru?c=080432e8e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash: 4eb12a1c35e9ff714c990030de9131a40957faa227094b8e6c8ed1ecd562bd2c

Request headers

:method: GET
:authority: garticphone.com
:scheme: https
:path: /ru?c=080432e8e
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:25 GMT
content-type: text/html; charset=utf-8
x-powered-by: Next.js
cache-control: s-maxage=31536000, stale-while-revalidate
vary: Accept-Encoding
x-varnish: 285760359
age: 0
via: 1.1 varnish-v4
cf-cache-status: DYNAMIC
cf-request-id: 098019939000004aa99fb4b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 641391ff496d4aa9-FRA
content-encoding: gzip

Redirect headers

date: Sat, 17 Apr 2021 06:24:25 GMT
content-length: 0
set-cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665; expires=Mon, 17-May-21 06:24:25 GMT; path=/; domain=.garticphone.com; HttpOnly; SameSite=Lax; Secure
location: /ru?c=080432e8e
refresh: 0;url=/ru?c=080432e8e
x-varnish: 286797104
age: 0
via: 1.1 varnish-v4
cf-cache-status: DYNAMIC
cf-request-id: 098019926200004aa9dd3a0000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 641391fd6e224aa9-FRA

GET
H2 200 webpack-61b1da3762db0794198c.js Show response
garticphone.com/_next/static/chunks/ 2 KB
1 KB 17ms
14ms Script
application/javascript 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garticphone.com/_next/static/chunks/webpack-61b1da3762db0794198c.js
Requested by: Host: garticphone.com
URL: https://garticphone.com/ru?c=080432e8e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 800c03f1b08a0609265cb64d050e884c8ae4a42bcc4239eedc369ee10c89dac1

Request headers

:path: /_next/static/chunks/webpack-61b1da3762db0794198c.js
pragma: no-cache
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:25 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 157921
cf-ray: 641392001aff4aa9-FRA
cf-request-id: 098019941200004aa9da165000000001
last-modified: Thu, 15 Apr 2021 10:31:53 GMT
server: cloudflare
etag: W/"92f-178d5165216"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 816021924
via: 1.1 varnish-v4
cache-control: max-age=315360000
content-type: application/javascript; charset=UTF-8
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 framework.0c239260661ae1d12aa2.js Show response
garticphone.com/_next/static/chunks/ 128 KB
41 KB 19ms
16ms Script
application/javascript 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garticphone.com/_next/static/chunks/framework.0c239260661ae1d12aa2.js
Requested by: Host: garticphone.com
URL: https://garticphone.com/ru?c=080432e8e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0d07fd0ecfc8286de3cb0d3d5267f2c6c668c267ad547369585bc13b7d7f6f8

Request headers

:path: /_next/static/chunks/framework.0c239260661ae1d12aa2.js
pragma: no-cache
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:25 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 157921
cf-ray: 641392001b024aa9-FRA
cf-request-id: 098019941200004aa9ed9ec000000001
last-modified: Thu, 15 Apr 2021 10:31:53 GMT
server: cloudflare
etag: W/"20005-178d5165216"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 792855115
via: 1.1 varnish-v4
cache-control: max-age=315360000
content-type: application/javascript; charset=UTF-8
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 d3f5fc863829525fe5fc5dc43562b353294d62d1.52fd5ef7a8ab7d8fc0dd.js Show response
garticphone.com/_next/static/chunks/ 6 KB
3 KB 23ms
20ms Script
application/javascript 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garticphone.com/_next/static/chunks/d3f5fc863829525fe5fc5dc43562b353294d62d1.52fd5ef7a8ab7d8fc0dd.js
Requested by: Host: garticphone.com
URL: https://garticphone.com/ru?c=080432e8e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b32c9c990ccecb65d55fb56d5801ae902db32aebd81812aa11340d1741ca20ab

Request headers

:path: /_next/static/chunks/d3f5fc863829525fe5fc5dc43562b353294d62d1.52fd5ef7a8ab7d8fc0dd.js
pragma: no-cache
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:25 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 157921
cf-ray: 641392001b084aa9-FRA
cf-request-id: 098019941300004aa9dd90f000000001
last-modified: Thu, 15 Apr 2021 10:31:53 GMT
server: cloudflare
etag: W/"19f6-178d5165216"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 804848012
via: 1.1 varnish-v4
cache-control: max-age=315360000
content-type: application/javascript; charset=UTF-8
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 e6bdae5336e2879b2b445bca6c5e9ee0649e9591.227f787802bf55c1ee65.js Show response
garticphone.com/_next/static/chunks/ 37 KB
12 KB 18ms
15ms Script
application/javascript 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garticphone.com/_next/static/chunks/e6bdae5336e2879b2b445bca6c5e9ee0649e9591.227f787802bf55c1ee65.js
Requested by: Host: garticphone.com
URL: https://garticphone.com/ru?c=080432e8e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5ddc5f26ee98b6a3475eeda6346e9051aa0fc246074bdbd54963fe0461dac25

Request headers

:path: /_next/static/chunks/e6bdae5336e2879b2b445bca6c5e9ee0649e9591.227f787802bf55c1ee65.js
pragma: no-cache
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:25 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 157921
cf-ray: 641392001b0a4aa9-FRA
cf-request-id: 098019941300004aa9c4b18000000001
last-modified: Thu, 15 Apr 2021 10:31:53 GMT
server: cloudflare
etag: W/"92a9-178d5165216"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 797279698
via: 1.1 varnish-v4
cache-control: max-age=315360000
content-type: application/javascript; charset=UTF-8
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main-97a98779d761aaced2c9.js Show response
garticphone.com/_next/static/chunks/ 19 KB
7 KB 24ms
22ms Script
application/javascript 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garticphone.com/_next/static/chunks/main-97a98779d761aaced2c9.js
Requested by: Host: garticphone.com
URL: https://garticphone.com/ru?c=080432e8e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 757996255ec26a03743739e69c3c10ae17e8891f6f23b1a4ebf9378368950a01

Request headers

:path: /_next/static/chunks/main-97a98779d761aaced2c9.js
pragma: no-cache
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:25 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 157921
cf-ray: 641392001b0c4aa9-FRA
cf-request-id: 098019941300004aa98f221000000001
last-modified: Thu, 15 Apr 2021 10:31:53 GMT
server: cloudflare
etag: W/"4dd0-178d5165217"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 822935929
via: 1.1 varnish-v4
cache-control: max-age=315360000
content-type: application/javascript; charset=UTF-8
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ea88be26.a747efafabe2159ec92e.js Show response
garticphone.com/_next/static/chunks/ 255 KB
64 KB 26ms
24ms Script
application/javascript 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garticphone.com/_next/static/chunks/ea88be26.a747efafabe2159ec92e.js
Requested by: Host: garticphone.com
URL: https://garticphone.com/ru?c=080432e8e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee528134daae05ec4e589165484f4fddb2466f18530119c89785da6d8a01b3b9

Request headers

:path: /_next/static/chunks/ea88be26.a747efafabe2159ec92e.js
pragma: no-cache
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:25 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 157921
cf-ray: 641392001b0d4aa9-FRA
cf-request-id: 098019941300004aa9ca2e9000000001
last-modified: Thu, 15 Apr 2021 10:31:53 GMT
server: cloudflare
etag: W/"3fdea-178d5165217"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 773110645
via: 1.1 varnish-v4
cache-control: max-age=315360000
content-type: application/javascript; charset=UTF-8
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7f88e80b0054e21183e83562454ff375fd00594c.cdb6d1a7fa5b0652b75f.js Show response
garticphone.com/_next/static/chunks/ 14 KB
5 KB 23ms
21ms Script
application/javascript 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garticphone.com/_next/static/chunks/7f88e80b0054e21183e83562454ff375fd00594c.cdb6d1a7fa5b0652b75f.js
Requested by: Host: garticphone.com
URL: https://garticphone.com/ru?c=080432e8e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2c71d7834e9d5b1783b0a2f0e445d3a55dd8e2f5232af38f68a1a9835058120

Request headers

:path: /_next/static/chunks/7f88e80b0054e21183e83562454ff375fd00594c.cdb6d1a7fa5b0652b75f.js
pragma: no-cache
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:25 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 157921
cf-ray: 641392001b0f4aa9-FRA
cf-request-id: 098019941300004aa9e894b000000001
last-modified: Thu, 15 Apr 2021 10:31:53 GMT
server: cloudflare
etag: W/"372c-178d5165216"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 813367825
via: 1.1 varnish-v4
cache-control: max-age=315360000
content-type: application/javascript; charset=UTF-8
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6d8548babda40cd6a7e9a9b1eb3dd878c7c763ac.5b9180481b6626443900.js Show response
garticphone.com/_next/static/chunks/ 6 KB
2 KB 25ms
23ms Script
application/javascript 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garticphone.com/_next/static/chunks/6d8548babda40cd6a7e9a9b1eb3dd878c7c763ac.5b9180481b6626443900.js
Requested by: Host: garticphone.com
URL: https://garticphone.com/ru?c=080432e8e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 927fde1363cfc2cfb05dbf24cfa71083de18fab533a3f2d646e2a1170417fc71

Request headers

:path: /_next/static/chunks/6d8548babda40cd6a7e9a9b1eb3dd878c7c763ac.5b9180481b6626443900.js
pragma: no-cache
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:25 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 157921
cf-ray: 641392001b114aa9-FRA
cf-request-id: 098019941400004aa90332c000000001
last-modified: Thu, 15 Apr 2021 10:31:53 GMT
server: cloudflare
etag: W/"1924-178d5165217"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 793772350
via: 1.1 varnish-v4
cache-control: max-age=315360000
content-type: application/javascript; charset=UTF-8
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 e84e43b71b52448a47ae48507cf4f35101c874f4.fda4152578980d2531ca.js Show response
garticphone.com/_next/static/chunks/ 9 KB
3 KB 24ms
23ms Script
application/javascript 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garticphone.com/_next/static/chunks/e84e43b71b52448a47ae48507cf4f35101c874f4.fda4152578980d2531ca.js
Requested by: Host: garticphone.com
URL: https://garticphone.com/ru?c=080432e8e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db04f13bf4fad0d11eac656b731c57eda589bc3b195796d73b0f77573adefcc7

Request headers

:path: /_next/static/chunks/e84e43b71b52448a47ae48507cf4f35101c874f4.fda4152578980d2531ca.js
pragma: no-cache
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:25 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 157921
cf-ray: 641392001b134aa9-FRA
content-length: 3313
cf-request-id: 098019941800004aa9e2bb0000000001
last-modified: Thu, 15 Apr 2021 10:31:53 GMT
server: cloudflare
etag: W/"2426-178d5165217"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 792691260
via: 1.1 varnish-v4
cache-control: max-age=315360000
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 06e3698b6b1ad5ce2c29148911e2bd85f7ff8c33.2675ef88818c32667fe4.js Show response
garticphone.com/_next/static/chunks/ 25 KB
9 KB 23ms
21ms Script
application/javascript 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garticphone.com/_next/static/chunks/06e3698b6b1ad5ce2c29148911e2bd85f7ff8c33.2675ef88818c32667fe4.js
Requested by: Host: garticphone.com
URL: https://garticphone.com/ru?c=080432e8e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f12ccda440f4740227fd0333d1c4b2433710b91f176619617b57bd37b6ce620c

Request headers

:path: /_next/static/chunks/06e3698b6b1ad5ce2c29148911e2bd85f7ff8c33.2675ef88818c32667fe4.js
pragma: no-cache
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:25 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 157921
cf-ray: 641392001b164aa9-FRA
cf-request-id: 098019941500004aa9bba34000000001
last-modified: Thu, 15 Apr 2021 10:31:53 GMT
server: cloudflare
etag: W/"6552-178d5165217"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 821559716
via: 1.1 varnish-v4
cache-control: max-age=315360000
content-type: application/javascript; charset=UTF-8
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 _app-d1b1bbe7f83a497726b6.js Show response
garticphone.com/_next/static/chunks/pages/ 615 KB
139 KB 24ms
22ms Script
application/javascript 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garticphone.com/_next/static/chunks/pages/_app-d1b1bbe7f83a497726b6.js
Requested by: Host: garticphone.com
URL: https://garticphone.com/ru?c=080432e8e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 198c6573661f9d44d0edb1bae63ce2b42997aaed1511b04a6379cc60cce28bb9

Request headers

:path: /_next/static/chunks/pages/_app-d1b1bbe7f83a497726b6.js
pragma: no-cache
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:25 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 157921
cf-ray: 641392001b194aa9-FRA
cf-request-id: 098019941500004aa9cd203000000001
last-modified: Thu, 15 Apr 2021 10:31:53 GMT
server: cloudflare
etag: W/"99ac8-178d5165218"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 802133497
via: 1.1 varnish-v4
cache-control: max-age=315360000
content-type: application/javascript; charset=UTF-8
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 index-912ccd2ac8284fa11db3.js Show response
garticphone.com/_next/static/chunks/pages/ 340 KB
50 KB 25ms
24ms Script
application/javascript 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garticphone.com/_next/static/chunks/pages/index-912ccd2ac8284fa11db3.js
Requested by: Host: garticphone.com
URL: https://garticphone.com/ru?c=080432e8e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f9b8f364bad567ebe9822bccc19a09ed1ab909cf09d407167f6ba12cba708ee

Request headers

:path: /_next/static/chunks/pages/index-912ccd2ac8284fa11db3.js
pragma: no-cache
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:25 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 157921
cf-ray: 641392002b474aa9-FRA
cf-request-id: 098019941a00004aa9948f0000000001
last-modified: Thu, 15 Apr 2021 10:31:53 GMT
server: cloudflare
etag: W/"54f1b-178d5165218"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 799217955
via: 1.1 varnish-v4
cache-control: max-age=315360000
content-type: application/javascript; charset=UTF-8
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 93 KB
37 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-3906902-42

Requested by

Host: garticphone.com
URL: https://garticphone.com/ru?c=080432e8e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

42c860812e7d0c6e96bbb5a346286c0d0a490fc52ad05cc2d30efcd6d4cefcc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://garticphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37484
x-xss-protection: 0
last-modified: Sat, 17 Apr 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 17 Apr 2021 06:24:25 GMT

GET
H2 200 tag.min.js Show response
api.adinplay.com/libs/aiptag/pub/GTC/garticphone.com/ 362 KB
105 KB 53ms
25ms Script
application/javascript 2606:4700:20::681a:f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/pub/GTC/garticphone.com/tag.min.js
Requested by: Host: garticphone.com
URL: https://garticphone.com/ru?c=080432e8e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 351f6f81844c2304f72d7a6c8909de311b5de07553da66e43a3ce51902bc698e

Request headers

Referer: https://garticphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 678321
x-host: adinplay-2
cf-request-id: 098019943200003140b9273000000001
last-modified: Sat, 20 Feb 2021 08:30:35 GMT
server: cloudflare
etag: W/"6030c8ab-5a631"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wea9q8OGAMUYN1ojB6X16TTN1p%2BkH3ZBr%2FPo%2BdFY0I2%2Bgg2Atw%2FU6IfOUjTixxtvRd6S%2FN8%2FM9m1LB%2B%2FDEjGani6LtWS%2BoZUmtUDOPjZUZjbcoPzBRY8DJTVyFQq"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 641392005b903140-FRA

GET
H2 200 _buildManifest.js Show response
garticphone.com/_next/static/M_GyhKnt2xpjYojn6HDsG/ 2 KB
864 B 19ms
18ms Script
application/javascript 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garticphone.com/_next/static/M_GyhKnt2xpjYojn6HDsG/_buildManifest.js
Requested by: Host: garticphone.com
URL: https://garticphone.com/ru?c=080432e8e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1ab821a2d6ab23c7c1eed3c77e0bb805b5638926b2a177a9694bd728e3be742

Request headers

:path: /_next/static/M_GyhKnt2xpjYojn6HDsG/_buildManifest.js
pragma: no-cache
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:25 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 157921
cf-ray: 641392002b4b4aa9-FRA
cf-request-id: 098019941a00004aa90332d000000001
last-modified: Thu, 15 Apr 2021 10:31:53 GMT
server: cloudflare
etag: W/"742-178d5165219"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 791839192
via: 1.1 varnish-v4
cache-control: max-age=315360000
content-type: application/javascript; charset=UTF-8
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 _ssgManifest.js Show response
garticphone.com/_next/static/M_GyhKnt2xpjYojn6HDsG/ 259 B
379 B 19ms
18ms Script
application/javascript 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garticphone.com/_next/static/M_GyhKnt2xpjYojn6HDsG/_ssgManifest.js
Requested by: Host: garticphone.com
URL: https://garticphone.com/ru?c=080432e8e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f5979825ba0bab1c385281580a6a1c7a83962ecf25eabc2b8d9abff42c3d5fc

Request headers

:path: /_next/static/M_GyhKnt2xpjYojn6HDsG/_ssgManifest.js
pragma: no-cache
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:25 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 157921
content-encoding: gzip
cf-request-id: 098019941b00004aa9ab9b4000000001
x-varnish: 825295093
last-modified: Thu, 15 Apr 2021 10:31:56 GMT
server: cloudflare
etag: W/"103-178d5165faf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
cf-ray: 641392002b4c4aa9-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 textura.png
garticphone.com/images/ 565 KB
566 KB 22ms
22ms Image
image/png 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garticphone.com/images/textura.png
Requested by: Host: garticphone.com
URL: https://garticphone.com/ru?c=080432e8e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 384e0e9673a384d3afe3e9d43ac2d020bca519c99ee48c24bd5e78f7a771295f

