urlscan.io logo urlscan.io
SecurityTrails logo

botana.biz Open in urlscan Pro
91.211.251.90  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://botana.biz/
Effective URL: https://botana.biz/
Submission: On December 21 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 13 domains to perform 58 HTTP transactions. The main IP is 91.211.251.90, located in Dronten, Netherlands and belongs to ON-LINE-DATA Server location - Netherlands, Dronten, NL. The main domain is botana.biz.
TLS certificate: Issued by R3 on November 29th 2023. Valid for: 3 months.
This is the only time botana.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

15    91.211.251.90 (Dronten, Netherlands)

ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: 1684724.ds.had.pm
botana.biz
10    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a02:6b8:a::a (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
yandex.ru
1    185.177.94.152 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-94-152.ah-server.com
bro.dvanadva.ru
8    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
2    88.212.201.204 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru
counter.yadro.ru
4    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
7    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
yastatic.net
9    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net
www.googleadservices.com
Apex Domain
Subdomains		 Transfer
19 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
369 KB
15 botana.biz
botana.biz
222 KB
7 yastatic.net
yastatic.net — Cisco Umbrella Rank: 7053
202 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8902
3 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
55 KB
4 yandex.ru
yandex.ru — Cisco Umbrella Rank: 2221
mc.yandex.ru — Cisco Umbrella Rank: 4182
169 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
47 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 12199
1 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
65 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 dvanadva.ru
bro.dvanadva.ru
19 KB
58 13
Domain Requested by
15 botana.biz 1 redirects botana.biz
10 pagead2.googlesyndication.com botana.biz
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
9 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
7 yastatic.net yandex.ru
5 mc.yandex.com 3 redirects botana.biz
4 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
3 mc.yandex.ru 1 redirects botana.biz
2 www.googleadservices.com
2 fonts.gstatic.com fonts.googleapis.com
2 counter.yadro.ru 1 redirects botana.biz
1 www.google.com tpc.googlesyndication.com
1 www.gstatic.com googleads.g.doubleclick.net
1 www.googletagservices.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 bro.dvanadva.ru botana.biz
1 yandex.ru botana.biz
58 16

This site contains links to these domains. Also see Links.

Domain
ru.wikipedia.org
Subject Issuer Validity Valid
botana.biz
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.xn--d1acpjx3f.xn--p1ai
GlobalSign ECC OV SSL CA 2018		 2023-10-26 -
2024-04-24		 6 months crt.sh
bro.dvanadva.ru
R3		 2023-12-01 -
2024-02-29		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-08-14 -
2024-01-24		 5 months crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2023-12-13 -
2024-06-11		 6 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://botana.biz/
Frame ID: CFFC643B169BA8D8A6378ABA88E45EF1
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 8F9FC14E02F24381B6D4845631C2C062
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3908179200704798&output=html&adk=1812271804&adf=3025194257&lmt=1703182428&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C236x1080_r&format=0x0&url=https%3A%2F%2Fbotana.biz%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703182428410&bpp=4&bdt=437&idt=286&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=981257303709&frm=20&pv=2&ga_vid=1707817181.1703182429&ga_sid=1703182429&ga_hid=2131191599&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080103%2C42532524%2C95320884%2C95321229&oid=2&pvsid=1650457004759093&tmod=1200865223&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=304
Frame ID: 83F13C1111E187C1AD08EB0EF9908D6A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: F4B19FAF6B560AC91FFFBE630DB99690
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DDBE244DF2E817806A67E73C9F553253
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 904F54085091ECB03FFB2F6C011CAF50
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: D06160BA51DBA58B914946D42D7237BB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Библиотека школьных учебников - БОТАН

Page URL History Show full URLs

  1. http://botana.biz/ HTTP 301
    https://botana.biz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

