vwts.ru Open in urlscan Pro
46.38.56.116  Public Scan

14 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://vwts.ru/ HTTP 301
   https://vwts.ru/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

• https://mytopf.com/counter?id=35502;t=49 HTTP 302
• https://mytopf.com/counter2?id=35502;t=49

Request Chain 27

• https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fvwts.ru%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A504%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A2%3Adp%3A0%3Als%3A439017040493%3Ahid%3A646459384%3Az%3A0%3Ai%3A2021010130923010%3Aet%3A1634116991%3Ac%3A1%3Arn%3A1031607034%3Arqn%3A1%3Au%3A1634116991677526977%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634116989896%3Ads%3A0%2C106%2C67%2C48%2C92%2C0%2C%2C288%2C6%2C%2C%2C%2C557%3Adsn%3A0%2C106%2C67%2C48%2C92%2C0%2C%2C243%2C6%2C%2C%2C%2C557%3Awv%3A2%3Ati%3A2%3Ast%3A1634116991 HTTP 302
• https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fvwts.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A504%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A2%3Adp%3A0%3Als%3A439017040493%3Ahid%3A646459384%3Az%3A0%3Ai%3A2021010130923010%3Aet%3A1634116991%3Ac%3A1%3Arn%3A1031607034%3Arqn%3A1%3Au%3A1634116991677526977%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634116989896%3Ads%3A0%2C106%2C67%2C48%2C92%2C0%2C%2C288%2C6%2C%2C%2C%2C557%3Adsn%3A0%2C106%2C67%2C48%2C92%2C0%2C%2C243%2C6%2C%2C%2C%2C557%3Awv%3A2%3Ati%3A2%3Ast%3A1634116991

Request Chain 28

• https://mc.yandex.ru/watch/36189365?wmode=7&page-url=https%3A%2F%2Fvwts.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A504%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A429860846557%3Ahid%3A646459384%3Az%3A0%3Ai%3A2021010130923010%3Aet%3A1634116991%3Ac%3A1%3Arn%3A776688304%3Arqn%3A1%3Au%3A1634116991677526977%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634116989896%3Ads%3A0%2C106%2C67%2C48%2C92%2C0%2C%2C288%2C6%2C%2C%2C%2C557%3Adsn%3A0%2C106%2C67%2C48%2C92%2C0%2C%2C243%2C6%2C%2C%2C%2C557%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1634116991%3At%3AVolkswagen%20Technical%20Site HTTP 302
• https://mc.yandex.ru/watch/36189365/1?wmode=7&page-url=https%3A%2F%2Fvwts.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A504%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A429860846557%3Ahid%3A646459384%3Az%3A0%3Ai%3A2021010130923010%3Aet%3A1634116991%3Ac%3A1%3Arn%3A776688304%3Arqn%3A1%3Au%3A1634116991677526977%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634116989896%3Ads%3A0%2C106%2C67%2C48%2C92%2C0%2C%2C288%2C6%2C%2C%2C%2C557%3Adsn%3A0%2C106%2C67%2C48%2C92%2C0%2C%2C243%2C6%2C%2C%2C%2C557%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1634116991%3At%3AVolkswagen%20Technical%20Site

Request Chain 29

• https://www.acint.net/mc/?dp=10 HTTP 302
• https://www.acint.net/mc/?dp=10&tc=1

Request Chain 36

• https://top-fwz1.mail.ru/counter?js=13;id=35502;u=https%3A//vwts.ru/;st=1634116990453;title=Volkswagen%20Technical%20Site;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=385cc0a92e05dfff;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.1//4g/0/0/;lvid=1634116990630%3A1634116990640%3A1%3Ad3eeed0fee96900261e7339ee0b64b2e;visible=true;_=0.7110924300097836 HTTP 302
• https://top-fwz1.mail.ru/counter2?js=13;id=35502;u=https%3A//vwts.ru/;st=1634116990453;title=Volkswagen%20Technical%20Site;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=385cc0a92e05dfff;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.1//4g/0/0/;lvid=1634116990630%3A1634116990640%3A1%3Ad3eeed0fee96900261e7339ee0b64b2e;visible=true;_=0.7110924300097836

Request Chain 43

• https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F7EA566618908CD6302EEF627 HTTP 302
• https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F7EA566618908CD6302EEF627&crf=1

Request Chain 44

• https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
• https://acint.net/match?dp=14&euid=0100007F7EA5666113008D44026BE2FA

Request Chain 45

• https://px.adhigh.net/p/cm/sape?u=0100007F7EA566618908CD6302EEF627 HTTP 302
• https://px.adhigh.net/p/cm/sape?u=0100007F7EA566618908CD6302EEF627&bounced=1 HTTP 302
• https://acint.net/match?dp=17&euid=u6zqmPaGJYgA.AikABlF8ePZ3Xg

Request Chain 47

• https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
• https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5832202320 HTTP 302
• https://www.acint.net/rmatch?dp=45&euid=A_feXN8c4JY71DjhswBs8Dg&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
• https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F7EA566618908CD6302EEF627

Request Chain 49

• https://sync.republer.com/match?dsp=sape HTTP 307
• https://sync.republer.com/match?dsp=sape&qset=1 HTTP 307
• https://sync.bumlam.com/?src=rp1&uid=f7241698-a271-46ce-9dcf-6c06b6ef12eb HTTP 302
• https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABj_ypqLBlIEioaQK2IkZjcyNDE2OTgtYTI3MS00NmNlLTlkY2YtNmMwNmI2ZWYxMmVi HTTP 302
• https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARj_ypqLBlIEioaQK2IkZjcyNDE2OTgtYTI3MS00NmNlLTlkY2YtNmMwNmI2ZWYxMmViogEQLz0u5CwHEeyG4AAlkMBkfA** HTTP 302
• https://sync.bumlam.com/?src=rp1&s_data=CAIQABj_ypqLBmIkZjcyNDE2OTgtYTI3MS00NmNlLTlkY2YtNmMwNmI2ZWYxMmViogEQLz0u5CwHEeyG4AAlkMBkfA** HTTP 302
• https://sync.bumlam.com/?src=rp1&s_data=CAIQARj_ypqLBmIkZjcyNDE2OTgtYTI3MS00NmNlLTlkY2YtNmMwNmI2ZWYxMmViogEQLz0u5CwHEeyG4AAlkMBkfA**

Request Chain 53

• https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf36lZmGJCM1jAu72Jw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf36lZmGJCM1jAu72Jw&google_tc= HTTP 302
• https://www.acint.net/match?dp=77&euid=

Request Chain 54

• https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F7EA566618908CD6302EEF627 HTTP 302
• https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F7EA566618908CD6302EEF627

Request Chain 57

• https://adx.com.ru/sape-sync?uid=0100007F7EA566618908CD6302EEF627 HTTP 302
• https://adx.com.ru/sync?sspKey=25&sspUserID=0100007F7EA566618908CD6302EEF627 HTTP 302
• https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=6166a57ed41e061f998066b5&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru%252Fweborama-sync%253Furl%253Dhttps%25253A%25252F%25252Fprodmp.ru%25252Fyabbi.gif%25253Fuid%25253D6166a57ed41e061f998066b5%252526r%25253Dhttps%2525253A%2525252F%2525252Fx01.aidata.io%2525252F0.gif%2525253Fpid%2525253D9712851%25252526id%2525253D6166a57ed41e061f998066b5%25252526dest%2525253D%2526webouid%253D%7BWEBO_CID%7D HTTP 302
• https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=6166a57ed41e061f998066b5&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru%252Fweborama-sync%253Furl%253Dhttps%25253A%25252F%25252Fprodmp.ru%25252Fyabbi.gif%25253Fuid%25253D6166a57ed41e061f998066b5%252526r%25253Dhttps%2525253A%2525252F%2525252Fx01.aidata.io%2525252F0.gif%2525253Fpid%2525253D9712851%25252526id%2525253D6166a57ed41e061f998066b5%25252526dest%2525253D%2526webouid%253D%7BWEBO_CID%7D&cs=1 HTTP 302
• https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D6166a57ed41e061f998066b5%2526r%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253D9712851%252526id%25253D6166a57ed41e061f998066b5%252526dest%25253D%26webouid%3D{WEBO_CID} HTTP 302
• https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D6166a57ed41e061f998066b5%2526r%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253D9712851%252526id%25253D6166a57ed41e061f998066b5%252526dest%25253D%26webouid%3D%7BWEBO_CID%7D&bounce=1&random=2545463298 HTTP 302
• https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D6166a57ed41e061f998066b5%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D6166a57ed41e061f998066b5%2526dest%253D&webouid=cTYDeAdDAD549k7MnzlgDe HTTP 302
• https://prodmp.ru/yabbi.gif?uid=6166a57ed41e061f998066b5&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D6166a57ed41e061f998066b5%26dest%3D HTTP 302
• https://x01.aidata.io/0.gif?pid=9712851&id=6166a57ed41e061f998066b5&dest= HTTP 302
• https://x01.aidata.io/0.gif?pid=9712851&id=6166a57ed41e061f998066b5&dest=&bounce=1

Request Chain 58

• https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F7EA566618908CD6302EEF627 HTTP 302
• https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F7EA566618908CD6302EEF627&cs=1

Request Chain 59

• https://sape-sync.rutarget.ru/sync HTTP 302
• https://www.acint.net/match?dp=104&euid=-9bgFbCcFJgH

Request Chain 60

• https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
• https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
• https://acint.net/match?dp=107&euid=f3c7f11d-ba90-531e-b568-ea0cd40e4f72

Request Chain 61

• https://0100007f7ea566618908cd6302eef627-sp.ops.beeline.ru/p?ssp=sp&id=0100007F7EA566618908CD6302EEF627 HTTP 301
• https://www.acint.net/match?dp=111&euid=4226c0a6-394e-4639-8f6d-602970573bf7

Request Chain 62

• https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F7EA566618908CD6302EEF627 HTTP 302
• https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP 302
• https://ut.rktch.com/matchspm?pi=1000006&pui=cTYDeAdDAD549k7MnzlgDe&noredirect

Request Chain 63

• https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F7EA566618908CD6302EEF627 HTTP 301
• https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F7EA566618908CD6302EEF627 HTTP 301
• https://tech.rtb.mts.ru/?dsp_uid=2cba660e-5c9c-44fd-a456-95d72aefa1ce&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D30%2526em%253D2%2526ssp%253Daidata%2526id%253D%2524UID HTTP 302
• https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID HTTP 302
• https://sm.rtb.mts.ru/em?next=30&em=2&ssp=aidata&id=0y1Xb2pPJBaV8CO7G3x4dg HTTP 301
• https://www.acint.net/match?dp=125&euid=2cba660e-5c9c-44fd-a456-95d72aefa1ce&exu=0y1Xb2pPJBaV8CO7G3x4dg

Request Chain 64

• https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
• https://www.acint.net/match?dp=126&euid=ef39385f-da9b-47bb-43fc-16758ae10609

Request Chain 65

• https://s.uuidksinc.net/match/396/0100007F7EA566618908CD6302EEF627 HTTP 302
• https://www.acint.net/match?dp=127&euid=bpRJem6szwtCDeJtdfET

Request Chain 68

• https://x01.aidata.io/0.gif?pid=9401454&id=0100007F7EA566618908CD6302EEF627 HTTP 302
• https://x01.aidata.io/0.gif?pid=9401454&id=0100007F7EA566618908CD6302EEF627&bounce=1 HTTP 302
• https://sm.rtb.mts.ru/p?ssp=aidata&id=0y1Xb2pPJBaV8CO7G3x4dg HTTP 301
• https://sm.rtb.mts.ru/match/second?ssp=51&exu=0y1Xb2pPJBaV8CO7G3x4dg HTTP 301
• https://tech.rtb.mts.ru/?dsp_uid=2cba660e-5c9c-44fd-a456-95d72aefa1ce&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D51%2526em%253D2%2526ssp%253Daidata%2526exu%253D0y1Xb2pPJBaV8CO7G3x4dg%2526id%253D%2524UID HTTP 302
• https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D2%26ssp%3Daidata%26exu%3D0y1Xb2pPJBaV8CO7G3x4dg%26id%3D%24UID

Request Chain 77

• https://mc.webvisor.org/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9425.23tpxaDVb2p9UPmEy7RNy5LaihzWccjZxcTUAr-TdGOEQHGpCHnxBaNGOzY2hlGS.Y884nsWsOmaji3EKB6Z_D1TwYjU%2C HTTP 302
• https://mc.webvisor.org/sync_cookie_image_decide?token=9425.Zq1ChE9nY7yG83dUNn-USaMHFr4qyob2R3COyZiy5dQENERRSymQNGHiTua4jUkWkfznIPt5mVZQdOEgE2rn8LDKm7sovIx3xR_Bzn2KOmI%2C.74PpWwIpeMwPPOlb8hZGPRQUPTs%2C

Request Chain 87

• https://dmg.digitaltarget.ru/1/1093/i/i?i=86479407877979.870689485322069&a=77&e=0100007F7EA566618908CD6302EEF627&pref=https%3A%2F%2Fvwts.ru%2F&c=ss:77.up:0100007F7EA566618908CD6302EEF627.sync:up.xdua:duEJ1tTAzLRy4IJt05Z6LchC.xps:xpsU8fibIW3iykN_e_TORadGh.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
• https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=86479407877979.870689485322069&a=77&e=0100007F7EA566618908CD6302EEF627&pref=https%3A%2F%2Fvwts.ru%2F&c=ss:77.up:0100007F7EA566618908CD6302EEF627.sync:up.xdua:duEJ1tTAzLRy4IJt05Z6LchC.xps:xpsU8fibIW3iykN_e_TORadGh.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Request Chain 88

• https://dmg.digitaltarget.ru/1/1093/i/i?i=86479407877979.629402570910972&a=77&e=0100007F7EA566618908CD6302EEF627&pref=https%3A%2F%2Fvwts.ru%2F&c=ss:77.up:0100007F7EA566618908CD6302EEF627.sync:up.xdua:duEJ1tTAzLRy4IJt05Z6LchC.xps:xpsU8fibIW3iykN_e_TORadGh.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
• https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=86479407877979.629402570910972&a=77&e=0100007F7EA566618908CD6302EEF627&pref=https%3A%2F%2Fvwts.ru%2F&c=ss:77.up:0100007F7EA566618908CD6302EEF627.sync:up.xdua:duEJ1tTAzLRy4IJt05Z6LchC.xps:xpsU8fibIW3iykN_e_TORadGh.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Request Chain 100