Request headers

:path: /images/textura.png
pragma: no-cache
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:25 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 157920
content-type: image/png
content-length: 578591
cf-request-id: 098019941b00004aa9f536d000000001
last-modified: Sun, 21 Feb 2021 09:40:08 GMT
server: cloudflare
etag: W/"8d41f-177c3f5e6b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 797279718
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 641392002b4d4aa9-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ic_play.svg
garticphone.com/images/ 6 KB
3 KB 20ms
20ms Image
image/svg+xml 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garticphone.com/images/ic_play.svg
Requested by: Host: garticphone.com
URL: https://garticphone.com/ru?c=080432e8e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc4a1a82d0c70b428b6f9de7570cc73cdfa1d2bdbbaceaa0c95a01592a6df707

Request headers

:path: /images/ic_play.svg
pragma: no-cache
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:25 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 157920
cf-ray: 641392002b4e4aa9-FRA
cf-request-id: 098019941b00004aa90ca9e000000001
last-modified: Sun, 21 Feb 2021 09:40:08 GMT
server: cloudflare
etag: W/"183c-177c3f5e6ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 788988397
via: 1.1 varnish-v4
cache-control: max-age=315360000
content-type: image/svg+xml
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gartic.svg
garticphone.com/images/ 12 KB
5 KB 26ms
24ms Image
image/svg+xml 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garticphone.com/images/gartic.svg
Requested by: Host: garticphone.com
URL: https://garticphone.com/ru?c=080432e8e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 082124e48ee2e324e65d09aff357ec18e1fc5758aee25ecc299bcae3505ad19d

Request headers

:path: /images/gartic.svg
pragma: no-cache
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:25 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 157921
cf-ray: 641392002b514aa9-FRA
cf-request-id: 098019941c00004aa9d20c0000000001
last-modified: Sun, 21 Feb 2021 09:40:08 GMT
server: cloudflare
etag: W/"2ea8-177c3f5e6ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 801735178
via: 1.1 varnish-v4
cache-control: max-age=315360000
content-type: image/svg+xml
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 onrizon.svg
garticphone.com/images/ 19 KB
8 KB 16ms
15ms Image
image/svg+xml 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garticphone.com/images/onrizon.svg
Requested by: Host: garticphone.com
URL: https://garticphone.com/ru?c=080432e8e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 489787c99ddb47232dd46ed2b42472fef4695dee379595a0e195e5b485f74bbb

Request headers

:path: /images/onrizon.svg
pragma: no-cache
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:25 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 157921
cf-ray: 641392002b534aa9-FRA
cf-request-id: 098019941d00004aa9f2383000000001
last-modified: Sun, 21 Feb 2021 09:40:08 GMT
server: cloudflare
etag: W/"4dbb-177c3f5e6b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 784466386
via: 1.1 varnish-v4
cache-control: max-age=315360000
content-type: image/svg+xml
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nunito-black.woff2
garticphone.com/fonts/ 63 KB
63 KB 19ms
18ms Font
font/woff2 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garticphone.com/fonts/nunito-black.woff2
Requested by: Host: garticphone.com
URL: https://garticphone.com/ru?c=080432e8e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d68d96908e253981a4e9dc2a222255756745073a4d85cd8789abc5f36613d339

Request headers

sec-fetch-mode: cors
origin: https://garticphone.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665
:path: /fonts/nunito-black.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://garticphone.com
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:25 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 157920
content-type: font/woff2
content-length: 64196
cf-request-id: 098019941d00004aa9c0330000000001
last-modified: Sun, 21 Feb 2021 09:40:08 GMT
server: cloudflare
etag: W/"fac4-177c3f5e690"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 799375737
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 641392002b524aa9-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icomoon.woff2
garticphone.com/fonts/ 5 KB
5 KB 16ms
15ms Font
font/woff2 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garticphone.com/fonts/icomoon.woff2?7nfec2
Requested by: Host: garticphone.com
URL: https://garticphone.com/ru?c=080432e8e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 924fc414b00f14d1f619fdde71dab1bfb71475bdc7b5bd546af24c6f58dd9f0f

Request headers

sec-fetch-mode: cors
origin: https://garticphone.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665
:path: /fonts/icomoon.woff2?7nfec2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://garticphone.com
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:25 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 157920
content-type: font/woff2
content-length: 4888
cf-request-id: 098019941d00004aa9948f1000000001
last-modified: Thu, 18 Mar 2021 07:57:02 GMT
server: cloudflare
etag: W/"1318-17844567d13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 792855120
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 641392002b544aa9-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nunito-regular.woff2
garticphone.com/fonts/ 60 KB
60 KB 18ms
17ms Font
font/woff2 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garticphone.com/fonts/nunito-regular.woff2
Requested by: Host: garticphone.com
URL: https://garticphone.com/ru?c=080432e8e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0a141d57dcfa788a828502981c85215a071944d4ef0779571d91dec5eb70e41

Request headers

sec-fetch-mode: cors
origin: https://garticphone.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665
:path: /fonts/nunito-regular.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://garticphone.com
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:25 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 157920
content-type: font/woff2
content-length: 61468
cf-request-id: 098019941d00004aa9fe9e4000000001
last-modified: Sun, 21 Feb 2021 09:40:08 GMT
server: cloudflare
etag: W/"f01c-177c3f5e6a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 813367830
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 641392002b554aa9-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nunito-bold.woff2
garticphone.com/fonts/ 62 KB
62 KB 18ms
17ms Font
font/woff2 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garticphone.com/fonts/nunito-bold.woff2
Requested by: Host: garticphone.com
URL: https://garticphone.com/ru?c=080432e8e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 879ca1ff2b1db8d086b9550b0a1668e9e95e87a0038d4e726757cce29a6719e7

Request headers

sec-fetch-mode: cors
origin: https://garticphone.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665
:path: /fonts/nunito-bold.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://garticphone.com
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:25 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 157920
content-type: font/woff2
content-length: 63036
cf-request-id: 098019941d00004aa9e2bb1000000001
last-modified: Sun, 21 Feb 2021 09:40:08 GMT
server: cloudflare
etag: W/"f63c-177c3f5e695"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 774113000
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 641392002b564aa9-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 _error-f372840b541275b06011.js Show response
garticphone.com/_next/static/chunks/pages/ 9 KB
3 KB 13ms
12ms Script
application/javascript 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garticphone.com/_next/static/chunks/pages/_error-f372840b541275b06011.js
Requested by: Host: garticphone.com
URL: https://garticphone.com/_next/static/chunks/e6bdae5336e2879b2b445bca6c5e9ee0649e9591.227f787802bf55c1ee65.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d877d746962761f2300d86402ba0266f98eada0abae1f8e54561e78e5308047d

Request headers

:path: /_next/static/chunks/pages/_error-f372840b541275b06011.js
pragma: no-cache
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:25 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 157844
cf-ray: 641392021eb34aa9-FRA
cf-request-id: 098019955000004aa9fe9fa000000001
last-modified: Thu, 15 Apr 2021 10:31:53 GMT
server: cloudflare
etag: W/"25e1-178d5165218"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 810026007
via: 1.1 varnish-v4
cache-control: max-age=315360000
content-type: application/javascript; charset=UTF-8
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 98cfb70949f59de894b36012639cef7afd4ade38.340a3347c489bbd58d10.js
garticphone.com/_next/static/chunks/ 0
4 KB 11ms
11ms Other
application/javascript 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garticphone.com/_next/static/chunks/98cfb70949f59de894b36012639cef7afd4ade38.340a3347c489bbd58d10.js
Requested by: Host: garticphone.com
URL: https://garticphone.com/_next/static/chunks/e6bdae5336e2879b2b445bca6c5e9ee0649e9591.227f787802bf55c1ee65.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665
:path: /_next/static/chunks/98cfb70949f59de894b36012639cef7afd4ade38.340a3347c489bbd58d10.js
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:25 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 157920
cf-ray: 641392021eb64aa9-FRA
content-length: 3903
cf-request-id: 098019955100004aa9f9295000000001
last-modified: Thu, 15 Apr 2021 10:31:53 GMT
server: cloudflare
etag: W/"52c2-178d5165217"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 783876669
via: 1.1 varnish-v4
cache-control: max-age=315360000
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lobby-fe93c218670f46d24129.js
garticphone.com/_next/static/chunks/pages/ 0
9 KB 14ms
14ms Other
application/javascript 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garticphone.com/_next/static/chunks/pages/lobby-fe93c218670f46d24129.js
Requested by: Host: garticphone.com
URL: https://garticphone.com/_next/static/chunks/e6bdae5336e2879b2b445bca6c5e9ee0649e9591.227f787802bf55c1ee65.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665
:path: /_next/static/chunks/pages/lobby-fe93c218670f46d24129.js
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:25 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 157920
cf-ray: 641392021eb84aa9-FRA
cf-request-id: 098019955100004aa9cd217000000001
last-modified: Thu, 15 Apr 2021 10:31:53 GMT
server: cloudflare
etag: W/"b905-178d5165218"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 828604807
via: 1.1 varnish-v4
cache-control: max-age=315360000
content-type: application/javascript; charset=UTF-8
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3906902-42

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://garticphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 1855
date: Sat, 17 Apr 2021 05:53:31 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Sat, 17 Apr 2021 07:53:31 GMT

GET
H2 200 lobby.json Show response
garticphone.com/_next/data/M_GyhKnt2xpjYojn6HDsG/ru/ 6 KB
3 KB 200ms
199ms Fetch
application/json 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garticphone.com/_next/data/M_GyhKnt2xpjYojn6HDsG/ru/lobby.json
Requested by: Host: garticphone.com
URL: https://garticphone.com/_next/static/chunks/e6bdae5336e2879b2b445bca6c5e9ee0649e9591.227f787802bf55c1ee65.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd376b78a882a4f53ed011b2a0aba1131e468c440fef92028627179013ddae93

Request headers

:path: /_next/data/M_GyhKnt2xpjYojn6HDsG/ru/lobby.json
pragma: no-cache
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 0
cf-request-id: 098019959600004aa9b31e5000000001
x-varnish: 283046314
server: cloudflare
etag: "1884-5EYYfMmDEnbTPrZe847yAuH2qKo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
via: 1.1 varnish-v4
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 641392028f854aa9-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lobby.json Show response
garticphone.com/_next/data/M_GyhKnt2xpjYojn6HDsG/ru/ 6 KB
3 KB 194ms
194ms Fetch
application/json 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garticphone.com/_next/data/M_GyhKnt2xpjYojn6HDsG/ru/lobby.json
Requested by: Host: garticphone.com
URL: https://garticphone.com/_next/static/chunks/e6bdae5336e2879b2b445bca6c5e9ee0649e9591.227f787802bf55c1ee65.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd376b78a882a4f53ed011b2a0aba1131e468c440fef92028627179013ddae93

Request headers

:path: /_next/data/M_GyhKnt2xpjYojn6HDsG/ru/lobby.json
pragma: no-cache
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 0
cf-request-id: 098019959600004aa90597d000000001
x-varnish: 285794259
server: cloudflare
etag: "1884-5EYYfMmDEnbTPrZe847yAuH2qKo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
via: 1.1 varnish-v4
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 641392028f8a4aa9-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 86ms
30ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/GTC/garticphone.com/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

fc5a9fb346a5dd1dcfa923de1125e37b939c24cd3e1ba281cdbfcb41fa6b221f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://garticphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "845 / 301 of 1000 / last-modified: 1618610985"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21050
x-xss-protection: 0
expires: Sat, 17 Apr 2021 06:24:26 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 22ms
6ms XHR
application/json 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210417

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/GTC/garticphone.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a0be70bfb4eaf5cad8ead71a89c69b93a4122a64eaee9fe7074e68d9156354ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://garticphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 37058
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 937
etag: W/"67c-X/+uH3yGjrWThKLV7Il/DxEDzyg"
x-served-by: cache-fra19128-FRA
date: Sat, 17 Apr 2021 06:24:26 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 adsbygoogle.js Show response
api.adinplay.com/libs/aiptag/assets/ 16 B
478 B 15ms
14ms Script
application/javascript 2606:4700:20::681a:f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/GTC/garticphone.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

Referer: https://garticphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:26 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 678322
x-host: adinplay-2
content-length: 16
cf-request-id: 09801995cc00003140f9b7f000000001
last-modified: Wed, 04 Apr 2018 16:13:25 GMT
server: cloudflare
etag: "5ac4f9a5-10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sXvNdHw%2BMKBWIDfwbnetSWvc9ufq2iviLVRyrnUfXy4nsYbazOx2O5ecb0bRn4wHlQpAlBiOX6aqzSO02bhYhpmolAsZ%2BQexu69h6dWqYhYj3IP4rT5eKsHp38tm"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 64139202d8073140-FRA

GET
H2 200 / Show response
country.adinplay.workers.dev/ 2 B
753 B 45ms
15ms XHR
text/plain 2606:4700:3037::ac43:d515
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://country.adinplay.workers.dev/
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/GTC/garticphone.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d515 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b

Request headers

Referer: https://garticphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:26 GMT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kXjYGCND5ccD%2FeXU1qgO5cUPSgpwqpCtmZloTs4mzdQrzsa34cNIBtnz67S3ghIr3XwaEQ9mapGvYJvntZgfHBf5lWCwjLumsl%2F%2B8HXLVAPkpXYBsqdaX4s0%2FyKlRJ7%2FIkL9Dzzo%2BkVf"}],"max_age":604800}
cf-ray: 641392030b7c05e4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2
cf-request-id: 09801995e9000005e4ee251000000001

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 27ms
12ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1303118631&t=pageview&_s=1&dl=https%3A%2F%2Fgarticphone.com%2Fru%3Fc%3D080432e8e&dp=%2Fru&ul=en-us&de=UTF-8&dt=%3A%20An%20unexpected%20error%20has%20occurred&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=594297050&gjid=1226190415&cid=1373037539.1618640666&tid=UA-3906902-42&_gid=260450781.1618640666&_r=1&gtm=2ou472&z=771449061

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://garticphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 06:24:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://garticphone.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 12ms
12ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=1303118631&t=pageview&_s=2&dl=https%3A%2F%2Fgarticphone.com%2Fru%3Fc%3D080432e8e&dp=%2Fru%3Fc%3D080432e8e&ul=en-us&de=UTF-8&dt=%3A%20An%20unexpected%20error%20has%20occurred&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=&gjid=&cid=1373037539.1618640666&tid=UA-3906902-42&_gid=260450781.1618640666&gtm=2ou472&z=1488505925

Requested by

Host: garticphone.com
URL: https://garticphone.com/ru?c=080432e8e

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://garticphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73248
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp.min.css
cdn.consentmanager.mgr.consensu.org/delivery/ 19 KB
4 KB 94ms
30ms Stylesheet
text/css 2a02:6ea0:c700::2
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.consentmanager.mgr.consensu.org/delivery/cmp.min.css
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/GTC/garticphone.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo / PleskLin
Resource Hash: 6fccba207831ba0fc1dd1231ef2a35585dfc82b1c06f6fbcf0fd041eaeed8bcc

Request headers

Referer: https://garticphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 17 Apr 2021 06:24:26 GMT
content-encoding: br
vary: Accept-Encoding
x-77-nzt-ray: pANqt6YBydk=
x-powered-by: PleskLin
x-77-cache: HIT
x-cache: HIT
x-age: 995
x-77-nzt: AcO1ry8eiOzv4wMAAA==
last-modified: Wed, 17 Mar 2021 16:26:14 GMT
server: CDN77-Turbo
etag: W/"60522da6-4abe"
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 17 Mar 2021 17:54:38 GMT

GET
H/1.1 200
OK cmp.php Show response
consentmanager.mgr.consensu.org/delivery/ 5 KB
5 KB 110ms
32ms Script
application/javascript 87.230.98.74
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://consentmanager.mgr.consensu.org/delivery/cmp.php?id=13566&h=https%3A%2F%2Fgarticphone.com%2Fru%3Fc%3D080432e8e&undefined&__cmpfcc=1&l=en&o=1618640666134

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/GTC/garticphone.com/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5037422.psmanaged.com

Software

Resource Hash

cd31937cb2c208f1c910dd1f4a81d225e3a88c106bed394dd8aed6ecbf84f2b8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://garticphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 06:24:26 GMT
Last-Modified: Sat, 17 Apr 2021 06:24:26 GMT
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 4774
X-XSS-Protection: 0
Expires: 0

GET
H2 200 cmp_en.min.js Show response
cdn.consentmanager.mgr.consensu.org/delivery/ 256 KB
48 KB 123ms
60ms Script
application/javascript 2a02:6ea0:c700::2
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.consentmanager.mgr.consensu.org/delivery/cmp_en.min.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/GTC/garticphone.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo / PleskLin
Resource Hash: fdab36f5ef5c29e3a34c96aefd71d70857fbd4058e8a0275048d4657c725fe10

Request headers

Referer: https://garticphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 17 Apr 2021 06:24:26 GMT
content-encoding: br
vary: Accept-Encoding
x-77-nzt-ray: RtEMPxMVXVY=
x-powered-by: PleskLin
x-77-cache: HIT
x-cache: HIT
x-age: 992
x-77-nzt: AcO1ry/0XBzv4AMAAA==
last-modified: Wed, 17 Mar 2021 16:47:59 GMT
server: CDN77-Turbo
etag: W/"605232bf-4005a"
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 17 Mar 2021 17:54:38 GMT