58
Requests

93 %
HTTPS

73 %
IPv6

13
Domains

16
Subdomains

16
IPs

4
Countries

1151 kB
Transfer

3039 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://botana.biz/ HTTP 301
    https://botana.biz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//botana.biz/;0.7044959351856708 HTTP 302
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//botana.biz/;0.7044959351856708
Request Chain 27
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10224.R7g0-WYLM8z_SEMzFach5oLZWiG5RdXQsgvoqvCtuEiASntjUR_7tbVpEU6uH0Cy.Zpu32GQI5QXJR2W-Uwm4z8qYG5w%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10224.hJa3wiRpdLyB-n446M2nApjQg0Nc77c_axQfNH-DL10S5VVsN_oB4HTuFIDt-d876tApixr1WM5aHW3ZJk0NZMHshQjqZoo1P1Cds_2Me5NzLnQ2xleg7_t2HlQHQ5OX9HkvPOLn1QScFNh182-zuFR78xuMGUICqaOi2GxzV9vgrV_i3Sr54wxK-SH3seWPe37N31IRK7ahKqwyMXIn7CoAuCbfO5sDkDnT03u2vTE%2C.HbuHY20K1De5Ae2j199lOcqej_M%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10224.4EANo0iPTSPMk334_KY6KLk3WN-4EaUBrR72vf1w0fForDay5GWC_wIT_jX1lQmVhrEnf1WW3ab-ihRpzjgoKYF8y2BG6PowCJrVdcRpdtD9zu7Dn74nKwD1JZCstuWJ2WoAIeEeOgFM5dq3ieG6nJHbzyWPbHE4hsLszs3WkUuec7TDzB3hcTO5ytkD2-jn5f-1j4lXdePxt7sxXD3mAQ%2C%2C.hsH8_IHUC5v63_q5X_2lPWNFCWc%2C
Request Chain 32
  • https://mc.yandex.com/watch/50871335?wmode=7&page-url=https%3A%2F%2Fbotana.biz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1200%3Acn%3A1%3Adp%3A0%3Als%3A1582041347740%3Ahid%3A549858256%3Az%3A60%3Ai%3A20231221191348%3Aet%3A1703182429%3Ac%3A1%3Arn%3A985444118%3Arqn%3A1%3Au%3A1703182429955496268%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C61%2C59%2C29%2C69%2C0%2C%2C105%2C0%2C%2C%2C%2C326%3Aco%3A0%3Acpf%3A1%3Ans%3A1703182427771%3Afp%3A340%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703182429%3At%3A%D0%91%D0%B8%D0%B1%D0%BB%D0%B8%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8C%D0%BD%D1%8B%D1%85%20%D1%83%D1%87%D0%B5%D0%B1%D0%BD%D0%B8%D0%BA%D0%BE%D0%B2%20-%20%D0%91%D0%9E%D0%A2%D0%90%D0%9D&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/50871335/1?wmode=7&page-url=https%3A%2F%2Fbotana.biz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1200%3Acn%3A1%3Adp%3A0%3Als%3A1582041347740%3Ahid%3A549858256%3Az%3A60%3Ai%3A20231221191348%3Aet%3A1703182429%3Ac%3A1%3Arn%3A985444118%3Arqn%3A1%3Au%3A1703182429955496268%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C61%2C59%2C29%2C69%2C0%2C%2C105%2C0%2C%2C%2C%2C326%3Aco%3A0%3Acpf%3A1%3Ans%3A1703182427771%3Afp%3A340%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703182429%3At%3A%D0%91%D0%B8%D0%B1%D0%BB%D0%B8%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8C%D0%BD%D1%8B%D1%85%20%D1%83%D1%87%D0%B5%D0%B1%D0%BD%D0%B8%D0%BA%D0%BE%D0%B2%20-%20%D0%91%D0%9E%D0%A2%D0%90%D0%9D&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
Request Chain 53
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CH7s1XICEZaeDOO2Jpt8P0bmLuAKcmbD3dOmS6MyhEq-BuuPXAhABILau3ANgkYSghYwYoAHppunTKcgBCagDAcgDywSqBMsBT9AcR2u7iBCQVQiFljYLVVS69IAhWntxcs44UC3cBpiqb7-1eZqratdXyxjqW9pC9McXzXHe1gzK2P_-q_Unhgfy1ehnde1DJaUDjd32HFxZLoHrxzu2lvOGBU1pVyE8kKs2s8_ebt4MuKbvoTmtexBlm7IMi_9VmCNFbB_PSqg5aBPbpJlc48n9FkzwHft6wx2k_8B9APR6Q14rWwBB5rQOnXXgVHtaDemny195rPNK2jVtqQM7LBUGrOzCHEvUrMUDvO6676s8eo_ABIThgN7iBIgFsb_rp02SBQQIBBgBkgUECAUYBKAGLoAH6d65swSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCwrwbSCB8IgOGAcBABGB8yAusCOgKAQEi9_cE6WP_Unf2QoYMDmgklaHR0cHM6Ly9tb25pY2EuaW0vP3V0bT1nYXNfZW5fZHBfMTEwN4AKAcgLAaIMGCoWChTktLEC7rWxArW4sQKsurECu7uxArgT5APYEwzQFQGAFwGyFxwKGggAEhRwdWItMzkwODE3OTIwMDcwNDc5OBgA&sigh=9H3Fn9GWKjU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_Ob3NnwhO-O68l_TDjofM7URR-T9XxocpDFzxDH-2z3JiCydYKRlRCTFJ07ncIgBuP2hywSKMRkjR6dAivR2wafWNIkaNVFmEwRgB&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228933642878248586022%22,%22debug_reporting%22:true,%22destination%22:%22https://monica.im%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211181642601%22],%2222%22:[%22true%22],%224%22:[%2212-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224286301158762485473%22}&andc=true