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 140

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si

152 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response vwts.ru/ Redirect Chain http://vwts.ru/ https://vwts.ru/	125 KB 24 KB	173ms 67ms	Document text/html	46.38.56.116 TCTEL
General Check archive.org Show headers Download Go to Full URL https://vwts.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 46.38.56.116 Moscow, Russian Federation, ASN52201 (TCTEL, RU), Reverse DNS vwts.ru Software nginx / PHP/7.3.30 Resource Hash 59109739759df9a1ac3604be5e1b842afbdc8c0bc7e9cbb327ad17012d819070 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff Request headers :method GET :authority vwts.ru :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server nginx date Wed, 13 Oct 2021 09:41:09 GMT content-type text/html; charset=utf-8 x-powered-by PHP/7.3.30 strict-transport-security max-age=31536000; x-content-type-options nosniff content-encoding gzip Redirect headers Server nginx Date Wed, 13 Oct 2021 09:41:08 GMT Content-Type text/html Content-Length 162 Connection keep-alive Location https://vwts.ru/ X-XSS-Protection 1; mode=block
GET H2	200	main.css vwts.ru/css/	70 KB 12 KB	51ms 50ms	Stylesheet text/css	46.38.56.116 TCTEL
General Check archive.org Show headers Download Go to Full URL https://vwts.ru/css/main.css Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 46.38.56.116 Moscow, Russian Federation, ASN52201 (TCTEL, RU), Reverse DNS vwts.ru Software nginx / Resource Hash 387487f34bca1f906b1d83818ccab765882cc3f03cfdd516f932a68732c968f9 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff Request headers :path /css/main.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority vwts.ru referer https://vwts.ru/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:41:09 GMT content-encoding gzip x-content-type-options nosniff last-modified Sat, 02 Mar 2019 22:56:32 GMT server nginx etag W/"5c7b0a20-1180c" strict-transport-security max-age=31536000; content-type text/css cache-control max-age=2592000 expires Fri, 12 Nov 2021 09:41:09 GMT
GET H2	200	font-awesome.min.css maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/	30 KB 7 KB	32ms 15ms	Stylesheet text/css	104.18.10.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 723, 617 age 490990 cdn-cachedat 2021-07-24 08:09:23 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:55 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 1b00e9671224b437bf3914cf33baf521 cf-ray 69d781f4ce071f15-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	breadcrumb.css vwts.ru/css/	2 KB 1000 B	51ms 51ms	Stylesheet text/css	46.38.56.116 TCTEL
General Check archive.org Show headers Download Go to Full URL https://vwts.ru/css/breadcrumb.css Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 46.38.56.116 Moscow, Russian Federation, ASN52201 (TCTEL, RU), Reverse DNS vwts.ru Software nginx / Resource Hash 5e2afa9b685284f6dd218e3870733183668c1d48378bf0f7bc59734832de71a4 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff Request headers :path /css/breadcrumb.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority vwts.ru referer https://vwts.ru/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:41:09 GMT content-encoding gzip x-content-type-options nosniff last-modified Sun, 03 Mar 2019 13:47:31 GMT server nginx etag W/"5c7bdaf3-7e3" strict-transport-security max-age=31536000; content-type text/css cache-control max-age=2592000 expires Fri, 12 Nov 2021 09:41:09 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	145 KB 51 KB	82ms 42ms	Script text/javascript	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash 380aeca0ea4d26924b0a308cc5fe2e4d740bb9a9de86e9b3947af1e9f915e437 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:10 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 51389 x-xss-protection 0 server cafe etag 14810354566711954582 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Wed, 13 Oct 2021 09:23:10 GMT
GET H2	200	gnss100.jpg vwts.ru/images/repair250/	52 KB 53 KB	51ms 49ms	Image image/jpeg	46.38.56.116 TCTEL
General Check archive.org Show headers Download Go to Show image Full URL https://vwts.ru/images/repair250/gnss100.jpg Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 46.38.56.116 Moscow, Russian Federation, ASN52201 (TCTEL, RU), Reverse DNS vwts.ru Software nginx / Resource Hash 0b6aa5304d4baf473f85d8ec3206265befd4022fcc44995b9b5b149027dd5b4b Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff Request headers :path /images/repair250/gnss100.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority vwts.ru referer https://vwts.ru/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:41:09 GMT x-content-type-options nosniff last-modified Mon, 03 Feb 2020 20:55:11 GMT server nginx etag "5e3888af-d1c4" strict-transport-security max-age=31536000; content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 53700 expires Fri, 12 Nov 2021 09:41:09 GMT
GET H2	200	vws100.gif vwts.ru/images/repair6/	7 KB 7 KB	54ms 53ms	Image image/gif	46.38.56.116 TCTEL
General Check archive.org Show headers Download Go to Show image Full URL https://vwts.ru/images/repair6/vws100.gif Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 46.38.56.116 Moscow, Russian Federation, ASN52201 (TCTEL, RU), Reverse DNS vwts.ru Software nginx / Resource Hash 905f7496f3998af0edf147fae9110c1dc9004fd6471ba7a788041ed21eba8f05 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff Request headers :path /images/repair6/vws100.gif pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority vwts.ru referer https://vwts.ru/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:41:09 GMT x-content-type-options nosniff last-modified Mon, 30 Jun 2014 21:16:24 GMT server nginx etag "53b1d3a8-1b56" strict-transport-security max-age=31536000; content-type image/gif cache-control max-age=2592000 accept-ranges bytes content-length 6998 expires Fri, 12 Nov 2021 09:41:09 GMT
GET H2	200	vwspare100.gif vwts.ru/images/repair6/	19 KB 19 KB	57ms 55ms	Image image/gif	46.38.56.116 TCTEL
General Check archive.org Show headers Download Go to Show image Full URL https://vwts.ru/images/repair6/vwspare100.gif Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 46.38.56.116 Moscow, Russian Federation, ASN52201 (TCTEL, RU), Reverse DNS vwts.ru Software nginx / Resource Hash 45196b8b4f0868255c304ed472ce835df7c55bc3385c15f9504cbbd68758ae75 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff Request headers :path /images/repair6/vwspare100.gif pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority vwts.ru referer https://vwts.ru/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:41:09 GMT x-content-type-options nosniff last-modified Thu, 21 Mar 2019 14:54:10 GMT server nginx etag "5c93a592-4c66" strict-transport-security max-age=31536000; content-type image/gif cache-control max-age=2592000 accept-ranges bytes content-length 19558 expires Fri, 12 Nov 2021 09:41:09 GMT
GET H2	200	3_0_FFFFFFFF_EFEFEFFF_0_pageviews metrika-informer.com/informer/36189365/	1 KB 2 KB	158ms 55ms	Image image/png	80.239.201.33 TWELVE99 Twelve99
General Check archive.org Show headers Download Go to Show image Full URL https://metrika-informer.com/informer/36189365/3_0_FFFFFFFF_EFEFEFFF_0_pageviews Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 80.239.201.33 , Sweden, ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE), Reverse DNS 80-239-201-33.teliacarrier-cust.com Software / Resource Hash 35b902835cf560ff5b60674a1fef6839745be883f782605acd88ba2d87ba3f89 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 last-modified Wed, 13-Oct-2021 09:23:10 GMT content-type image/png cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 1392 x-xss-protection 1; mode=block expires Wed, 13-Oct-2021 09:23:10 GMT
GET H/1.1	200 OK	counter2 mytopf.com/ Redirect Chain https://mytopf.com/counter?id=35502;t=49 https://mytopf.com/counter2?id=35502;t=49	680 B 2 KB	52ms 52ms	Image image/gif	79.137.156.169 CYMRG-AS
General Check archive.org Show headers Download Go to Show image Full URL https://mytopf.com/counter2?id=35502;t=49 Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 79.137.156.169 , Russian Federation, ASN205830 (CYMRG-AS, CY), Reverse DNS Software nginx / Resource Hash 2e2a773c6427e690b0df9c94c71c51750acf6728c092e6ff764e44a7cde49da3 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 13 Oct 2021 09:23:10 GMT X-Content-Type-Options nosniff P3P CP="NOI DSP COR NID CUR PSA OUR NOR" Connection keep-alive Content-Length 680 Pragma no-cache AMP-Access-Control-Allow-Source-Origin * Server nginx Access-Control-Allow-Methods GET, POST, HEAD, PUT, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Access-Control-Expose-Headers AMP-Access-Control-Allow-Source-Origin Cache-Control private, no-cache, no-store, max-age=0 Access-Control-Allow-Credentials true Accept-CH-Lifetime 86400 Accept-CH DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version Timing-Allow-Origin * Access-Control-Allow-Headers * Redirect headers Date Wed, 13 Oct 2021 09:23:10 GMT X-Content-Type-Options nosniff Access-Control-Allow-Origin * P3P CP="NOI DSP COR NID CUR PSA OUR NOR" Connection keep-alive Content-Length 0 Pragma no-cache AMP-Access-Control-Allow-Source-Origin * Server nginx Access-Control-Allow-Methods GET, POST, HEAD, PUT, OPTIONS Location https://mytopf.com/counter2?id=35502;t=49 Access-Control-Expose-Headers AMP-Access-Control-Allow-Source-Origin Cache-Control private, no-cache, no-store, max-age=0 Access-Control-Allow-Credentials true Accept-CH-Lifetime 86400 Accept-CH DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version Timing-Allow-Origin * Access-Control-Allow-Headers *
GET H2	200	jquery.min.js Show response vwts.ru/css/js/	94 KB 94 KB	50ms 49ms	Script application/javascript	46.38.56.116 TCTEL
General Check archive.org Show headers Download Go to Full URL https://vwts.ru/css/js/jquery.min.js Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 46.38.56.116 Moscow, Russian Federation, ASN52201 (TCTEL, RU), Reverse DNS vwts.ru Software nginx / Resource Hash ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff Request headers :path /css/js/jquery.min.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority vwts.ru referer https://vwts.ru/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:41:09 GMT x-content-type-options nosniff last-modified Sat, 06 May 2017 16:01:24 GMT server nginx etag "590df354-176d5" strict-transport-security max-age=31536000; content-type application/javascript; charset=utf-8 cache-control max-age=2592000 accept-ranges bytes content-length 95957 expires Fri, 12 Nov 2021 09:41:09 GMT
GET H2	200	skel.min.js Show response vwts.ru/css/js/	9 KB 9 KB	100ms 100ms	Script application/javascript	46.38.56.116 TCTEL
General Check archive.org Show headers Download Go to Full URL https://vwts.ru/css/js/skel.min.js Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 46.38.56.116 Moscow, Russian Federation, ASN52201 (TCTEL, RU), Reverse DNS vwts.ru Software nginx / Resource Hash ddef8dbceabe0ffc9e272d6aad6a5890452be9294e08be661e97369d97d7ef81 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff Request headers :path /css/js/skel.min.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority vwts.ru referer https://vwts.ru/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:41:09 GMT x-content-type-options nosniff last-modified Sat, 06 May 2017 16:01:24 GMT server nginx etag "590df354-237d" strict-transport-security max-age=31536000; content-type application/javascript; charset=utf-8 cache-control max-age=2592000 accept-ranges bytes content-length 9085 expires Fri, 12 Nov 2021 09:41:09 GMT
GET H2	200	main.js Show response vwts.ru/css/js/	6 KB 6 KB	49ms 48ms	Script application/javascript	46.38.56.116 TCTEL
General Check archive.org Show headers Download Go to Full URL https://vwts.ru/css/js/main.js Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 46.38.56.116 Moscow, Russian Federation, ASN52201 (TCTEL, RU), Reverse DNS vwts.ru Software nginx / Resource Hash 0b6cc723a78eb4796fdfb89454b376abac99288f305b76fd44ab5604dfb88d50 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff Request headers :path /css/js/main.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority vwts.ru referer https://vwts.ru/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:41:09 GMT x-content-type-options nosniff last-modified Sun, 22 Apr 2018 22:17:04 GMT server nginx etag "5add09e0-17dd" strict-transport-security max-age=31536000; content-type application/javascript; charset=utf-8 cache-control max-age=2592000 accept-ranges bytes content-length 6109 expires Fri, 12 Nov 2021 09:41:09 GMT
GET H2	200	util.js Show response vwts.ru/css/js/	12 KB 12 KB	50ms 50ms	Script application/javascript	46.38.56.116 TCTEL
General Check archive.org Show headers Download Go to Full URL https://vwts.ru/css/js/util.js Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 46.38.56.116 Moscow, Russian Federation, ASN52201 (TCTEL, RU), Reverse DNS vwts.ru Software nginx / Resource Hash c2e1e72b0de356f6ce184e3af4fa8ab6590a2581162905a27d77886b2d960e00 Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff Request headers :path /css/js/util.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority vwts.ru referer https://vwts.ru/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:41:09 GMT x-content-type-options nosniff last-modified Sat, 06 May 2017 16:01:24 GMT server nginx etag "590df354-3091" strict-transport-security max-age=31536000; content-type application/javascript; charset=utf-8 cache-control max-age=2592000 accept-ranges bytes content-length 12433 expires Fri, 12 Nov 2021 09:41:09 GMT
GET H2	200	font-awesome.min.css vwts.ru/css/	30 KB 8 KB	100ms 100ms	Stylesheet text/css	46.38.56.116 TCTEL
General Check archive.org Show headers Download Go to Full URL https://vwts.ru/css/font-awesome.min.css Requested by Host: vwts.ru URL: https://vwts.ru/css/main.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 46.38.56.116 Moscow, Russian Federation, ASN52201 (TCTEL, RU), Reverse DNS vwts.ru Software nginx / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff Request headers :path /css/font-awesome.min.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority vwts.ru referer https://vwts.ru/css/main.css :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:41:09 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 30 Jan 2018 06:57:34 GMT server nginx etag W/"5a70175e-7918" strict-transport-security max-age=31536000; content-type text/css cache-control max-age=2592000 expires Fri, 12 Nov 2021 09:41:09 GMT
GET H2	200	css fonts.googleapis.com/	14 KB 2 KB	59ms 23ms	Stylesheet text/css	142.250.184.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,600,400italic,600italic|Roboto+Slab:400,700 Requested by Host: vwts.ru URL: https://vwts.ru/css/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.202 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f10.1e100.net Software ESF / Resource Hash 98cc2168cf3cde20389107735607313ec95952ccdafbc9ffff00016bb202abca Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 13 Oct 2021 08:04:12 GMT server ESF date Wed, 13 Oct 2021 09:23:10 GMT x-frame-options SAMEORIGIN report-to {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk" expires Wed, 13 Oct 2021 09:23:10 GMT
GET H2	200	tag.js Show response cdn.jsdelivr.net/npm/yandex-metrica-watch/	192 KB 77 KB	36ms 18ms	Script application/javascript	104.16.89.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 27e7fbbd6777b1881a85faa9c14c6d0c5bf9be0ada2a5369b48068618a902eac Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 9898 x-jsd-version 1.205.0 x-cache HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-served-by cache-fra19126-FRA timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"2fea2-yvjlk0HON60NbJ/xk6ig7Q7nj1w" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 cf-ray 69d781f5c9bd694b-FRA
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	48ms 14ms	Script text/javascript	142.250.185.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f14.1e100.net Software Golfe2 / Resource Hash fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 28 Sep 2021 21:34:48 GMT server Golfe2 age 2173 date Wed, 13 Oct 2021 08:46:57 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19887 expires Wed, 13 Oct 2021 10:46:57 GMT
GET H/1.1	200 OK	code-fb.js Show response mytopf.com/js/	25 KB 11 KB	181ms 64ms	Script application/javascript	79.137.156.169 CYMRG-AS
General Check archive.org Show headers Download Go to Full URL https://mytopf.com/js/code-fb.js Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 79.137.156.169 , Russian Federation, ASN205830 (CYMRG-AS, CY), Reverse DNS Software nginx / Resource Hash c58515ea4c4097d475833f48291522258e6888826d8c7c77ae8e42e07896e3c2 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 13 Oct 2021 09:23:10 GMT Content-Encoding gzip X-Content-Type-Options nosniff Transfer-Encoding chunked P3P CP="NOI DSP COR NID CUR PSA OUR NOR" Connection keep-alive AMP-Access-Control-Allow-Source-Origin * Last-Modified Thu, 15 Jul 2021 18:35:46 GMT Server nginx ETag W/"60f08002-65f9" Access-Control-Allow-Methods GET, POST, HEAD, PUT, OPTIONS Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers AMP-Access-Control-Allow-Source-Origin Cache-Control max-age=3600, private Access-Control-Allow-Credentials true Accept-CH-Lifetime 86400 Accept-CH DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version Timing-Allow-Origin * Access-Control-Allow-Headers * Expires Wed, 13 Oct 2021 10:23:10 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v26/	44 KB 44 KB	29ms 7ms	Font font/woff2	142.250.185.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,400italic,600italic|Roboto+Slab:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f3.1e100.net Software sffe / Resource Hash 538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://vwts.ru Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 07 Oct 2021 17:04:31 GMT x-content-type-options nosniff age 490719 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44760 x-xss-protection 0 last-modified Thu, 23 Sep 2021 16:50:17 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 07 Oct 2022 17:04:31 GMT
GET H2	200	BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2 fonts.gstatic.com/s/robotoslab/v16/	20 KB 21 KB	38ms 16ms	Font font/woff2	142.250.185.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,400italic,600italic|Roboto+Slab:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f3.1e100.net Software sffe / Resource Hash df6bc2e9c74a3940a38b0dd04d2fe461cb2dbb09d35fe9529e15cec0227d7b40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://vwts.ru Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 07 Oct 2021 05:56:11 GMT x-content-type-options nosniff age 530819 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20868 x-xss-protection 0 last-modified Thu, 16 Sep 2021 18:11:08 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 07 Oct 2022 05:56:11 GMT
GET H2	200	BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 fonts.gstatic.com/s/robotoslab/v16/	32 KB 32 KB	40ms 19ms	Font font/woff2	142.250.185.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,400italic,600italic|Roboto+Slab:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f3.1e100.net Software sffe / Resource Hash 2c2dd34c8a8d2ed4b4e91eed55c2404518bb4a5ff02ae68e7a08f4e14ddb3e46 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://vwts.ru Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 07 Oct 2021 18:41:13 GMT x-content-type-options nosniff age 484917 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32876 x-xss-protection 0 last-modified Thu, 16 Sep 2021 18:12:04 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 07 Oct 2022 18:41:13 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 fonts.gstatic.com/s/opensans/v26/	24 KB 24 KB	28ms 21ms	Font font/woff2	142.250.185.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,400italic,600italic|Roboto+Slab:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f3.1e100.net Software sffe / Resource Hash e167af37f1fd882edf7bcf15a703c25607ae273a016e9e892be7b2526b3717bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://vwts.ru Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 07 Oct 2021 17:08:17 GMT x-content-type-options nosniff age 490493 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24780 x-xss-protection 0 last-modified Thu, 23 Sep 2021 16:50:04 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 07 Oct 2022 17:08:17 GMT
GET H2	200	context.js Show response an.yandex.ru/system/	299 KB 79 KB	126ms 61ms	Script text/javascript	213.180.193.90 YANDEX
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/system/context.js Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS bs.yandex.ru Software / Resource Hash 8bf51f4accf464f95aadbd3b4eff6ae95bd7405ab2ce9a08243b94119ba0825a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * strict-transport-security max-age=31536000 content-encoding br etag 737827014 x-yandex-req-id 1634116990483929-201344510133069914200378-production-app-host-vla-pcode-21 content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control private, max-age=3600 x-robots-tag noindex, noarchive, nofollow expires Wed, 13 Oct 2021 10:23:10 GMT
GET H2	200	aci.js Show response www.acint.net/	21 KB 7 KB	39ms 10ms	Script application/x-javascript	195.201.243.72 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.acint.net/aci.js Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS regensburg.aucourant.info Software openresty / Resource Hash 8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:10 GMT content-encoding gzip last-modified Sat, 02 Jan 2021 18:29:13 GMT server openresty etag "5ff0bb79-1baf" content-type application/x-javascript cache-control max-age=43200 content-length 7087 expires Wed, 13 Oct 2021 21:23:10 GMT