GET
H3-29 200 pubads_impl_2021041401.js Show response
securepubads.g.doubleclick.net/gpt/ 298 KB
105 KB 60ms
30ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

80d0a278e7a208ae2bd234aafcbdece69e63c9bf11e800d0ab5fa3c82176cf2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://garticphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Apr 2021 08:43:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107268
x-xss-protection: 0
expires: Sat, 17 Apr 2021 06:24:26 GMT

GET
H2 200 98cfb70949f59de894b36012639cef7afd4ade38.340a3347c489bbd58d10.js Show response
garticphone.com/_next/static/chunks/ 21 KB
4 KB 11ms
10ms Script
application/javascript 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garticphone.com/_next/static/chunks/98cfb70949f59de894b36012639cef7afd4ade38.340a3347c489bbd58d10.js
Requested by: Host: garticphone.com
URL: https://garticphone.com/_next/static/chunks/e6bdae5336e2879b2b445bca6c5e9ee0649e9591.227f787802bf55c1ee65.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e99031d5243b22562a0218990fbba4314b0eb7d603eec89e46a0a4c4524a775d

Request headers

:path: /_next/static/chunks/98cfb70949f59de894b36012639cef7afd4ade38.340a3347c489bbd58d10.js
pragma: no-cache
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665; _ga=GA1.2.1373037539.1618640666; _gid=GA1.2.260450781.1618640666; _gat_gtag_UA_3906902_42=1; CountryCode=DE; userFromEEA=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:26 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 157921
cf-ray: 64139203996c4aa9-FRA
content-length: 3903
cf-request-id: 098019964000004aa9bba5a000000001
last-modified: Thu, 15 Apr 2021 10:31:53 GMT
server: cloudflare
etag: W/"52c2-178d5165217"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 783876669
via: 1.1 varnish-v4
cache-control: max-age=315360000
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lobby-fe93c218670f46d24129.js Show response
garticphone.com/_next/static/chunks/pages/ 46 KB
9 KB 11ms
11ms Script
application/javascript 2606:4700:10::ac43:281c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garticphone.com/_next/static/chunks/pages/lobby-fe93c218670f46d24129.js
Requested by: Host: garticphone.com
URL: https://garticphone.com/_next/static/chunks/e6bdae5336e2879b2b445bca6c5e9ee0649e9591.227f787802bf55c1ee65.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:281c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68ea5ca4636e0081f9a9c23d1ef93b4a268baf2647b64592f9d7416275e89527

Request headers

:path: /_next/static/chunks/pages/lobby-fe93c218670f46d24129.js
pragma: no-cache
cookie: __cfduid=d5eb8a809e13fad1f42c74cc9da440aa11618640665; _ga=GA1.2.1373037539.1618640666; _gid=GA1.2.260450781.1618640666; _gat_gtag_UA_3906902_42=1; CountryCode=DE; userFromEEA=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: garticphone.com
referer: https://garticphone.com/ru?c=080432e8e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://garticphone.com/ru?c=080432e8e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:26 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 157921
cf-ray: 64139203996d4aa9-FRA
cf-request-id: 098019964000004aa9f8993000000001
last-modified: Thu, 15 Apr 2021 10:31:53 GMT
server: cloudflare
etag: W/"b905-178d5165218"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 828604807
via: 1.1 varnish-v4
cache-control: max-age=315360000
content-type: application/javascript; charset=UTF-8
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bV8xLndfMTM1NjYuZF81MzI0LnhfMTAudg.js Show response
cdn.consentmanager.mgr.consensu.org/delivery/customdata/ 69 KB
12 KB 45ms
44ms Script
application/javascript 2a02:6ea0:c700::2
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.consentmanager.mgr.consensu.org/delivery/customdata/bV8xLndfMTM1NjYuZF81MzI0LnhfMTAudg.js

Requested by

Host: consentmanager.mgr.consensu.org
URL: https://consentmanager.mgr.consensu.org/delivery/cmp.php?id=13566&h=https%3A%2F%2Fgarticphone.com%2Fru%3Fc%3D080432e8e&undefined&__cmpfcc=1&l=en&o=1618640666134

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

CDN77-Turbo / PleskLin

Resource Hash

e72e6a0329f6faee9e65e5fdb0194925561c26714809ed0337d6c0f8b6a23f2c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://garticphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 17 Apr 2021 06:24:26 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
x-powered-by: PleskLin
x-77-cache: HIT
x-cache: HIT
x-age: 965
x-xss-protection: 0
x-77-nzt: AcO1ry8Ja93vxQMAAA==
last-modified: Sat, 17 Apr 2021 06:08:21 GMT
server: CDN77-Turbo
x-77-nzt-ray: 7NfBc61KCNs=
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *, *
cache-control: public, max-age=1800
expires: Sat, 17 Apr 2021 06:38:21 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 86ms
28ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/GTC/garticphone.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://garticphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://garticphone.com
date: Sat, 17 Apr 2021 06:24:25 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK view.aspx Show response
server.cpmstar.com/ 27 B
483 B 464ms
115ms XHR
application/json 198.24.170.52
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://server.cpmstar.com/view.aspx?media=banner&json=c_b&mv=1&poolid=81286&reachedTop=true&requestid=4d310d95c91f59&referer=https%253A%252F%252Fgarticphone.com%252Fru%253Fc%253D080432e8e&schain=1.0,1!adinplay.com,GTC,1,,,&gdpr_consent=&gdpr=0
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/GTC/garticphone.com/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 198.24.170.52 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 193fdc7a48ae60adfa28663712b68539bead2a82033545589d0d97565c6e983b

Request headers

Referer: https://garticphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 06:24:26 GMT
Server: Microsoft-IIS/10.0
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Access-Control-Allow-Origin: https://garticphone.com
Cache-Control: private,no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Content-Length: 27
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 143 B
1 KB 50ms
50ms XHR
application/json 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/GTC/garticphone.com/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

1d68cb99af8c0ad820bdfc16b47fcce886f8479030ef7ce7b1eaf96dd43e0b21

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://garticphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 06:24:26 GMT
X-Proxy-Origin: 91.132.136.60; 91.132.136.60; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.79:80
AN-X-Request-Uuid: e8c39894-ea8e-436d-b5c4-b52d7ab1c421
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://garticphone.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 334 KB
115 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/GTC/garticphone.com/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e7e84a9247e2cbb12fcb52dd0afe3232325a13e01fc59652ad7fb3c8d5d664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://garticphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117037
x-xss-protection: 0
expires: Sat, 17 Apr 2021 06:24:26 GMT

GET
H/1.1 200
OK pixel.php
consentmanager.mgr.consensu.org/delivery/ 43 B
325 B 35ms
35ms Image
image/gif 87.230.98.74
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consentmanager.mgr.consensu.org/delivery/pixel.php?id=13566&did=1&cfdid=1&t=pv.cn.d_reg0&h=https%3A%2F%2Fgarticphone.com%2Fru%3Fc%3D080432e8e&o=1618640666328&l=EN&lv=0&d=1&ct=14&e=&e2=&e3=&i=&sv=31&dv=10&

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5037422.psmanaged.com

Software

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://garticphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 06:24:26 GMT
Last-Modified: Sat, 17 Apr 2021 06:24:26 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 43
X-XSS-Protection: 0
Expires: 0

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
799 B 47ms
14ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=garticphone.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://garticphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 06:24:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=garticphone.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://garticphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 06:24:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
9 KB 445ms
444ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=514548151287221&correlator=3789109112502275&output=ldjh&impl=fif&eid=31060437%2C31060823%2C31060708&vrg=2021041401&ptt=17&gdpr=0&addtl_consent=1~&sc=1&sfv=1-0-38&ecs=20210417&iu_parts=421469808%2Cgarticphone.com_160x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600%7C120x600&eri=1&cust_params=GS%3DNo%26FC%3D1%26OS%3DOther&cookie_enabled=1&bc=31&abxe=1&lmt=1618640666&dt=1618640666808&dlt=1618640665612&idt=674&frm=20&biw=1600&bih=1200&oid=3&adxs=10&adys=300&adks=3147981548&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgarticphone.com%2Fru%3Fc%3D080432e8e&vis=1&dmc=8&scr_x=0&scr_y=0&psz=180x1200&msz=160x600&ga_vid=1373037539.1618640666&ga_sid=1618640667&ga_hid=1303118631&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

50099ff99f4fdfca5c3891f5bf5c4d7c44077899a82fd2e88edadde0618b77d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://garticphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8690
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://garticphone.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 59ms
13ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://garticphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://garticphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 54AE 38 KB
14 KB 99ms
42ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/GTC/garticphone.com/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://garticphone.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://garticphone.com/

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=79475
Expires: Sun, 18 Apr 2021 04:29:01 GMT
Date: Sat, 17 Apr 2021 06:24:26 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 13A1 52 KB
17 KB 91ms
39ms Document
text/html 23.218.208.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/GTC/garticphone.com/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-187.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://garticphone.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgIzYVEEAoYASABKAEwmv7pgwY4AUABSAEQmv7pgwYYAA..; uuid2=8787957892869768967
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://garticphone.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sun, 18 Apr 2021 06:24:28 GMT
Date: Sat, 17 Apr 2021 06:24:26 GMT
Connection: keep-alive

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 54AE 2 KB
3 KB 114ms
28ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=91587109&p=156857&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 97805eb804ec0c23bbac8763b1d40e93d287eb34f3b3a0533fe50cf807a97b5f

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 06:24:26 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 8348 43 B
284 B 139ms
67ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Sat, 17 Apr 2021 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1207
date: Sat, 17 Apr 2021 06:24:26 GMT
content-length: 43

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 7AC1
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6397536861168189870

42 B
769 B

47ms
35ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6397536861168189870
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=B4640A6F-08BC-459C-8CD8-812FEFF49242; chkChromeAb67Sec=1; DPSync3=1619827200%3A201_227_226_221; SyncRTB3=1619827200%3A220_54_161_21_13_56_7_3%7C1619913600%3A35%7C1619481600%3A63; KRTBCOOKIE_27=16735-uid:3021607a-7f1a-4100-8e84-0677b16085f5&KRTB&16736-uid:3021607a-7f1a-4100-8e84-0677b16085f5&KRTB&23019-uid:3021607a-7f1a-4100-8e84-0677b16085f5&KRTB&23114-uid:3021607a-7f1a-4100-8e84-0677b16085f5; PugT=1618640667; PUBMDCID=3; KRTBCOOKIE_377=6810-780dbf57-20c2-4f36-bdd5-981e42fe8a95&KRTB&22918-780dbf57-20c2-4f36-bdd5-981e42fe8a95&KRTB&23031-780dbf57-20c2-4f36-bdd5-981e42fe8a95
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Sat, 17 Apr 2021 06:24:27 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_336=5844-6397536861168189870; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 17-May-2021 06:24:27 GMT; path=/ PugT=1618640667; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 17-May-2021 06:24:27 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 16-Jul-2021 06:24:27 GMT; path=/
X-lat: lhrpug016:0:422
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6397536861168189870
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 54AE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tGQKbwi8RZyM2IEv7_SSQg%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tGQKbwi8RZyM2IEv7_SSQg%3D%3D&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

56ms
55ms

Image
text/html

23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 06:24:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=84110
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Sun, 18 Apr 2021 05:46:17 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 06:24:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 54AE 95 B
595 B 55ms
39ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=B4640A6F-08BC-459C-8CD8-812FEFF49242
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:27 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 64139209bde7e007-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0980199a160000e007a33dd000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 54AE
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B4640A6F-08BC-459C-8CD8-812FEFF49242&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B4640A6F-08BC-459C-8CD8-812FEFF49242&sInitiator=external&gdpr=0&gdpr_consent=

42 B
254 B

43ms
42ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B4640A6F-08BC-459C-8CD8-812FEFF49242&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
uip-response-status: FallbackResponse
date: Sat, 17 Apr 2021 06:24:26 GMT
frontend-id: 12
content-length: 42
routing-server-id: -1
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 06:24:26 GMT
frontend-id: 2
location: /pubmatic/1/info2?sType=sync&sExtCookieId=B4640A6F-08BC-459C-8CD8-812FEFF49242&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame 54AE
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B4640A6F-08BC-459C-8CD8-812FEFF49242&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B4640A6F-08BC-459C-8CD8-812FEFF49242&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B4640A6F-08BC-459C-8CD8-812FEFF49242&addseg=31

7 B
147 B

111ms
32ms

Image
text/plain

185.64.189.249
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B4640A6F-08BC-459C-8CD8-812FEFF49242&addseg=31
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 06:24:27 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Sat, 17 Apr 2021 06:24:27 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B4640A6F-08BC-459C-8CD8-812FEFF49242&addseg=31
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 135

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 54AE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjQ2NDBBNkYtMDhCQy00NTlDLThDRDgtODEyRkVGRjQ5MjQy&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjQ2NDBBNkYtMDhCQy00NTlDLThDRDgtODEyRkVGRjQ5MjQy&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
505 B

187ms
36ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 06:24:27 GMT
X-lat: lhrpug009:0:464
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 06:24:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 54AE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG_j_CFJ4oqO9X0ZrfZOVIM&google_cver=1

42 B
855 B

173ms
36ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG_j_CFJ4oqO9X0ZrfZOVIM&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 06:24:27 GMT
X-lat: lhrpug019:0:813
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 06:24:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEG_j_CFJ4oqO9X0ZrfZOVIM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 54AE 43 B
611 B 121ms
58ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:27 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 16 Apr 2021 06:24:27 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 54AE
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=780dbf57-20c2-4f36-bdd5-981e42fe8a95

42 B
882 B

51ms
51ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=780dbf57-20c2-4f36-bdd5-981e42fe8a95
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 06:24:27 GMT
X-lat: lhrpug017:0:660
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 06:24:27 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=780dbf57-20c2-4f36-bdd5-981e42fe8a95
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 54AE
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1503849221104888881

42 B
801 B

37ms
36ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1503849221104888881
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 06:24:27 GMT
X-lat: lhrpug001:0:407
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 06:24:27 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1503849221104888881
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 54AE
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:3021607a-7f1a-4100-8e84-0677b16085f5&gdpr=0&gdpr_consent=

42 B
946 B

67ms
66ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:3021607a-7f1a-4100-8e84-0677b16085f5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 06:24:27 GMT
X-lat: lhrpug001:0:605
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Sat, 17 Apr 2021 06:24:27 GMT
Server: MT3 3660 495c301 master zrh-pixel-x31
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:3021607a-7f1a-4100-8e84-0677b16085f5&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 17 Apr 2021 06:24:26 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 54AE
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8787957892869768967&gdpr=0&gdpr_consent=

42 B
769 B

173ms
35ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8787957892869768967&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 06:24:27 GMT
X-lat: lhrpug004:0:462
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 06:24:27 GMT
X-Proxy-Origin: 91.132.136.60; 91.132.136.60; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.12:80
AN-X-Request-Uuid: 04bfd403-7305-468f-8550-96fb5cd55f0d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8787957892869768967&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 54AE
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=edfa0b8b-c8b0-4076-a394-7eb2ab80b4f6&ssp=pubmatic&user_group=1
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=899afc4f-9e9b-489e-8549-adf278c77e2a&gdpr=&gdpr_consent=&gdpr_pd=

1 B
745 B

37ms
36ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=899afc4f-9e9b-489e-8549-adf278c77e2a&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 06:24:27 GMT
X-lat: lhrpug014:0:411
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=899afc4f-9e9b-489e-8549-adf278c77e2a&gdpr=&gdpr_consent=&gdpr_pd=
date: Sat, 17 Apr 2021 06:24:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29 200 container.html Show response
f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 34C4 6 KB
3 KB 20ms
7ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://garticphone.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://garticphone.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 17 Apr 2021 06:24:26 GMT
expires: Sun, 17 Apr 2022 06:24:26 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://garticphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423639646658"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Sat, 17 Apr 2021 06:24:27 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 18ms
17ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3321911a6d9753bcd53320d0934805989e6298b2a5ad0322cb9f930d312a6f95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://garticphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 06:24:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7121
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060823

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://garticphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 17 Apr 2021 06:24:27 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B52C 499 B
416 B 17ms
17ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCDspoBGLalhJoBMAE&v=APEucNW4WcRIr39QhR4aKzAOGjxg56hK8PJ2Wnj0TZZxLfUmYlTsk-RoPlDC3I8Mrskz_F2BJdtsXU1Abiz0nTkzN4XxE7dQJnUddBjVgoGXHTWo1tGQd_o