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
botana.biz/
Redirect Chain
  • http://botana.biz/
  • https://botana.biz/
72 KB
72 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://botana.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.211.251.90 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
1684724.ds.had.pm
Software
nginx/1.16.1 /
Resource Hash
d30de3f750b57e84a1bb5bf2a6f9d37ea25eae78463548d8534167cd426383cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Dec 2023 18:13:47 GMT
Server
nginx/1.16.1
Strict-Transport-Security
max-age=31536000;
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Thu, 21 Dec 2023 18:13:47 GMT
Location
https://botana.biz:443/
Server
nginx/1.16.1
Transfer-Encoding
chunked
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3908179200704798
Requested by
Host: botana.biz
URL: https://botana.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6859eb6f5d5224c25022d26cb85d90f0cc1d4de0658a1251836835db556b6272
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://botana.biz/
Origin
https://botana.biz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 18:13:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51546
x-xss-protection
0
server
cafe
etag
12572815493509169257
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 18:13:48 GMT
context.js
yandex.ru/ads/system/ 		343 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: botana.biz
URL: https://botana.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
cb17bd29f15ee64fb5ad964c780b0522fd2a55669b8b45c61aabf0490656795a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://botana.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1703182428236418-170982885421677841-balancer-l7leveler-kubr-yp-vla-67-BAL-5553
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 21 Dec 2023 19:13:48 GMT
gmzgkmbrgm5ha3ddf42taojw
bro.dvanadva.ru/code/ 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bro.dvanadva.ru/code/gmzgkmbrgm5ha3ddf42taojw
Requested by
Host: botana.biz
URL: https://botana.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.177.94.152 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
ip-185-177-94-152.ah-server.com
Software
nginx /
Resource Hash
ab0797b969b9541ddf2b0b916a1fbbe37726bed3c7b73f88e76ec44e21e06621
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://botana.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 21 Dec 2023 18:13:48 GMT
strict-transport-security
max-age=31536000
content-security-policy
img-src https: data:; upgrade-insecure-requests
server
nginx
content-type
application/javascript; charset=UTF-8
jquery-2.2.4.min.js
botana.biz/users/js/ 		84 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://botana.biz/users/js/jquery-2.2.4.min.js
Requested by
Host: botana.biz
URL: https://botana.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.211.251.90 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
1684724.ds.had.pm
Software
nginx/1.16.1 /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://botana.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 18:13:48 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sun, 21 Oct 2018 18:10:18 GMT
Server
nginx/1.16.1
ETag
"5bccc10a-14e4a"
Content-Type
application/javascript; charset=UTF-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
85578
book-cover-s.jpg
botana.biz/uchebnik/biologiya/10/by001/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://botana.biz/uchebnik/biologiya/10/by001/book-cover-s.jpg
Requested by
Host: botana.biz
URL: https://botana.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.211.251.90 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
1684724.ds.had.pm
Software
nginx/1.16.1 /
Resource Hash
37bab04fa84dd5dad80da97585d39d25b06d06b68d78913b32c5508b72931ca5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://botana.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 18:13:48 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sun, 21 Oct 2018 18:07:33 GMT
Server
nginx/1.16.1
ETag
"5bccc065-129a"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4762
book-cover-s.jpg
botana.biz/uchebnik/informatika/06/by001/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://botana.biz/uchebnik/informatika/06/by001/book-cover-s.jpg
Requested by
Host: botana.biz
URL: https://botana.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.211.251.90 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
1684724.ds.had.pm
Software
nginx/1.16.1 /
Resource Hash
2a0b654e663b8c597595d13b2f54795bebb80b4e86472f7c1244545276e4eca4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://botana.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 18:13:48 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sun, 21 Oct 2018 18:07:34 GMT
Server
nginx/1.16.1
ETag
"5bccc066-1317"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4887
book-cover-s.jpg
botana.biz/uchebnik/istoriya/06/by001/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://botana.biz/uchebnik/istoriya/06/by001/book-cover-s.jpg
Requested by
Host: botana.biz
URL: https://botana.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.211.251.90 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
1684724.ds.had.pm
Software
nginx/1.16.1 /
Resource Hash
79141cbae350af89a2d69c70f0337e14d3c2d30b435723609019b605d3cc7420
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://botana.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 18:13:48 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sun, 21 Oct 2018 18:07:35 GMT
Server
nginx/1.16.1
ETag
"5bccc067-1295"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4757
book-cover-s.jpg
botana.biz/uchebnik/istoriya/07/by001/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://botana.biz/uchebnik/istoriya/07/by001/book-cover-s.jpg
Requested by
Host: botana.biz
URL: https://botana.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.211.251.90 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
1684724.ds.had.pm
Software
nginx/1.16.1 /
Resource Hash
6e9be5e24aed59c35bdcbd6e57ed0088c881c2fe98e30144fe2102d54b8ee18c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://botana.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 18:13:48 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sun, 21 Oct 2018 18:07:36 GMT
Server
nginx/1.16.1
ETag
"5bccc068-15de"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5598
book-cover-s.jpg
botana.biz/uchebnik/istoriya/08/by001/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://botana.biz/uchebnik/istoriya/08/by001/book-cover-s.jpg
Requested by
Host: botana.biz
URL: https://botana.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.211.251.90 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
1684724.ds.had.pm
Software
nginx/1.16.1 /
Resource Hash
87ac534c33b696dfce1ffa20f6cbaefb5c1080973f56e05685afb00a17f71d25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://botana.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 18:13:48 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sun, 21 Oct 2018 18:07:37 GMT
Server
nginx/1.16.1
ETag
"5bccc069-1214"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4628
book-cover-s.jpg
botana.biz/uchebnik/istoriya/09/by001/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://botana.biz/uchebnik/istoriya/09/by001/book-cover-s.jpg
Requested by
Host: botana.biz