GET H2	200	all.js Show response site.yandex.net/v2.0/js/	56 KB 15 KB	103ms 30ms	Script application/javascript	178.154.131.217 YANDEX
General Check archive.org Show headers Download Go to Full URL https://site.yandex.net/v2.0/js/all.js Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS static.yandex.net Software nginx/1.17.9 / Resource Hash 70a0083e92cf715231f7734f0ecf0365c77ec3fdfe97921d75b39afd09871711 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:10 GMT content-encoding br vary Accept-Encoding nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 15151 last-modified Thu, 14 Jan 2021 10:10:45 GMT server nginx/1.17.9 etag "a144f832184afae15f82138151d89089" x-robots-tag noindex, noarchive, nofollow strict-transport-security max-age=43200000; includeSubDomains; report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type application/javascript access-control-allow-origin * cache-control public, max-age=216013 accept-ranges bytes timing-allow-origin * expires Fri, 15 Oct 2021 21:22:06 GMT
GET H3	200	fontawesome-webfont.woff2 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/	75 KB 76 KB	35ms 22ms	Font font/woff2	104.18.10.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: maxcdn.bootstrapcdn.com URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Origin https://vwts.ru Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:10 GMT x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 601, 617, 617, 617, 617, 617 age 14956669 cdn-cachedat 2021-04-23 08:31:24 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 77160 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:55 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type font/woff2 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid a6136c6ed919a15c68eee174f4d474f6 accept-ranges bytes cf-ray 69d781f61b9696da-FRA cdn-requestcountrycode DE cdn-requestpullsuccess True
POST H3	200	collect Show response www.google-analytics.com/j/	4 B 24 B	28ms 14ms	XHR text/plain	142.250.185.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1533827397&t=pageview&_s=1&dl=https%3A%2F%2Fvwts.ru%2F&ul=en-us&de=UTF-8&dt=Volkswagen%20Technical%20Site&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=915224943&gjid=1668995356&cid=766306439.1634116990&tid=UA-1689759-1&_gid=1416642583.1634116990&_r=1&_slc=1&z=2128348702 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f14.1e100.net Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://vwts.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 13 Oct 2021 09:23:10 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://vwts.ru cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	1 Show response mc.yandex.ru/watch/3/ Redirect Chain https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fvwts.ru%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A504%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-U... https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fvwts.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A504%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-...	167 B 249 B	37ms 29ms	XHR application/json	93.158.134.119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fvwts.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A504%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A2%3Adp%3A0%3Als%3A439017040493%3Ahid%3A646459384%3Az%3A0%3Ai%3A2021010130923010%3Aet%3A1634116991%3Ac%3A1%3Arn%3A1031607034%3Arqn%3A1%3Au%3A1634116991677526977%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634116989896%3Ads%3A0%2C106%2C67%2C48%2C92%2C0%2C%2C288%2C6%2C%2C%2C%2C557%3Adsn%3A0%2C106%2C67%2C48%2C92%2C0%2C%2C243%2C6%2C%2C%2C%2C557%3Awv%3A2%3Ati%3A2%3Ast%3A1634116991 Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 2174f7a86a96052990fca2de0303be8bce26ee26a6d3f02910447da21ac98f41 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 13 Oct 2021 09:23:10 GMT x-content-type-options nosniff last-modified Wed, 13-Oct-2021 09:23:10 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://vwts.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 167 x-xss-protection 1; mode=block expires Wed, 13-Oct-2021 09:23:10 GMT Redirect headers pragma no-cache date Wed, 13 Oct 2021 09:23:10 GMT last-modified Wed, 13-Oct-2021 09:23:10 GMT location /watch/3/1?wmode=7&page-url=https%3A%2F%2Fvwts.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A504%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A2%3Adp%3A0%3Als%3A439017040493%3Ahid%3A646459384%3Az%3A0%3Ai%3A2021010130923010%3Aet%3A1634116991%3Ac%3A1%3Arn%3A1031607034%3Arqn%3A1%3Au%3A1634116991677526977%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634116989896%3Ads%3A0%2C106%2C67%2C48%2C92%2C0%2C%2C288%2C6%2C%2C%2C%2C557%3Adsn%3A0%2C106%2C67%2C48%2C92%2C0%2C%2C243%2C6%2C%2C%2C%2C557%3Awv%3A2%3Ati%3A2%3Ast%3A1634116991 strict-transport-security max-age=31536000 access-control-allow-origin https://vwts.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Wed, 13-Oct-2021 09:23:10 GMT
GET H2	200	1 Show response mc.yandex.ru/watch/36189365/ Redirect Chain https://mc.yandex.ru/watch/36189365?wmode=7&page-url=https%3A%2F%2Fvwts.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A504%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3... https://mc.yandex.ru/watch/36189365/1?wmode=7&page-url=https%3A%2F%2Fvwts.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A504%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US...	385 B 420 B	37ms 30ms	XHR application/json	93.158.134.119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/36189365/1?wmode=7&page-url=https%3A%2F%2Fvwts.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A504%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A429860846557%3Ahid%3A646459384%3Az%3A0%3Ai%3A2021010130923010%3Aet%3A1634116991%3Ac%3A1%3Arn%3A776688304%3Arqn%3A1%3Au%3A1634116991677526977%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634116989896%3Ads%3A0%2C106%2C67%2C48%2C92%2C0%2C%2C288%2C6%2C%2C%2C%2C557%3Adsn%3A0%2C106%2C67%2C48%2C92%2C0%2C%2C243%2C6%2C%2C%2C%2C557%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1634116991%3At%3AVolkswagen%20Technical%20Site Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS mc.yandex.ru Software / Resource Hash e65380f94f053127d7bf82dbf25efc9d2729e5ba78910b567a28fc6e1d92fed5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 13 Oct 2021 09:23:10 GMT x-content-type-options nosniff last-modified Wed, 13-Oct-2021 09:23:10 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://vwts.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 385 x-xss-protection 1; mode=block expires Wed, 13-Oct-2021 09:23:10 GMT Redirect headers pragma no-cache date Wed, 13 Oct 2021 09:23:10 GMT last-modified Wed, 13-Oct-2021 09:23:10 GMT location /watch/36189365/1?wmode=7&page-url=https%3A%2F%2Fvwts.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A504%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A429860846557%3Ahid%3A646459384%3Az%3A0%3Ai%3A2021010130923010%3Aet%3A1634116991%3Ac%3A1%3Arn%3A776688304%3Arqn%3A1%3Au%3A1634116991677526977%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634116989896%3Ads%3A0%2C106%2C67%2C48%2C92%2C0%2C%2C288%2C6%2C%2C%2C%2C557%3Adsn%3A0%2C106%2C67%2C48%2C92%2C0%2C%2C243%2C6%2C%2C%2C%2C557%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1634116991%3At%3AVolkswagen%20Technical%20Site strict-transport-security max-age=31536000 access-control-allow-origin https://vwts.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Wed, 13-Oct-2021 09:23:10 GMT
GET H2	200	/ Show response www.acint.net/mc/ Frame FE77 Redirect Chain https://www.acint.net/mc/?dp=10 https://www.acint.net/mc/?dp=10&tc=1	3 KB 4 KB	11ms 11ms	Document text/html	195.201.243.72 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.acint.net/mc/?dp=10&tc=1 Requested by Host: www.acint.net URL: https://www.acint.net/aci.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS regensburg.aucourant.info Software openresty / Resource Hash 19f09900f68dc7e51367a1ffa9842fb9aba06e607aff1a4869f0683d2018dd2e Request headers :method GET :authority www.acint.net :scheme https :path /mc/?dp=10&tc=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://vwts.ru/ accept-encoding gzip, deflate, br cookie test_cookie=CheckForPermission; aid=fwAAAWFmpX5jzQiJJ/buAgj4g8fI0FXmYMwnc9vWqiE6jXUe Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ Response headers server openresty date Wed, 13 Oct 2021 09:23:10 GMT content-type text/html set-cookie cSyncDp7v2=1634116990; expires=Fri, 12-Nov-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp14v3=1634116990; expires=Fri, 12-Nov-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp17=1634116990; expires=Fri, 12-Nov-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp32=1634116990; expires=Fri, 12-Nov-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp45v3=1634116990; expires=Thu, 14-Oct-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp53=1634116990; expires=Fri, 12-Nov-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp54v2=1634116990; expires=Fri, 12-Nov-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp62=1634116990; expires=Fri, 12-Nov-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp67v2=1634116990; expires=Fri, 12-Nov-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp68=1634116990; expires=Fri, 12-Nov-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp77=1634116990; expires=Wed, 27-Oct-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp84=1634116990; expires=Fri, 12-Nov-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp85=1634116990; expires=Fri, 12-Nov-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp88=1634116990; expires=Fri, 12-Nov-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp95v2=1634116990; expires=Fri, 12-Nov-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp101=1634116990; expires=Fri, 12-Nov-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp104v2=1634116990; expires=Wed, 27-Oct-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp107=1634116990; expires=Fri, 12-Nov-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp111v2=1634116990; expires=Wed, 27-Oct-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp112v2=1634116990; expires=Fri, 12-Nov-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp125=1634116990; expires=Fri, 12-Nov-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp126=1634116990; expires=Fri, 12-Nov-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp127=1634116990; expires=Fri, 12-Nov-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp136=1634116990; expires=Fri, 12-Nov-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp138=1634116990; expires=Fri, 12-Nov-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp144=1634116990; expires=Fri, 12-Nov-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp146=1634116990; expires=Fri, 12-Nov-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp149=1634116990; expires=Fri, 12-Nov-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp151=1634116990; expires=Fri, 12-Nov-21 09:23:10 GMT; path=/; Secure; SameSite=None; domain=.acint.net p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" content-encoding gzip Redirect headers server openresty date Wed, 13 Oct 2021 09:23:10 GMT content-type text/html content-length 154 set-cookie test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Wed, 13-Oct-21 09:33:10 GMT aid=fwAAAWFmpX5jzQiJJ/buAgj4g8fI0FXmYMwnc9vWqiE6jXUe; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None location /mc/?dp=10&tc=1
GET H2	200	/ www.acint.net/hit/	43 B 340 B	12ms 12ms	Image image/gif	195.201.243.72 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.acint.net/hit/?v=0.3.0&uid=24ba234d-74a2-487f-a65f-7c336baf5bc0&dp=10&tz=%2B00%3A00&nc=37871490&u=https%3A%2F%2Fvwts.ru%2F&r=&rs=1600x1200&t=Volkswagen%20Technical%20Site&oE=1&oP=1&dT=2021-10-13T09%3A23%3A10.559&fu=6f179cf2-c8e9-4c13-8739-af0c8460a380 Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS regensburg.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:10 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	advert.gif mc.yandex.ru/metrika/	43 B 186 B	76ms 34ms	Image image/gif	93.158.134.119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.ru/metrika/advert.gif Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:10 GMT last-modified Tue, 12 Oct 2021 15:49:43 GMT etag "61658467-2b" strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Wed, 13 Oct 2021 10:23:10 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 454 B	43ms 14ms	XHR text/plain	66.102.1.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-1689759-1&cid=766306439.1634116990&jid=915224943&gjid=1668995356&_gid=1416642583.1634116990&_u=IEBAAEAAAAAAAC~&z=1083075114 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.102.1.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wb-in-f155.1e100.net Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://vwts.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Wed, 13 Oct 2021 09:23:10 GMT content-type text/plain access-control-allow-origin https://vwts.ru cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	show_ads_impl_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/	272 KB 97 KB	58ms 37ms	Script text/javascript	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash 017533b65890dc9fad4d486d3479b79fae4a3212abdbe6df969220d1fc5c2dd4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:10 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 99713 x-xss-protection 0 server cafe etag 3877771964379470727 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Wed, 13 Oct 2021 09:23:10 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/ Frame 3B15	10 KB 5 KB	48ms 13ms	Document text/html	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s46-in-f2.1e100.net Software cafe / Resource Hash f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20211011/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://vwts.ru/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Tue, 12 Oct 2021 21:25:32 GMT expires Tue, 26 Oct 2021 21:25:32 GMT content-type text/html; charset=UTF-8 etag 414810510046348021 x-content-type-options nosniff content-encoding gzip server cafe content-length 4645 x-xss-protection 0 age 43058 cache-control public, max-age=1209600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	jquery.min.js Show response yastatic.net/jquery/1.6.2/	89 KB 28 KB	42ms 41ms	Script application/x-javascript	178.154.131.217 YANDEX
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/jquery/1.6.2/jquery.min.js Requested by Host: site.yandex.net URL: https://site.yandex.net/v2.0/js/all.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS static.yandex.net Software nginx/1.17.9 / Resource Hash d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:10 GMT content-encoding br vary Accept-Encoding nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 28368 x-nginx-request-id 7e1e7bb69dd58d49 last-modified Mon, 12 Nov 2018 13:13:42 GMT server nginx/1.17.9 etag "57f5e4ce99f95e1eb0f18d52b65b6769" strict-transport-security max-age=43200000; includeSubDomains; report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31556952 accept-ranges bytes timing-allow-origin * expires Wed, 12 Oct 2022 16:04:36 GMT
GET H2	200	counter2 top-fwz1.mail.ru/ Redirect Chain https://top-fwz1.mail.ru/counter?js=13;id=35502;u=https%3A//vwts.ru/;st=1634116990453;title=Volkswagen%20Technical%20Site;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=385cc0a92e05dfff;... https://top-fwz1.mail.ru/counter2?js=13;id=35502;u=https%3A//vwts.ru/;st=1634116990453;title=Volkswagen%20Technical%20Site;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=385cc0a92e05dfff...	43 B 958 B	45ms 45ms	Image image/gif	217.69.133.145 MAILRU-AS Mail.Ru
General Check archive.org Show headers Download Go to Show image Full URL https://top-fwz1.mail.ru/counter2?js=13;id=35502;u=https%3A//vwts.ru/;st=1634116990453;title=Volkswagen%20Technical%20Site;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=385cc0a92e05dfff;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.1//4g/0/0/;lvid=1634116990630%3A1634116990640%3A1%3Ad3eeed0fee96900261e7339ee0b64b2e;visible=true;_=0.7110924300097836 Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU), Reverse DNS top-fwz1.mail.ru Software nginx / Resource Hash 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:10 GMT x-content-type-options nosniff p3p CP="NOI DSP COR NID CUR PSA OUR NOR" content-length 43 pragma no-cache amp-access-control-allow-source-origin * server nginx access-control-allow-methods GET, POST, HEAD, PUT, OPTIONS content-type image/gif access-control-allow-origin * access-control-expose-headers AMP-Access-Control-Allow-Source-Origin cache-control private, no-cache, no-store, max-age=0 access-control-allow-credentials true accept-ch-lifetime 86400 accept-ch DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version timing-allow-origin * access-control-allow-headers * Redirect headers date Wed, 13 Oct 2021 09:23:10 GMT x-content-type-options nosniff access-control-allow-origin * p3p CP="NOI DSP COR NID CUR PSA OUR NOR" content-length 0 pragma no-cache amp-access-control-allow-source-origin * server nginx access-control-allow-methods GET, POST, HEAD, PUT, OPTIONS location https://top-fwz1.mail.ru/counter2?js=13;id=35502;u=https%3A//vwts.ru/;st=1634116990453;title=Volkswagen%20Technical%20Site;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=385cc0a92e05dfff;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.1//4g/0/0/;lvid=1634116990630%3A1634116990640%3A1%3Ad3eeed0fee96900261e7339ee0b64b2e;visible=true;_=0.7110924300097836 access-control-expose-headers AMP-Access-Control-Allow-Source-Origin cache-control private, no-cache, no-store, max-age=0 access-control-allow-credentials true accept-ch-lifetime 86400 accept-ch DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version timing-allow-origin * access-control-allow-headers *
GET H2	200	6b83d077a96333c6aa6f.js Show response yastatic.net/partner-code-bundles/44826/	13 KB 5 KB	98ms 32ms	Script text/javascript	178.154.131.215 YANDEX
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/44826/6b83d077a96333c6aa6f.js Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.154.131.215 , Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS static.yandex.net Software nginx/1.17.9 / Resource Hash 07c973f2e9c37c6b21ba9686e42276120f8159e3c0de3c211b91825ff841b0cd Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://vwts.ru/ Origin https://vwts.ru Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:10 GMT content-encoding br vary Accept-Encoding nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 4461 last-modified Tue, 12 Oct 2021 15:17:06 GMT server nginx/1.17.9 etag "7d1f0abd7b9830abeae0d9f285b9bef9" x-robots-tag noindex, noarchive, nofollow strict-transport-security max-age=43200000; includeSubDomains; report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * expires Fri, 13 Oct 2051 15:56:57 GMT
GET H2	200	3484feadd4cc4f959130.js Show response yastatic.net/partner-code-bundles/44826/	81 KB 18 KB	128ms 62ms	Script text/javascript	178.154.131.215 YANDEX
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/44826/3484feadd4cc4f959130.js Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.154.131.215 , Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS static.yandex.net Software nginx/1.17.9 / Resource Hash eb54f3841dc0e09120462f806a11bbc5eff44025536dc6a0c0201aa8e2f50d38 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://vwts.ru/ Origin https://vwts.ru Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:10 GMT content-encoding br vary Accept-Encoding nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 17477 last-modified Tue, 12 Oct 2021 15:17:06 GMT server nginx/1.17.9 etag "873fa61dd75ce1095f4571d104092a04" x-robots-tag noindex, noarchive, nofollow strict-transport-security max-age=43200000; includeSubDomains; report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * expires Fri, 13 Oct 2051 15:56:58 GMT
GET H2	200	host.js Show response yastatic.net/safeframe-bundles/0.82/	33 KB 9 KB	175ms 111ms	Script text/javascript	178.154.131.215 YANDEX
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/safeframe-bundles/0.82/host.js Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.154.131.215 , Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS static.yandex.net Software nginx/1.17.9 / Resource Hash 10c861bc88c25be1f3ee98f7652bc7fbb35857f42f923e00c6037b757c77685e Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://vwts.ru/ Origin https://vwts.ru Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:10 GMT content-encoding br vary Accept-Encoding nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 8879 last-modified Mon, 28 Jun 2021 10:29:24 GMT server nginx/1.17.9 etag "e4627697ff619d2b610d2b2fee975531" x-robots-tag noindex, noarchive, nofollow strict-transport-security max-age=43200000; includeSubDomains; report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * expires Fri, 13 Oct 2051 15:57:33 GMT
GET H2	200	40624 Show response an.yandex.ru/meta/	1 KB 1 KB	162ms 162ms	XHR application/json	213.180.193.90 YANDEX