Requested by

Host: f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com
URL: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=COHNHRCDspoBGLalhJoBMAE&v=APEucNW4WcRIr39QhR4aKzAOGjxg56hK8PJ2Wnj0TZZxLfUmYlTsk-RoPlDC3I8Mrskz_F2BJdtsXU1Abiz0nTkzN4XxE7dQJnUddBjVgoGXHTWo1tGQd_o
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmCzanLtyAKhQIdzSPJb-TwnEUB-dqL9j-NGcr42QF3TxvjQO-d6WqKR79BjiA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 17 Apr 2021 06:24:27 GMT
server: cafe
cache-control: private
content-length: 237
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 17 Apr 2021 06:24:27 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 34C4 23 KB
12 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BXBEc8xV732PxozidKuwgHEyBXlSCdM415FSizp9e7hte2eHozCUE0HPF8t6hEvWCYiOOSqnmYNw1mU0ni0D9gNyRenNdWog_4AIPkqMttgAj9VRP004mFoAVVTzTyVwmC5F6cG03OEAngr_7iyuxCX80FcQ&dbm_d=AKAmf-DOSXN9qsJH3yPnxtG6jYj7iR-s6KWo60nuNHqcIuQKc7qkDxAMO1cDEBRThLKZXhHlm8A6CheH97VbshYbDLjrVnHHRr_7SJQHGHdRTA9fOcNOnNEWynrEx9D-vPEIudU9CJXdpDPTaBmPGEh_UV90MiOwaqg2KaRrfI8amWVXZANS3txa5GBNUDjHwuuZcRIJnaRw-SoDP8ssYAsduQSKw-n8STtK6C4aAQIOQqeF0KtoNn-mb9rFPTtJdjz51N2C0EEcMT8Si41a2XhWM5mKf81OWC8OQ5xSWxMHzM-Fn-vYNzNB8OClNjwdMX2MtjG-keC-Dz4df2MOgbM_pI9umtxib_9zGQdH2sgTHtXTlNEXzQyQt0Jr95Q3oM10H-0Q-JU_AsJsh5fjSIjah8SmW-hQmVuix_ARhp5fYsnJ8VljSxt797z4JEbgpgOEu2atgcp9x3_JyjF50kAU6rQGxQfHqkNb1J7H7reGQgPkhjre9eQarGcuBA0Nx8pohYCcBgDpYEUULUinTtNyrB7OcBnu0JBHNAdPjqugt2Y3xYlxszJDMO6fRd9BqGWhOiGzzPyFWpuzYZUXfMM-ipwPiAQa-q_ShlGv97OpAyHAmip76-W_oJv9FV_o_c6znzXv5-Jb8pXp9zq4kZqit7NxenwcwlUr8aEI0l2Te8dkhyWIs1O514C0hRn0sPU0tVum6MHyY1tFwhMIB9eMTLdlUZfwqZnSAr5eWBklcr-jM8y-fbKdAbtUJcIQ8k6nmVSVuxwjwf7lFAEtQMzotnIJu9drT-JEs_XXlZLvaOAj6G_6Ybl6Q1qvL5_B9a2LKMf0bBBiRktmNq9WhXevVHjfwLhPZ_5gke01X6fSSR7ig3gKbSW2-9nDnvee_sElzGRZX1IrDB2TXlpJ9pn3gq0YOGgoUPFbJRXLQu5Q7dK35bM-LEFMpshQUg9Winwo9KdRm6KIYdZpOzny874qaWlc_OFAbjG2BEC5coyCNhvcXZ7LfbXbe2xmvS79ZWBrUU3A21-yddZTt7iOVERzAdWeLH4xH2m2X2annhFc0VlZKTDRRK_mVlMr5igknYNmnXLFKLnXEhYldeiwzR6NMUE2FiWmimiawRACKs9hgU8_IGC_QxB2P7zc652rijeDlCNUZ5egoZ_QHnYJfPnHYz7WkWqPAqPhNFXS8IiPNbxyZ1vrENUHvEKoYVCHUX5VudTRc3TkMN6Cw-AfM3Ek92Scfxf4Cgs_w9L-a0XWhHd6SNWGhPBD064-S2fr3APWc2wwDaAfscyQ2rYGdYMCMvMm4hhEF36KEKnMd9XbXEjc2OYs-xqPuhf9cXN26WCagzQOmuz9p33G6D4bNyz-rax0GPUD7CvC_7CBP5l5Zb5m2_Ye1EFRuF79x059IQhtU-M_y_On03dVipqg-AVPGFuSUD2KyUmTfEf6rMysvrfLQs6iwmvTvPngsgpALfDLw7z62VZm1GjJua_gquNBgKa9NEcz8Fyi0RN7ox3kt0jP9iYIXTPl-g_6B_kqnKhPOUZm1FhdxI3Z4t9f9qcOEbLfm36wi2xKflG4oGw6pY3Ow6EybmX50oPZ78lJj_2emDklRnXNRGN_g2fWGL6s51nqVwFl7s6TCVuy3xww1Hu52WEpADnBuaX_KN6rFBhHAW3RwJz8D2QN4l1npsc8rHYGojDf_hmDOE3Bi6aSFGe0U0BTjYShigjiPziwiLnncaPqjqfS70rpirlJqd0KMWneon72rT3_5w7hjVNZquDeToRvxwxeEMLU6VXe1KBEB9Rrx6TvdIo_iWGBs2-ToVPUA04GTs9FomITWEQi9rUyNaaEv4OvZAaCuciX-6w26ktbDUTj_OgsRcQVlKHJklNs612NeM3dgybePL_qj1GP6I0K4UQVB03n_WEizrJ2YP8fZM71n00q2HkoY3VJBoEgicGddCTFxsT2v0GHBoctoXf0StsYTJgErABDL8fKwAYNULVoIovwn-spD94pLJYid7-tMj1QGJlnPUJ0AmkEFeWZC3K3wmUhr-nY-gMOi7K86WWQbvnKKv2yd83xh5hmODPR-Ols-eBT_fpjuW-fgOOrJszpBSafx6XaReMUS-OtkCHnUk4-ICyOS_AF9fEYnGyeZTj7j5UZjYes9rp_3sfqKnhysLhEKtp78UOB3xRA86mgDF1C8mIxKU-6POaVu6-Fw9GPWXPnRIL7zMJ0fz-re4r-z_YxW-2c0_Rq4PY_jzqDX6TOfhnFCWLQac-W26g42Oem2W9-vakIAl7DxLxddywzk9_xFRzh1t1nD8yUVlXilQNF2HCndaODQyAYJQrSwaVa04dlMrdf5tUKaLBnpVe8gF-MqwPJSj8QV46YvkSc2OKozSaFyboRxqMDtQCk9LiqqkvgGQjbVTOoO8_U_cQe2Sg07LOsrm-vkm-5A10jOc0BAHYZHVn73arF6uxTRkTBQ-UTLAiTh1vug2M0fVImo3OiFTtm43JFRJAd0FYKZrA4dEuZ1R1hISstiBgAiT4uHj7_uzsdBu-uxS0PJrxr41SnusHlNfrkPgFaYKhWHcpci9vPr2OeXC2tS6gj0IVRm6jNkKpClV3PJ6wE5kj5199eU-wagR1AxOjE6eXbx2bacC0PXj-k1whJ9_w7EJkAEgU7UFvytDC0rcNtlVFm27CN0GqmFOCS5ixYzSqnQJzFlTodDeVPLSpy6uCJ6jUR1eomYVQ-CKEQUAfoPxkco2zZrBedMn71V2FOkWcIGnDhkCRZcwZel1XIHkc5QOZK_4Qot5-zHQEv7Ub3OU3vM5GAfZmOJo9JPcaOFzcklqgjaNTYWt1bbgwIPHkF2rtTZ2Wy2CRWsQlfUBTLsta2gOmj4YbSbSuhih56J-Xo0hn7Oe5f8X8rEymsM-jN0LHTbXos8IIHMhuNqfRboKYktHkbqHtLdaCxUWmuIR_Yhx-tpT5b4AtjPa66Y_YSwlk-prr2givy7Rt6FG0ts0LyyO4sMGN8aID5-OQ1lHJViuCQIa6bq2aIp-k38bMvARtnZDVy751pqFS9fPGwZDK4XpK250yyzDwAn2TnvS--MOF4EPl8Mtwq8u7bYM9iFTwWnT9h7LfBn5Yw0t3C8aCL9ddeQZmnZnO69rpFGWTlIXMehvS1IFyGEUUGfPhuWP2vACFXluoSt0ZkMOBFPAN6w76_gJ4GrOoe1ZbfUYQzUDc_C-p_kcGzyHMV_MTqGspBgWLg9A-EGztYHjXcv4hhUZSd7P8KA8uADOeGX7ybcMKB0jsWmbCyKdAnhOXixQGyTg-vY1w_K3RjjhkYhKUZiMLrjOLrs7HlX3T_zYKPV9yrK7EW3KH8z0ePxwLZH9hc8rYCK_kCQNSdbIGkx03ddK63e5S_6AvSs6CRa4K0&cid=CAASPeRoa7_XW3hxHbHG852EcmaGZ4Po9U3eqI58vO52Hv5P1o1yGM9SUWAy_TDcG3Hyvy-_0zaAoC8LG5f0Lq0&rfl=1%2Chttps%253A%252F%252Fgarticphone.com%252F%240

Requested by

Host: garticphone.com
URL: https://garticphone.com/ru?c=080432e8e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3dc97e0b1d3c6eb31ae84ba5ba21981e6e171b91042e6b3129bb156c0b04a761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 06:24:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11695
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 34C4 42 B
63 B 33ms
29ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BiRUqyxzwHTvl2JtpcAJC4aG1UfUBxLhlTYnrqUMrfEQOch_JRfrPVcDqcWDAgCSEh8mUR35F0ZrAU3rFWiME_o26l_py2BTIbLj7vRtcp5vSrI9Q

Requested by

Host: f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com
URL: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 06:24:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dcmads.js Show response
fw.adsafeprotected.com/rjss/www.googletagservices.com/551415/51042438/dcm/ Frame 34C4 222 KB
73 KB 173ms
74ms Script
application/javascript 52.51.10.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/www.googletagservices.com/551415/51042438/dcm/dcmads.js
Requested by: Host: f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com
URL: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.10.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-10-244.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e85ee020b5d9a8ac7bdabd1591746784393ed6fc3604d569ea700947ac4554a6

Request headers

Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 06:24:27 GMT
content-encoding: gzip
x-server-name: app08.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 34C4 46 KB
13 KB 159ms
70ms Script
application/javascript 54.171.0.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10933&advId=14575555&campId=39868950&pubId=1&chanId=979614336190&placementId=323031734&adsafe_par&impId=ABAjH0jHvPyckh_n3BL2A941gzva&bidurl=https://garticphone.com/ru
Requested by: Host: f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com
URL: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.0.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-0-58.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4c0e14e5bf5d73bb645b6f196bbac36f151ab4357bfed32d5a5fa908de9d8ca7

Request headers

Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 06:24:27 GMT
content-encoding: gzip
x-server-name: app27.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 34C4 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js

Requested by

Host: f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com
URL: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:13:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 687
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 May 2021 06:13:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 34C4 118 KB
36 KB 30ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com
URL: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Sat, 17 Apr 2021 06:24:27 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 34C4 13 KB
5 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com
URL: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 May 2021 06:21:19 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 36DB 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://garticphone.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://garticphone.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 16 Apr 2021 19:36:50 GMT
expires: Sat, 16 Apr 2022 19:36:50 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 38857
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame B52C 170 B
188 B 34ms
31ms Image
image/png 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCDspoBGLalhJoBMAE&v=APEucNW4WcRIr39QhR4aKzAOGjxg56hK8PJ2Wnj0TZZxLfUmYlTsk-RoPlDC3I8Mrskz_F2BJdtsXU1Abiz0nTkzN4XxE7dQJnUddBjVgoGXHTWo1tGQd_o

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 06:24:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B52C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEISa19Hp9OOXRSv06AS10lM&google_cver=1&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEISa19Hp9OOXRSv06AS10lM&google_cver=1&gdpr=0&C=1

43 B
1014 B

31ms
31ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEISa19Hp9OOXRSv06AS10lM&google_cver=1&gdpr=0&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCDspoBGLalhJoBMAE&v=APEucNW4WcRIr39QhR4aKzAOGjxg56hK8PJ2Wnj0TZZxLfUmYlTsk-RoPlDC3I8Mrskz_F2BJdtsXU1Abiz0nTkzN4XxE7dQJnUddBjVgoGXHTWo1tGQd_o
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 06:24:27 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 17 Apr 2021 06:24:27 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 06:24:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEISa19Hp9OOXRSv06AS10lM&google_cver=1&gdpr=0&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 319
Expires: Sat, 17 Apr 2021 06:24:27 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B52C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHp-G5Zh8X.muhZoOa-cCwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEISa19Hp9OOXRSv06AS10lM&google_cver=1&google_hm=2

43 B
894 B

32ms
32ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEISa19Hp9OOXRSv06AS10lM&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCDspoBGLalhJoBMAE&v=APEucNW4WcRIr39QhR4aKzAOGjxg56hK8PJ2Wnj0TZZxLfUmYlTsk-RoPlDC3I8Mrskz_F2BJdtsXU1Abiz0nTkzN4XxE7dQJnUddBjVgoGXHTWo1tGQd_o
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Apr 2021 06:24:27 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 17 Apr 2021 06:24:27 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 06:24:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEISa19Hp9OOXRSv06AS10lM&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame 34C4 21 KB
8 KB 23ms
21ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BXBEc8xV732PxozidKuwgHEyBXlSCdM415FSizp9e7hte2eHozCUE0HPF8t6hEvWCYiOOSqnmYNw1mU0ni0D9gNyRenNdWog_4AIPkqMttgAj9VRP004mFoAVVTzTyVwmC5F6cG03OEAngr_7iyuxCX80FcQ&dbm_d=AKAmf-DOSXN9qsJH3yPnxtG6jYj7iR-s6KWo60nuNHqcIuQKc7qkDxAMO1cDEBRThLKZXhHlm8A6CheH97VbshYbDLjrVnHHRr_7SJQHGHdRTA9fOcNOnNEWynrEx9D-vPEIudU9CJXdpDPTaBmPGEh_UV90MiOwaqg2KaRrfI8amWVXZANS3txa5GBNUDjHwuuZcRIJnaRw-SoDP8ssYAsduQSKw-n8STtK6C4aAQIOQqeF0KtoNn-mb9rFPTtJdjz51N2C0EEcMT8Si41a2XhWM5mKf81OWC8OQ5xSWxMHzM-Fn-vYNzNB8OClNjwdMX2MtjG-keC-Dz4df2MOgbM_pI9umtxib_9zGQdH2sgTHtXTlNEXzQyQt0Jr95Q3oM10H-0Q-JU_AsJsh5fjSIjah8SmW-hQmVuix_ARhp5fYsnJ8VljSxt797z4JEbgpgOEu2atgcp9x3_JyjF50kAU6rQGxQfHqkNb1J7H7reGQgPkhjre9eQarGcuBA0Nx8pohYCcBgDpYEUULUinTtNyrB7OcBnu0JBHNAdPjqugt2Y3xYlxszJDMO6fRd9BqGWhOiGzzPyFWpuzYZUXfMM-ipwPiAQa-q_ShlGv97OpAyHAmip76-W_oJv9FV_o_c6znzXv5-Jb8pXp9zq4kZqit7NxenwcwlUr8aEI0l2Te8dkhyWIs1O514C0hRn0sPU0tVum6MHyY1tFwhMIB9eMTLdlUZfwqZnSAr5eWBklcr-jM8y-fbKdAbtUJcIQ8k6nmVSVuxwjwf7lFAEtQMzotnIJu9drT-JEs_XXlZLvaOAj6G_6Ybl6Q1qvL5_B9a2LKMf0bBBiRktmNq9WhXevVHjfwLhPZ_5gke01X6fSSR7ig3gKbSW2-9nDnvee_sElzGRZX1IrDB2TXlpJ9pn3gq0YOGgoUPFbJRXLQu5Q7dK35bM-LEFMpshQUg9Winwo9KdRm6KIYdZpOzny874qaWlc_OFAbjG2BEC5coyCNhvcXZ7LfbXbe2xmvS79ZWBrUU3A21-yddZTt7iOVERzAdWeLH4xH2m2X2annhFc0VlZKTDRRK_mVlMr5igknYNmnXLFKLnXEhYldeiwzR6NMUE2FiWmimiawRACKs9hgU8_IGC_QxB2P7zc652rijeDlCNUZ5egoZ_QHnYJfPnHYz7WkWqPAqPhNFXS8IiPNbxyZ1vrENUHvEKoYVCHUX5VudTRc3TkMN6Cw-AfM3Ek92Scfxf4Cgs_w9L-a0XWhHd6SNWGhPBD064-S2fr3APWc2wwDaAfscyQ2rYGdYMCMvMm4hhEF36KEKnMd9XbXEjc2OYs-xqPuhf9cXN26WCagzQOmuz9p33G6D4bNyz-rax0GPUD7CvC_7CBP5l5Zb5m2_Ye1EFRuF79x059IQhtU-M_y_On03dVipqg-AVPGFuSUD2KyUmTfEf6rMysvrfLQs6iwmvTvPngsgpALfDLw7z62VZm1GjJua_gquNBgKa9NEcz8Fyi0RN7ox3kt0jP9iYIXTPl-g_6B_kqnKhPOUZm1FhdxI3Z4t9f9qcOEbLfm36wi2xKflG4oGw6pY3Ow6EybmX50oPZ78lJj_2emDklRnXNRGN_g2fWGL6s51nqVwFl7s6TCVuy3xww1Hu52WEpADnBuaX_KN6rFBhHAW3RwJz8D2QN4l1npsc8rHYGojDf_hmDOE3Bi6aSFGe0U0BTjYShigjiPziwiLnncaPqjqfS70rpirlJqd0KMWneon72rT3_5w7hjVNZquDeToRvxwxeEMLU6VXe1KBEB9Rrx6TvdIo_iWGBs2-ToVPUA04GTs9FomITWEQi9rUyNaaEv4OvZAaCuciX-6w26ktbDUTj_OgsRcQVlKHJklNs612NeM3dgybePL_qj1GP6I0K4UQVB03n_WEizrJ2YP8fZM71n00q2HkoY3VJBoEgicGddCTFxsT2v0GHBoctoXf0StsYTJgErABDL8fKwAYNULVoIovwn-spD94pLJYid7-tMj1QGJlnPUJ0AmkEFeWZC3K3wmUhr-nY-gMOi7K86WWQbvnKKv2yd83xh5hmODPR-Ols-eBT_fpjuW-fgOOrJszpBSafx6XaReMUS-OtkCHnUk4-ICyOS_AF9fEYnGyeZTj7j5UZjYes9rp_3sfqKnhysLhEKtp78UOB3xRA86mgDF1C8mIxKU-6POaVu6-Fw9GPWXPnRIL7zMJ0fz-re4r-z_YxW-2c0_Rq4PY_jzqDX6TOfhnFCWLQac-W26g42Oem2W9-vakIAl7DxLxddywzk9_xFRzh1t1nD8yUVlXilQNF2HCndaODQyAYJQrSwaVa04dlMrdf5tUKaLBnpVe8gF-MqwPJSj8QV46YvkSc2OKozSaFyboRxqMDtQCk9LiqqkvgGQjbVTOoO8_U_cQe2Sg07LOsrm-vkm-5A10jOc0BAHYZHVn73arF6uxTRkTBQ-UTLAiTh1vug2M0fVImo3OiFTtm43JFRJAd0FYKZrA4dEuZ1R1hISstiBgAiT4uHj7_uzsdBu-uxS0PJrxr41SnusHlNfrkPgFaYKhWHcpci9vPr2OeXC2tS6gj0IVRm6jNkKpClV3PJ6wE5kj5199eU-wagR1AxOjE6eXbx2bacC0PXj-k1whJ9_w7EJkAEgU7UFvytDC0rcNtlVFm27CN0GqmFOCS5ixYzSqnQJzFlTodDeVPLSpy6uCJ6jUR1eomYVQ-CKEQUAfoPxkco2zZrBedMn71V2FOkWcIGnDhkCRZcwZel1XIHkc5QOZK_4Qot5-zHQEv7Ub3OU3vM5GAfZmOJo9JPcaOFzcklqgjaNTYWt1bbgwIPHkF2rtTZ2Wy2CRWsQlfUBTLsta2gOmj4YbSbSuhih56J-Xo0hn7Oe5f8X8rEymsM-jN0LHTbXos8IIHMhuNqfRboKYktHkbqHtLdaCxUWmuIR_Yhx-tpT5b4AtjPa66Y_YSwlk-prr2givy7Rt6FG0ts0LyyO4sMGN8aID5-OQ1lHJViuCQIa6bq2aIp-k38bMvARtnZDVy751pqFS9fPGwZDK4XpK250yyzDwAn2TnvS--MOF4EPl8Mtwq8u7bYM9iFTwWnT9h7LfBn5Yw0t3C8aCL9ddeQZmnZnO69rpFGWTlIXMehvS1IFyGEUUGfPhuWP2vACFXluoSt0ZkMOBFPAN6w76_gJ4GrOoe1ZbfUYQzUDc_C-p_kcGzyHMV_MTqGspBgWLg9A-EGztYHjXcv4hhUZSd7P8KA8uADOeGX7ybcMKB0jsWmbCyKdAnhOXixQGyTg-vY1w_K3RjjhkYhKUZiMLrjOLrs7HlX3T_zYKPV9yrK7EW3KH8z0ePxwLZH9hc8rYCK_kCQNSdbIGkx03ddK63e5S_6AvSs6CRa4K0&cid=CAASPeRoa7_XW3hxHbHG852EcmaGZ4Po9U3eqI58vO52Hv5P1o1yGM9SUWAy_TDcG3Hyvy-_0zaAoC8LG5f0Lq0&rfl=1%2Chttps%253A%252F%252Fgarticphone.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