URL: https://botana.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.211.251.90 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
1684724.ds.had.pm
Software
nginx/1.16.1 /
Resource Hash
b22ce2b9d4d88edba0af4b54f96ae4b3a557a2234e4ca422fcf693b3e6baf7d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://botana.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 18:13:48 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sun, 21 Oct 2018 18:07:37 GMT
Server
nginx/1.16.1
ETag
"5bccc069-10cf"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4303
book-cover-s.jpg
botana.biz/uchebnik/istoriya/10/by001/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://botana.biz/uchebnik/istoriya/10/by001/book-cover-s.jpg
Requested by
Host: botana.biz
URL: https://botana.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.211.251.90 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
1684724.ds.had.pm
Software
nginx/1.16.1 /
Resource Hash
2ad75d93bc858c4798f45b0ba26446f8e0d94d42314e4bfef2e35a5676c8c3f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://botana.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 18:13:48 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sun, 21 Oct 2018 18:07:38 GMT
Server
nginx/1.16.1
ETag
"5bccc06a-13c7"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5063
book-cover-s.jpg
botana.biz/uchebnik/istoriya/11/by001/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://botana.biz/uchebnik/istoriya/11/by001/book-cover-s.jpg
Requested by
Host: botana.biz
URL: https://botana.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.211.251.90 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
1684724.ds.had.pm
Software
nginx/1.16.1 /
Resource Hash
a2525cd1e36c14b6bfae9188d6275f2037f30cf3c460e3451aaabb3a9eb17090
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://botana.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 18:13:48 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sun, 21 Oct 2018 18:07:39 GMT
Server
nginx/1.16.1
ETag
"5bccc06b-136b"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4971
book-cover-s.jpg
botana.biz/uchebnik/doprizyvnaya/10/by001/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://botana.biz/uchebnik/doprizyvnaya/10/by001/book-cover-s.jpg
Requested by
Host: botana.biz
URL: https://botana.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.211.251.90 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
1684724.ds.had.pm
Software
nginx/1.16.1 /
Resource Hash
b0f885942967ce619680dcd2d2014cdb239446feeaddead5cd35de7953118adb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://botana.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 18:13:48 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sun, 21 Oct 2018 18:07:34 GMT
Server
nginx/1.16.1
ETag
"5bccc066-164e"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5710
desc-back.png
botana.biz/img/site/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://botana.biz/img/site/desc-back.png
Requested by
Host: botana.biz
URL: https://botana.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.211.251.90 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
1684724.ds.had.pm
Software
nginx/1.16.1 /
Resource Hash
3e0fb6b833874d42258270ded7ddad8d2cb6adbf620fedffe4dd7b21501e9278
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://botana.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 18:13:48 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sun, 21 Oct 2018 18:02:08 GMT
Server
nginx/1.16.1
ETag
"5bccbf20-229d"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8861
tag.js
mc.yandex.ru/metrika/ 		202 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: botana.biz
URL: https://botana.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
0b5aa5c730cfe86174743369fcedd67a44e4790e6520cbb0a787a98e22b1f825
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://botana.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 18:13:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Thu, 21 Dec 2023 13:41:56 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"658440a4-1165f"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
71263
expires
Thu, 21 Dec 2023 19:13:48 GMT
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//botana.biz/;0.7044959351856708
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//botana.biz/;0.7044959351856708
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//botana.biz/;0.7044959351856708
Requested by
Host: botana.biz
URL: https://botana.biz/
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://botana.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Dec 2023 18:13:48 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Tue, 20 Dec 2022 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Dec 2023 18:13:48 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//botana.biz/;0.7044959351856708
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Tue, 20 Dec 2022 21:00:00 GMT
logo2.png
botana.biz/img/site/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://botana.biz/img/site/logo2.png
Requested by
Host: botana.biz
URL: https://botana.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.211.251.90 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
1684724.ds.had.pm
Software
nginx/1.16.1 /
Resource Hash
71613fef7855aefacd07d8448061e72e7dae7ddc2054295e10636a953e794d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://botana.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 18:13:48 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sun, 21 Oct 2018 18:02:08 GMT
Server
nginx/1.16.1
ETag
"5bccbf20-17ae"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6062
logo3.png
botana.biz/img/site/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://botana.biz/img/site/logo3.png
Requested by
Host: botana.biz
URL: https://botana.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.211.251.90 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
1684724.ds.had.pm
Software
nginx/1.16.1 /
Resource Hash
eaf2d923bc627181e21ce7bcb468efd6a33a043acc77f2c7971606b80252d0c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://botana.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 21 Dec 2023 18:13:48 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Sun, 21 Oct 2018 18:02:08 GMT
Server
nginx/1.16.1
ETag
"5bccbf20-fc8"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4040
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3908179200704798&plah=botana.biz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3908179200704798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
475d8462b03977de695bf3bc33c822937466d2573f4e973dda1908fa60444588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://botana.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 18:13:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137957
x-xss-protection
0
server
cafe
etag
15353218827874634055
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 18:13:48 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 8F9F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3908179200704798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://botana.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
15850
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 13:49:38 GMT
etag
5585625838579639069
expires
Thu, 04 Jan 2024 13:49:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
279d196f1fdbd21029b7.js