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/meta/40624?target-ref=https%3A%2F%2Fvwts.ru%2F&charset=utf-8&pcode-test-ids=431004%2C0%2C34%3B428758%2C0%2C42%3B434271%2C0%2C80%3B430931%2C0%2C82%3B428464%2C0%2C71%3B436419%2C0%2C80%3B426160%2C0%2C6&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22434485%22%2C%22testId%22%3A%22435340%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22435450%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22435450%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22435450%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22435450%22%7D%5D%2C%22DECODE_VAST%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22432455%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C374320%5D%2C%22testId%22%3A%22435688%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22DISABLE_144P_QUALITY%22%3A%5B%7B%22value%22%3A%22FALSE%22%2C%22testId%22%3A%22431004%22%7D%5D%2C%22TEST_EXP_VAS_CONFIG_IN_PCODE%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22428758%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22434271%22%7D%5D%2C%22INPAGE_LOAD_MODULE_DIRECT%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22430931%22%7D%5D%2C%22ADFOX_AVAILABLE_SIZE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22428464%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2244826%22%2C%22testId%22%3A%22436419%22%7D%5D%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=jkFfTdUIOUtvovqLFiiZPxNSfevJuJd38tNwRd93o5wGtuP880COzytKzzImIa7UmPGWUIrc7tYukMFkqbz1n0QGntM%3D&duid=MTYzNDExNjk5MTY3NzUyNjk3Nw%3D%3D&imp-id=15&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=436557655834626&ad-session-id=600951634116990656&target-id=45921350&tga-with-creatives=1&pcode-version=44826&pcodever=44826&flash-ver=0&available-width=267&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.1%2C%22w%22%3A267.625%2C%22h%22%3A0%2C%22width%22%3A268%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1259%2C%22top%22%3A984%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=2048&grab=dFZvbGtzd2FnZW4gVGVjaG5pY2FsIFNpdGUKMdCi0LXRhdC90LjRh9C10YHQutCw0Y8g0LjQvdGE0L7RgNC80LDRhtC40Y8g0L_QviDQsNCy0YLQvtC80L7QsdC40LvRj9C8IFZXLCBBdWRpLCBTa29kYSwgU2VhdCAKM1ZvbGtzd2FnZW4gQ3JhZnRlciAoU1kpOiDRgdC10YDQstC40YHQvdC-0LUg0L7QsdGB0LvRg9C20LjQstCw0L3QuNC1IAozVm9sa3N3YWdlbiBDcmFmdGVyIChTWSk6INGN0LvQtdC60YLRgNC-0L7QsdC-0YDRg9C00L7QstCw0L3QuNC1IAozVm9sa3N3YWdlbiBDcmFmdGVyIChTWSk6INGN0LvQtdC60YLRgNC-0L7QsdC-0YDRg9C00L7QstCw0L3QuNC1IAoz0JTQuNGB0LrQvtC90YLQvdCw0Y8g0LrQsNGA0YLQsCBWb2xrc3dhZ2VuIFRlY2huaWNhbCBTaXRlOiAKM1Nrb2RhIFNjYWxhIC8gS2FtaXEgKE5XKTog0LrRg9C30L7QsiAKM1Nrb2RhIFNjYWxhIC8gS2FtaXEgKE5XKTog0LrRg9C30L7QsiAKM1ZvbGtzd2FnZW4gU2hhcmFuIDIgKDdOKTog0Y3Qu9C10LrRgtGA0L7QvtCx0L7RgNGD0LTQvtCy0LDQvdC40LUgCjNWb2xrc3dhZ2VuIFNoYXJhbiAyICg3Tik6INGN0LvQtdC60YLRgNC-0L7QsdC-0YDRg9C00L7QstCw0L3QuNC1IAozVm9sa3N3YWdlbiBQb2xvIDYgKEFXMSk6INGN0LvQtdC60YLRgNC-0L7QsdC-0YDRg9C00L7QstCw0L3QuNC1IAozVm9sa3N3YWdlbiBQb2xvIDYgKEFXMSk6INGN0LvQtdC60YLRgNC-0L7QsdC-0YDRg9C00L7QstCw0L3QuNC1IAozVm9sa3N3YWdlbiBUaWd1YW4gMiAoQVgxLCBCVCk6INC60L7RgNC-0LHQutC4INC_0LXRgNC10LTQsNGHIAozVm9sa3N3YWdlbiBULVJvYyAoQTExKTog0Y3Qu9C10LrRgtGA0L7QvtCx0L7RgNGD0LTQvtCy0LDQvdC40LUgCjPQpNC-0LvRjNC60YHQstCw0LPQtdC9LCDQkNGD0LTQuCwg0KjQutC-0LTQsCwg0KHQtdCw0YI6INC00LLQuNCz0LDRgtC10LvQuCAKM1ZvbGtzd2FnZW4gUGFzc2F0IEI4IChDQik6INGB0LjRgdGC0LXQvNCwINC-0YLQvtC_0LvQtdC90LjRjyDQuCDQutC-0L3QtNC40YbQuNC-0L3QuNGA0L7QstCw0L3QuNGPIAozVm9sa3N3YWdlbiBUcmFuc3BvcnRlciBUNiAoU0cpOiDRjdC70LXQutGC0YDQvtC-0LHQvtGA0YPQtNC-0LLQsNC90LjQtSAKM1ZvbGtzd2FnZW4gR29sZiA4IChDRDEpOiDQutGD0LfQvtCyIAozVm9sa3N3YWdlbiBJRC4zIChFMTEpOiDRjdC70LXQutGC0YDQvtC-0LHQvtGA0YPQtNC-0LLQsNC90LjQtSAKM1ZvbGtzd2FnZW4gVGFvcyAoQ0wpOiDQtNC40LDQs9C90L7RgdGC0LjQutCwIAoz0KTQvtC70YzQutGB0LLQsNCz0LXQvSwg0JDRg9C00LgsINCo0LrQvtC00LAsINCh0LXQsNGCOiDQtNCy0LjQs9Cw0YLQtdC70LggCjPQpNC-0LvRjNC60YHQstCw0LPQtdC9LCDQkNGD0LTQuCwg0KjQutC-0LTQsCwg0KHQtdCw0YI6INC00LjQsNCz0L3QvtGB0YLQuNC60LAgCjNWb2xrc3dhZ2VuIFRyYW5zcG9ydGVyIFQ2IChTRyk6INGB0LjRgdGC0LXQvNCwINC-0YLQvtC_0LvQtdC90LjRjyDQuCDQutC-0L3QtNC40YbQuNC-0L3QuNGA0L7QstCw0L3QuNGPIAoz0KTQvtC70YzQutGB&uniformat=true&callback=Ya%5B7403972806564%5D Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS bs.yandex.ru Software / Resource Hash 48ce5d74052203423e55d6321d2090dd525b6085b3ef1a3def1ca29b0a2f9d71 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://vwts.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Wed, 13 Oct 2021 09:23:10 GMT content-encoding gzip last-modified Wed, 13 Oct 2021 09:23:10 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" x-yandex-req-id 1634116990692155-218668858644050644100348-production-app-host-man-pcode-54 strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://vwts.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * x-xss-protection 1; mode=block expires Wed, 13 Oct 2021 09:23:10 GMT
GET H2	200	d6df461544536cffb844.js Show response yastatic.net/partner-code-bundles/44826/	949 KB 155 KB	112ms 77ms	Script text/javascript	178.154.131.215 YANDEX
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/44826/d6df461544536cffb844.js Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.154.131.215 , Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS static.yandex.net Software nginx/1.17.9 / Resource Hash 8b94c2ed7b911fbaf890ccb0481ecde6a9324c8f8d938081e5fd88d51f123650 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://vwts.ru/ Origin https://vwts.ru Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:10 GMT content-encoding br vary Accept-Encoding nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 157768 last-modified Tue, 12 Oct 2021 15:17:07 GMT server nginx/1.17.9 etag "3ab5352772e2cef43c6e69249f7c6fae" x-robots-tag noindex, noarchive, nofollow strict-transport-security max-age=43200000; includeSubDomains; report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * expires Fri, 13 Oct 2051 15:56:56 GMT
GET H2	200	4d26354754d942a968e9.js Show response yastatic.net/partner-code-bundles/44826/	337 KB 62 KB	144ms 110ms	Script text/javascript	178.154.131.215 YANDEX
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/44826/4d26354754d942a968e9.js Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.154.131.215 , Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS static.yandex.net Software nginx/1.17.9 / Resource Hash 93666c7e9f1ea5c55121976c5eb632771678ac50382c2389cfa6c3e6cb4369c9 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://vwts.ru/ Origin https://vwts.ru Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:10 GMT content-encoding br vary Accept-Encoding nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 62534 last-modified Tue, 12 Oct 2021 15:17:06 GMT server nginx/1.17.9 etag "18b4d3a1ac6e0b6089d692b7db47cf31" x-robots-tag noindex, noarchive, nofollow strict-transport-security max-age=43200000; includeSubDomains; report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * expires Fri, 13 Oct 2051 15:56:56 GMT
GET H2	200	match ads.betweendigital.com/ Frame FE77 Redirect Chain https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F7EA566618908CD6302EEF627 https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F7EA566618908CD6302EEF627&crf=1	68 B 607 B	101ms 98ms	Image image/png	96.46.186.57 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F7EA566618908CD6302EEF627&crf=1 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software / Resource Hash 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers cache-control no-cache, no-store, max-age=0, must-revalidate content-length 68 content-type image/png Redirect headers location /match?bidder_id=73&external_user_id=0100007F7EA566618908CD6302EEF627&crf=1 cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0
GET H2	200	match acint.net/ Frame FE77 Redirect Chain https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D https://acint.net/match?dp=14&euid=0100007F7EA5666113008D44026BE2FA	43 B 269 B	17ms 11ms	Image image/gif	195.201.243.72 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://acint.net/match?dp=14&euid=0100007F7EA5666113008D44026BE2FA Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS regensburg.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:10 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT Redirect headers Date Wed, 13 Oct 2021 09:23:10 GMT Server openresty P3P CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" Location https://acint.net/match?dp=14&euid=0100007F7EA5666113008D44026BE2FA Cache-Control private, no-cache, no-store, must-revalidate, max-age=0 Connection keep-alive Content-Type text/html Content-Length 142 Expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	match acint.net/ Frame FE77 Redirect Chain https://px.adhigh.net/p/cm/sape?u=0100007F7EA566618908CD6302EEF627 https://px.adhigh.net/p/cm/sape?u=0100007F7EA566618908CD6302EEF627&bounced=1 https://acint.net/match?dp=17&euid=u6zqmPaGJYgA.AikABlF8ePZ3Xg	43 B 269 B	11ms 11ms	Image image/gif	195.201.243.72 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://acint.net/match?dp=17&euid=u6zqmPaGJYgA.AikABlF8ePZ3Xg Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS regensburg.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:10 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT Redirect headers pragma no-cache date Wed, 13 Oct 2021 09:23:10 GMT server nginx access-control-allow-origin * x-backend-id f7-ru p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://acint.net/match?dp=17&euid=u6zqmPaGJYgA.AikABlF8ePZ3Xg cache-control no-cache, no-store access-control-allow-credentials true content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	cm.gif ad.mail.ru/ Frame FE77	43 B 545 B	180ms 58ms	Image image/gif	94.100.180.197 MAILRU-AS Mail.Ru
General Check archive.org Show headers Download Go to Show image Full URL https://ad.mail.ru/cm.gif?p=48&id=0100007F7EA566618908CD6302EEF627 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 94.100.180.197 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU), Reverse DNS r.mail.ru Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:10 GMT last-modified Wed, 13 Oct 2021 09:23:10 GMT server nginx cross-origin-opener-policy same-origin cross-origin-embedder-policy require-corp content-type image/gif cache-control max-age=21600 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 43 expires Wed, 13 Oct 2021 15:23:10 GMT
GET H/1.1	200 OK	sync.cgi ssp.adriver.ru/cgi-bin/ Frame FE77 Redirect Chain https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5832202320 https://www.acint.net/rmatch?dp=45&euid=A_feXN8c4JY71DjhswBs8Dg&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F7EA566618908CD6302EEF627	42 B 201 B	126ms 64ms	Image image/gif	81.222.128.213 ELTEL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F7EA566618908CD6302EEF627 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.222.128.213 , Russian Federation, ASN20597 (ELTEL-AS, RU), Reverse DNS ad13.adriver.ru Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 13 Oct 2021 09:23:11 GMT Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type image/gif Redirect headers date Wed, 13 Oct 2021 09:23:10 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" location https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F7EA566618908CD6302EEF627 cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type text/html content-length 154 expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	204	sync a.utraff.com/ Frame FE77	0 814 B	60ms 27ms	Image text/plain	104.26.4.219 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.utraff.com/sync?ssp=sape Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.4.219 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:10 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin access-control-allow-methods GET, POST, OPTIONS content-type text/plain report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRS%2F1O%2FHc2DFHkPjjA3fauZJhBQjOZo0DoaS879rVhe%2BlHRzQBJZ2X2iTUQl34n%2B6alBhLELc7ZQ4jMOVKG1yAVbdV%2FgdpC8QeU8I5DyFb75%2F%2BsXOSX9%2Fe%2FTPpWJTA%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers Content-Length,Content-Range access-control-allow-credentials true cf-ray 69d781f81e48dfdb-FRA access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
GET H/1.1	200 OK	/ sync.bumlam.com/ Frame FE77 Redirect Chain https://sync.republer.com/match?dsp=sape https://sync.republer.com/match?dsp=sape&qset=1 https://sync.bumlam.com/?src=rp1&uid=f7241698-a271-46ce-9dcf-6c06b6ef12eb https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABj_ypqLBlIEioaQK2IkZjcyNDE2OTgtYTI3MS00NmNlLTlkY2YtNmMwNmI2ZWYxMmVi https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARj_ypqLBlIEioaQK2IkZjcyNDE2OTgtYTI3MS00NmNlLTlkY2YtNmMwNmI2ZWYxMmViogEQLz0u5CwHEeyG4AAlkMBkfA** https://sync.bumlam.com/?src=rp1&s_data=CAIQABj_ypqLBmIkZjcyNDE2OTgtYTI3MS00NmNlLTlkY2YtNmMwNmI2ZWYxMmViogEQLz0u5CwHEeyG4AAlkMBkfA** https://sync.bumlam.com/?src=rp1&s_data=CAIQARj_ypqLBmIkZjcyNDE2OTgtYTI3MS00NmNlLTlkY2YtNmMwNmI2ZWYxMmViogEQLz0u5CwHEeyG4AAlkMBkfA**	43 B 552 B	6ms 6ms	Image image/gif	31.172.81.159 DE-FIRSTCOLO www....
General Check archive.org Show headers Download Go to Show image Full URL https://sync.bumlam.com/?src=rp1&s_data=CAIQARj_ypqLBmIkZjcyNDE2OTgtYTI3MS00NmNlLTlkY2YtNmMwNmI2ZWYxMmViogEQLz0u5CwHEeyG4AAlkMBkfA** Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 31.172.81.159 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE), Reverse DNS Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 13 Oct 2021 09:23:11 GMT Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0 Server nginx Connection keep-alive Content-Type image/gif Content-Length 43 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Redirect headers Date Wed, 13 Oct 2021 09:23:11 GMT Server nginx ETag 2f3d2ee4-2c07-11ec-86e0-002590c0647c P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Location //sync.bumlam.com/?src=rp1&s_data=CAIQARj_ypqLBmIkZjcyNDE2OTgtYTI3MS00NmNlLTlkY2YtNmMwNmI2ZWYxMmViogEQLz0u5CwHEeyG4AAlkMBkfA** Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0 Connection keep-alive Content-Length 0
GET H2	204	match dm.hybrid.ai/ Frame FE77	0 238 B	457ms 112ms	Image text/plain	37.18.16.22 HYBRID-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dm.hybrid.ai/match?id=106&vid=0100007F7EA566618908CD6302EEF627 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, RU), Reverse DNS Software Hybrid Web Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 13 Oct 2021 09:23:11 GMT server Hybrid Web Server p3p CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC" access-control-allow-origin * cache-control no-cache, no-store x-mode 123 x-xss-protection 1; mode=block expires -1
GET H/1.1	200 OK	adcm.js Show response tag.digitaltarget.ru/ Frame FE77	3 KB 3 KB	164ms 50ms	Script application/javascript	185.15.175.144 SAFEDATA Uplinks
General Check archive.org Show headers Download Go to Full URL https://tag.digitaltarget.ru/adcm.js Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.15.175.144 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU), Reverse DNS Software nginx / Resource Hash 7c078e5032ba5da0fdf4e333ac30ad283aaa9de5d935e716c6fd7e1b5d4e9d2e Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 13 Oct 2021 09:23:10 GMT Last-Modified Mon, 27 Sep 2021 15:04:31 GMT Server nginx ETag "6151dd7f-c11" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 3089
GET H2	204	sape sync.dmp.otm-r.com/match/ Frame FE77	0 69 B	44ms 11ms	Image text/plain	195.201.152.105 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.dmp.otm-r.com/match/sape?id=0100007F7EA566618908CD6302EEF627 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.201.152.105 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.105.152.201.195.clients.your-server.de Software nginx/1.17.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers access-control-allow-origin * date Wed, 13 Oct 2021 09:23:10 GMT server nginx/1.17.6
GET H2	200	match www.acint.net/ Frame FE77 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf36lZmGJCM1jAu72Jw https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf36lZmGJCM1jAu72Jw&google_tc= https://www.acint.net/match?dp=77&euid=	43 B 269 B	11ms 10ms	Image image/gif	195.201.243.72 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.acint.net/match?dp=77&euid= Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS regensburg.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:10 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT Redirect headers pragma no-cache date Wed, 13 Oct 2021 09:23:10 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://www.acint.net/match?dp=77&euid= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 240 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ adlmerge.com/merge_gpsid/ Frame FE77 Redirect Chain https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F7EA566618908CD6302EEF627 https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F7EA566618908CD6302EEF627	43 B 117 B	56ms 14ms	Image image/gif	95.211.66.35 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F7EA566618908CD6302EEF627 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS hosted-by.leaseweb.com Software nginx/1.16.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers iseu noneu server nginx/1.16.0 date Wed, 13 Oct 2021 09:23:10 GMT content-type image/gif Redirect headers location //adlmerge.com/merge_gpsid/?sid=50&id=0100007F7EA566618908CD6302EEF627 date Wed, 13 Oct 2021 09:18:28 GMT server nginx content-length 0
GET H/1.1	200 OK	sync.cgi ssp.adriver.ru/cgi-bin/ Frame FE77	42 B 201 B	260ms 62ms	Image image/gif	81.222.128.213 ELTEL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F7EA566618908CD6302EEF627 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.222.128.213 , Russian Federation, ASN20597 (ELTEL-AS, RU), Reverse DNS ad13.adriver.ru Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 13 Oct 2021 09:23:10 GMT Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type image/gif
GET H2	200	sprcs relap.io/partners/ Frame FE77	43 B 981 B	237ms 59ms	Image image/gif	95.163.37.253 MAILRU-AS Mail.Ru
General Check archive.org Show headers Download Go to Show image Full URL https://relap.io/partners/sprcs?uid=0100007F7EA566618908CD6302EEF627 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU), Reverse DNS relap.io Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Security Headers Name Value Strict-Transport-Security max-age=5184000; includeSubdomains; X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 13 Oct 2021 09:23:11 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=5184000; includeSubdomains; content-type image/gif cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-server web03 content-length 43 x-xss-protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
GET H2	204	0.gif x01.aidata.io/ Frame FE77 Redirect Chain https://adx.com.ru/sape-sync?uid=0100007F7EA566618908CD6302EEF627 https://adx.com.ru/sync?sspKey=25&sspUserID=0100007F7EA566618908CD6302EEF627 https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=6166a57ed41e061f998066b5&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru... https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=6166a57ed41e061f998066b5&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru... https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D6166a57ed41e061f998066b5%2526r%253Dhttps%25253A... https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D6166a57ed41e061f998066b5%2526r%253Dhttps%25253A... https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D6166a57ed41e061f998066b5%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D6166a57ed4... https://prodmp.ru/yabbi.gif?uid=6166a57ed41e061f998066b5&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D6166a57ed41e061f998066b5%26dest%3D https://x01.aidata.io/0.gif?pid=9712851&id=6166a57ed41e061f998066b5&dest= https://x01.aidata.io/0.gif?pid=9712851&id=6166a57ed41e061f998066b5&dest=&bounce=1	0 432 B	47ms 47ms	Image text/plain	89.108.120.76 AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://x01.aidata.io/0.gif?pid=9712851&id=6166a57ed41e061f998066b5&dest=&bounce=1 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.108.120.76 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS d51804.reg.regrucolo.ru Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 13 Oct 2021 09:23:11 GMT last-modified Wed, 13 Oct 2021 09:23:10 GMT server nginx access-control-allow-methods GET, POST p3p CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA' cache-control no-cache, no-store, must-revalidate, post-check=0, pre-check=0 expires Wed, 13 Oct 2021 09:23:10 GMT Redirect headers pragma no-cache date Wed, 13 Oct 2021 09:23:11 GMT last-modified Wed, 13 Oct 2021 09:23:10 GMT server nginx access-control-allow-methods GET, POST p3p CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA' location https://x01.aidata.io/0.gif?pid=9712851&id=6166a57ed41e061f998066b5&dest=&bounce=1 cache-control no-cache, no-store, must-revalidate, post-check=0, pre-check=0 content-length 0 expires Wed, 13 Oct 2021 09:23:10 GMT
GET H2	200	pixel.gif sync.1dmp.io/ Frame FE77 Redirect Chain https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F7EA566618908CD6302EEF627 https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F7EA566618908CD6302EEF627&cs=1	35 B 374 B	13ms 13ms	Image image/gif	88.99.213.228 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F7EA566618908CD6302EEF627&cs=1 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.99.213.228 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.88-99-213-228.clients.your-server.de Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:10 GMT cache-control private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate server nginx content-type image/gif content-length 35 expires 0 Redirect headers location /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F7EA566618908CD6302EEF627&cs=1 date Wed, 13 Oct 2021 09:23:10 GMT cache-control private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate server nginx content-length 0 expires 0
GET H2	200	match www.acint.net/ Frame FE77 Redirect Chain https://sape-sync.rutarget.ru/sync https://www.acint.net/match?dp=104&euid=-9bgFbCcFJgH	43 B 269 B	11ms 10ms	Image image/gif	195.201.243.72 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.acint.net/match?dp=104&euid=-9bgFbCcFJgH Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS regensburg.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:11 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT Redirect headers Location https://www.acint.net/match?dp=104&euid=-9bgFbCcFJgH Date Wed, 13 Oct 2021 09:23:11 GMT Server nginx Connection keep-alive Content-Length 0 P3P CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