d04fe3e6d57be524334f1688f690be20fb65e09d806c549e1f78aa8d3f7dbae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8468
x-xss-protection: 0
server: cafe
etag: 17868783254023373946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 May 2021 06:23:16 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 34C4 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 12:23:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64861
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Apr 2022 12:23:26 GMT

GET
H3-29 200 wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js Show response
pagead2.googlesyndication.com/bg/ Frame 36DB 14 KB
6 KB 22ms
22ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 19:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 38856
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5710
x-xss-protection: 0
expires: Sat, 16 Apr 2022 19:36:51 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 546F 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 16 Apr 2021 15:30:55 GMT
expires: Sat, 16 Apr 2022 15:30:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 53612
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js Show response
pagead2.googlesyndication.com/bg/ Frame 546F 14 KB
6 KB 22ms
22ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Apr 2021 19:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 38856
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5710
x-xss-protection: 0
expires: Sat, 16 Apr 2022 19:36:51 GMT

GET
H3-29

200

dcmads.js Show response
www.googletagservices.com/dcm/ Frame 34C4
Redirect Chain

https://fw.adsafeprotected.com/rfw/www.googletagservices.com/551415/51042438/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fgarticphone.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff8420283a066f6be3cf9a2a...
https://www.googletagservices.com/dcm/dcmads.js

7 KB
4 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com
URL: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0216d870844c21ce7c5c72f3471b81013c6d1879d5c4701b81a6c0c22870e081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 05:25:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 07 Apr 2021 15:25:31 GMT
server: sffe
age: 3524
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3587
x-xss-protection: 0
expires: Sat, 17 Apr 2021 06:25:43 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Apr 2021 06:24:27 GMT
x-server-name: app33.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://www.googletagservices.com/dcm/dcmads.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame 6639 82 KB
22 KB 134ms
45ms Script
application/javascript 52.212.6.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com
URL: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.6.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-6-165.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:27 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 17:39:07 GMT
server: nginx/1.16.1
age: 3374670
etag: W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 34C4 43 B
216 B 351ms
116ms Image
image/gif 54.163.187.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=551415&asId=44008411-acd7-6009-d536-d6e158aad172&tv=%7Bc:a1BBFw,pingTime:-2,time:65,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:32,mdZ:246,beA:257,beZ:258,mfA:260,cmA:261,inA:262,inZ:266,prA:266,prZ:276,si:283,poA:284,poZ:300,cmZ:300,mfZ:300,loA:307,loZ:309,ltA:322,ltZ:322%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:ins%7D%7D,env:%7Bgca:true,cca:true,gca2:true%7D,clog:%5B%7Bpiv:-1,vs:n,r:r,w:160,h:600,t:24%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:65,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:24,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B59~1%5D,as:%5B59~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:suOLhGN+11%7C12%7C13%7C14%7C151%7C152%7C16%7C17*.551415-51042438%7C171%7C1721%7C18%7C19,idMap:17*,rmeas:1,rend:0,renddet:svg.us,sinceFw:38,readyFired:false%7D&br=u
Requested by: Host: f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com
URL: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.187.117 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-187-117.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 06:24:27 GMT
x-server-name: dt66.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-29 200 impl_v70.js Show response
www.googletagservices.com/dcm/ Frame 34C4 36 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v70.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/www.googletagservices.com/551415/51042438/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fgarticphone.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:44008411-acd7-6009-d536-d6e158aad172,c:a1BBES,sl:na,em:true,fr:false,mn:app08ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,fm:suOLhGN+11%7C12%7C13%7C14%7C151%7C152%7C16%7C17*.551415-51042438%7C171%7C1721%7C18%7C19,idMap:17*,pl:,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:25,oid:8f8415ae-9f45-11eb-9427-025e58922a4e,v:19.8.188,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2a292ee40c2422d82f43b270984343ea18e7c05384459c1d7adbee2c241be30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 19:25:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 15:43:23 GMT
server: sffe
age: 212336
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15292
x-xss-protection: 0
expires: Thu, 14 Apr 2022 19:25:31 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 32ms
31ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041401&jk=514548151287221&bg=!yMuly4_NAAZUuIlwVLg7ACkAdvg8WkCd8T3DyRpSnnaxNOALQZLO-EQrTA0k8NDPBi8OJCFVEGRP8wIAAACOUgAAACFoAQcKAFp8Fax9MGoA8S646X24znb4P_Luo7JKaR1gL01yIBPQTwQ7egJcZzbDE-82AUsv3TlIiPozkOfxPmeTMyTeFNG5rlh_OnsusUMLxA_AArzXr0QGaNbs2hIXy7eZAhqtIC90YYBP9utmaRpxxvSzgF1HjauNM9_8DdmXTHmPvTTrhxGYRslRo5Q6HAeyjLPBwUp3_L25LHcgnBsul2XbbS_aRpLyZYhMpuE7OaSOrNUu9Phj-aaWYIXnKUe34lH1DlyECu5yOP0_AeEfEUwjZkCvBgSfoIDxhvq7hAEof4Bs-0WSSU5yZjy7tFSHXg9wbUeQzni47jhOCGN04UJpYDTW3Uif9uPQ1OpuKHCZ272C270q_KxOFBBi7KR9mzhPtH5KMHEt645nl6TWkxqEwhAD2vji3WgKmxuaiEThG_5Vgq0lRQna5VjUTlqHdWt1liF7kIkNwsiEVbEKIu3o3YUjDxVhH1aKpc7FMARllwmyMDeqB75WDnioGJsM0Afeh4P-xNGRvfbYpxQToYcXEQYqpF8F6_2tBGnyv1d0J5pZIWbMIHrqjE9XXL4SA2KORGua6bMYrnvpFlbGLQKbuyjLIpQLQgUOVfjgd91NDuZqlBsDp1ZpgonuDjMwdbKxIbhjQnRC_Vl9v4zuTMoPD5Hj03PcmGXpSoP6Edo_k30deiHRUqO92D_oZZYPazwM-d5YUskxbKmqFps1aXYY9CQReGvb5am-1JNBgFkCuKDsKefi85Rg08WcB2eV8yKuZaZ35M0jE0P-PZ62Oi6iL5CcvFNPAUFEGFZxw11S1HUvN8aJ3kQj8tdVON29YJFp2ft_xQhFoTWp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://garticphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 06:24:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B25089458.290188790;dc_ver=70.201;dc_eid=40004000;sz=160x600;u_sd=1;gdpr=0;dc_adk=3047537733;ord=mcam5g;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-KoYGn96YMqiNOqA... Show response
ad.doubleclick.net/ddm/adj/N572608.285985MEDIAIQ0/ Frame 34C4 20 KB
8 KB 98ms
45ms Script
text/javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N572608.285985MEDIAIQ0/B25089458.290188790;dc_ver=70.201;dc_eid=40004000;sz=160x600;u_sd=1;gdpr=0;dc_adk=3047537733;ord=mcam5g;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-KoYGn96YMqiNOqAjuwP3p6CwAnSv8eRYvG8_rCWDczDpp_NGRABIJHi5B9g9ZXOgeAEoAGP4pmCA8gBCagDAaoE6AFP0AazJMMGy7ivDik3X0baZ2dGyyrwm8kMxMW5ZRqeLS3Vks6yNJ4G7zCPvOOs7YXi8ao-IzU9RuRh1dmkSUS5FDyYZBGBrGJNSmo1lZEr1CyIo7hY870RupkE6F-OjTuGYLUbCq5x1K2MF2-tSklTbS-W35FqaePtEzTMmamBOz_9yRHjeQdgrXQa9GAi0OA8o_e8G-GO-Dtlc-B4AZ7CQNpRNntt9ULkFGYUFy_hGaKR9MMfl5GGGyKzO4G0Rg-MrrRAfLs3lEHeIqxTF5T0H6n7gjjnOpgQ3IHoLT40_co1djed7h4gwATv5YWp_wLgBAOQBgGgBk2AB9md5n2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTk2MTU4MTQ5NjU5MjUyMTOACgOYCwHICwGADAGwE9bolgvQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRoa7_XW3hxHbHG852EcmaGZ4Po9U3eqI58vO52Hv5P1o1yGM9SUWAy_TDcG3Hyvy-_0zaAoC8LG5f0Lq0%26sig%3DAOD64_2lKEMQ5uCaDVXiBGEELiWLRCVpig%26client%3Dca-pub-3282547114800347%26dbm_c%3DAKAmf-DU3pUBwnORhKz38ZnaN6BJwA8s_4sed-qWFWE59gIp6J76RTPAhLUY-msRiDUuS95hgOaCvByDeOWb5mI2cutd2baIwHHl3Myq4tEMXx9JQMLLGCDcUN1cHxfBLaa46X7XsNvWoHljreaHHftgNF2dEsfyeA%26dbm_d%3DAKAmf-AZ9lj6atIw5wkpzMAW8rsPg92ToNVdMdMdvdGniPZ2vVVcoIQQLip13ZPzwsHUWnL2ktVqG1cP7HVBjs_TAvCcaNECNpuDcVmskmnD01so1cTicmBbq8SM6fvSmvsT6cWvBu2VKoyCZzQfTaXJamU7sQ1HpHbWznQTR1ZSsr67pMFbjQuKFAaQ3-4K-QS4q82HCIhNKHjWOWRq3-fWvqxtR9SW2biHc7ooEeoF56icF92rVAqWjmBR4vB3h7e6Z0CVhYVxisLMi9sA6YOYqYn1yNC_tz2B1enfWdTf-mH8g5f3tpr2l2PM5PaQwE33OShoA-HJwQ-qWFdBDtHEs_LQ3XEHrSuS_erZz69aphZIz_gNO6465OUiSw27hlu2rAlx11YvCSuo3dqr70ZQUvEOqDv0OZV7WukZ6tC_IXPD2R_nt6XqNDk6jmUPOKuFGCjSZbLqUAgoLQJCdzk_dXODsEnLng%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fgarticphone.com%2F$0;xdt=1;crlt=ORjkr(qKTa;cmpl=12;gcsr=m;osda=2;sttr=14;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v70.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

16c690bd007bf462db0b132ba28ee17c76b174b8db7e224a423f421d50f94411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 06:24:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7955
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 546F 0
20 B 32ms
32ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYN1_G396YNutE86V9u8Ps8uwmA4AAAAAOAHgBAI&bg=!1tWl1ZHNAAZUuIlwVLg7ACkAdvg8WifMm57eUxQ0rIBsbVyJU0ZiQI7L7CbRXPko3riXtkeUG0SWpAIAAADDUgAAAA9oAQeZAnhu7jaVGmkLiOeq2orH7Osd4bWDfRzCA41jxjUQY94couwI-ct_L_abT-yFtt5LAUi5VFlNsnSIBGzUcP86jaDZOowow5KOVv9njzNvFlxdbzT-8mtIanPKuKttu3JXZ_UckKBZ8EPSdlCKNUhsCcwJwyM3_9SVxlabzZAs7tAwp15Pt-74f5YzIFhJiiEGXILVjKUBYR5suYoAX71iacdASIT1MmQ23IKndb5r2-2rwW_5XDbU3bO82nYS-OTQk6Fm56DqeCCo0_KjJ6yl3UMrOQYOyncDO0gPgJh0fHXq_5twkQlXu8T25bHn_OO4Ey4bnl9pxX5xUnlx75goFeVvCFc9IwoolKqi6UpLuZ64Rfac2yZwd_CiJeusce0Zwrmdxg69YCzI_8Vm_uD8fARRVU7rJO1xSqxHzHUY1SQeEbkPz79lia1v9RYfzR1J5JLWNNWtSLIZvoSw7Np8etOSrpFmi5Oq5yETS1VM_BtCk9oHKbrFU9q6NyWs3yddirXZRuUf0POv4g0dz8Y8AmA4NSfCs4f_J-i6na2A7aVjlJxHbzQ0mjJptQR87X0lf93rNDduqGGSAlpunC3nVwylrvlN24_M56WiFVMGitb3oXA8ZaRejgwGoAYsKNBeNZS-QPCB_hNtAXlvvwBFfijcFFXZ91darw4b7poSrzoKXP2of7VLo2V_yjVAFs1BDAEBMeK4wgPCWWjzgDY8dOh3glO4BiXhfheoxOlNKdoMagnVfdekpzXCdtyncnByJc5kKTEpeoeWX_2h43MhX7ABAZ7bbNnNzeLyV48Gz5000doibRjFXFZA_FE9r5uWf6J-mA68_HcoqQ