yastatic.net/partner-code-bundles/932847/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/932847/279d196f1fdbd21029b7.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
0f4aa00aad493aa40f695747027bd18a1190637e0f68ac6294212ad14cd2d2d4
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://botana.biz/
Origin
https://botana.biz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 18:13:48 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4783
last-modified
Wed, 20 Dec 2023 16:26:42 GMT
server
nginx/1.17.9
etag
"2c204b43832dd5ab0eb2f3a976357c4b"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 21 Dec 2053 00:48:24 GMT
e2aa3cf4134cea322ec6.js
yastatic.net/partner-code-bundles/932847/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/932847/e2aa3cf4134cea322ec6.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
df7c89122402b98f8b87689b1c1a29a2261e905af3ab2b20cc9925090d160ab6
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://botana.biz/
Origin
https://botana.biz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 18:13:48 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
7942
last-modified
Wed, 20 Dec 2023 16:26:43 GMT
server
nginx/1.17.9
etag
"71b976f2a1558782e6ae8c26b4bacd95"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 21 Dec 2053 00:48:24 GMT
62d0204a90c8913d1bf5.js
yastatic.net/partner-code-bundles/932847/ 		118 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/932847/62d0204a90c8913d1bf5.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
806f5545e878979e8e29306c114732c5c4e89ede7b9ce92a5d1b9000faf6e5bd
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://botana.biz/
Origin
https://botana.biz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 18:13:48 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
24658
last-modified
Wed, 20 Dec 2023 16:26:42 GMT
server
nginx/1.17.9
etag
"e3247a0a08c1ca83ddb8f4b0b2a44522"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 21 Dec 2053 00:48:24 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://botana.biz/
Origin
https://botana.biz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 18:13:48 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 21 Dec 2053 00:44:56 GMT
text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://botana.biz/
Origin
https://botana.biz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 18:13:48 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
26004
x-amz-meta-owner
{"role":"admin","login":"4eb0da"}
last-modified
Mon, 25 Apr 2022 14:02:39 GMT
server
nginx/1.17.9
etag
"7f0cdaf91230f9789ca4162aedff612e"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
2574404bc70a7849
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Dec 2024 00:02:09 GMT
654c135b37804fcc25c4.js
yastatic.net/partner-code-bundles/932847/ 		59 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/932847/654c135b37804fcc25c4.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
ed810479d0004c19919f0fc289ada5681f32edb8776845ceac617a165269dfa9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://botana.biz/
Origin
https://botana.biz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 18:13:48 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
14826
last-modified
Wed, 20 Dec 2023 16:26:42 GMT
server
nginx/1.17.9
etag
"1e0c06f219546d75ecbe62827ad536c2"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 21 Dec 2053 00:48:24 GMT
852a850fba4deded1d66.js
yastatic.net/partner-code-bundles/932847/ 		591 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/932847/852a850fba4deded1d66.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
2a55ccdeccd8e800f7673a5dfa567993f19cf63f895612973a0f1fb62ded1bba
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://botana.biz/
Origin
https://botana.biz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 18:13:48 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
115576
last-modified
Wed, 20 Dec 2023 16:26:42 GMT
server
nginx/1.17.9
etag
"326d9d74f9cde1410ed4fff16b93e557"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 21 Dec 2053 00:48:24 GMT
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10224.R7g0-WYLM8z_SEMzFach5oLZWiG5RdXQsgvoqvCtuEiASntjUR_7tbVpEU6uH0Cy.Zpu32GQI5QXJR2W-Uwm4z8qYG5w%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10224.hJa3wiRpdLyB-n446M2nApjQg0Nc77c_axQfNH-DL10S5VVsN_oB4HTuFIDt-d876tApixr1WM5aHW3ZJk0NZMHshQjqZoo1P1Cds_2Me5NzLnQ2xleg7_t2HlQHQ5OX9HkvPOLn1Q...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10224.4EANo0iPTSPMk334_KY6KLk3WN-4EaUBrR72vf1w0fForDay5GWC_wIT_jX1lQmVhrEnf1WW3ab-ihRpzjgoKYF8y2BG6PowCJrVdcRpdtD9z...
43 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10224.4EANo0iPTSPMk334_KY6KLk3WN-4EaUBrR72vf1w0fForDay5GWC_wIT_jX1lQmVhrEnf1WW3ab-ihRpzjgoKYF8y2BG6PowCJrVdcRpdtD9zu7Dn74nKwD1JZCstuWJ2WoAIeEeOgFM5dq3ieG6nJHbzyWPbHE4hsLszs3WkUuec7TDzB3hcTO5ytkD2-jn5f-1j4lXdePxt7sxXD3mAQ%2C%2C.hsH8_IHUC5v63_q5X_2lPWNFCWc%2C
Requested by
Host: botana.biz
URL: https://botana.biz/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://botana.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 18:13:48 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10224.4EANo0iPTSPMk334_KY6KLk3WN-4EaUBrR72vf1w0fForDay5GWC_wIT_jX1lQmVhrEnf1WW3ab-ihRpzjgoKYF8y2BG6PowCJrVdcRpdtD9zu7Dn74nKwD1JZCstuWJ2WoAIeEeOgFM5dq3ieG6nJHbzyWPbHE4hsLszs3WkUuec7TDzB3hcTO5ytkD2-jn5f-1j4lXdePxt7sxXD3mAQ%2C%2C.hsH8_IHUC5v63_q5X_2lPWNFCWc%2C
date
Thu, 21 Dec 2023 18:13:48 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: botana.biz
URL: https://botana.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://botana.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 18:13:48 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 21 Dec 2023 13:41:56 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"658440a4-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 21 Dec 2023 19:13:48 GMT
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8545f789d157443e285020e59d3ede5a7725a9ab6d03ebaa996ef57914d1685c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
ads
googleads.g.doubleclick.net/pagead/ Frame 83F1 		157 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3908179200704798&output=html&adk=1812271804&adf=3025194257&lmt=1703182428&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C236x1080_r&format=0x0&url=https%3A%2F%2Fbotana.biz%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703182428410&bpp=4&bdt=437&idt=286&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=981257303709&frm=20&pv=2&ga_vid=1707817181.1703182429&ga_sid=1703182429&ga_hid=2131191599&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079980%2C31080103%2C42532524%2C95320884%2C95321229&oid=2&pvsid=1650457004759093&tmod=1200865223&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=304
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3908179200704798&plah=botana.biz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4118cfb1bcf670ad5bbc330d3deed22e1ad43480c0536fbfe7e84ea7ea0716d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://botana.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
47675
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 18:13:49 GMT
expires
Thu, 21 Dec 2023 18:13:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=coockie_concest_alert&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: botana.biz