GET H2	200	match acint.net/ Frame FE77 Redirect Chain https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 https://acint.net/match?dp=107&euid=f3c7f11d-ba90-531e-b568-ea0cd40e4f72	43 B 269 B	11ms 10ms	Image image/gif	195.201.243.72 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://acint.net/match?dp=107&euid=f3c7f11d-ba90-531e-b568-ea0cd40e4f72 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS regensburg.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:11 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT Redirect headers location https://acint.net/match?dp=107&euid=f3c7f11d-ba90-531e-b568-ea0cd40e4f72 cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0
GET H2	200	match www.acint.net/ Frame FE77 Redirect Chain https://0100007f7ea566618908cd6302eef627-sp.ops.beeline.ru/p?ssp=sp&id=0100007F7EA566618908CD6302EEF627 https://www.acint.net/match?dp=111&euid=4226c0a6-394e-4639-8f6d-602970573bf7	43 B 269 B	11ms 11ms	Image image/gif	195.201.243.72 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.acint.net/match?dp=111&euid=4226c0a6-394e-4639-8f6d-602970573bf7 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS regensburg.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:11 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT Redirect headers date Wed, 13 Oct 2021 09:23:11 GMT x-route http://upstream_cookiesync server nginx location https://www.acint.net/match?dp=111&euid=4226c0a6-394e-4639-8f6d-602970573bf7 access-control-allow-methods HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE access-control-allow-origin * cache-control no-store, no-cache, must-revalidate access-control-allow-credentials true, true x-host 192.168.152.32 access-control-allow-headers authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	matchspm ut.rktch.com/ Frame FE77 Redirect Chain https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F7EA566618908CD6302EEF627 https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect https://ut.rktch.com/matchspm?pi=1000006&pui=cTYDeAdDAD549k7MnzlgDe&noredirect	88 B 88 B	43ms 43ms	Image image/png	89.108.97.2 AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://ut.rktch.com/matchspm?pi=1000006&pui=cTYDeAdDAD549k7MnzlgDe&noredirect Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS d50603.reg.regrucolo.ru Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 13 Oct 2021 09:23:11 GMT Server nginx/1.18.0 Access-Control-Allow-Methods GET, POST, PATCH, PUT, DELETE, OPTIONS Content-Type image/png Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Content-Type, Accept, Authorization Content-Length 88 Redirect headers pragma no-cache date Wed, 13 Oct 2021 09:23:11 GMT via 1.1 google last-modified Wed, 13 Oct 2021 09:23:11 GMT server nginx/1.12.0 location https://ut.rktch.com/matchspm?pi=1000006&pui=cTYDeAdDAD549k7MnzlgDe&noredirect p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 alt-svc clear content-length 0 expires Tue, 03 Jul 2001 06:00:00 GMT
GET H2	200	match www.acint.net/ Frame FE77 Redirect Chain https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F7EA566618908CD6302EEF627 https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F7EA566618908CD6302EEF627 https://tech.rtb.mts.ru/?dsp_uid=2cba660e-5c9c-44fd-a456-95d72aefa1ce&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D3... https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID https://sm.rtb.mts.ru/em?next=30&em=2&ssp=aidata&id=0y1Xb2pPJBaV8CO7G3x4dg https://www.acint.net/match?dp=125&euid=2cba660e-5c9c-44fd-a456-95d72aefa1ce&exu=0y1Xb2pPJBaV8CO7G3x4dg	43 B 269 B	11ms 11ms	Image image/gif	195.201.243.72 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.acint.net/match?dp=125&euid=2cba660e-5c9c-44fd-a456-95d72aefa1ce&exu=0y1Xb2pPJBaV8CO7G3x4dg Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS regensburg.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:11 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT Redirect headers Date Wed, 13 Oct 2021 09:23:11 GMT Server nginx Access-Control-Allow-Origin * Vary Origin Access-Control-Allow-Methods HEAD,GET,POST,PUT,DELETE,OPTIONS Location https://www.acint.net/match?dp=125&euid=2cba660e-5c9c-44fd-a456-95d72aefa1ce&exu=0y1Xb2pPJBaV8CO7G3x4dg Cache-Control no-store, no-cache, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Origin Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	match www.acint.net/ Frame FE77 Redirect Chain https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D https://www.acint.net/match?dp=126&euid=ef39385f-da9b-47bb-43fc-16758ae10609	43 B 269 B	11ms 10ms	Image image/gif	195.201.243.72 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.acint.net/match?dp=126&euid=ef39385f-da9b-47bb-43fc-16758ae10609 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS regensburg.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:11 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT Redirect headers location https://www.acint.net/match?dp=126&euid=ef39385f-da9b-47bb-43fc-16758ae10609 date Wed, 13 Oct 2021 09:23:11 GMT server nginx content-length 115 serverid TODO content-type text/html; charset=utf-8
GET H2	200	match www.acint.net/ Frame FE77 Redirect Chain https://s.uuidksinc.net/match/396/0100007F7EA566618908CD6302EEF627 https://www.acint.net/match?dp=127&euid=bpRJem6szwtCDeJtdfET	43 B 269 B	11ms 10ms	Image image/gif	195.201.243.72 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.acint.net/match?dp=127&euid=bpRJem6szwtCDeJtdfET Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS regensburg.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:11 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT Redirect headers date Wed, 13 Oct 2021 09:23:11 GMT server nginx/1.19.0 access-control-allow-origin * access-control-allow-methods GET, POST, OPTIONS content-type application/json; charset=utf-8 location https://www.acint.net/match?dp=127&euid=bpRJem6szwtCDeJtdfET access-control-allow-headers Content-Type content-length 0
GET H/1.1	204 No Content	userbind match.new-programmatic.com/ Frame FE77	0 215 B	155ms 51ms	Image text/plain	217.65.2.150 CITYTELECOM-MSK
General Check archive.org Show headers Download Go to Show image Full URL https://match.new-programmatic.com/userbind?src=sape&id=0100007F7EA566618908CD6302EEF627 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU), Reverse DNS Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Wed, 13 Oct 2021 09:22:47 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 Connection keep-alive Content-Length 0 Vary Origin
GET H2	204	0100007F7EA566618908CD6302EEF627 fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame FE77	0 190 B	140ms 44ms	Image text/plain	93.95.102.105 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F7EA566618908CD6302EEF627 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS unspecified.mtw.ru Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:11 GMT server nginx p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
GET H2	204	0.gif x01.aidata.io/ Frame FE77 Redirect Chain https://x01.aidata.io/0.gif?pid=9401454&id=0100007F7EA566618908CD6302EEF627 https://x01.aidata.io/0.gif?pid=9401454&id=0100007F7EA566618908CD6302EEF627&bounce=1 https://sm.rtb.mts.ru/p?ssp=aidata&id=0y1Xb2pPJBaV8CO7G3x4dg https://sm.rtb.mts.ru/match/second?ssp=51&exu=0y1Xb2pPJBaV8CO7G3x4dg https://tech.rtb.mts.ru/?dsp_uid=2cba660e-5c9c-44fd-a456-95d72aefa1ce&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D5... https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D2%26ssp%3Daidata%26exu%3D0y1Xb2pPJBaV8CO7G3x4dg%26id%3D%24UID	0 432 B	51ms 51ms	Image text/plain	89.108.120.76 AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D2%26ssp%3Daidata%26exu%3D0y1Xb2pPJBaV8CO7G3x4dg%26id%3D%24UID Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.108.120.76 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS d51804.reg.regrucolo.ru Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 13 Oct 2021 09:23:11 GMT last-modified Wed, 13 Oct 2021 09:23:10 GMT server nginx access-control-allow-methods GET, POST p3p CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA' cache-control no-cache, no-store, must-revalidate, post-check=0, pre-check=0 expires Wed, 13 Oct 2021 09:23:10 GMT Redirect headers Date Wed, 13 Oct 2021 09:23:11 GMT Server nginx/1.13.12 Transfer-Encoding chunked Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Content-Type text/html; charset=utf-8 Location https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D2%26ssp%3Daidata%26exu%3D0y1Xb2pPJBaV8CO7G3x4dg%26id%3D%24UID Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
GET H/1.1	200 OK	/ sync.bumlam.com/ Frame FE77	0 523 B	8ms 8ms	Image text/html	31.172.81.159 DE-FIRSTCOLO www....
General Check archive.org Show headers Download Go to Show image Full URL https://sync.bumlam.com/?src=sap1&uid=0100007F7EA566618908CD6302EEF627 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 31.172.81.159 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 13 Oct 2021 09:23:11 GMT Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0 Server nginx Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H2	200	0100007F7EA566618908CD6302EEF627 an.yandex.ru/mapuid/sapeis/ Frame FE77	43 B 301 B	53ms 51ms	Image image/gif	213.180.193.90 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/sapeis/0100007F7EA566618908CD6302EEF627 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS bs.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 13 Oct 2021 09:23:10 GMT content-encoding gzip last-modified Wed, 13 Oct 2021 09:23:10 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Wed, 13 Oct 2021 09:23:10 GMT
GET H2	200	frame.html Show response s3.advarkads.com/modules/match/ Frame 913A	187 B 404 B	117ms 87ms	Document text/html	172.67.13.171 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F7EA566618908CD6302EEF627 Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.13.171 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106 Request headers :method GET :authority s3.advarkads.com :scheme https :path /modules/match/frame.html?id=8113-1-1&uid=0100007F7EA566618908CD6302EEF627 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.acint.net/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ Response headers date Wed, 13 Oct 2021 09:23:10 GMT content-type text/html cache-control max-age=60 last-modified Sat, 25 Apr 2020 07:44:34 GMT vary Accept-Encoding access-control-allow-origin * cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 69d781f819067025-FRA content-encoding gzip
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	245 B 669 B	76ms 23ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=vwts.ru&callback=_gfp_s_&client=ca-pub-1385869829508656&gpid_exp=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash 70093b43e76d480729ddaad514f202e55c43999d565962d41b0d7017ca00f67f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:10 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 204 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 570 B	46ms 17ms	Script application/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=vwts.ru Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Wed, 13 Oct 2021 09:23:10 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 2044	152 KB 41 KB	757ms 734ms	Document text/html	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1385869829508656&output=html&adk=1812271804&adf=3025194257&lmt=1634116990&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fvwts.ru%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634116990579&bpp=2&bdt=414&idt=130&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3851979077453&frm=20&pv=2&ga_vid=766306439.1634116990&ga_sid=1634116991&ga_hid=1533827397&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062370%2C31062945%2C21065725&oid=2&pvsid=727899838686769&pem=852&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=144 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s46-in-f2.1e100.net Software cafe / Resource Hash f9f95103ead1c065da8b7f34ce1164944959ceab49f76b8e80b0a71c0a42a895 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-1385869829508656&output=html&adk=1812271804&adf=3025194257&lmt=1634116990&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fvwts.ru%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634116990579&bpp=2&bdt=414&idt=130&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3851979077453&frm=20&pv=2&ga_vid=766306439.1634116990&ga_sid=1634116991&ga_hid=1533827397&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062370%2C31062945%2C21065725&oid=2&pvsid=727899838686769&pem=852&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=144 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://vwts.ru/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Wed, 13 Oct 2021 09:23:11 GMT server cafe content-length 41787 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Wed, 13-Oct-2021 09:38:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Wed, 13 Oct 2021 09:23:11 GMT cache-control private
GET H2	200	suggest.js Show response site.yandex.net/v2.0/js/	8 KB 3 KB	31ms 31ms	Script application/javascript	178.154.131.217 YANDEX
General Check archive.org Show headers Download Go to Full URL https://site.yandex.net/v2.0/js/suggest.js Requested by Host: site.yandex.net URL: https://site.yandex.net/v2.0/js/all.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS static.yandex.net Software nginx/1.17.9 / Resource Hash dc41be78fcb3b0ca16fc52b3026f8120ada7e9c8b6c1f989d84431ff689276cd Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:10 GMT content-encoding br vary Accept-Encoding nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 2610 last-modified Thu, 14 Jan 2021 10:10:45 GMT server nginx/1.17.9 etag "5905bc95497a3dcdd5543e8af9bb2553" x-robots-tag noindex, noarchive, nofollow strict-transport-security max-age=43200000; includeSubDomains; report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type application/javascript access-control-allow-origin * cache-control public, max-age=216013 accept-ranges bytes timing-allow-origin * expires Fri, 15 Oct 2021 21:18:47 GMT
GET H2	200	opensearch.js Show response site.yandex.net/v2.0/js/	22 KB 7 KB	34ms 34ms	Script application/javascript	178.154.131.217 YANDEX
General Check archive.org Show headers Download Go to Full URL https://site.yandex.net/v2.0/js/opensearch.js Requested by Host: site.yandex.net URL: https://site.yandex.net/v2.0/js/all.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS static.yandex.net Software nginx/1.17.9 / Resource Hash de66288f054df7f389e8281f87fb0a9a05095149f4e96d13c32a1c3b61b1a4a3 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:10 GMT content-encoding br vary Accept-Encoding nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 6188 last-modified Thu, 14 Jan 2021 10:10:45 GMT server nginx/1.17.9 etag "1df256fb3e065fdf3b47b6ac51380393" x-robots-tag noindex, noarchive, nofollow strict-transport-security max-age=43200000; includeSubDomains; report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type application/javascript access-control-allow-origin * cache-control public, max-age=216013 accept-ranges bytes timing-allow-origin * expires Fri, 15 Oct 2021 21:22:39 GMT
GET H2	200	sync_cookie_image_decide mc.webvisor.org/ Redirect Chain https://mc.webvisor.org/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9425.23tpxaDVb2p9UPmEy7RNy5LaihzWccjZxcTUAr-TdGOEQHGpCHnxBaNGOzY2hlGS.Y884nsWsOmaji3EKB6Z_D1TwYjU%2C https://mc.webvisor.org/sync_cookie_image_decide?token=9425.Zq1ChE9nY7yG83dUNn-USaMHFr4qyob2R3COyZiy5dQENERRSymQNGHiTua4jUkWkfznIPt5mVZQdOEgE2rn8LDKm7sovIx3xR_Bzn2KOmI%2C.74PpWwIpeMwPPOlb8hZGPRQUPT...	43 B 357 B	35ms 35ms	Image image/gif	80.239.201.33 TWELVE99 Twelve99
General Check archive.org Show headers Download Go to Show image Full URL https://mc.webvisor.org/sync_cookie_image_decide?token=9425.Zq1ChE9nY7yG83dUNn-USaMHFr4qyob2R3COyZiy5dQENERRSymQNGHiTua4jUkWkfznIPt5mVZQdOEgE2rn8LDKm7sovIx3xR_Bzn2KOmI%2C.74PpWwIpeMwPPOlb8hZGPRQUPTs%2C Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 80.239.201.33 , Sweden, ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE), Reverse DNS 80-239-201-33.teliacarrier-cust.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:10 GMT strict-transport-security max-age=31536000 content-length 43 x-xss-protection 1; mode=block content-type image/gif Redirect headers location https://mc.webvisor.org/sync_cookie_image_decide?token=9425.Zq1ChE9nY7yG83dUNn-USaMHFr4qyob2R3COyZiy5dQENERRSymQNGHiTua4jUkWkfznIPt5mVZQdOEgE2rn8LDKm7sovIx3xR_Bzn2KOmI%2C.74PpWwIpeMwPPOlb8hZGPRQUPTs%2C date Wed, 13 Oct 2021 09:23:10 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
POST H2	200	1 Show response mc.yandex.ru/watch/36189365/	43 B 73 B	33ms 32ms	XHR image/gif	93.158.134.119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/36189365/1?page-url=https%3A%2F%2Fvwts.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A1%3Als%3A429860846557%3Ahid%3A646459384%3Az%3A0%3Ai%3A2021010130923010%3Aet%3A1634116991%3Ac%3A1%3Arn%3A859008277%3Arqn%3A2%3Au%3A1634116991677526977%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1634116989896%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1634116991 Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://vwts.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Wed, 13 Oct 2021 09:23:10 GMT last-modified Wed, 13-Oct-2021 09:23:10 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://vwts.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Wed, 13-Oct-2021 09:23:10 GMT
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 8ABD	125 KB 38 KB	567ms 567ms	Document text/html	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1385869829508656&output=html&h=600&slotname=1814087546&adk=442762267&adf=2002614473&pi=t.ma~as.1814087546&w=268&fwrn=4&fwrnh=100&lmt=1634116990&rafmt=1&psa=0&format=268x600&url=https%3A%2F%2Fvwts.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634116990581&bpp=2&bdt=416&idt=167&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3851979077453&frm=20&pv=1&ga_vid=766306439.1634116990&ga_sid=1634116991&ga_hid=1533827397&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1259&ady=364&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062370%2C31062945%2C21065725&oid=2&pvsid=727899838686769&pem=852&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cdU3mB9xMw&p=https%3A//vwts.ru&dtd=173 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s46-in-f2.1e100.net Software cafe / Resource Hash 28e38a261b6be2527d4247b2e4074b432bc4fd0efc39123a93813a1cbcadd6b3 Security Headers Name Value Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14049184221323197860/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14049184221323197860/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLz_hpaIx_MCFfKAgwcdH0MCXw&gqi=fqVmYYONL5mq3gPVlISgDg&layout=/sadbundle/%24csp%253Der3%24/14049184221323197860/index.html X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-1385869829508656&output=html&h=600&slotname=1814087546&adk=442762267&adf=2002614473&pi=t.ma~as.1814087546&w=268&fwrn=4&fwrnh=100&lmt=1634116990&rafmt=1&psa=0&format=268x600&url=https%3A%2F%2Fvwts.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634116990581&bpp=2&bdt=416&idt=167&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3851979077453&frm=20&pv=1&ga_vid=766306439.1634116990&ga_sid=1634116991&ga_hid=1533827397&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1259&ady=364&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062370%2C31062945%2C21065725&oid=2&pvsid=727899838686769&pem=852&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cdU3mB9xMw&p=https%3A//vwts.ru&dtd=173 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://vwts.ru/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-security-policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14049184221323197860/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14049184221323197860/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLz_hpaIx_MCFfKAgwcdH0MCXw&gqi=fqVmYYONL5mq3gPVlISgDg&layout=/sadbundle/%24csp%253Der3%24/14049184221323197860/index.html content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Wed, 13 Oct 2021 09:23:11 GMT server cafe content-length 39164 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Wed, 13-Oct-2021 09:38:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Wed, 13 Oct 2021 09:23:11 GMT cache-control private
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame E410	107 KB 37 KB	721ms 721ms	Document text/html	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1385869829508656&output=html&h=600&slotname=4384594658&adk=3170635134&adf=251809335&pi=t.ma~as.4384594658&w=273&fwrn=4&fwrnh=100&lmt=1634116990&rafmt=1&psa=0&format=273x600&url=https%3A%2F%2Fvwts.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634116990583&bpp=1&bdt=418&idt=185&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C268x600&nras=1&correlator=3851979077453&frm=20&pv=1&ga_vid=766306439.1634116990&ga_sid=1634116991&ga_hid=1533827397&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=22&ady=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062370%2C31062945%2C21065725&oid=2&pvsid=727899838686769&pem=852&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2jpwXfa6G4&p=https%3A//vwts.ru&dtd=189 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s46-in-f2.1e100.net Software cafe / Resource Hash 713b5acac1ac5b290b70e082c8e2e22b988ba987377cf591f8375be93cea5cd7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-1385869829508656&output=html&h=600&slotname=4384594658&adk=3170635134&adf=251809335&pi=t.ma~as.4384594658&w=273&fwrn=4&fwrnh=100&lmt=1634116990&rafmt=1&psa=0&format=273x600&url=https%3A%2F%2Fvwts.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634116990583&bpp=1&bdt=418&idt=185&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C268x600&nras=1&correlator=3851979077453&frm=20&pv=1&ga_vid=766306439.1634116990&ga_sid=1634116991&ga_hid=1533827397&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=22&ady=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062370%2C31062945%2C21065725&oid=2&pvsid=727899838686769&pem=852&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2jpwXfa6G4&p=https%3A//vwts.ru&dtd=189 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://vwts.ru/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Wed, 13 Oct 2021 09:23:11 GMT server cafe content-length 38072 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Wed, 13-Oct-2021 09:38:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Wed, 13 Oct 2021 09:23:11 GMT cache-control private