Requested by

Host: f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com
URL: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 06:24:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4249 Show response
ads.everesttech.net/ads/mts/15964/ Frame 34C4 7 KB
7 KB 643ms
202ms Script
text/javascript 52.39.214.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/mts/15964/4249?DFA_Click_Tracker=^(t_cq_ue_https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssIAH4mLIZSgmBu84tHFhr7IMxS6mxFAm8fyiE59oZ0dkFe1Xr4b3pgSREGzp2HnUQXYV7s9VjRnMD0zMY67SGQnH5kMsDAEWBbkV1xbPINv95D7lZ2E4xTfX6qV_d36-zu-fHQyVynuA&sig=Cg0ArKJSzEUsyP4t5z80EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC-KoYGn96YMqiNOqAjuwP3p6CwAnSv8eRYvG8_rCWDczDpp_NGRABIJHi5B9g9ZXOgeAEoAGP4pmCA8gBCagDAaoE6AFP0AazJMMGy7ivDik3X0baZ2dGyyrwm8kMxMW5ZRqeLS3Vks6yNJ4G7zCPvOOs7YXi8ao-IzU9RuRh1dmkSUS5FDyYZBGBrGJNSmo1lZEr1CyIo7hY870RupkE6F-OjTuGYLUbCq5x1K2MF2-tSklTbS-W35FqaePtEzTMmamBOz_9yRHjeQdgrXQa9GAi0OA8o_e8G-GO-Dtlc-B4AZ7CQNpRNntt9ULkFGYUFy_hGaKR9MMfl5GGGyKzO4G0Rg-MrrRAfLs3lEHeIqxTF5T0H6n7gjjnOpgQ3IHoLT40_co1djed7h4gwATv5YWp_wLgBAOQBgGgBk2AB9md5n2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTk2MTU4MTQ5NjU5MjUyMTOACgOYCwHICwGADAGwE9bolgvQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRoa7_XW3hxHbHG852EcmaGZ4Po9U3eqI58vO52Hv5P1o1yGM9SUWAy_TDcG3Hyvy-_0zaAoC8LG5f0Lq0%26sig%3DAOD64_2lKEMQ5uCaDVXiBGEELiWLRCVpig%26client%3Dca-pub-3282547114800347%26dbm_c%3DAKAmf-DU3pUBwnORhKz38ZnaN6BJwA8s_4sed-qWFWE59gIp6J76RTPAhLUY-msRiDUuS95hgOaCvByDeOWb5mI2cutd2baIwHHl3Myq4tEMXx9JQMLLGCDcUN1cHxfBLaa46X7XsNvWoHljreaHHftgNF2dEsfyeA%26dbm_d%3DAKAmf-AZ9lj6atIw5wkpzMAW8rsPg92ToNVdMdMdvdGniPZ2vVVcoIQQLip13ZPzwsHUWnL2ktVqG1cP7HVBjs_TAvCcaNECNpuDcVmskmnD01so1cTicmBbq8SM6fvSmvsT6cWvBu2VKoyCZzQfTaXJamU7sQ1HpHbWznQTR1ZSsr67pMFbjQuKFAaQ3-4K-QS4q82HCIhNKHjWOWRq3-fWvqxtR9SW2biHc7ooEeoF56icF92rVAqWjmBR4vB3h7e6Z0CVhYVxisLMi9sA6YOYqYn1yNC_tz2B1enfWdTf-mH8g5f3tpr2l2PM5PaQwE33OShoA-HJwQ-qWFdBDtHEs_LQ3XEHrSuS_erZz69aphZIz_gNO6465OUiSw27hlu2rAlx11YvCSuo3dqr70ZQUvEOqDv0OZV7WukZ6tC_IXPD2R_nt6XqNDk6jmUPOKuFGCjSZbLqUAgoLQJCdzk_dXODsEnLng%26adurl%3D_ue_cq)&DFA_BuyId=25089458&DFA_PlacementId=290188790&DFA_AdId=483583991&DFA_CreativeId=137841423&DFA_SiteId=4575850&TC_1=2100142&TC_2=25089458&TC_3=290188790&TC_4=137841423&TC_5=dcmadvertiserid|8404942$dcmcampaignid|25089458$dcmadid|483583991$dcmrenderingid|137677318$dcmsiteid|4575850$dcmplacementid|290188790$customer|Microsoft$dv360auctionid|ct=CH&st=&city=12463&dma=0&zp=&bw=4&Placement_ID=290188790
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N572608.285985MEDIAIQ0/B25089458.290188790;dc_ver=70.201;dc_eid=40004000;sz=160x600;u_sd=1;gdpr=0;dc_adk=3047537733;ord=mcam5g;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-KoYGn96YMqiNOqAjuwP3p6CwAnSv8eRYvG8_rCWDczDpp_NGRABIJHi5B9g9ZXOgeAEoAGP4pmCA8gBCagDAaoE6AFP0AazJMMGy7ivDik3X0baZ2dGyyrwm8kMxMW5ZRqeLS3Vks6yNJ4G7zCPvOOs7YXi8ao-IzU9RuRh1dmkSUS5FDyYZBGBrGJNSmo1lZEr1CyIo7hY870RupkE6F-OjTuGYLUbCq5x1K2MF2-tSklTbS-W35FqaePtEzTMmamBOz_9yRHjeQdgrXQa9GAi0OA8o_e8G-GO-Dtlc-B4AZ7CQNpRNntt9ULkFGYUFy_hGaKR9MMfl5GGGyKzO4G0Rg-MrrRAfLs3lEHeIqxTF5T0H6n7gjjnOpgQ3IHoLT40_co1djed7h4gwATv5YWp_wLgBAOQBgGgBk2AB9md5n2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTk2MTU4MTQ5NjU5MjUyMTOACgOYCwHICwGADAGwE9bolgvQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRoa7_XW3hxHbHG852EcmaGZ4Po9U3eqI58vO52Hv5P1o1yGM9SUWAy_TDcG3Hyvy-_0zaAoC8LG5f0Lq0%26sig%3DAOD64_2lKEMQ5uCaDVXiBGEELiWLRCVpig%26client%3Dca-pub-3282547114800347%26dbm_c%3DAKAmf-DU3pUBwnORhKz38ZnaN6BJwA8s_4sed-qWFWE59gIp6J76RTPAhLUY-msRiDUuS95hgOaCvByDeOWb5mI2cutd2baIwHHl3Myq4tEMXx9JQMLLGCDcUN1cHxfBLaa46X7XsNvWoHljreaHHftgNF2dEsfyeA%26dbm_d%3DAKAmf-AZ9lj6atIw5wkpzMAW8rsPg92ToNVdMdMdvdGniPZ2vVVcoIQQLip13ZPzwsHUWnL2ktVqG1cP7HVBjs_TAvCcaNECNpuDcVmskmnD01so1cTicmBbq8SM6fvSmvsT6cWvBu2VKoyCZzQfTaXJamU7sQ1HpHbWznQTR1ZSsr67pMFbjQuKFAaQ3-4K-QS4q82HCIhNKHjWOWRq3-fWvqxtR9SW2biHc7ooEeoF56icF92rVAqWjmBR4vB3h7e6Z0CVhYVxisLMi9sA6YOYqYn1yNC_tz2B1enfWdTf-mH8g5f3tpr2l2PM5PaQwE33OShoA-HJwQ-qWFdBDtHEs_LQ3XEHrSuS_erZz69aphZIz_gNO6465OUiSw27hlu2rAlx11YvCSuo3dqr70ZQUvEOqDv0OZV7WukZ6tC_IXPD2R_nt6XqNDk6jmUPOKuFGCjSZbLqUAgoLQJCdzk_dXODsEnLng%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fgarticphone.com%2F$0;xdt=1;crlt=ORjkr(qKTa;cmpl=12;gcsr=m;osda=2;sttr=14;prcl=s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.214.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AMO-jAds/1.1 /
Resource Hash: 23dd9b0d66c40efb216f7ade735f7633b4b9929f5ab3740a206bf87df283ea27

Request headers

Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 06:24:28 GMT
server: AMO-jAds/1.1
p3p: NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: text/javascript;charset=UTF-8
content-length: 6775
expires: Sat Apr 17 06:24:28 UTC 2021

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/elements/html/ Frame 34C4 8 KB
3 KB 22ms
22ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N572608.285985MEDIAIQ0/B25089458.290188790;dc_ver=70.201;dc_eid=40004000;sz=160x600;u_sd=1;gdpr=0;dc_adk=3047537733;ord=mcam5g;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-KoYGn96YMqiNOqAjuwP3p6CwAnSv8eRYvG8_rCWDczDpp_NGRABIJHi5B9g9ZXOgeAEoAGP4pmCA8gBCagDAaoE6AFP0AazJMMGy7ivDik3X0baZ2dGyyrwm8kMxMW5ZRqeLS3Vks6yNJ4G7zCPvOOs7YXi8ao-IzU9RuRh1dmkSUS5FDyYZBGBrGJNSmo1lZEr1CyIo7hY870RupkE6F-OjTuGYLUbCq5x1K2MF2-tSklTbS-W35FqaePtEzTMmamBOz_9yRHjeQdgrXQa9GAi0OA8o_e8G-GO-Dtlc-B4AZ7CQNpRNntt9ULkFGYUFy_hGaKR9MMfl5GGGyKzO4G0Rg-MrrRAfLs3lEHeIqxTF5T0H6n7gjjnOpgQ3IHoLT40_co1djed7h4gwATv5YWp_wLgBAOQBgGgBk2AB9md5n2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTk2MTU4MTQ5NjU5MjUyMTOACgOYCwHICwGADAGwE9bolgvQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRoa7_XW3hxHbHG852EcmaGZ4Po9U3eqI58vO52Hv5P1o1yGM9SUWAy_TDcG3Hyvy-_0zaAoC8LG5f0Lq0%26sig%3DAOD64_2lKEMQ5uCaDVXiBGEELiWLRCVpig%26client%3Dca-pub-3282547114800347%26dbm_c%3DAKAmf-DU3pUBwnORhKz38ZnaN6BJwA8s_4sed-qWFWE59gIp6J76RTPAhLUY-msRiDUuS95hgOaCvByDeOWb5mI2cutd2baIwHHl3Myq4tEMXx9JQMLLGCDcUN1cHxfBLaa46X7XsNvWoHljreaHHftgNF2dEsfyeA%26dbm_d%3DAKAmf-AZ9lj6atIw5wkpzMAW8rsPg92ToNVdMdMdvdGniPZ2vVVcoIQQLip13ZPzwsHUWnL2ktVqG1cP7HVBjs_TAvCcaNECNpuDcVmskmnD01so1cTicmBbq8SM6fvSmvsT6cWvBu2VKoyCZzQfTaXJamU7sQ1HpHbWznQTR1ZSsr67pMFbjQuKFAaQ3-4K-QS4q82HCIhNKHjWOWRq3-fWvqxtR9SW2biHc7ooEeoF56icF92rVAqWjmBR4vB3h7e6Z0CVhYVxisLMi9sA6YOYqYn1yNC_tz2B1enfWdTf-mH8g5f3tpr2l2PM5PaQwE33OShoA-HJwQ-qWFdBDtHEs_LQ3XEHrSuS_erZz69aphZIz_gNO6465OUiSw27hlu2rAlx11YvCSuo3dqr70ZQUvEOqDv0OZV7WukZ6tC_IXPD2R_nt6XqNDk6jmUPOKuFGCjSZbLqUAgoLQJCdzk_dXODsEnLng%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fgarticphone.com%2F$0;xdt=1;crlt=ORjkr(qKTa;cmpl=12;gcsr=m;osda=2;sttr=14;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:20:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 May 2021 06:20:24 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 34C4 0
528 B 83ms
32ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssIAH4mLIZSgmBu84tHFhr7IMxS6mxFAm8fyiE59oZ0dkFe1Xr4b3pgSREGzp2HnUQXYV7s9VjRnMD0zMY67SGQnH5kMsDAEWBbkV1xbPINv95D7lZ2E4xTfX6qV_d36-zu-fHQyVynuA&sig=Cg0ArKJSzDAS5f_86wiwEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210414.71756&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 06:24:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 34C4 43 B
215 B 117ms
117ms Image
image/gif 54.163.187.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=551415&asId=44008411-acd7-6009-d536-d6e158aad172&tv=%7Bc:a1BBNr,pingTime:-10,time:556,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1618640668084%7C%7Cfe8aa37f527438ff6fe417c05f6d9503%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C1ec228b2d91184d4f2b39a699d4c0a3b%7C%7C693b1c11ad3e6dba060b8e3d3c923327%7C%7Ceba2c1ebea5f90e9e40aa515408d5721%7C%7Cd78effffebed6e427b3efceb879dcc43%7C%7Cd03c23cadf0a246cffe4f09d65c40b73%7C%7C1614879537,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,im:%7Bimprf:%7Bttecl:314,ecd:7,tsecr:3%7D%7D,env:%7Bgcd:%7Bappl:na,cnst:na,glbl:na,mtdt:undefined%7D,ccd:%7Bversion:1,uspString:%7D,gcd2:%7Bappl:0,cnst:na%7D%7D%7D
Requested by: Host: f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com
URL: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.187.117 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-187-117.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 06:24:28 GMT
x-server-name: dt36.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 4249 Show response
ads.everesttech.net/ads/mts/15964/ Frame 34C4 12 KB
12 KB 207ms
206ms Script
text/javascript 52.39.214.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/mts/15964/4249?DFA_Click_Tracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssIAH4mLIZSgmBu84tHFhr7IMxS6mxFAm8fyiE59oZ0dkFe1Xr4b3pgSREGzp2HnUQXYV7s9VjRnMD0zMY67SGQnH5kMsDAEWBbkV1xbPINv95D7lZ2E4xTfX6qV_d36-zu-fHQyVynuA%26sig%3DCg0ArKJSzEUsyP4t5z80EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC-KoYGn96YMqiNOqAjuwP3p6CwAnSv8eRYvG8_rCWDczDpp_NGRABIJHi5B9g9ZXOgeAEoAGP4pmCA8gBCagDAaoE6AFP0AazJMMGy7ivDik3X0baZ2dGyyrwm8kMxMW5ZRqeLS3Vks6yNJ4G7zCPvOOs7YXi8ao-IzU9RuRh1dmkSUS5FDyYZBGBrGJNSmo1lZEr1CyIo7hY870RupkE6F-OjTuGYLUbCq5x1K2MF2-tSklTbS-W35FqaePtEzTMmamBOz_9yRHjeQdgrXQa9GAi0OA8o_e8G-GO-Dtlc-B4AZ7CQNpRNntt9ULkFGYUFy_hGaKR9MMfl5GGGyKzO4G0Rg-MrrRAfLs3lEHeIqxTF5T0H6n7gjjnOpgQ3IHoLT40_co1djed7h4gwATv5YWp_wLgBAOQBgGgBk2AB9md5n2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTk2MTU4MTQ5NjU5MjUyMTOACgOYCwHICwGADAGwE9bolgvQEwDYEwPYFAE%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRoa7_XW3hxHbHG852EcmaGZ4Po9U3eqI58vO52Hv5P1o1yGM9SUWAy_TDcG3Hyvy-_0zaAoC8LG5f0Lq0%2526sig%253DAOD64_2lKEMQ5uCaDVXiBGEELiWLRCVpig%2526client%253Dca-pub-3282547114800347%2526dbm_c%253DAKAmf-DU3pUBwnORhKz38ZnaN6BJwA8s_4sed-qWFWE59gIp6J76RTPAhLUY-msRiDUuS95hgOaCvByDeOWb5mI2cutd2baIwHHl3Myq4tEMXx9JQMLLGCDcUN1cHxfBLaa46X7XsNvWoHljreaHHftgNF2dEsfyeA%2526dbm_d%253DAKAmf-AZ9lj6atIw5wkpzMAW8rsPg92ToNVdMdMdvdGniPZ2vVVcoIQQLip13ZPzwsHUWnL2ktVqG1cP7HVBjs_TAvCcaNECNpuDcVmskmnD01so1cTicmBbq8SM6fvSmvsT6cWvBu2VKoyCZzQfTaXJamU7sQ1HpHbWznQTR1ZSsr67pMFbjQuKFAaQ3-4K-QS4q82HCIhNKHjWOWRq3-fWvqxtR9SW2biHc7ooEeoF56icF92rVAqWjmBR4vB3h7e6Z0CVhYVxisLMi9sA6YOYqYn1yNC_tz2B1enfWdTf-mH8g5f3tpr2l2PM5PaQwE33OShoA-HJwQ-qWFdBDtHEs_LQ3XEHrSuS_erZz69aphZIz_gNO6465OUiSw27hlu2rAlx11YvCSuo3dqr70ZQUvEOqDv0OZV7WukZ6tC_IXPD2R_nt6XqNDk6jmUPOKuFGCjSZbLqUAgoLQJCdzk_dXODsEnLng%2526adurl%253D&DFA_BuyId=25089458&DFA_PlacementId=290188790&DFA_AdId=483583991&DFA_CreativeId=137841423&DFA_SiteId=4575850&TC_1=2100142&TC_2=25089458&TC_3=290188790&TC_4=137841423&TC_5=dcmadvertiserid|8404942$dcmcampaignid|25089458$dcmadid|483583991$dcmrenderingid|137677318$dcmsiteid|4575850$dcmplacementid|290188790$customer|Microsoft$dv360auctionid|ct=CH&st=&city=12463&dma=0&zp=&bw=4&Placement_ID=290188790&edge=y&html5=y&nr=0.11426119805201251
Requested by: Host: ads.everesttech.net
URL: https://ads.everesttech.net/ads/mts/15964/4249?DFA_Click_Tracker=^(t_cq_ue_https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssIAH4mLIZSgmBu84tHFhr7IMxS6mxFAm8fyiE59oZ0dkFe1Xr4b3pgSREGzp2HnUQXYV7s9VjRnMD0zMY67SGQnH5kMsDAEWBbkV1xbPINv95D7lZ2E4xTfX6qV_d36-zu-fHQyVynuA&sig=Cg0ArKJSzEUsyP4t5z80EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC-KoYGn96YMqiNOqAjuwP3p6CwAnSv8eRYvG8_rCWDczDpp_NGRABIJHi5B9g9ZXOgeAEoAGP4pmCA8gBCagDAaoE6AFP0AazJMMGy7ivDik3X0baZ2dGyyrwm8kMxMW5ZRqeLS3Vks6yNJ4G7zCPvOOs7YXi8ao-IzU9RuRh1dmkSUS5FDyYZBGBrGJNSmo1lZEr1CyIo7hY870RupkE6F-OjTuGYLUbCq5x1K2MF2-tSklTbS-W35FqaePtEzTMmamBOz_9yRHjeQdgrXQa9GAi0OA8o_e8G-GO-Dtlc-B4AZ7CQNpRNntt9ULkFGYUFy_hGaKR9MMfl5GGGyKzO4G0Rg-MrrRAfLs3lEHeIqxTF5T0H6n7gjjnOpgQ3IHoLT40_co1djed7h4gwATv5YWp_wLgBAOQBgGgBk2AB9md5n2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTk2MTU4MTQ5NjU5MjUyMTOACgOYCwHICwGADAGwE9bolgvQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASPeRoa7_XW3hxHbHG852EcmaGZ4Po9U3eqI58vO52Hv5P1o1yGM9SUWAy_TDcG3Hyvy-_0zaAoC8LG5f0Lq0%26sig%3DAOD64_2lKEMQ5uCaDVXiBGEELiWLRCVpig%26client%3Dca-pub-3282547114800347%26dbm_c%3DAKAmf-DU3pUBwnORhKz38ZnaN6BJwA8s_4sed-qWFWE59gIp6J76RTPAhLUY-msRiDUuS95hgOaCvByDeOWb5mI2cutd2baIwHHl3Myq4tEMXx9JQMLLGCDcUN1cHxfBLaa46X7XsNvWoHljreaHHftgNF2dEsfyeA%26dbm_d%3DAKAmf-AZ9lj6atIw5wkpzMAW8rsPg92ToNVdMdMdvdGniPZ2vVVcoIQQLip13ZPzwsHUWnL2ktVqG1cP7HVBjs_TAvCcaNECNpuDcVmskmnD01so1cTicmBbq8SM6fvSmvsT6cWvBu2VKoyCZzQfTaXJamU7sQ1HpHbWznQTR1ZSsr67pMFbjQuKFAaQ3-4K-QS4q82HCIhNKHjWOWRq3-fWvqxtR9SW2biHc7ooEeoF56icF92rVAqWjmBR4vB3h7e6Z0CVhYVxisLMi9sA6YOYqYn1yNC_tz2B1enfWdTf-mH8g5f3tpr2l2PM5PaQwE33OShoA-HJwQ-qWFdBDtHEs_LQ3XEHrSuS_erZz69aphZIz_gNO6465OUiSw27hlu2rAlx11YvCSuo3dqr70ZQUvEOqDv0OZV7WukZ6tC_IXPD2R_nt6XqNDk6jmUPOKuFGCjSZbLqUAgoLQJCdzk_dXODsEnLng%26adurl%3D_ue_cq)&DFA_BuyId=25089458&DFA_PlacementId=290188790&DFA_AdId=483583991&DFA_CreativeId=137841423&DFA_SiteId=4575850&TC_1=2100142&TC_2=25089458&TC_3=290188790&TC_4=137841423&TC_5=dcmadvertiserid|8404942$dcmcampaignid|25089458$dcmadid|483583991$dcmrenderingid|137677318$dcmsiteid|4575850$dcmplacementid|290188790$customer|Microsoft$dv360auctionid|ct=CH&st=&city=12463&dma=0&zp=&bw=4&Placement_ID=290188790
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.214.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AMO-jAds/1.1 /
Resource Hash: 72b14e238d895ccd81b5e5dcda3c3779143c785a1f69f388ac7f775884a00595

Request headers

Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 06:24:28 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
server: AMO-jAds/1.1
content-type: text/javascript;charset=utf-8
expires: Sat Apr 17 06:24:28 UTC 2021

GET
H/1.1 200
OK html5-ad-script_v4.html Show response
dco-assets.everestads.net/ics-campaign/static/dco/ Frame D628 16 KB
4 KB 101ms
29ms Document
text/html 104.111.229.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=YHp_HAAAAN8xI0ML
Requested by: Host: ads.everesttech.net
URL: https://ads.everesttech.net/ads/mts/15964/4249?DFA_Click_Tracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssIAH4mLIZSgmBu84tHFhr7IMxS6mxFAm8fyiE59oZ0dkFe1Xr4b3pgSREGzp2HnUQXYV7s9VjRnMD0zMY67SGQnH5kMsDAEWBbkV1xbPINv95D7lZ2E4xTfX6qV_d36-zu-fHQyVynuA%26sig%3DCg0ArKJSzEUsyP4t5z80EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC-KoYGn96YMqiNOqAjuwP3p6CwAnSv8eRYvG8_rCWDczDpp_NGRABIJHi5B9g9ZXOgeAEoAGP4pmCA8gBCagDAaoE6AFP0AazJMMGy7ivDik3X0baZ2dGyyrwm8kMxMW5ZRqeLS3Vks6yNJ4G7zCPvOOs7YXi8ao-IzU9RuRh1dmkSUS5FDyYZBGBrGJNSmo1lZEr1CyIo7hY870RupkE6F-OjTuGYLUbCq5x1K2MF2-tSklTbS-W35FqaePtEzTMmamBOz_9yRHjeQdgrXQa9GAi0OA8o_e8G-GO-Dtlc-B4AZ7CQNpRNntt9ULkFGYUFy_hGaKR9MMfl5GGGyKzO4G0Rg-MrrRAfLs3lEHeIqxTF5T0H6n7gjjnOpgQ3IHoLT40_co1djed7h4gwATv5YWp_wLgBAOQBgGgBk2AB9md5n2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTk2MTU4MTQ5NjU5MjUyMTOACgOYCwHICwGADAGwE9bolgvQEwDYEwPYFAE%2526ae%253D1%2526num%253D1%2526cid%253DCAASPeRoa7_XW3hxHbHG852EcmaGZ4Po9U3eqI58vO52Hv5P1o1yGM9SUWAy_TDcG3Hyvy-_0zaAoC8LG5f0Lq0%2526sig%253DAOD64_2lKEMQ5uCaDVXiBGEELiWLRCVpig%2526client%253Dca-pub-3282547114800347%2526dbm_c%253DAKAmf-DU3pUBwnORhKz38ZnaN6BJwA8s_4sed-qWFWE59gIp6J76RTPAhLUY-msRiDUuS95hgOaCvByDeOWb5mI2cutd2baIwHHl3Myq4tEMXx9JQMLLGCDcUN1cHxfBLaa46X7XsNvWoHljreaHHftgNF2dEsfyeA%2526dbm_d%253DAKAmf-AZ9lj6atIw5wkpzMAW8rsPg92ToNVdMdMdvdGniPZ2vVVcoIQQLip13ZPzwsHUWnL2ktVqG1cP7HVBjs_TAvCcaNECNpuDcVmskmnD01so1cTicmBbq8SM6fvSmvsT6cWvBu2VKoyCZzQfTaXJamU7sQ1HpHbWznQTR1ZSsr67pMFbjQuKFAaQ3-4K-QS4q82HCIhNKHjWOWRq3-fWvqxtR9SW2biHc7ooEeoF56icF92rVAqWjmBR4vB3h7e6Z0CVhYVxisLMi9sA6YOYqYn1yNC_tz2B1enfWdTf-mH8g5f3tpr2l2PM5PaQwE33OShoA-HJwQ-qWFdBDtHEs_LQ3XEHrSuS_erZz69aphZIz_gNO6465OUiSw27hlu2rAlx11YvCSuo3dqr70ZQUvEOqDv0OZV7WukZ6tC_IXPD2R_nt6XqNDk6jmUPOKuFGCjSZbLqUAgoLQJCdzk_dXODsEnLng%2526adurl%253D&DFA_BuyId=25089458&DFA_PlacementId=290188790&DFA_AdId=483583991&DFA_CreativeId=137841423&DFA_SiteId=4575850&TC_1=2100142&TC_2=25089458&TC_3=290188790&TC_4=137841423&TC_5=dcmadvertiserid|8404942$dcmcampaignid|25089458$dcmadid|483583991$dcmrenderingid|137677318$dcmsiteid|4575850$dcmplacementid|290188790$customer|Microsoft$dv360auctionid|ct=CH&st=&city=12463&dma=0&zp=&bw=4&Placement_ID=290188790&edge=y&html5=y&nr=0.11426119805201251
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.229.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 3bdf27a1124d341aa2b1880639ae305d9af0d84dd79d7e7f460794038ff75fbf

Request headers

Host: dco-assets.everestads.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/

Response headers

Server: Apache
Last-Modified: Thu, 18 Jun 2020 23:06:22 GMT
ETag: "1143f118f-3fce-5a863d3313780"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: all
Access-Control-Allow-Origin: *
Content-Length: 3934
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=3600
Expires: Sat, 17 Apr 2021 07:24:28 GMT
Date: Sat, 17 Apr 2021 06:24:28 GMT
Connection: keep-alive

GET
H2 200 main.gr.19.8.188.js Show response
static.adsafeprotected.com/ Frame 34C4 182 KB
58 KB 49ms
48ms Script
application/javascript 52.212.6.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.188.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10933&advId=14575555&campId=39868950&pubId=1&chanId=979614336190&placementId=323031734&adsafe_par&impId=ABAjH0jHvPyckh_n3BL2A941gzva&bidurl=https://garticphone.com/ru
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.6.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-6-165.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: f44665977f5ecc716890ab05d7aa3830c1ee5571da659f6d61422763e7a03952

Request headers

Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:28 GMT
content-encoding: gzip
last-modified: Mon, 05 Apr 2021 16:41:54 GMT
server: nginx/1.16.1
age: 710135
etag: W/"b96b96035edd988c7c03370e3ed76dca"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
DATA 200
OK truncated
/ Frame 34C4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c020734ec5cca75ae396eb0c8d54187e21c279826ebd77db457ae88c5daf7fdf

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK mraid.js Show response
dco-assets.everestads.net/ics-campaign/static/dco/ Frame D628 0
390 B 29ms
28ms Script
text/javascript 104.111.229.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign/static/dco/mraid.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=YHp_HAAAAN8xI0ML
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.229.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=YHp_HAAAAN8xI0ML
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 06:24:28 GMT
Last-Modified: Thu, 18 Jun 2020 23:06:22 GMT
X-Permitted-Cross-Domain-Policies: all
ETag: "1143f118e-0-5a863d3313780"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Server: Apache
Expires: Sat, 17 Apr 2021 07:24:28 GMT

GET
H2 200 sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame A734 82 KB
22 KB 46ms
46ms Script
application/javascript 52.212.6.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com
URL: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.6.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-6-165.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:28 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 17:39:07 GMT
server: nginx/1.16.1
age: 3375116
etag: W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 mon
pixel.adsafeprotected.com/ Frame 34C4 43 B
216 B 48ms
48ms Image
image/gif 54.171.0.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10933&advId=14575555&campId=39868950&pubId=1&chanId=979614336190&placementId=323031734&adsafe_par&impId=ABAjH0jHvPyckh_n3BL2A941gzva&bidurl=https://garticphone.com/ru&adsafe_url=https%3A%2F%2Fgarticphone.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:3e254a78-785e-0848-c85f-25d8b867dc8a,c:a1BBYd,sl:na,em:true,fr:false,mn:app27ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:suOLhYj+11%7C12%7C13%7C14%7C151%7C152%7C16%7C17*.10933%7C171%7C172%7C173%7C174%7C175%7C18,idMap:17*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:139,oid:8f8240f5-9f45-11eb-aefb-02617d9e854e,v:19.8.188,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com
URL: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.0.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-0-58.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 06:24:28 GMT
x-server-name: app39.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 34C4 43 B
215 B 116ms
116ms Image
image/gif 54.163.187.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=551415&asId=44008411-acd7-6009-d536-d6e158aad172&tv=%7Bc:a1BBYq,pingTime:-2.1,time:1237,type:a,clog:%5B%7Bpiv:-1,vs:n,r:r,w:160,h:600,t:24%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:1237,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:24,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1231~1%5D,as:%5B1231~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:120,fm:suOLhGN+11%7C12%7C13%7C14%7C151%7C152%7C16%7C17*.551415-51042438%7C171%7C1721%7C18%7C19,idMap:17.3e254a78-785e-0848-c85f-25d8b867dc8a.23_10933%7C17*,rmeas:1,rend:0,renddet:svg.us,sinceFw:38,readyFired:false%7D&br=u
Requested by: Host: f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com
URL: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.187.117 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-187-117.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 06:24:28 GMT
x-server-name: dt66.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK z160x600.html Show response
dco-assets.everestads.net/ics-campaign//5031/t/8581/3/ Frame C74B 7 KB
3 KB 28ms
28ms Document
text/html 104.111.229.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8581/3/z160x600.html
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=YHp_HAAAAN8xI0ML
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.229.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: d0e1e5b8c89f83a2fe69a8649a4fa84578a8c5a7b43720f72a93810c0d13af9a

Request headers

Host: dco-assets.everestads.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=YHp_HAAAAN8xI0ML
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=YHp_HAAAAN8xI0ML

Response headers

Server: Apache
Last-Modified: Wed, 31 Mar 2021 14:09:09 GMT
ETag: "152e7cd77-1cd3-5bed5a891eb40"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: all
Access-Control-Allow-Origin: *
Content-Length: 2132
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=3600
Expires: Sat, 17 Apr 2021 07:24:28 GMT
Date: Sat, 17 Apr 2021 06:24:28 GMT
Connection: keep-alive

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 34C4 43 B
215 B 115ms
115ms Image
image/gif 54.163.187.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=3e254a78-785e-0848-c85f-25d8b867dc8a&tv=%7Bc:a1BBYE,pingTime:-2,time:165,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1343,beZ:1347,mfA:1452,cmA:1454,inA:1454,inZ:1462,prA:1462,prZ:1475,si:1483,poA:1483,poZ:1494,cmZ:1494,mfZ:1494,loA:1500,loZ:1503,ltA:1508,ltZ:1508%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.604,dom:div%7D%7D,env:%7Bgca:true,cca:true,gca2:true,gcd:%7Bappl:na,cnst:na,glbl:na,mtdt:undefined%7D,ccd:%7Bversion:1,uspString:%7D,gcd2:%7Bappl:0,cnst:na%7D%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:160,h:600,t:138%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:165,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:138,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B51~1%5D,as:%5B51~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:suOLhGN+11%7C12%7C13%7C14%7C151%7C152%7C16%7C17*.10933%7C171%7C172%7C173%7C174%7C175%7C18,idMap:17.44008411-acd7-6009-d536-d6e158aad172.9_551415-51042438%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:25,readyFired:true%7D&br=u
Requested by: Host: f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com
URL: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.187.117 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-187-117.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 06:24:28 GMT
x-server-name: dt61.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 34C4 42 B
64 B 24ms
23ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQaYdNEnQa2iC-WnkFsQzSSOUpCZAYFEX-_hIDuIxj2HjX-VWcZnCi2eDP6ASI8BemyosfpcP7poPxtQkPoCAFfuAn8nGJTWYvTCwuZQ4I3KU1GaLUQ91eocdfQg&sai=AMfl-YS9DGKliQzCmfFqw9lOiP10OfrC510iZ7mwDnqxKv_JwFc0rZKQjHSqhxRqon6x_0_tNxqRqiU3nlXghy_rZeWHBq4d6Ua2KkESZBW_TFVo2CXT8MjHE7e0NdzcjYXd&sig=Cg0ArKJSzDYXVTrV0jAmEAE&cid=CAASPeRoa7_XW3hxHbHG852EcmaGZ4Po9U3eqI58vO52Hv5P1o1yGM9SUWAy_TDcG3Hyvy-_0zaAoC8LG5f0Lq0&id=lidar2&mcvt=1001&p=300,10,904,170&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20210414&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=3147981548&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618640667274&dlt=20&rpt=521&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 06:24:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AMOLibrary.js Show response
ads.everesttech.net/ads/static/local/ Frame C74B 5 KB
6 KB 196ms
196ms Script
application/javascript 52.39.214.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/static/local/AMOLibrary.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8581/3/z160x600.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.214.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AMO-jAds/1.1 /
Resource Hash: e66ad7a792dcaa684917803058147d54e110728a7cef76562e5bc5ca1388339e

Request headers

Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: cache
date: Sat, 17 Apr 2021 06:24:28 GMT
last-modified: Wed, 10 Jan 2018 09:27:58 GMT
server: AMO-jAds/1.1
etag: W/"5582-1515576478000"
content-type: application/javascript
cache-control: cache,store,max-age=86400
accept-ranges: bytes
content-length: 5582

GET
H/1.1 200
OK M365_FY21Q3WR3_USA_160x600_BAN_YPCouch_EN_NA_Standard_ANI_BN_NA_1.htm Show response
dco-assets.everestads.net/ics-campaign//5031/t/8581/3/YoungProfCouch/ Frame 1401 16 KB
6 KB 29ms
29ms Document
text/html 104.111.229.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8581/3/YoungProfCouch/M365_FY21Q3WR3_USA_160x600_BAN_YPCouch_EN_NA_Standard_ANI_BN_NA_1.htm
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8581/3/z160x600.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.229.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 32740423b61ba1c57464b88d226d36afaa000125e792556ccbb014e118313d0d

Request headers

Host: dco-assets.everestads.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8581/3/z160x600.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8581/3/z160x600.html

Response headers

Server: Apache
Last-Modified: Wed, 31 Mar 2021 14:09:09 GMT
ETag: "152a9f802-3ef0-5bed5a891eb40"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: all
Access-Control-Allow-Origin: *
Content-Length: 5604
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=3600
Expires: Sat, 17 Apr 2021 07:24:29 GMT
Date: Sat, 17 Apr 2021 06:24:29 GMT
Connection: keep-alive