URL: https://botana.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://botana.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 18:13:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.com/watch/50871335/
Redirect Chain
  • https://mc.yandex.com/watch/50871335?wmode=7&page-url=https%3A%2F%2Fbotana.biz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US...
  • https://mc.yandex.com/watch/50871335/1?wmode=7&page-url=https%3A%2F%2Fbotana.biz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-...
420 B
583 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/50871335/1?wmode=7&page-url=https%3A%2F%2Fbotana.biz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1200%3Acn%3A1%3Adp%3A0%3Als%3A1582041347740%3Ahid%3A549858256%3Az%3A60%3Ai%3A20231221191348%3Aet%3A1703182429%3Ac%3A1%3Arn%3A985444118%3Arqn%3A1%3Au%3A1703182429955496268%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C61%2C59%2C29%2C69%2C0%2C%2C105%2C0%2C%2C%2C%2C326%3Aco%3A0%3Acpf%3A1%3Ans%3A1703182427771%3Afp%3A340%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703182429%3At%3A%D0%91%D0%B8%D0%B1%D0%BB%D0%B8%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8C%D0%BD%D1%8B%D1%85%20%D1%83%D1%87%D0%B5%D0%B1%D0%BD%D0%B8%D0%BA%D0%BE%D0%B2%20-%20%D0%91%D0%9E%D0%A2%D0%90%D0%9D&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
Requested by
Host: botana.biz
URL: https://botana.biz/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
0bbc6418f536e14e494e193142244cbda5d8c5a962f095a7545b6a7588f0a461
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://botana.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 18:13:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 21-Dec-2023 18:13:49 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://botana.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
420
x-xss-protection
1; mode=block
expires
Thu, 21-Dec-2023 18:13:49 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Dec 2023 18:13:48 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 21-Dec-2023 18:13:48 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/50871335/1?wmode=7&page-url=https%3A%2F%2Fbotana.biz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1200%3Acn%3A1%3Adp%3A0%3Als%3A1582041347740%3Ahid%3A549858256%3Az%3A60%3Ai%3A20231221191348%3Aet%3A1703182429%3Ac%3A1%3Arn%3A985444118%3Arqn%3A1%3Au%3A1703182429955496268%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C61%2C59%2C29%2C69%2C0%2C%2C105%2C0%2C%2C%2C%2C326%3Aco%3A0%3Acpf%3A1%3Ans%3A1703182427771%3Afp%3A340%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703182429%3At%3A%D0%91%D0%B8%D0%B1%D0%BB%D0%B8%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8C%D0%BD%D1%8B%D1%85%20%D1%83%D1%87%D0%B5%D0%B1%D0%BD%D0%B8%D0%BA%D0%BE%D0%B2%20-%20%D0%91%D0%9E%D0%A2%D0%90%D0%9D&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin
https://botana.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 21-Dec-2023 18:13:48 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3908179200704798&plah=botana.biz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab32ba389c75fe87316e4be2fd74b2ec7cda2138a84f5ef61e685a2f8ae07206
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://botana.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 18:13:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12153
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3908179200704798&plah=botana.biz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bab6ae0a4c6a9a815518d305531a595d2f765bdf0f6acd075802f63b463131c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://botana.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 18:13:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56012
x-xss-protection
0
server
cafe
etag
14413244254008050241
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 18:13:49 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3908179200704798&plah=botana.biz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://botana.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 18:13:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Dec 2023 18:13:49 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame F4B1 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3908179200704798&plah=botana.biz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://botana.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
50202
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 04:17:07 GMT
etag
5585625838579639069
expires
Thu, 04 Jan 2024 04:17:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame F4B1 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 21 Dec 2023 18:13:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 21 Dec 2023 16:37:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Dec 2023 18:13:49 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame F4B1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 09:13:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
32419
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 09:13:30 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame F4B1 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 09:13:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
32419
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 09:13:30 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame F4B1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 13:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
18188
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 13:10:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame F4B1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 09:13:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
32419
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 09:13:30 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F4B1 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 18:13:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Dec 2023 18:13:49 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame F4B1 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 09:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
118816
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 19 Mar 2024 09:13:33 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/17108265941738953672/ Frame F4B1 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17108265941738953672/6592766407814317453
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fbdcf883be3271218697a58edc99b1478cc6b921c2b053825d2da1b42cef21e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Wed, 18 Dec 2024 16:07:55 GMT
date
Tue, 19 Dec 2023 16:07:55 GMT
x-content-type-options
nosniff
age
180354
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41610
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 07:41:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
14763004658117789537
tpc.googlesyndication.com/simgad/1768017100413422343/ Frame F4B1 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1768017100413422343/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f9a035fbace74a2563116a60a25177d1be1da4f6ce482eef110990f356dff2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Wed, 18 Dec 2024 04:56:46 GMT
date
Tue, 19 Dec 2023 04:56:46 GMT
x-content-type-options
nosniff
age
220623
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9219
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 11:21:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DDBE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://botana.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
18175
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 13:10:54 GMT
expires
Fri, 20 Dec 2024 13:10:54 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 904F 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fe0b4c1937f80189d499a35d6b671a680843a789c5424aa017868a38cbd51882
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TPYeJZ9Sc_tws1tXAvbGAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://botana.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-TPYeJZ9Sc_tws1tXAvbGAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 18:13:49 GMT
expires
Thu, 21 Dec 2023 18:13:49 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/ Frame F4B1 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28bfbd9d64437ac7317f6edaaa49fdb2860465a9994ce77c0afbfd8be93a9cb3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 904F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=1650457004759093&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame DDBE 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 17:23:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
2993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 17:23:56 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F4B1 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 16:39:21 GMT
x-content-type-options
nosniff
age
524069
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 16:39:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F4B1 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:54:09 GMT
x-content-type-options
nosniff
age
206381
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 08:54:09 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame F4B1
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CH7s1XICEZaeDOO2Jpt8P0bmLuAKcmbD3dOmS6MyhEq-BuuPXAhABILau3ANgkYSghYwYoAHppunTKcgBCagDAcgDywSqBMsBT9AcR2u7iBCQVQiFljYLVVS69IAhWntxcs44UC3cBpiqb7-...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228933642878248586022%22,%22debug_reporting%22:true,%22destination%22:%22https://monica.im%22,%22event_report_window%22:%222...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228933642878248586022%22,%22debug_reporting%22:true,%22destination%22:%22https://monica.im%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211181642601%22],%2222%22:[%22true%22],%224%22:[%2212-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224286301158762485473%22}&andc=true
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 18:13:50 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"8933642878248586022","debug_reporting":true,"destination":"https://monica.im","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11181642601"],"22":["true"],"4":["12-21"],"6":["true"]},"priority":"500","source_event_id":"4286301158762485473"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 21 Dec 2023 18:13:50 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 21 Dec 2023 18:13:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8933642878248586022","debug_reporting":true,"destination":"https://monica.im","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11181642601"],"22":["true"],"4":["12-21"],"6":["true"]},"priority":"500","source_event_id":"4286301158762485473"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
pagead2.googlesyndication.com/bg/ Frame D061 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Requested by
Host: botana.biz
URL: https://botana.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 13:56:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
274634
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19933
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Dec 2024 13:56:36 GMT
generate_204
tpc.googlesyndication.com/ Frame DDBE 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?r_CPPg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 18:13:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228933642878248586022%22,%22debug_reporting%22:true,%22destination%22:%22https://monica.im%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211181642601%22],%2222%22:[%22true%22],%224%22:[%2212-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224286301158762485473%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 21 Dec 2023 18:13:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=1650457004759093&bg=!6eql6qXNAAY3kmNgF5I7ADQBe5WfOAfLaxvUquafUgEVYyqQFiYaQOwqq-803hFm9FdehrMuj4347jqARXsZYs7fBcw6AgAAAPJSAAAAAmgBB5kC_zkv0rNVlTtv6rZ6uka58TWU5OtSGvRDArgBsHXiWNjqZdapFX7ebrWTpzNrrFnO3qpFm-dSFbEl_lxHuWo6PMXY5gbbcWZ1r1FLaYCtUJ2GOX3IvxlbWzay2zyEUmoKJLTHKYqUspM8nFcPbKk6Vf_obezOO2yg0zusFJC57RUW1Ool6cxECZkCZIH2aPuCT0Uc-3xTWFSiO41oU8Wd1etDtwWQGqZI2CB_33FMCXuZnLL3ceeVEKFnKm_zahs8CrywHdTtLYsidVvzz96gcQK_6yJnr7ktcPbvtW-P1w4oOOE7A9cOO0bidvzoW8oxfbwTgNAYZBg2CtWATBxWe2P443cSaLNOBZy98TsGwMvK8LUJEfYZRXKzZD0zx_OGxLDW96fqeNcnCYC3g9xe-MK1BuBVbHIxgySwKe4FMSQkFuQe_Fuw1Gz3X-VftyBxddOPvxCODoXMgCAUTc0Tfte55adw3Gl9gwzYfBI9FkjBPjBrro2c3tlbar2BqBMMcmZkgZBSaFCWvWVhTGhJLYHvIEaCAmgoP419x96sWlO0AMEG_dEtD1qFrDceOq_RBx3mxwThnMrqZIVWzDSzUEcvXLsdDzdLmX7aJnl-uJio2FK3QWgr0Dp-qJpunjESpivPnj5O4TQQxGTtKxnpLXU6IiUs-Z6AjXTDBXRWS5LP7ii40F4LgAdlnlj0-OOz_dKK0Ahit8b6XumbLye1KyrtV5HOnu5JINy6vcTnmhr2H4fhjYZ-pxd4dnpJAj1-S2dXELwU0-cW8Anqb8tTRT4Ss8o-OoXZ6jLPe7ByCgILwhuPbjYNEg04gFRhPPmjwbHuc5UNO50Y6IeQyfMtEarhierHUYx2RyfQe6cWZN-40MimlI7t47-x1isyzeOohj87DfX2za_8rdfQydMZqz_qUfPFUwGELM_AyRbdXCzZWwT0pUzXapiGVCddbU8WzReh_ct9Ex--IKlAJR88nvJfwGPbV28eh3zks7PA-XXWyEgJfXPlm_rXZzUy30_J
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://botana.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame F4B1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfHWmkzDhPmgLjfhbdg4o9JN9X6RCb4xQmOnPnheJw_BLdeuFjqC3Ubf5wHjt_M8mPkpVp3y5S-q3grW6Z8v9o96FCYnQUymvMsTm3Fm9L103YuWTRLa_BfhX2ZdWCMnyUt91CUIBwNDKpNlzGz3AIN3yK&sai=AMfl-YSF7H94J6pdmMpexWBE5MGjlt6QiXtbI11_QnGXOvLrffuQ35h1-9cFzlq9OMw0_FMCj99QWKe_1wZkpmr2Uws0kUuep31Zmh0YihGvs8gYeNxfHrZoglYi1uZ4O0SXS6MiIKm8wMGc50dczCQh&sig=Cg0ArKJSzPVFyadKiFqsEAE&cid=CAQSTgAvHhf_Ob3NnwhO-O68l_TDjofM7URR-T9XxocpDFzxDH-2z3JiCydYKRlRCTFJ07ncIgBuP2hywSKMRkjR6dAivR2wafWNIkaNVFmEwRgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=105,788,1000,1024,1024&tos=105,683,212,24,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703182429609&rpt=375&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Dec 2023 18:13:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture object| yaContextCb function| Page_onkeydown function| selectText function| showdiv function| showdiv2 number| aa_speed boolean| aa_scroll function| prepod_scrollTop function| prepod_scrollBottom function| aa_getShareDlg function| aa_closeDlg object| share object| echo function| $ function| jQuery function| timer number| interval object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| cnc object| pcode_932847_default_2TooJCQLof object| Ya object| __activeTestIds object| __vasActiveTestIds object| __pcodeAllActiveTestIds number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| ya object| yaads object| yaCounter50871335 object| Sk function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages boolean| yandex_context_perf_logging object| $sf object| yaSafeFrameAsyncCallbacks object| google_llp object| GoogleGcLKhOms object| googletag

25 Cookies

Domain/Path Name / Value
.yandex.ru/ Name: yashr
Value: 2089048461703182428
.yadro.ru/ Name: FTID
Value: 1bX81S2fAFei1bX81S002G_x
.yadro.ru/ Name: VID
Value: 1p-aec1HHpOi1bX81S002H1L
.botana.biz/ Name: _ym_uid
Value: 1703182429955496268
.botana.biz/ Name: _ym_d
Value: 1703182429
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3194420398fake
.bro.dvanadva.ru/ Name: uuid
Value: 4df60bbc-10bf-4c1f-81f4-45e00f9d78b4
.yandex.com/ Name: i
Value: XnO9FL55AF1sCMiDnCEWCbJ0KnKcvubz/M5/N/ehn+KIlfRfXDZ2hbftA3AYPtroEQ76m5yS/1/eKbZBKOLgCOTVVYU=
.yandex.com/ Name: yandexuid
Value: 7828929431703182428
.botana.biz/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1583966513fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 7828929431703182428
.yandex.ru/ Name: yuidss
Value: 7828929431703182428
.yandex.ru/ Name: i
Value: XnO9FL55AF1sCMiDnCEWCbJ0KnKcvubz/M5/N/ehn+KIlfRfXDZ2hbftA3AYPtroEQ76m5yS/1/eKbZBKOLgCOTVVYU=
.yandex.ru/ Name: yp
Value: 1703268828.yu.1324649181703182428
.yandex.ru/ Name: ymex
Value: 1705774428.oyu.1324649181703182428
mc.yandex.com/ Name: yabs-sid
Value: 2286153591703182428
.yandex.com/ Name: yuidss
Value: 7828929431703182428
.yandex.com/ Name: ymex
Value: 1734718428.yrts.1703182428
.yandex.com/ Name: bh
Value: KgI/MA==
.botana.biz/ Name: __gads
Value: ID=4e3d21cb2d394335:T=1703182428:RT=1703182428:S=ALNI_MYd5f-bt1EWf_oU0EJCK0A6rMW3vQ
.botana.biz/ Name: __gpi
Value: UID=00000ce710245206:T=1703182428:RT=1703182428:S=ALNI_MYBDeeopHP8k8Q3wZL8kc9EcoCAsw
.doubleclick.net/ Name: IDE
Value: AHWqTUlsA6y19zbi8NmmWCe1JYpD1bGogsLVRQ7uQqWGuzmgLHEYk8RZR--V93gOsdQ
.googleadservices.com/ Name: ar_debug
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

botana.biz
bro.dvanadva.ru
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
yandex.ru
yastatic.net
172.217.16.194
185.177.94.152
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8:a::a
88.212.201.204
91.211.251.90
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0b5aa5c730cfe86174743369fcedd67a44e4790e6520cbb0a787a98e22b1f825
0bbc6418f536e14e494e193142244cbda5d8c5a962f095a7545b6a7588f0a461
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f4aa00aad493aa40f695747027bd18a1190637e0f68ac6294212ad14cd2d2d4
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
28bfbd9d64437ac7317f6edaaa49fdb2860465a9994ce77c0afbfd8be93a9cb3
2a0b654e663b8c597595d13b2f54795bebb80b4e86472f7c1244545276e4eca4
2a55ccdeccd8e800f7673a5dfa567993f19cf63f895612973a0f1fb62ded1bba
2ad75d93bc858c4798f45b0ba26446f8e0d94d42314e4bfef2e35a5676c8c3f4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fbdcf883be3271218697a58edc99b1478cc6b921c2b053825d2da1b42cef21e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
37bab04fa84dd5dad80da97585d39d25b06d06b68d78913b32c5508b72931ca5
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3e0fb6b833874d42258270ded7ddad8d2cb6adbf620fedffe4dd7b21501e9278
4118cfb1bcf670ad5bbc330d3deed22e1ad43480c0536fbfe7e84ea7ea0716d9
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
475d8462b03977de695bf3bc33c822937466d2573f4e973dda1908fa60444588
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6859eb6f5d5224c25022d26cb85d90f0cc1d4de0658a1251836835db556b6272
6e9be5e24aed59c35bdcbd6e57ed0088c881c2fe98e30144fe2102d54b8ee18c
71613fef7855aefacd07d8448061e72e7dae7ddc2054295e10636a953e794d36
79141cbae350af89a2d69c70f0337e14d3c2d30b435723609019b605d3cc7420
806f5545e878979e8e29306c114732c5c4e89ede7b9ce92a5d1b9000faf6e5bd
8545f789d157443e285020e59d3ede5a7725a9ab6d03ebaa996ef57914d1685c
87ac534c33b696dfce1ffa20f6cbaefb5c1080973f56e05685afb00a17f71d25
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
9f9a035fbace74a2563116a60a25177d1be1da4f6ce482eef110990f356dff2e
a2525cd1e36c14b6bfae9188d6275f2037f30cf3c460e3451aaabb3a9eb17090
ab0797b969b9541ddf2b0b916a1fbbe37726bed3c7b73f88e76ec44e21e06621
ab32ba389c75fe87316e4be2fd74b2ec7cda2138a84f5ef61e685a2f8ae07206
b0f885942967ce619680dcd2d2014cdb239446feeaddead5cd35de7953118adb
b22ce2b9d4d88edba0af4b54f96ae4b3a557a2234e4ca422fcf693b3e6baf7d2
bab6ae0a4c6a9a815518d305531a595d2f765bdf0f6acd075802f63b463131c8
cb17bd29f15ee64fb5ad964c780b0522fd2a55669b8b45c61aabf0490656795a
d30de3f750b57e84a1bb5bf2a6f9d37ea25eae78463548d8534167cd426383cf
df7c89122402b98f8b87689b1c1a29a2261e905af3ab2b20cc9925090d160ab6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126
eaf2d923bc627181e21ce7bcb468efd6a33a043acc77f2c7971606b80252d0c5
ed810479d0004c19919f0fc289ada5681f32edb8776845ceac617a165269dfa9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fe0b4c1937f80189d499a35d6b671a680843a789c5424aa017868a38cbd51882