GET H2	200	frame.js Show response s3.advarkads.com/modules/match/ Frame 913A	22 KB 7 KB	13ms 13ms	Script application/javascript	172.67.13.171 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s3.advarkads.com/modules/match/frame.js Requested by Host: s3.advarkads.com URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F7EA566618908CD6302EEF627 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.13.171 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f68b131b5c4c4803dd3b3c546c84339aa888004d82e266bef499e3b41c5c7863 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F7EA566618908CD6302EEF627 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:10 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 05 Oct 2021 14:03:14 GMT server cloudflare age 38 etag "0fd1bdf1b9d71:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=60 accept-ranges bytes cf-ray 69d781f8ba657025-FRA content-length 7378
GET H/1.1	200 OK	match api.advarkads.com/api/statistic/ Frame 913A	43 B 389 B	178ms 66ms	Image image/gif	88.212.233.36 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://api.advarkads.com/api/statistic/match?id=8113-1-1&uid=0100007F7EA566618908CD6302EEF627 Requested by Host: s3.advarkads.com URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F7EA566618908CD6302EEF627 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 88.212.233.36 , Russian Federation, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx/1.14.1 / ASP.NET Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://s3.advarkads.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Wed, 13 Oct 2021 10:22:17 GMT Server nginx/1.14.1 X-Powered-By ASP.NET Content-Type image/gif Cache-Control no-cache Connection keep-alive Content-Length 43 Expires -1
GET H/1.1	200 OK	processor.js Show response tag.digitaltarget.ru/ Frame FE77	15 KB 16 KB	96ms 96ms	Script application/javascript	185.15.175.144 SAFEDATA Uplinks
General Check archive.org Show headers Download Go to Full URL https://tag.digitaltarget.ru/processor.js?i=985747031607208 Requested by Host: tag.digitaltarget.ru URL: https://tag.digitaltarget.ru/adcm.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.15.175.144 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU), Reverse DNS Software nginx / Resource Hash f6d22181c5ff8b3dc6c2e0fb2a1770ecefe1609d1ae146b53c0c2f8a7cad047b Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 13 Oct 2021 09:23:11 GMT Last-Modified Mon, 27 Sep 2021 15:04:32 GMT Server nginx ETag "6151dd80-3db9" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 15801
GET H2	200	40624 Show response mc.yandex.ru/watch/	312 B 346 B	33ms 32ms	XHR application/json	93.158.134.119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/40624?wmode=7&page-url=https%3A%2F%2Fvwts.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A3%3Adp%3A1%3Als%3A916411988890%3Ahid%3A646459384%3Az%3A0%3Ai%3A2021010130923010%3Aet%3A1634116991%3Ac%3A1%3Arn%3A734694047%3Au%3A1634116991677526977%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1634116989896%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1634116991%3At%3AVolkswagen%20Technical%20Site Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 6b1a669a73be85f491dc9609c8c70897263aa8e47281d4a99165bbe92b2dd950 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 13 Oct 2021 09:23:10 GMT x-content-type-options nosniff last-modified Wed, 13-Oct-2021 09:23:10 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://vwts.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 312 x-xss-protection 1; mode=block expires Wed, 13-Oct-2021 09:23:10 GMT
POST H2	200	1 Show response mc.yandex.ru/watch/40624/	43 B 73 B	33ms 31ms	XHR image/gif	93.158.134.119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/40624/1?page-url=https%3A%2F%2Fvwts.ru%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A504%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A3%3Adp%3A1%3Als%3A916411988890%3Ahid%3A646459384%3Az%3A0%3Ai%3A2021010130923010%3Aet%3A1634116991%3Ac%3A1%3Arn%3A715700109%3Arqn%3A1%3Au%3A1634116991677526977%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1634116989896%3Ads%3A0%2C106%2C67%2C48%2C92%2C0%2C%2C288%2C6%2C%2C%2C%2C557%3Adsn%3A0%2C106%2C67%2C48%2C92%2C0%2C%2C243%2C6%2C%2C%2C%2C557%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1634116991 Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://vwts.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Wed, 13 Oct 2021 09:23:10 GMT last-modified Wed, 13-Oct-2021 09:23:10 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://vwts.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Wed, 13-Oct-2021 09:23:10 GMT
GET H2	200	40624 Show response mc.yandex.ru/watch/	43 B 73 B	36ms 33ms	XHR image/gif	93.158.134.119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/40624?page-url=https%3A%2F%2Fvwts.ru%2F&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A3%3Adp%3A1%3Als%3A916411988890%3Ahid%3A646459384%3Az%3A0%3Ai%3A2021010130923010%3Aet%3A1634116991%3Ac%3A1%3Arn%3A104360569%3Arqn%3A2%3Au%3A1634116991677526977%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1634116989896%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1634116991%3At%3AVolkswagen%20Technical%20Site Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 13 Oct 2021 09:23:10 GMT last-modified Wed, 13-Oct-2021 09:23:10 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://vwts.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Wed, 13-Oct-2021 09:23:10 GMT
GET H/1.1	200 OK	i dmg.digitaltarget.ru/awg/custom/1093/i/ Frame FE77 Redirect Chain https://dmg.digitaltarget.ru/1/1093/i/i?i=86479407877979.870689485322069&a=77&e=0100007F7EA566618908CD6302EEF627&pref=https%3A%2F%2Fvwts.ru%2F&c=ss:77.up:0100007F7EA566618908CD6302EEF627.sync:up.xd... https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=86479407877979.870689485322069&a=77&e=0100007F7EA566618908CD6302EEF627&pref=https%3A%2F%2Fvwts.ru%2F&c=ss:77.up:0100007F7EA5666189...	49 B 603 B	112ms 112ms	Image image/gif	185.15.175.158 SAFEDATA Uplinks
General Check archive.org Show headers Download Go to Show image Full URL https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=86479407877979.870689485322069&a=77&e=0100007F7EA566618908CD6302EEF627&pref=https%3A%2F%2Fvwts.ru%2F&c=ss:77.up:0100007F7EA566618908CD6302EEF627.sync:up.xdua:duEJ1tTAzLRy4IJt05Z6LchC.xps:xpsU8fibIW3iykN_e_TORadGh.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.15.175.158 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU), Reverse DNS Software nginx / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 13 Oct 2021 09:23:11 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Permitted-Cross-Domain-Policies master-only Request-Time 57 Connection keep-alive Vary Accept-Encoding Content-Length 64 X-XSS-Protection 1; mode=block Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin Server nginx X-Frame-Options DENY Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Credentials true Redirect headers Date Wed, 13 Oct 2021 09:23:11 GMT Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin Server nginx X-Frame-Options DENY Access-Control-Allow-Methods GET, POST, OPTIONS Location https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=86479407877979.870689485322069&a=77&e=0100007F7EA566618908CD6302EEF627&pref=https%3A%2F%2Fvwts.ru%2F&c=ss:77.up:0100007F7EA566618908CD6302EEF627.sync:up.xdua:duEJ1tTAzLRy4IJt05Z6LchC.xps:xpsU8fibIW3iykN_e_TORadGh.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient X-XSS-Protection 1; mode=block X-Permitted-Cross-Domain-Policies master-only Access-Control-Allow-Credentials true Access-Control-Max-Age 86400 Connection keep-alive Request-Time 1 Content-Length 0 X-Content-Type-Options nosniff
GET H/1.1	200 OK	i dmg.digitaltarget.ru/awg/custom/1093/i/ Frame FE77 Redirect Chain https://dmg.digitaltarget.ru/1/1093/i/i?i=86479407877979.629402570910972&a=77&e=0100007F7EA566618908CD6302EEF627&pref=https%3A%2F%2Fvwts.ru%2F&c=ss:77.up:0100007F7EA566618908CD6302EEF627.sync:up.xd... https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=86479407877979.629402570910972&a=77&e=0100007F7EA566618908CD6302EEF627&pref=https%3A%2F%2Fvwts.ru%2F&c=ss:77.up:0100007F7EA5666189...	49 B 604 B	1083ms 1083ms	Image image/gif	185.15.175.158 SAFEDATA Uplinks
General Check archive.org Show headers Download Go to Show image Full URL https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=86479407877979.629402570910972&a=77&e=0100007F7EA566618908CD6302EEF627&pref=https%3A%2F%2Fvwts.ru%2F&c=ss:77.up:0100007F7EA566618908CD6302EEF627.sync:up.xdua:duEJ1tTAzLRy4IJt05Z6LchC.xps:xpsU8fibIW3iykN_e_TORadGh.dn:acint__net.adcm:hit.tg:adcmjs_noorient Requested by Host: www.acint.net URL: https://www.acint.net/mc/?dp=10&tc=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.15.175.158 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU), Reverse DNS Software nginx / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.acint.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 13 Oct 2021 09:23:12 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Permitted-Cross-Domain-Policies master-only Request-Time 835 Connection keep-alive Vary Accept-Encoding Content-Length 64 X-XSS-Protection 1; mode=block Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin Server nginx X-Frame-Options DENY Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Credentials true Redirect headers Date Wed, 13 Oct 2021 09:23:11 GMT Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin Server nginx X-Frame-Options DENY Access-Control-Allow-Methods GET, POST, OPTIONS Location https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=86479407877979.629402570910972&a=77&e=0100007F7EA566618908CD6302EEF627&pref=https%3A%2F%2Fvwts.ru%2F&c=ss:77.up:0100007F7EA566618908CD6302EEF627.sync:up.xdua:duEJ1tTAzLRy4IJt05Z6LchC.xps:xpsU8fibIW3iykN_e_TORadGh.dn:acint__net.adcm:hit.tg:adcmjs_noorient X-XSS-Protection 1; mode=block X-Permitted-Cross-Domain-Policies master-only Access-Control-Allow-Credentials true Access-Control-Max-Age 86400 Connection keep-alive Request-Time 1 Content-Length 0 X-Content-Type-Options nosniff
GET H2	200	index.html Show response tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14049184221323197860/ Frame E3BD	13 KB 5 KB	38ms 13ms	Document text/html	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14049184221323197860/index.html Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software sffe / Resource Hash 226f38869eed73fbb9a8c1b65027a8a8470f1591bd47d01dfede7f2dfd96cb64 Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sadbundle/$csp%3Der3$/14049184221323197860/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ Response headers accept-ranges bytes vary Accept-Encoding content-type text/html access-control-allow-origin * content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} timing-allow-origin * content-length 3629 date Tue, 12 Oct 2021 22:17:33 GMT expires Wed, 12 Oct 2022 22:17:33 GMT last-modified Fri, 24 Sep 2021 16:52:53 GMT x-content-type-options nosniff x-dns-prefetch-control off content-encoding gzip server sffe x-xss-protection 0 age 39938 cache-control public, max-age=31536000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 1AA0	0 0	56ms 55ms	Fetch text/html	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=Cfa_RfqVmYbzIL_KBjuwPn4aJ-AXavs_uZK22l-jADs6I_4DUAhABILrxsANgyQagAZmW7IMCyAEJqAMByANIqgTbAU_QoB_H1KswAnZ7dIu5fJp4xRddxWfIfrfwpIXpI4CMo_CVOS9yPZf2LWkK5P6C9SHCuTnPYFXgYAxaJqIA9OcJEE32icN9qxUERuB5fzY0DEEV6gdpRPd8RXy3hNUktZm_LeyDOVHVWbmjJJldQjYNGkV15t7OO7rI5QqVIZhd2PigVZAwu-y_hiKcdyN1KU-hpHg1Y5iPFcdA_ohuvmhotQNkge-wQfQarlTQqHeD0iE0nYmHaby3MENzQc8mtIEZW1KejXjwhkuLGu8PV84H3WTDds6pGFApPMAEpNX07vwDkgUECAQYAZIFBAgFGASgBi6AB8_pk_wBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHBBCQlAPSCAcIgGEQARhfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTEzODU4Njk4Mjk1MDg2NTYYAA&sigh=MmidXsJz7xY&template_id=419 Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s46-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1385869829508656&output=html&h=600&slotname=1814087546&adk=442762267&adf=2002614473&pi=t.ma~as.1814087546&w=268&fwrn=4&fwrnh=100&lmt=1634116990&rafmt=1&psa=0&format=268x600&url=https%3A%2F%2Fvwts.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634116990581&bpp=2&bdt=416&idt=167&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3851979077453&frm=20&pv=1&ga_vid=766306439.1634116990&ga_sid=1634116991&ga_hid=1533827397&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1259&ady=364&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062370%2C31062945%2C21065725&oid=2&pvsid=727899838686769&pem=852&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cdU3mB9xMw&p=https%3A//vwts.ru&dtd=173 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Wed, 13 Oct 2021 09:23:11 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame 1AA0	18 KB 8 KB	31ms 8ms	Script text/javascript	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1385869829508656&output=html&h=600&slotname=1814087546&adk=442762267&adf=2002614473&pi=t.ma~as.1814087546&w=268&fwrn=4&fwrnh=100&lmt=1634116990&rafmt=1&psa=0&format=268x600&url=https%3A%2F%2Fvwts.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634116990581&bpp=2&bdt=416&idt=167&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3851979077453&frm=20&pv=1&ga_vid=766306439.1634116990&ga_sid=1634116991&ga_hid=1533827397&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1259&ady=364&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062370%2C31062945%2C21065725&oid=2&pvsid=727899838686769&pem=852&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cdU3mB9xMw&p=https%3A//vwts.ru&dtd=173 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software cafe / Resource Hash b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:21:44 GMT content-encoding gzip x-content-type-options nosniff age 87 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7691 x-xss-protection 0 server cafe etag 14402072889669646931 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 27 Oct 2021 09:21:44 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 1AA0	3 KB 1 KB	33ms 10ms	Script text/javascript	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1385869829508656&output=html&h=600&slotname=1814087546&adk=442762267&adf=2002614473&pi=t.ma~as.1814087546&w=268&fwrn=4&fwrnh=100&lmt=1634116990&rafmt=1&psa=0&format=268x600&url=https%3A%2F%2Fvwts.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634116990581&bpp=2&bdt=416&idt=167&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3851979077453&frm=20&pv=1&ga_vid=766306439.1634116990&ga_sid=1634116991&ga_hid=1533827397&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1259&ady=364&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062370%2C31062945%2C21065725&oid=2&pvsid=727899838686769&pem=852&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cdU3mB9xMw&p=https%3A//vwts.ru&dtd=173 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software cafe / Resource Hash 0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:07 GMT content-encoding gzip x-content-type-options nosniff age 4 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1426 x-xss-protection 0 server cafe etag 18061233391346882222 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 27 Oct 2021 09:23:07 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 1AA0	123 KB 38 KB	43ms 20ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1385869829508656&output=html&h=600&slotname=1814087546&adk=442762267&adf=2002614473&pi=t.ma~as.1814087546&w=268&fwrn=4&fwrnh=100&lmt=1634116990&rafmt=1&psa=0&format=268x600&url=https%3A%2F%2Fvwts.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634116990581&bpp=2&bdt=416&idt=167&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3851979077453&frm=20&pv=1&ga_vid=766306439.1634116990&ga_sid=1634116991&ga_hid=1533827397&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1259&ady=364&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062370%2C31062945%2C21065725&oid=2&pvsid=727899838686769&pem=852&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cdU3mB9xMw&p=https%3A//vwts.ru&dtd=173 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software sffe / Resource Hash 393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:11 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37935 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1633952256361887" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 13 Oct 2021 09:23:11 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 1AA0	14 KB 6 KB	32ms 9ms	Script text/javascript	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1385869829508656&output=html&h=600&slotname=1814087546&adk=442762267&adf=2002614473&pi=t.ma~as.1814087546&w=268&fwrn=4&fwrnh=100&lmt=1634116990&rafmt=1&psa=0&format=268x600&url=https%3A%2F%2Fvwts.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634116990581&bpp=2&bdt=416&idt=167&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3851979077453&frm=20&pv=1&ga_vid=766306439.1634116990&ga_sid=1634116991&ga_hid=1533827397&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1259&ady=364&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062370%2C31062945%2C21065725&oid=2&pvsid=727899838686769&pem=852&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cdU3mB9xMw&p=https%3A//vwts.ru&dtd=173 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software cafe / Resource Hash f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:19:53 GMT content-encoding gzip x-content-type-options nosniff age 198 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6281 x-xss-protection 0 server cafe etag 18349783599053866072 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 27 Oct 2021 09:19:53 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 6FC3	143 B 163 B	15ms 13ms	Document text/html	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1385869829508656&output=html&h=600&slotname=1814087546&adk=442762267&adf=2002614473&pi=t.ma~as.1814087546&w=268&fwrn=4&fwrnh=100&lmt=1634116990&rafmt=1&psa=0&format=268x600&url=https%3A%2F%2Fvwts.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634116990581&bpp=2&bdt=416&idt=167&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3851979077453&frm=20&pv=1&ga_vid=766306439.1634116990&ga_sid=1634116991&ga_hid=1533827397&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1259&ady=364&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062370%2C31062945%2C21065725&oid=2&pvsid=727899838686769&pem=852&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cdU3mB9xMw&p=https%3A//vwts.ru&dtd=173 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s46-in-f2.1e100.net Software safe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/drt/s?v=r20120211 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1385869829508656&output=html&h=600&slotname=1814087546&adk=442762267&adf=2002614473&pi=t.ma~as.1814087546&w=268&fwrn=4&fwrnh=100&lmt=1634116990&rafmt=1&psa=0&format=268x600&url=https%3A%2F%2Fvwts.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634116990581&bpp=2&bdt=416&idt=167&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3851979077453&frm=20&pv=1&ga_vid=766306439.1634116990&ga_sid=1634116991&ga_hid=1533827397&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1259&ady=364&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062370%2C31062945%2C21065725&oid=2&pvsid=727899838686769&pem=852&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cdU3mB9xMw&p=https%3A//vwts.ru&dtd=173 accept-encoding gzip, deflate, br cookie IDE=AHWqTUkhj12v2IYSIUjaf1gQpi14Ezkr3j2TvyzAB-68hBIuCGgFL5za-exOynfjXWg; test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1385869829508656&output=html&h=600&slotname=1814087546&adk=442762267&adf=2002614473&pi=t.ma~as.1814087546&w=268&fwrn=4&fwrnh=100&lmt=1634116990&rafmt=1&psa=0&format=268x600&url=https%3A%2F%2Fvwts.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634116990581&bpp=2&bdt=416&idt=167&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3851979077453&frm=20&pv=1&ga_vid=766306439.1634116990&ga_sid=1634116991&ga_hid=1533827397&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1259&ady=364&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062370%2C31062945%2C21065725&oid=2&pvsid=727899838686769&pem=852&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cdU3mB9xMw&p=https%3A//vwts.ru&dtd=173 Response headers content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Wed, 13 Oct 2021 08:35:57 GMT server safe content-length 145 x-xss-protection 0 cache-control public, max-age=3600 age 2834 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame 1AA0	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ea88f3ef5077f501e9865a63f6a21747da50d7a27b563bf7ca87d9a5acaaf265 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/png
GET H3	200	exitapi-impl.js Show response tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame E3BD	9 KB 3 KB	24ms 7ms	Script text/javascript	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14049184221323197860/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software cafe / Resource Hash d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 13:46:43 GMT content-encoding gzip x-content-type-options nosniff age 70588 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3271 x-xss-protection 0 server cafe etag 7483759447172721109 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=86400 timing-allow-origin * expires Wed, 13 Oct 2021 13:46:43 GMT