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.5.1/ Frame 1401 60 KB
22 KB 13ms
12ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.5.1/gsap.min.js

Requested by

Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8581/3/YoungProfCouch/M365_FY21Q3WR3_USA_160x600_BAN_YPCouch_EN_NA_Standard_ANI_BN_NA_1.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 710718
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21845
cf-request-id: 098019a17a000097fcb0136000000001
timing-allow-origin: *
last-modified: Wed, 26 Aug 2020 23:14:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f46ecc0-eeae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4VyUt%2BAqHSLiWyDso5AAlJ1TD0lZLIHPkJyEIgZdqrpBbFyjISGjSKkeIzkmev2TzBDpWe4OVPYRQ7iVBvPCKRe4vz%2FdB2s5bAE%2F1tss4c1AN6y7RKHKb4Fk6VTIrMSR1A%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 641392158d7897fc-FRA
expires: Thu, 07 Apr 2022 06:24:29 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 1401 236 KB
63 KB 47ms
15ms Script
text/javascript 2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8581/3/YoungProfCouch/M365_FY21Q3WR3_USA_160x600_BAN_YPCouch_EN_NA_Standard_ANI_BN_NA_1.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 06:24:29 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Sat, 17 Apr 2021 06:39:29 GMT

GET
H/1.1 200
OK M365_FY21Q3WR3_USA_160x600_BAN_YPCouch_EN_NA_Standard_ANI_BN_NA_1.js Show response
dco-assets.everestads.net/ics-campaign//5031/t/8581/3/YoungProfCouch/ Frame 1401 75 KB
12 KB 32ms
32ms Script
text/javascript 104.111.229.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8581/3/YoungProfCouch/M365_FY21Q3WR3_USA_160x600_BAN_YPCouch_EN_NA_Standard_ANI_BN_NA_1.js?1501171107836
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8581/3/YoungProfCouch/M365_FY21Q3WR3_USA_160x600_BAN_YPCouch_EN_NA_Standard_ANI_BN_NA_1.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.229.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: b869989f4a83946257c81d8001145f0987a9fc1848e777f039fd4900fcefbd7a

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8581/3/YoungProfCouch/M365_FY21Q3WR3_USA_160x600_BAN_YPCouch_EN_NA_Standard_ANI_BN_NA_1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 06:24:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Mar 2021 14:09:09 GMT
X-Permitted-Cross-Domain-Policies: all
ETag: "153099faf-12aab-5bed5a891eb40"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12082
Server: Apache
Expires: Sat, 17 Apr 2021 07:24:29 GMT

GET
H/1.1 200
OK SegoePro-Semibold.woff
dco-assets.everestads.net/ics-campaign//5031/t/8581/3/YoungProfCouch/fonts/ Frame 1401 25 KB
26 KB 33ms
33ms Font
application/octet-stream 104.111.229.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8581/3/YoungProfCouch/fonts/SegoePro-Semibold.woff
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8581/3/YoungProfCouch/M365_FY21Q3WR3_USA_160x600_BAN_YPCouch_EN_NA_Standard_ANI_BN_NA_1.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.229.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: dd5cedf68c73545e36272585c781c66d4d723804e427be71a95c9b2610f2f8c8

Request headers

Origin: https://dco-assets.everestads.net
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8581/3/YoungProfCouch/M365_FY21Q3WR3_USA_160x600_BAN_YPCouch_EN_NA_Standard_ANI_BN_NA_1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 06:24:29 GMT
Last-Modified: Wed, 31 Mar 2021 14:09:09 GMT
X-Permitted-Cross-Domain-Policies: all
ETag: "153a322aa-6590-5bed5a891eb40"
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26000
Server: Apache
Expires: Sat, 17 Apr 2021 07:24:29 GMT

GET
H/1.1 200
OK SPug Show response
simage4.pubmatic.com/AdServer/ Frame 54AE 0
587 B 145ms
36ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156857&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection: close
Date: Sat, 17 Apr 2021 06:24:27 GMT
Content-Encoding: gzip
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 34C4 0
23 B 62ms
32ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 17 Apr 2021 06:24:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK M365_FY21Q3WR3_USA_160x600_BAN_YPCouch_EN_NA_Standard_ANI_BN_NA_1_atlas_1.png
dco-assets.everestads.net/ics-campaign//5031/t/8581/3/YoungProfCouch/images/ Frame 1401 742 KB
743 KB 32ms
32ms Image
image/png 104.111.229.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8581/3/YoungProfCouch/images/M365_FY21Q3WR3_USA_160x600_BAN_YPCouch_EN_NA_Standard_ANI_BN_NA_1_atlas_1.png?1613381458399
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.229.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 87f61b6193e9d315e1e03e2bc87e8dabc6194789e7f21e60b2cc37964bbdc7e8

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8581/3/YoungProfCouch/M365_FY21Q3WR3_USA_160x600_BAN_YPCouch_EN_NA_Standard_ANI_BN_NA_1.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 06:24:29 GMT
Last-Modified: Wed, 31 Mar 2021 14:09:09 GMT
X-Permitted-Cross-Domain-Policies: all
ETag: "153b200e8-b9934-5bed5a891eb40"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 760116
Server: Apache
Expires: Sat, 17 Apr 2021 07:24:29 GMT

GET
DATA 200
OK truncated
/ Frame 1401 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f064b11007507ecebb88b25c6b21a41e51189b079c5a30342c8dc8950019c0c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 34C4 43 B
215 B 116ms
116ms Image
image/gif 54.163.187.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10933&asId=3e254a78-785e-0848-c85f-25d8b867dc8a&tv=%7Bc:a1BCi1,pingTime:-10,time:1366,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1618640668084%7C%7Cfe8aa37f527438ff6fe417c05f6d9503%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C1ec228b2d91184d4f2b39a699d4c0a3b%7C%7C693b1c11ad3e6dba060b8e3d3c923327%7C%7Ceba2c1ebea5f90e9e40aa515408d5721%7C%7Cd78effffebed6e427b3efceb879dcc43%7C%7Cd03c23cadf0a246cffe4f09d65c40b73%7C%7C1614879537,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,sca:%7Bspg:44008411-acd7-6009-d536-d6e158aad172%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.187.117 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-187-117.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 06:24:30 GMT
x-server-name: dt44.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 34C4 42 B
174 B 14ms
14ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuArmCyYCO1Jvoj10G0KiugWD66zlWMQOxiiR3TEJZji18hC0Ubu3Vwm9bM1g5tUJo4fc6qh2vLUST6ADKxIJo&sig=Cg0ArKJSzJqMnNvuxgGeEAE&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210414&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=3047537733&rs=6&la=0&cr=0&vs=4&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Apr 2021 06:24:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.garticphone.com/	1970-01-19 19:48:49	Name: userFromEEA Value: true
.garticphone.com/	1970-01-19 17:38:47	Name: _gid Value: GA1.2.260450781.1618640666
.garticphone.com/	1970-01-19 19:48:49	Name: CountryCode Value: DE
.garticphone.com/	1970-01-19 17:37:20	Name: _gat_gtag_UA_3906902_42 Value: 1
.garticphone.com/	1970-01-20 11:08:32	Name: _ga Value: GA1.2.1373037539.1618640666
.garticphone.com/	1970-01-19 18:20:32	Name: __cfduid Value: d5eb8a809e13fad1f42c74cc9da440aa11618640665

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://garticphone.com/_next/static/chunks/framework.0c239260661ae1d12aa2.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://garticphone.com/_next/static/chunks/main-97a98779d761aaced2c9.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://garticphone.com/_next/static/chunks/framework.0c239260661ae1d12aa2.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://garticphone.com/_next/static/chunks/main-97a98779d761aaced2c9.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://api.adinplay.com/libs/aiptag/pub/GTC/garticphone.com/tag.min.js(Line 3) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://api.adinplay.com/libs/aiptag/pub/GTC/garticphone.com/tag.min.js(Line 91) Message: %c %c %c AdinPlay v2.0 ✰ GTC ✰ v4.10.0 aip %c %c ads by http://www.adinplay.com/ %c %c %c%c background: #9C0013; padding:5px 0; background: #9C0013; padding:5px 0; color: #FFFFFF; background: #030307; padding:5px 0; background: #9C0013; padding:5px 0; color: #FFFFFF;background: #DB0028; padding:5px 0; background: #9C0013; padding:5px 0; color: #ff2424; background: #fff; padding:5px 0; color: #ff2424; background: #fff; padding:5px 0; color: #ff2424; background: #fff; padding:5px 0;
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.1.js(Line 32) Message: a: 0.001953125 ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.doubleclick.net
ads.everesttech.net
ads.pubmatic.com
adservice.google.ch
adservice.google.com
api.adinplay.com
aud.pubmatic.com
c1.adform.net
cdn.consentmanager.mgr.consensu.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.createjs.com
consentmanager.mgr.consensu.org
country.adinplay.workers.dev
d5p.de17a.com
dco-assets.everestads.net
dis.criteo.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
f8420283a066f6be3cf9a2acc9d8601c.safeframe.googlesyndication.com
fw.adsafeprotected.com
garticphone.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hbopenbid.pubmatic.com
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
match.adsrvr.org
mwzeom.zeotap.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
prod.perf-serving.com
securepubads.g.doubleclick.net
server.cpmstar.com
simage2.pubmatic.com
simage4.pubmatic.com
static.adsafeprotected.com
sync.mathtag.com
tpc.googlesyndication.com
uipglob.semasio.net
um.simpli.fi
visitor.fiftyt.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.111.229.87
142.250.185.130
142.250.185.66
142.250.186.102
142.250.186.98
159.253.128.183
178.250.0.163
18.192.249.156
185.29.132.69
185.33.221.11
185.64.189.112
185.64.189.115
185.64.189.249
185.64.190.80
185.64.190.81
198.24.170.52
213.155.156.168
23.218.208.187
23.218.208.200
23.218.208.246
2606:4700:10::6816:1957
2606:4700:10::ac43:281c
2606:4700:20::681a:f6b
2606:4700:3037::ac43:d515
2606:4700::6810:135e
2a00:1450:4001:801::2001
2a00:1450:4001:801::2008
2a00:1450:4001:803::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a02:26f0:6c00::210:ba1a
2a02:6ea0:c700::2
2a04:4e42:3::621
34.252.218.184
35.156.223.207
35.201.96.126
37.157.4.24
52.212.6.165
52.39.214.89
52.51.10.244
54.163.187.117
54.171.0.58
77.243.60.138
87.230.98.74
0216d870844c21ce7c5c72f3471b81013c6d1879d5c4701b81a6c0c22870e081
082124e48ee2e324e65d09aff357ec18e1fc5758aee25ecc299bcae3505ad19d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f
16c690bd007bf462db0b132ba28ee17c76b174b8db7e224a423f421d50f94411
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
193fdc7a48ae60adfa28663712b68539bead2a82033545589d0d97565c6e983b
198c6573661f9d44d0edb1bae63ce2b42997aaed1511b04a6379cc60cce28bb9
1d68cb99af8c0ad820bdfc16b47fcce886f8479030ef7ce7b1eaf96dd43e0b21
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
23dd9b0d66c40efb216f7ade735f7633b4b9929f5ab3740a206bf87df283ea27
32740423b61ba1c57464b88d226d36afaa000125e792556ccbb014e118313d0d
3321911a6d9753bcd53320d0934805989e6298b2a5ad0322cb9f930d312a6f95
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a
351f6f81844c2304f72d7a6c8909de311b5de07553da66e43a3ce51902bc698e
384e0e9673a384d3afe3e9d43ac2d020bca519c99ee48c24bd5e78f7a771295f
3bdf27a1124d341aa2b1880639ae305d9af0d84dd79d7e7f460794038ff75fbf
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dc97e0b1d3c6eb31ae84ba5ba21981e6e171b91042e6b3129bb156c0b04a761
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
42c860812e7d0c6e96bbb5a346286c0d0a490fc52ad05cc2d30efcd6d4cefcc4
489787c99ddb47232dd46ed2b42472fef4695dee379595a0e195e5b485f74bbb
4c0e14e5bf5d73bb645b6f196bbac36f151ab4357bfed32d5a5fa908de9d8ca7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb12a1c35e9ff714c990030de9131a40957faa227094b8e6c8ed1ecd562bd2c
4f5979825ba0bab1c385281580a6a1c7a83962ecf25eabc2b8d9abff42c3d5fc
50099ff99f4fdfca5c3891f5bf5c4d7c44077899a82fd2e88edadde0618b77d3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68ea5ca4636e0081f9a9c23d1ef93b4a268baf2647b64592f9d7416275e89527
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f064b11007507ecebb88b25c6b21a41e51189b079c5a30342c8dc8950019c0c
6fccba207831ba0fc1dd1231ef2a35585dfc82b1c06f6fbcf0fd041eaeed8bcc
72b14e238d895ccd81b5e5dcda3c3779143c785a1f69f388ac7f775884a00595
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
757996255ec26a03743739e69c3c10ae17e8891f6f23b1a4ebf9378368950a01
800c03f1b08a0609265cb64d050e884c8ae4a42bcc4239eedc369ee10c89dac1
80d0a278e7a208ae2bd234aafcbdece69e63c9bf11e800d0ab5fa3c82176cf2c
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
879ca1ff2b1db8d086b9550b0a1668e9e95e87a0038d4e726757cce29a6719e7
87f61b6193e9d315e1e03e2bc87e8dabc6194789e7f21e60b2cc37964bbdc7e8
924fc414b00f14d1f619fdde71dab1bfb71475bdc7b5bd546af24c6f58dd9f0f
927fde1363cfc2cfb05dbf24cfa71083de18fab533a3f2d646e2a1170417fc71
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
97805eb804ec0c23bbac8763b1d40e93d287eb34f3b3a0533fe50cf807a97b5f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f9b8f364bad567ebe9822bccc19a09ed1ab909cf09d407167f6ba12cba708ee
a0be70bfb4eaf5cad8ead71a89c69b93a4122a64eaee9fe7074e68d9156354ad
a1ab821a2d6ab23c7c1eed3c77e0bb805b5638926b2a177a9694bd728e3be742
a2a292ee40c2422d82f43b270984343ea18e7c05384459c1d7adbee2c241be30
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
b0d07fd0ecfc8286de3cb0d3d5267f2c6c668c267ad547369585bc13b7d7f6f8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c71d7834e9d5b1783b0a2f0e445d3a55dd8e2f5232af38f68a1a9835058120
b32c9c990ccecb65d55fb56d5801ae902db32aebd81812aa11340d1741ca20ab
b869989f4a83946257c81d8001145f0987a9fc1848e777f039fd4900fcefbd7a
c020734ec5cca75ae396eb0c8d54187e21c279826ebd77db457ae88c5daf7fdf
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
cd31937cb2c208f1c910dd1f4a81d225e3a88c106bed394dd8aed6ecbf84f2b8
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d04fe3e6d57be524334f1688f690be20fb65e09d806c549e1f78aa8d3f7dbae7
d0e1e5b8c89f83a2fe69a8649a4fa84578a8c5a7b43720f72a93810c0d13af9a
d68d96908e253981a4e9dc2a222255756745073a4d85cd8789abc5f36613d339
d877d746962761f2300d86402ba0266f98eada0abae1f8e54561e78e5308047d
db04f13bf4fad0d11eac656b731c57eda589bc3b195796d73b0f77573adefcc7
dd376b78a882a4f53ed011b2a0aba1131e468c440fef92028627179013ddae93
dd5cedf68c73545e36272585c781c66d4d723804e427be71a95c9b2610f2f8c8
e0a141d57dcfa788a828502981c85215a071944d4ef0779571d91dec5eb70e41
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e66ad7a792dcaa684917803058147d54e110728a7cef76562e5bc5ca1388339e
e72e6a0329f6faee9e65e5fdb0194925561c26714809ed0337d6c0f8b6a23f2c
e85ee020b5d9a8ac7bdabd1591746784393ed6fc3604d569ea700947ac4554a6
e99031d5243b22562a0218990fbba4314b0eb7d603eec89e46a0a4c4524a775d
ee528134daae05ec4e589165484f4fddb2466f18530119c89785da6d8a01b3b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12ccda440f4740227fd0333d1c4b2433710b91f176619617b57bd37b6ce620c
f3e7e84a9247e2cbb12fcb52dd0afe3232325a13e01fc59652ad7fb3c8d5d664
f44665977f5ecc716890ab05d7aa3830c1ee5571da659f6d61422763e7a03952
f5ddc5f26ee98b6a3475eeda6346e9051aa0fc246074bdbd54963fe0461dac25
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fc4a1a82d0c70b428b6f9de7570cc73cdfa1d2bdbbaceaa0c95a01592a6df707
fc5a9fb346a5dd1dcfa923de1125e37b939c24cd3e1ba281cdbfcb41fa6b221f
fdab36f5ef5c29e3a34c96aefd71d70857fbd4058e8a0275048d4657c725fe10

garticphone.com Open in urlscan Pro 2606:4700:10::ac43:281c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

124 Requests

100 %HTTPS

37 %IPv6

33 Domains

50 Subdomains

43 IPs

8 Countries

2960 kBTransfer

6325 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

124 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

garticphone.com Open in urlscan Pro
2606:4700:10::ac43:281c Public Scan

Screenshot
Live screenshot

Full Image

124
Requests

100 %
HTTPS

37 %
IPv6

33
Domains

50
Subdomains

43
IPs

8
Countries

2960 kB
Transfer

6325 kB
Size

6
Cookies

124 HTTP transactions
2 data transactions