GET H3	200	addata.js Show response tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E3BD	26 KB 10 KB	22ms 7ms	Script text/javascript	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14049184221323197860/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software cafe / Resource Hash 54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 13:46:49 GMT content-encoding gzip x-content-type-options nosniff age 70582 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10382 x-xss-protection 0 server cafe etag 12806417668659483808 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=86400 timing-allow-origin * expires Wed, 13 Oct 2021 13:46:49 GMT
GET H3	200	cf869ab6412b812ab7ce921fec0a17e5.js Show response tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14049184221323197860/ Frame E3BD	81 KB 20 KB	24ms 9ms	Script application/x-javascript	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14049184221323197860/cf869ab6412b812ab7ce921fec0a17e5.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14049184221323197860/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software sffe / Resource Hash 8af416c9376ba81346758274290a65560354522960cbe3a05aa20bbf3be46259 Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' content-encoding gzip x-content-type-options nosniff age 46675 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20594 x-xss-protection 0 last-modified Fri, 24 Sep 2021 16:52:53 GMT server sffe date Tue, 12 Oct 2021 20:25:16 GMT vary Accept-Encoding report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Wed, 12 Oct 2022 20:25:16 GMT
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 6FC3 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si	0 16 B	47ms 46ms	Document text/html	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1385869829508656&output=html&h=600&slotname=1814087546&adk=442762267&adf=2002614473&pi=t.ma~as.1814087546&w=268&fwrn=4&fwrnh=100&lmt=1634116990&rafmt=1&psa=0&format=268x600&url=https%3A%2F%2Fvwts.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634116990581&bpp=2&bdt=416&idt=167&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3851979077453&frm=20&pv=1&ga_vid=766306439.1634116990&ga_sid=1634116991&ga_hid=1533827397&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1259&ady=364&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062370%2C31062945%2C21065725&oid=2&pvsid=727899838686769&pem=852&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cdU3mB9xMw&p=https%3A//vwts.ru&dtd=173 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s46-in-f2.1e100.net Software safe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/drt/si pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br cookie IDE=AHWqTUkhj12v2IYSIUjaf1gQpi14Ezkr3j2TvyzAB-68hBIuCGgFL5za-exOynfjXWg; test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type text/html; charset=UTF-8 x-content-type-options nosniff date Wed, 13 Oct 2021 09:23:11 GMT server safe content-length 0 x-xss-protection 0 set-cookie DSID=NO_DATA; expires=Wed, 13-Oct-2021 10:23:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Wed, 13 Oct 2021 09:23:11 GMT cache-control private Redirect headers location https://googleads.g.doubleclick.net/pagead/drt/si cache-control private content-type text/html; charset=UTF-8 x-content-type-options nosniff date Wed, 13 Oct 2021 09:23:11 GMT server safe content-length 246 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 2E05	0 0	69ms 25ms	Fetch image/gif	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuTkFtHsa7DXUn_Gy34SiD2wlAclLcW48IehV8iNCEd7LilFca7F9T8Yzbdk19YMfGXp8Cl7V4F-mTQMTS2DaH39i4T3aNL3_1XlQ6flZs2d_Tzn0eQaXekIqEhOuB65iUQarlBiwWNxLvjugZdKinS3IjnmzsClEWT-yqNmhJw0MO8_zEQcopZF_9md29JSKRa9DhRmhn0CpU44tit8VDR5L2AauF7OJyXAefF8TNXJmXLPMfE1KmcXP3PbkaJOk3HqXhve6z1_6XsP7aaTu1J4xOTzk11XbLVCS3fW28tE9yEl4cTRTWOFPPHZsARQBlXAXtM_6MxwnuhxAqzd17daChdifLGVNzY8Bk2phyRofRkjR9rdhk_6_IyBvm0m0QcmlEBEENAhhoP8g7mDjsmUcVlHOZT0pyhf5iWqiUQan03lYaUpL7Y2tOZcnUQYZYWjHlL1IX3mGvSqAq2zBcjaXCBAvxcq-bQLQ1jMCr_0ENI5-PQeLq0ojMqUYC9Mwjx6i-jlhRDPlwVLncTAWXDOj35RDMLuA3kxBxjwvlQPq6FwNWC1rXXeNUKYfHe1s8YGW6qTIwHGvUKvKFUuGMGLAAZmWw8APn7hCzbd6NYR-8dTU5dPy-g45vc2Oa2hN_j4eda11e8p7SFccByEgBybq0ZmnDeZrXfN7970pz6_7KmS0jidCF7wHdSy0xSuKBVn_UplDbeT6UF9Ivg7uwDHURLfm4gaIxYxIyhdBU2MvM6KE-cLFdSvqCHkp-4yxd20kLU-BwqgDtauL6_Iz2qfA5NVi2RHBg07rivrZbXnfo8wCVconNT2e-Mzk5GrOwINHgBsInxJCuy9ZC2jg00J4Q1OxS2oAPipG4w2KRlONOoymoSIG4cfv9trnyLElQziGyups8qrIvN1_8yKt8uOk2F6cFfmqO1r14vedatefeQprKE2DcbMW8jiAxqMMGCLUqgLWxKTMWSmWGMudBVUSIDDXE&sig=Cg0ArKJSzGZEC9ibGp-PEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl= Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Wed, 13 Oct 2021 09:23:11 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H2	200	express_html_inpage_rendering_lib_200_275.js Show response s0.2mdn.net/879366/ Frame 2E05	106 KB 38 KB	100ms 19ms	Script text/javascript	142.250.186.70 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.70 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f6.1e100.net Software sffe / Resource Hash a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 14:55:14 GMT content-encoding gzip x-content-type-options nosniff age 66477 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37892 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:44:52 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 13 Oct 2021 14:55:14 GMT
GET H3	200	omrhp_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/ Frame 2E05	6 KB 3 KB	17ms 17ms	Script text/javascript	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/omrhp_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1385869829508656&output=html&h=600&slotname=4384594658&adk=3170635134&adf=251809335&pi=t.ma~as.4384594658&w=273&fwrn=4&fwrnh=100&lmt=1634116990&rafmt=1&psa=0&format=273x600&url=https%3A%2F%2Fvwts.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634116990583&bpp=1&bdt=418&idt=185&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C268x600&nras=1&correlator=3851979077453&frm=20&pv=1&ga_vid=766306439.1634116990&ga_sid=1634116991&ga_hid=1533827397&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=22&ady=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062370%2C31062945%2C21065725&oid=2&pvsid=727899838686769&pem=852&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2jpwXfa6G4&p=https%3A//vwts.ru&dtd=189 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash fb9268e99659f17a183de7aa0d4e27453f96c159a7ba99d6482522f8f72d1009 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:09:52 GMT content-encoding gzip x-content-type-options nosniff age 799 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2631 x-xss-protection 0 server cafe etag 10983085961369067521 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 27 Oct 2021 09:09:52 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 2E05	41 KB 15 KB	9ms 8ms	Script text/javascript	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 10:04:52 GMT content-encoding gzip x-content-type-options nosniff age 170299 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Tue, 11 Oct 2022 10:04:52 GMT
GET H3	200	m_js_controller_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 2E05	32 KB 13 KB	10ms 9ms	Script text/javascript	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/m_js_controller_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1385869829508656&output=html&h=600&slotname=4384594658&adk=3170635134&adf=251809335&pi=t.ma~as.4384594658&w=273&fwrn=4&fwrnh=100&lmt=1634116990&rafmt=1&psa=0&format=273x600&url=https%3A%2F%2Fvwts.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634116990583&bpp=1&bdt=418&idt=185&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C268x600&nras=1&correlator=3851979077453&frm=20&pv=1&ga_vid=766306439.1634116990&ga_sid=1634116991&ga_hid=1533827397&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=22&ady=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062370%2C31062945%2C21065725&oid=2&pvsid=727899838686769&pem=852&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2jpwXfa6G4&p=https%3A//vwts.ru&dtd=189 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software cafe / Resource Hash 4b9ec88112cdc4fa1a5fdf1c25ef72fcec2bac8433e46d3563b0fd2a2c4e8a19 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:08 GMT content-encoding gzip x-content-type-options nosniff age 3 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12879 x-xss-protection 0 server cafe etag 16202379683927501648 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 27 Oct 2021 09:23:08 GMT
GET H3	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 2E05	3 KB 1 KB	19ms 17ms	Script text/javascript	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1385869829508656&output=html&h=600&slotname=4384594658&adk=3170635134&adf=251809335&pi=t.ma~as.4384594658&w=273&fwrn=4&fwrnh=100&lmt=1634116990&rafmt=1&psa=0&format=273x600&url=https%3A%2F%2Fvwts.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634116990583&bpp=1&bdt=418&idt=185&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C268x600&nras=1&correlator=3851979077453&frm=20&pv=1&ga_vid=766306439.1634116990&ga_sid=1634116991&ga_hid=1533827397&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=22&ady=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062370%2C31062945%2C21065725&oid=2&pvsid=727899838686769&pem=852&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2jpwXfa6G4&p=https%3A//vwts.ru&dtd=189 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software cafe / Resource Hash 0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:19:07 GMT content-encoding gzip x-content-type-options nosniff age 244 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1426 x-xss-protection 0 server cafe etag 18061233391346882222 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 27 Oct 2021 09:19:07 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 2E05	123 KB 37 KB	52ms 28ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1385869829508656&output=html&h=600&slotname=4384594658&adk=3170635134&adf=251809335&pi=t.ma~as.4384594658&w=273&fwrn=4&fwrnh=100&lmt=1634116990&rafmt=1&psa=0&format=273x600&url=https%3A%2F%2Fvwts.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634116990583&bpp=1&bdt=418&idt=185&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C268x600&nras=1&correlator=3851979077453&frm=20&pv=1&ga_vid=766306439.1634116990&ga_sid=1634116991&ga_hid=1533827397&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=22&ady=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062370%2C31062945%2C21065725&oid=2&pvsid=727899838686769&pem=852&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2jpwXfa6G4&p=https%3A//vwts.ru&dtd=189 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software sffe / Resource Hash 393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:11 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37935 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1633952256361887" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 13 Oct 2021 09:23:11 GMT
GET H3	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 2E05	14 KB 6 KB	13ms 12ms	Script text/javascript	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1385869829508656&output=html&h=600&slotname=4384594658&adk=3170635134&adf=251809335&pi=t.ma~as.4384594658&w=273&fwrn=4&fwrnh=100&lmt=1634116990&rafmt=1&psa=0&format=273x600&url=https%3A%2F%2Fvwts.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634116990583&bpp=1&bdt=418&idt=185&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C268x600&nras=1&correlator=3851979077453&frm=20&pv=1&ga_vid=766306439.1634116990&ga_sid=1634116991&ga_hid=1533827397&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=22&ady=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062370%2C31062945%2C21065725&oid=2&pvsid=727899838686769&pem=852&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2jpwXfa6G4&p=https%3A//vwts.ru&dtd=189 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software cafe / Resource Hash f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:07:11 GMT content-encoding gzip x-content-type-options nosniff age 960 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6281 x-xss-protection 0 server cafe etag 18349783599053866072 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 27 Oct 2021 09:07:11 GMT
GET H3	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame 2E05	18 KB 8 KB	13ms 12ms	Script text/javascript	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1385869829508656&output=html&h=600&slotname=4384594658&adk=3170635134&adf=251809335&pi=t.ma~as.4384594658&w=273&fwrn=4&fwrnh=100&lmt=1634116990&rafmt=1&psa=0&format=273x600&url=https%3A%2F%2Fvwts.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634116990583&bpp=1&bdt=418&idt=185&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C268x600&nras=1&correlator=3851979077453&frm=20&pv=1&ga_vid=766306439.1634116990&ga_sid=1634116991&ga_hid=1533827397&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=22&ady=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062370%2C31062945%2C21065725&oid=2&pvsid=727899838686769&pem=852&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2jpwXfa6G4&p=https%3A//vwts.ru&dtd=189 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software cafe / Resource Hash b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:21:44 GMT content-encoding gzip x-content-type-options nosniff age 87 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7691 x-xss-protection 0 server cafe etag 14402072889669646931 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 27 Oct 2021 09:21:44 GMT
GET H3	200	reactive_library_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/	143 KB 51 KB	67ms 64ms	Script text/javascript	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/reactive_library_fy2019.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash 35a140b93b48666ed63ae27b57c1b41c1ee6a393d0a80bc3347ae5d246c379ac Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:11 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 52518 x-xss-protection 0 server cafe etag 409095023203622592 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Wed, 13 Oct 2021 09:23:11 GMT
GET H3	200	css fonts.googleapis.com/ Frame E3BD	4 KB 671 B	31ms 17ms	Stylesheet text/css	142.250.184.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:600|Poppins:600|Montserrat:700 Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14049184221323197860/cf869ab6412b812ab7ce921fec0a17e5.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.202 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f10.1e100.net Software ESF / Resource Hash 958ff0c5b920e1be715f689536f021ab730b7a22a851ac3b13c9569d8a785787 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 13 Oct 2021 09:23:11 GMT server ESF date Wed, 13 Oct 2021 09:23:11 GMT x-frame-options SAMEORIGIN report-to {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk" expires Wed, 13 Oct 2021 09:23:11 GMT
GET H3	200	dd8e2866793ed3cb5c2bb6d89dbb9ff2.jpg tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14049184221323197860/media/ Frame E3BD	23 KB 23 KB	10ms 9ms	Image image/jpeg	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14049184221323197860/media/dd8e2866793ed3cb5c2bb6d89dbb9ff2.jpg Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14049184221323197860/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software sffe / Resource Hash 72b043c41dde05efbec1dd2783196b1fe2de5b75e99a0ce28835212db30c3920 Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' x-content-type-options nosniff age 375590 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23795 x-xss-protection 0 last-modified Fri, 24 Sep 2021 16:52:53 GMT server sffe date Sat, 09 Oct 2021 01:03:21 GMT report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 09 Oct 2022 01:03:21 GMT
GET H3	200	43dd8cd0ea701975027deb30d713deb3.svg tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14049184221323197860/media/ Frame E3BD	3 KB 1 KB	9ms 8ms	Image image/svg+xml	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14049184221323197860/media/43dd8cd0ea701975027deb30d713deb3.svg Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14049184221323197860/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software sffe / Resource Hash b4a54c04f6984dd51c7a518df349d2e9f4f8276cb75c8149b52622996fc38791 Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' content-encoding gzip x-content-type-options nosniff age 62655 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1395 x-xss-protection 0 last-modified Fri, 24 Sep 2021 16:52:53 GMT server sffe date Tue, 12 Oct 2021 15:58:56 GMT vary Accept-Encoding report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Wed, 12 Oct 2022 15:58:56 GMT
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 4FD0	22 KB 8 KB	7ms 7ms	Document text/html	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} timing-allow-origin * content-length 8395 date Mon, 11 Oct 2021 10:04:54 GMT expires Tue, 11 Oct 2022 10:04:54 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 170297 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 fonts.gstatic.com/s/montserrat/v18/ Frame E3BD	20 KB 20 KB	33ms 10ms	Font font/woff2	142.250.185.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:600|Poppins:600|Montserrat:700 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f3.1e100.net Software sffe / Resource Hash ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin null Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 22:28:30 GMT x-content-type-options nosniff age 557681 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20040 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:20:44 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 06 Oct 2022 22:28:30 GMT
GET H3	200	pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v15/ Frame E3BD	8 KB 8 KB	31ms 9ms	Font font/woff2	142.250.185.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:600|Poppins:600|Montserrat:700 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f3.1e100.net Software sffe / Resource Hash b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin null Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 22:04:31 GMT x-content-type-options nosniff age 559120 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7988 x-xss-protection 0 last-modified Thu, 05 Nov 2020 22:02:10 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 06 Oct 2022 22:04:31 GMT
GET H3	200	JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2 fonts.gstatic.com/s/montserrat/v18/ Frame E3BD	19 KB 19 KB	28ms 7ms	Font font/woff2	142.250.185.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:600|Poppins:600|Montserrat:700 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f3.1e100.net Software sffe / Resource Hash 61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin null Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 04:00:09 GMT x-content-type-options nosniff age 105782 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19824 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:20:37 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 12 Oct 2022 04:00:09 GMT
GET DATA	200 OK	truncated / Frame 2E05	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2c835a787424adfcdf3893d995c9109699752266f24dcc4919c308fe9b18ecdc Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/png
GET H3	200	Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js Show response pagead2.googlesyndication.com/bg/ Frame 4FD0	35 KB 13 KB	14ms 13ms	Script text/javascript	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software sffe / Resource Hash 3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 10:30:14 GMT content-encoding br x-content-type-options nosniff age 168777 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13306 x-xss-protection 0 last-modified Tue, 05 Oct 2021 11:38:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Tue, 11 Oct 2022 10:30:14 GMT
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	34ms 16ms	Script application/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=vwts.ru Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Wed, 13 Oct 2021 09:23:11 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/ Frame 7A40	10 KB 5 KB	15ms 14ms	Document text/html	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s46-in-f2.1e100.net Software cafe / Resource Hash f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://vwts.ru/ accept-encoding gzip, deflate, br cookie IDE=AHWqTUkhj12v2IYSIUjaf1gQpi14Ezkr3j2TvyzAB-68hBIuCGgFL5za-exOynfjXWg; test_cookie=CheckForPermission; DSID=NO_DATA Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Tue, 12 Oct 2021 21:28:04 GMT expires Tue, 26 Oct 2021 21:28:04 GMT content-type text/html; charset=UTF-8 etag 414810510046348021 x-content-type-options nosniff content-encoding gzip server cafe content-length 4645 x-xss-protection 0 age 42907 cache-control public, max-age=1209600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	index.html Show response s0.2mdn.net/6440760/1619458107525/MAR-277-whiteBG-redHighlight-300X600/ Frame 77C7	7 KB 2 KB	40ms 16ms	Document text/html	142.250.186.70 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/6440760/1619458107525/MAR-277-whiteBG-redHighlight-300X600/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.70 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f6.1e100.net Software sffe / Resource Hash 91c90509d7bdb228ebc105b46fb0352fea681229138b325b67890289122eb9db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /6440760/1619458107525/MAR-277-whiteBG-redHighlight-300X600/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-length 2138 date Tue, 12 Oct 2021 09:58:50 GMT expires Wed, 13 Oct 2021 09:58:50 GMT last-modified Mon, 26 Apr 2021 17:28:27 GMT x-content-type-options nosniff server sffe x-xss-protection 0 age 84261 cache-control public, max-age=86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	gdn metrics.getrockerbox.com/track/ Frame 2E05	44 B 685 B	169ms 125ms	Image image/gif	104.21.83.150 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://metrics.getrockerbox.com/track/gdn?source=been_verified&tier_one=gdn&tier_two=12864166968&tier_three=120232913894&auction_id=2186145321 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1385869829508656&output=html&h=600&slotname=4384594658&adk=3170635134&adf=251809335&pi=t.ma~as.4384594658&w=273&fwrn=4&fwrnh=100&lmt=1634116990&rafmt=1&psa=0&format=273x600&url=https%3A%2F%2Fvwts.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634116990583&bpp=1&bdt=418&idt=185&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C268x600&nras=1&correlator=3851979077453&frm=20&pv=1&ga_vid=766306439.1634116990&ga_sid=1634116991&ga_hid=1533827397&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=22&ady=2416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C31062370%2C31062945%2C21065725&oid=2&pvsid=727899838686769&pem=852&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2jpwXfa6G4&p=https%3A//vwts.ru&dtd=189 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.83.150 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:11 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0lkYUurMWT%2FsqRWB1B2p8oc5G2Xr0cNSIdcntjFtUUoFPFwdji6R3ahON7JS5Cmq555VFQiASgGcV7mLl7dxdJOxX29z7lsxV%2BhgKr8Z93RnR%2BER4lBmjD2nYy3Vq3mG83B6r6Z%2FNkDtd58%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cf-ray 69d781fe78be4107-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js Show response pagead2.googlesyndication.com/bg/ Frame E3BD	35 KB 13 KB	16ms 13ms	Script text/javascript	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software sffe / Resource Hash 3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 10:30:14 GMT content-encoding br x-content-type-options nosniff age 168777 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13306 x-xss-protection 0 last-modified Tue, 05 Oct 2021 11:38:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Tue, 11 Oct 2022 10:30:14 GMT
GET H3	200	css2 fonts.googleapis.com/ Frame 7A40	4 KB 635 B	17ms 16ms	Stylesheet text/css	142.250.184.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.202 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f10.1e100.net Software ESF / Resource Hash ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 13 Oct 2021 08:48:56 GMT server ESF date Wed, 13 Oct 2021 09:23:11 GMT x-frame-options SAMEORIGIN report-to {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk" expires Wed, 13 Oct 2021 09:23:11 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 7A40	205 B 295 B	33ms 8ms	Image image/png	142.250.74.195 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f3.1e100.net Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 03:10:19 GMT x-content-type-options nosniff age 22372 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 205 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Thu, 13 Oct 2022 03:10:19 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 7A40	604 B 1 KB	32ms 7ms	Image image/png	142.250.74.195 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f3.1e100.net Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 03:52:09 GMT x-content-type-options nosniff age 19862 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 604 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Thu, 13 Oct 2022 03:52:09 GMT
GET H3	200	interstitial_ad_frame_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/ Frame 7A40	18 KB 8 KB	8ms 7ms	Script text/javascript	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/interstitial_ad_frame_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software cafe / Resource Hash d5c12600c2eedb11dbdcef87977046a3fc282f936b783659c0f0cb7a0815f3af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 08:56:35 GMT content-encoding gzip x-content-type-options nosniff age 1596 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7792 x-xss-protection 0 server cafe etag 11501120118990840405 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 27 Oct 2021 08:56:35 GMT
GET H3	200	style.css s0.2mdn.net/6440760/1619458107525/MAR-277-whiteBG-redHighlight-300X600/styles/ Frame 77C7	4 KB 1 KB	14ms 14ms	Stylesheet text/css	142.250.186.70 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/6440760/1619458107525/MAR-277-whiteBG-redHighlight-300X600/styles/style.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/6440760/1619458107525/MAR-277-whiteBG-redHighlight-300X600/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.70 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f6.1e100.net Software sffe / Resource Hash b6aadd8911a8cdd59cb7d67766713e478f276a232b4b17c6728fbee6fe9ecc79 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/6440760/1619458107525/MAR-277-whiteBG-redHighlight-300X600/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 04:46:25 GMT content-encoding gzip x-content-type-options nosniff age 16606 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1089 x-xss-protection 0 last-modified Mon, 26 Apr 2021 17:28:27 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 14 Oct 2021 04:46:25 GMT
GET H3	200	script.js Show response s0.2mdn.net/6440760/1619458107525/MAR-277-whiteBG-redHighlight-300X600/scripts/ Frame 77C7	2 KB 716 B	14ms 14ms	Script text/javascript	142.250.186.70 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/6440760/1619458107525/MAR-277-whiteBG-redHighlight-300X600/scripts/script.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/6440760/1619458107525/MAR-277-whiteBG-redHighlight-300X600/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.70 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f6.1e100.net Software sffe / Resource Hash 5f826721a6890f87bbf52c80de0aa93651ab56d780c9ad048e2d07ac9d3ec0f9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/6440760/1619458107525/MAR-277-whiteBG-redHighlight-300X600/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 04:46:25 GMT content-encoding gzip x-content-type-options nosniff age 16606 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 690 x-xss-protection 0 last-modified Mon, 26 Apr 2021 17:28:27 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 14 Oct 2021 04:46:25 GMT
GET H3	200	css fonts.googleapis.com/ Frame D142	3 KB 580 B	17ms 17ms	Stylesheet text/css	142.250.184.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.202 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f10.1e100.net Software ESF / Resource Hash 32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 13 Oct 2021 08:10:51 GMT server ESF date Wed, 13 Oct 2021 09:23:11 GMT x-frame-options SAMEORIGIN report-to {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk" expires Wed, 13 Oct 2021 09:23:11 GMT
GET H3	200	load_preloaded_resource_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame D142	2 KB 920 B	7ms 7ms	Script text/javascript	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/load_preloaded_resource_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software cafe / Resource Hash 1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:22:35 GMT content-encoding gzip x-content-type-options nosniff age 36 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 885 x-xss-protection 0 server cafe etag 638833322182864030 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 27 Oct 2021 09:22:35 GMT
GET H3	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame D142	18 KB 8 KB	7ms 7ms	Script text/javascript	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software cafe / Resource Hash b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:21:44 GMT content-encoding gzip x-content-type-options nosniff age 87 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7691 x-xss-protection 0 server cafe etag 14402072889669646931 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 27 Oct 2021 09:21:44 GMT
GET H3	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame D142	3 KB 1 KB	7ms 7ms	Script text/javascript	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software cafe / Resource Hash 0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:19:07 GMT content-encoding gzip x-content-type-options nosniff age 244 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1426 x-xss-protection 0 server cafe etag 18061233391346882222 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 27 Oct 2021 09:19:07 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame D142	123 KB 37 KB	44ms 43ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software sffe / Resource Hash 393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:11 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37935 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1633952256361887" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 13 Oct 2021 09:23:11 GMT
GET H3	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame D142	14 KB 6 KB	7ms 7ms	Script text/javascript	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software cafe / Resource Hash f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:07:11 GMT content-encoding gzip x-content-type-options nosniff age 960 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6281 x-xss-protection 0 server cafe etag 18349783599053866072 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 27 Oct 2021 09:07:11 GMT
GET H3	200	94b9e9edb15b7c220f12fa63d878a5af.js Show response www.gstatic.com/mysidia/ Frame D142	27 KB 11 KB	30ms 15ms	Script text/javascript	142.250.74.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/94b9e9edb15b7c220f12fa63d878a5af.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.74.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f3.1e100.net Software sffe / Resource Hash 3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 07 Oct 2021 06:36:14 GMT content-encoding gzip x-content-type-options nosniff age 528417 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11213 x-xss-protection 0 last-modified Thu, 07 Oct 2021 05:48:38 GMT server sffe vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="mysidia" expires Wed, 05 Jan 2022 06:36:14 GMT
GET H3	200	BV-logo.png s0.2mdn.net/6440760/1619458107525/MAR-277-whiteBG-redHighlight-300X600/images/ Frame 77C7	3 KB 4 KB	18ms 18ms	Image image/png	142.250.186.70 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/6440760/1619458107525/MAR-277-whiteBG-redHighlight-300X600/images/BV-logo.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/6440760/1619458107525/MAR-277-whiteBG-redHighlight-300X600/styles/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.70 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f6.1e100.net Software sffe / Resource Hash f9a24d8907d6bbec4b0f7bf39f3b3a71ed4b9eac9154a871e4c60632590fdc9c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/6440760/1619458107525/MAR-277-whiteBG-redHighlight-300X600/styles/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 04:46:25 GMT x-content-type-options nosniff age 16606 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3564 x-xss-protection 0 last-modified Mon, 26 Apr 2021 17:28:27 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 14 Oct 2021 04:46:25 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame D15D	143 B 163 B	15ms 15ms	Document text/html	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s46-in-f2.1e100.net Software safe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/drt/s?v=r20120211 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1 accept-encoding gzip, deflate, br cookie IDE=AHWqTUkhj12v2IYSIUjaf1gQpi14Ezkr3j2TvyzAB-68hBIuCGgFL5za-exOynfjXWg; test_cookie=CheckForPermission; DSID=NO_DATA Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1 Response headers content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Wed, 13 Oct 2021 08:35:57 GMT server safe content-length 145 x-xss-protection 0 cache-control public, max-age=3600 age 2834 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame D15D Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si	0 16 B	48ms 48ms	Document text/html	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s46-in-f2.1e100.net Software safe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/drt/si pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br cookie IDE=AHWqTUkhj12v2IYSIUjaf1gQpi14Ezkr3j2TvyzAB-68hBIuCGgFL5za-exOynfjXWg; test_cookie=CheckForPermission; DSID=NO_DATA Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type text/html; charset=UTF-8 x-content-type-options nosniff date Wed, 13 Oct 2021 09:23:12 GMT server safe content-length 0 x-xss-protection 0 set-cookie DSID=NO_DATA; expires=Wed, 13-Oct-2021 10:23:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Wed, 13 Oct 2021 09:23:12 GMT cache-control private Redirect headers location https://googleads.g.doubleclick.net/pagead/drt/si cache-control private content-type text/html; charset=UTF-8 x-content-type-options nosniff date Wed, 13 Oct 2021 09:23:11 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 4FD0	0 20 B	49ms 49ms	Image image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bhvc_fqVmYYHpMMnv3wO0z7ygAwAAAAA4AeAEAg&bg=!5-Sl5KDNAAbGFvHlxhY7ACkAdvg8WqnVJXpPhR-ZAHVnOdFK8YAdflSVuTnySHQWXmxRS2ZlakC2_wIAAADwUgAAAAxoAQeZAvhoGYd4vi8ZlMODluRsg0jiPAbXQ0CMZZj7cCsM1fP3UZp-QtNddEBgZZBIN3SL_5X-09CM6MyOWyH9AQ8HHjbs50U6QITphz51WJuDJau4daXIo29p5VJUOAP11sX5X_4e5dX42s00OYZQYhHdoV794_PesjkXRK8_kdGQzy-98oF360XDRlhcIBV5zGjSapePu_6sq4vyWLJ29RkpAInJwyTPGMx4c8GYofHXIho4LD4UWnfu02XqoG_fW-gvQJrtb7VKXqk0dEzI63xGNrUR3ABo5RyGRrQ_peU7mdqQAs7FxRhafeY9Ddw7fCC9W2HaEtMelGlloQtVd97cFaEdClIK5dbsFx5-VvLMUPthsy940IrnX8yEKd7J7zt_ngqOy-kuqqagbMIyh_wbYjcAGgIq9WPciviCVzHsWK3GdePUjUV1zp5tmCPKlQ1m7HFQl4AvwfwdasFgdW6L7ujuiPklDRAkuSQsvJX6BpgCjS_iSPSUPGpTM0-QxmoAziapkqtdbqGH7mXWY1TAjC9_0I5cqPQlYA3olmuU65GzUIzRgHAYxT7UFD3MCzJMcDYMwWvQdnQqNO3K70Q95maPIqheFW2vUfNBV6ABQbOax9P64o12lz37xGsPXQWpi3L_ImiK7YmCKkDGY38ZF66iphr0qN5yhlM3cTIXd6tSF-Lbr9pWGnsAWynID4KuJZ9AaIVD3gj6M0WF5NecmSmj7lJHebLdekjlvcyT11rex6hKP9Y-vQ2eZKI3JazGmIdaMSTPo3IizgaIdFeGS4LX_qNvnruzZYMQ4bnq-kSIFuA9DcD6kH8XeSODYtckjBfNFcf5RXprFy51wvNakb84rhEHTYQo_tcc_hsHyw3jj_Rmm5inS8iO3tolx8TrqxrcF35HNCSJxJNdUjiJvOYdFVi72cJr9UZZuIVNJDEnPpWTcKkm9ef0bwwX3YsQYmslAXu8eoyzuMl0717BTKOpKk3Vzw_Bk8IErpI-rt-dxykApS1jjJdj Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 13 Oct 2021 09:23:12 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js Show response pagead2.googlesyndication.com/bg/ Frame 62D6	35 KB 13 KB	22ms 22ms	Script text/javascript	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js Requested by Host: vwts.ru URL: https://vwts.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software sffe / Resource Hash 3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 10:30:14 GMT content-encoding br x-content-type-options nosniff age 168778 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13306 x-xss-protection 0 last-modified Tue, 05 Oct 2021 11:38:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Tue, 11 Oct 2022 10:30:14 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 1AA0	42 B 64 B	77ms 52ms	Fetch image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBgetZX3wDgnOlvZpcmDfi8otVWdWnySKWuOlVAAk92MTgOtCdmFi6ScbykFuQzJ_Zst6YmEUCbDs8Sze0KEq8A97WqpsMEJjq2Fy2m6Br6iF1Eck&sai=AMfl-YRN5hrM01zj9npX1f4o8SAhUamfl8qQ-vZI5TCEivjPVlkbqev_L7zh0lkErhvN1wi0AtMi1tWv8lEF&sig=Cg0ArKJSzAzoyhAOnA3JEAE&id=lidar2&mcvt=1001&p=0,0,536,268&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211011&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=442762267&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634116991340&rpt=144&met=mue&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 13 Oct 2021 09:23:12 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	tracker top-fwz1.mail.ru/	43 B 876 B	45ms 45ms	Image image/gif	217.69.133.145 MAILRU-AS Mail.Ru
General Check archive.org Show headers Download Go to Show image Full URL https://top-fwz1.mail.ru/tracker?js=13;id=35502;u=https%3A//vwts.ru/;st=1634116990453;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=385cc0a92e05dfff;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1634116989896/////92/93/93/93/199/141/199/266/314/269/557/557/563/2620/2620/;ni=9.1//4g/0/0/;lvid=1634116990630%3A1634116992520%3A2%3Ad3eeed0fee96900261e7339ee0b64b2e;visible=true;_=0.19403300988138827;e=RT/load;et=1634116992518 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU), Reverse DNS top-fwz1.mail.ru Software nginx / Resource Hash 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:12 GMT x-content-type-options nosniff p3p CP="NOI DSP COR NID CUR PSA OUR NOR" content-length 43 pragma no-cache amp-access-control-allow-source-origin * server nginx access-control-allow-methods GET, POST, HEAD, PUT, OPTIONS content-type image/gif access-control-allow-origin * access-control-expose-headers AMP-Access-Control-Allow-Source-Origin cache-control private, no-cache, no-store, max-age=0 access-control-allow-credentials true accept-ch-lifetime 86400 accept-ch DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version timing-allow-origin * access-control-allow-headers *
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	11 KB 8 KB	29ms 29ms	XHR application/json	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211011&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash 9d09c2821a023bfc22ddddc8fc7ec430187be02640f114cf6b05ca38da33d07b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Wed, 13 Oct 2021 09:23:12 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8557 x-xss-protection 0
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	2322ms 2322ms	Script text/javascript	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:14 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6467 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Wed, 13 Oct 2021 09:23:14 GMT
GET H2	200	/ www.acint.net/ping/	43 B 224 B	11ms 10ms	Image image/gif	195.201.243.72 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.acint.net/ping/?v=0.3.0&uid=24ba234d-74a2-487f-a65f-7c336baf5bc0&dp=10&tz=%2B00%3A00&nc=82506918&dT=2021-10-13T09%3A23%3A13.582 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS regensburg.aucourant.info Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 13 Oct 2021 09:23:13 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty content-type image/gif content-length 43 expires Wed, 19 Apr 2000 11:43:00 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/224/ Frame D0BC	12 KB 5 KB	8ms 7ms	Document text/html	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software sffe / Resource Hash 4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/224/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://vwts.ru/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5029 date Wed, 13 Oct 2021 08:18:56 GMT expires Thu, 13 Oct 2022 08:18:56 GMT last-modified Wed, 02 Jun 2021 17:09:45 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 3859 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame CCE7	783 B 534 B	17ms 17ms	Document text/html	142.250.184.228 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.228 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f4.1e100.net Software GSE / Resource Hash 589106aea082e9295d96c39b452332253ebe491a805910ba2d0ca4d3e3bfb9a8 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-9AISwmhYYqX+w5o9QlhObg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://vwts.ru/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy-report-only require-corp; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Wed, 13 Oct 2021 09:23:15 GMT date Wed, 13 Oct 2021 09:23:15 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-9AISwmhYYqX+w5o9QlhObg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 512 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js Show response pagead2.googlesyndication.com/bg/ Frame D0BC	35 KB 13 KB	14ms 14ms	Script text/javascript	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software sffe / Resource Hash 3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 10:30:14 GMT content-encoding br x-content-type-options nosniff age 168781 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13306 x-xss-protection 0 last-modified Tue, 05 Oct 2021 11:38:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Tue, 11 Oct 2022 10:30:14 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame CCE7	0 0	38ms 37ms	Image text/html	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211011&jk=727899838686769&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	51ms 51ms	Image image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211011&jk=727899838686769&bg=!6Oul66_NAAbGFvHlxhY7ACkAdvg8WoqgeRxsWDmWj7XNh_4VvvJzq9dgM8k91xBgU5BN63yN7bpCvgIAAABYUgAAAAtoAQeZAq6wEUiqt_33TNrhUeGmydJRgeQIAvevDRtmLvcvzXLMxBS85Ycbe_oU2TQY2QfnNS8pkuwobmYcg-3ERMTw1GQ303nFYH3WHDXPqVgb0k-I-khOI9oHdeibHNW4O4iL_EyLCYOGJ2hj01qssKWfCcAMFilceJwF17RgqGuB7wmoxhxjVuwuOx0ldAFaroNu6F2MIjHiYRVLgcZ0QAtyORSUcy3_4BChiKBpQPh_aUMWvGNMbWnNeaXdw2i26DUykyYOCFnbTJpgPGzNY-4CW1AZ5ojxEb2bKaY1nOjceHGhArjk_a9MrobCfkuEeHsXB4auifaf1ogTfP7JLOA2pn-xLuuMDGC-n53p-qxCSF2dfwoVWaeD7uPJGV59WBGeDIBbvVZ3xgdRnr_8pad3DzVD0uitcZQqmZnGJwuQJ4l5oJw_i4JJ09-WlAQqQa8zSRx_P6WsqYB9myWCdXr1XjocDg3Ht0R3SUtu7vfGyZpNsTlfkSEnclRXuM-U391zFJxv0tWNqhZ_aHzS5ZHHRvY3qcAUtqdPG7aAsDW70iwlRQHrjlfr3OgSELPQcJ82vMyz9lhr3wqbdgDU0gEu9owloG-b53K6psWD0zxDa1d8R-X1r-tCJhM1wao5pspbBuGF8gO56pZlfeuMi4Pn0O_QEiOUv--vcziTsvdubh9OnXT4xFJjBk0gXn7p6pvbqGh8jp7UGtPsfWgyHOQkW9eGWbmvzzpuWXAMSjXKyec8UBuMZpo5Hq76fb4Ps3sNF6VNlnISssithI9npyBdlyKpm1ZTDSjtamvtNTllKDUpHlm0Z8WoVGg7YCyrQIGROuWiC9fkKP84M5mN9cuu5WIjBbf3TClmI4DJc-r4u1qdLPggJlOlWxnuiD1dver3LCYIac2Mx9ipewcCq9wKVQ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://vwts.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 13 Oct 2021 09:23:15 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT