gavgav.info Open in urlscan Pro
82.146.56.251 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://gavgav.info/
Submission Tags: tranco_l324
Submission: On November 07 via api (November 7th 2021, 10:11:16 am UTC) from DE — Scanned from DE

Summary HTTP 155 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 43 IPs in 4 countries across 46 domains to perform 155 HTTP transactions. The main IP is 82.146.56.251, located in Russian Federation and belongs to THEFIRST-AS, RU. The main domain is gavgav.info.

This is the only time gavgav.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	82.146.56.251 82.146.56.251	29182 (THEFIRST-AS) (THEFIRST-AS)
3	95.181.171.231 95.181.171.231	50214 (QWARTA) (QWARTA)
3 5	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2 3	2606:4700:20:... 2606:4700:20::681a:826	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a02:6b8:a::a 2a02:6b8:a::a	208722 (YNDX) (YNDX)
1	2606:4700:303... 2606:4700:3031::6815:582f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2 3	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1	62.171.136.180 62.171.136.180	51167 (CONTABO) (CONTABO)
4 9	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4 31	195.201.243.72 195.201.243.72	24940 (HETZNER-AS) (HETZNER-AS)
1 3	159.69.74.6 159.69.74.6	24940 (HETZNER-AS) (HETZNER-AS)
3 5	96.46.183.20 96.46.183.20	7979 (SERVERS-COM) (SERVERS-COM)
2 2	193.232.148.152 193.232.148.152	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2 2	195.209.108.46 195.209.108.46	52007 (ADRIVER-AS) (ADRIVER-AS)
2	81.222.128.214 81.222.128.214	20597 (ELTEL-AS) (ELTEL-AS)
1	2606:4700:303... 2606:4700:3039::6815:c03a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	194.190.117.94 194.190.117.94	204600 (REPUBLER-AS) (REPUBLER-AS)
2 4	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	37.18.103.16 37.18.103.16	205675 (HYBRID-AS) (HYBRID-AS)
2	185.15.175.144 185.15.175.144	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	138.201.65.68 138.201.65.68	24940 (HETZNER-AS) (HETZNER-AS)
2 2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1 1	109.248.237.37 109.248.237.37	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
1	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	95.163.37.253 95.163.37.253	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
3 3	188.34.131.134 188.34.131.134	24940 (HETZNER-AS) (HETZNER-AS)
3 4	88.99.214.77 88.99.214.77	24940 (HETZNER-AS) (HETZNER-AS)
3 3	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1 1	193.106.92.202 193.106.92.202	48614 (ITSOFT-AS) (ITSOFT-AS)
3 5	89.108.119.43 89.108.119.43	197695 (AS-REG) (AS-REG)
1 1	80.64.106.148 80.64.106.148	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1 1	37.9.245.57 37.9.245.57	16345 (BEE-AS Ru...) (BEE-AS Russia)
1 2	89.108.97.2 89.108.97.2	197695 (AS-REG) (AS-REG)
4 4	217.66.147.161 217.66.147.161	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
2 2	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1 1	176.9.158.88 176.9.158.88	24940 (HETZNER-AS) (HETZNER-AS)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	93.95.102.105 93.95.102.105	48347 (MTW-AS) (MTW-AS)
1 3	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
2	2606:4700:10:... 2606:4700:10::ac43:dab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	88.212.233.36 88.212.233.36	7979 (SERVERS-COM) (SERVERS-COM)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	176.99.7.123 176.99.7.123	49352 (LOGOL-AS) (LOGOL-AS)
1 2	185.15.175.145 185.15.175.145	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	176.99.5.169 176.99.5.169	49352 (LOGOL-AS) (LOGOL-AS)
1	178.63.43.235 178.63.43.235	24940 (HETZNER-AS) (HETZNER-AS)
155	43

17 82.146.56.251 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: pets-tree1.fvds.ru

gavgav.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.181.171.231 (Russian Federation)

ASN50214 (QWARTA, RU)
PTR: asrv231.qwarta.ru

cdn-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:826 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.telderi.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8:a::a (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

www.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:582f (United States)

ASN13335 (CLOUDFLARENET, US)

www.mypagerank.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.201.198 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.171.136.180 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: ip-180-136-171-62.static.contabo.net

ijes.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 195.201.243.72 (Germany) 4 redirects

ASN24940 (HETZNER-AS, DE)
PTR: regensburg.aucourant.info

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.69.74.6 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1290922.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 96.46.183.20 (United States) 3 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.152 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp13.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.46 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.214 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad14.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c03a (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.117.94 (Russian Federation) 2 redirects

ASN204600 (REPUBLER-AS, RU)
PTR: carp.bspb2.kavanga.ru

sync.republer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.172.81.160 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.158 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.103.16 (Netherlands)

ASN205675 (HYBRID-AS, RU)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.144 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.65.68 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.68.65.201.138.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.37 (Moscow, Russian Federation) 1 redirects

ASN201009 (SUPPORTIT-AS, RU)

stat.adlabs.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.66.35 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

adlmerge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.163.37.253 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: relap.io

relap.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.34.131.134 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.134.131.34.188.clients.your-server.de

adx.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.99.214.77 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88-99-214-77.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.16.14 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.106.92.202 (Russian Federation) 1 redirects

ASN48614 (ITSOFT-AS, RU)
PTR: mail.proboard.ru

prodmp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 89.108.119.43 (Russian Federation) 3 redirects

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.148 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr3.rutarget.ru

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.9.245.57 (Russian Federation) 1 redirects

ASN16345 (BEE-AS Russia, RU)

0100007f3ea687617900f91a028dc43b-sp.ops.beeline.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.97.2 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru

ut.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.66.147.161 (St Petersburg, Russian Federation) 4 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-161-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.87.44.187 (Moscow, Russian Federation) 2 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.158.88 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88.158.9.176.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

fcgi4.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:dab (United States)

ASN13335 (CLOUDFLARENET, US)

s3.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.233.36 (Russian Federation)

ASN7979 (SERVERS-COM, US)

api.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.99.7.123 (Russian Federation)

ASN49352 (LOGOL-AS, RU)
PTR: d40665.acod.regrucolo.ru

co9.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.145 (Russian Federation) 1 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.99.5.169 (Russian Federation)

ASN49352 (LOGOL-AS, RU)
PTR: d41257.acod.regrucolo.ru

tg.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.63.43.235 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.235.43.63.178.clients.your-server.de

ssp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	acint.net 4 redirects www.acint.net acint.net	18 KB
30	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	333 KB
17	gavgav.info gavgav.info	150 KB
16	doubleclick.net 2 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	115 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	92 KB
7	yandex.com 3 redirects mc.yandex.com	4 KB
7	yandex.ru 3 redirects www.yandex.ru mc.yandex.ru an.yandex.ru	49 KB
6	mts.ru 6 redirects sm.rtb.mts.ru tech.rtb.mts.ru	4 KB
6	google.com 3 redirects www.google.com adservice.google.com	940 B
6	sape.ru 1 redirects cdn-rtb.sape.ru ssp-rtb.sape.ru	401 KB
5	aidata.io 3 redirects x01.aidata.io	2 KB
5	betweendigital.com 3 redirects ads.betweendigital.com	6 KB
4	googletagservices.com www.googletagservices.com	148 KB
4	rktch.com 1 redirects ut.rktch.com co9.rktch.com tg.rktch.com	4 KB
4	1dmp.io 3 redirects sync.1dmp.io	2 KB
4	bumlam.com 2 redirects sync.bumlam.com	2 KB
4	adriver.ru 2 redirects ad.adriver.ru ssp.adriver.ru	2 KB
4	digitaltarget.ru dmg.digitaltarget.ru Failed tag.digitaltarget.ru	20 KB
3	advarkads.com s3.advarkads.com api.advarkads.com	8 KB
3	weborama.fr 3 redirects redirect.frontend.weborama.fr	951 B
3	com.ru 3 redirects adx.com.ru	1 KB
3	yadro.ru 2 redirects counter.yadro.ru	1 KB
3	telderi.ru 2 redirects www.telderi.ru	2 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	otm-r.com sync.dmp.otm-r.com ssp.otm-r.com	367 B
2	adsniper.ru 2 redirects sync3.adsniper.ru	1 KB
2	republer.com 2 redirects sync.republer.com	948 B
2	adhigh.net 2 redirects px.adhigh.net	827 B
2	google-analytics.com www.google-analytics.com	7 KB
1	gnezdo.ru fcgi4.gnezdo.ru	189 B
1	uuidksinc.net 1 redirects s.uuidksinc.net	206 B
1	buzzoola.com 1 redirects exchange.buzzoola.com	176 B
1	beeline.ru 1 redirects 0100007f3ea687617900f91a028dc43b-sp.ops.beeline.ru	635 B
1	rutarget.ru 1 redirects sape-sync.rutarget.ru	416 B
1	prodmp.ru 1 redirects prodmp.ru	278 B
1	relap.io relap.io	1016 B
1	adlmerge.com adlmerge.com	115 B
1	adlabs.ru 1 redirects stat.adlabs.ru	108 B
1	hybrid.ai dm-eu.hybrid.ai	238 B
1	utraff.com a.utraff.com	818 B
1	mail.ru ad.mail.ru	764 B
1	google.de adservice.google.de	792 B
1	googleadservices.com partner.googleadservices.com	636 B
1	ijes.ru ijes.ru
1	mypagerank.net www.mypagerank.net	1 KB
0	new-programmatic.com Failed match.new-programmatic.com Failed
155	46

	Domain	Requested by
28	www.acint.net	4 redirects cdn-rtb.sape.ru gavgav.info www.acint.net
19	tpc.googlesyndication.com	googleads.g.doubleclick.net
17	gavgav.info	gavgav.info
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
11	pagead2.googlesyndication.com	gavgav.info pagead2.googlesyndication.com www.gstatic.com googleads.g.doubleclick.net www.googletagservices.com
7	mc.yandex.com	3 redirects gavgav.info
5	www.gstatic.com	googleads.g.doubleclick.net
5	x01.aidata.io	3 redirects www.acint.net
5	ads.betweendigital.com	3 redirects www.acint.net cdn-rtb.sape.ru
5	www.google.com	3 redirects gavgav.info
4	www.googletagservices.com	googleads.g.doubleclick.net
4	sm.rtb.mts.ru	4 redirects
4	sync.1dmp.io	3 redirects www.acint.net
4	sync.bumlam.com	2 redirects www.acint.net
3	fonts.gstatic.com	fonts.googleapis.com
3	an.yandex.ru	1 redirects www.acint.net
3	redirect.frontend.weborama.fr	3 redirects
3	adx.com.ru	3 redirects
3	acint.net	www.acint.net
3	ssp-rtb.sape.ru	1 redirects cdn-rtb.sape.ru
3	counter.yadro.ru	2 redirects gavgav.info
3	www.telderi.ru	2 redirects gavgav.info
3	cdn-rtb.sape.ru	gavgav.info cdn-rtb.sape.ru
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	s3.advarkads.com	www.acint.net s3.advarkads.com
2	tech.rtb.mts.ru	2 redirects
2	ut.rktch.com	1 redirects www.acint.net
2	cm.g.doubleclick.net	2 redirects
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	sync3.adsniper.ru	2 redirects
2	sync.republer.com	2 redirects
2	ssp.adriver.ru	www.acint.net
2	ad.adriver.ru	2 redirects
2	px.adhigh.net	2 redirects
2	mc.yandex.ru	1 redirects gavgav.info
2	dmg.digitaltarget.ru	gavgav.info www.acint.net
2	www.google-analytics.com	gavgav.info
2	www.yandex.ru	1 redirects gavgav.info
1	ssp.otm-r.com	cdn-rtb.sape.ru
1	tg.rktch.com	co9.rktch.com
1	co9.rktch.com	cdn-rtb.sape.ru
1	api.advarkads.com	s3.advarkads.com
1	fcgi4.gnezdo.ru	www.acint.net
1	s.uuidksinc.net	1 redirects
1	exchange.buzzoola.com	1 redirects
1	0100007f3ea687617900f91a028dc43b-sp.ops.beeline.ru	1 redirects
1	sape-sync.rutarget.ru	1 redirects
1	prodmp.ru	1 redirects
1	relap.io	www.acint.net
1	adlmerge.com	www.acint.net
1	stat.adlabs.ru	1 redirects
1	sync.dmp.otm-r.com	www.acint.net
1	dm-eu.hybrid.ai	www.acint.net
1	a.utraff.com	www.acint.net
1	ad.mail.ru	www.acint.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ijes.ru	gavgav.info
1	www.mypagerank.net	gavgav.info
0	match.new-programmatic.com Failed	www.acint.net
155	61

This site contains links to these domains. Also see Links.

Domain
www.telderi.ru
click.hotlog.ru
www.liveinternet.ru
www.yandex.ru
www.mypagerank.net
ijes.ru
www.gavgav.info
agro-russland.net
pornoreka.tv
www.ikarhomecenter.ru
www.phpms.ru

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.acint.net R3	`2021-10-14` - `2022-01-12`	3 months	crt.sh
*.sape.ru R3	`2021-10-15` - `2022-01-13`	3 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
tag.digitaltarget.ru R3	`2021-10-09` - `2022-01-07`	3 months	crt.sh
sync.dmp.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-18` - `2022-06-18`	a year	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
relap.io GeoTrust RSA CA 2018	`2021-08-26` - `2022-09-26`	a year	crt.sh
fcgi4.gnezdo.ru R3	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.bumlam.com R3	`2021-09-13` - `2021-12-12`	3 months	crt.sh
advarkads.com Cloudflare Inc ECC CA-3	`2021-06-08` - `2022-06-07`	a year	crt.sh
*.advarkads.com GlobalSign GCC R3 DV TLS CA 2020	`2020-12-03` - `2022-01-04`	a year	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-19` - `2021-12-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
tg.rktch.com R3	`2021-09-28` - `2021-12-27`	3 months	crt.sh
*.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-11` - `2022-06-10`	a year	crt.sh

This page contains 18 frames:

Primary Page: http://gavgav.info/
Frame ID: 4CDDF4ED563FD3BCF65FB8DFC843BC9A
Requests: 59 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7934288943919642&output=html&h=60&adk=2331619251&adf=3459545230&w=120&lmt=1465823594&channel=3199118144&format=120x60_as_rimg&url=http%3A%2F%2Fgavgav.info%2F&flash=0&wgl=1&dt=1636279870770&bpp=16&bdt=174&idt=116&shv=r20211103&mjsv=m202111020101&ptt=5&saldr=sa&abxe=1&correlator=4463890956446&frm=20&pv=2&ga_vid=808855875.1636279871&ga_sid=1636279871&ga_hid=1872902040&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=27&ady=599&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31061690&oid=2&pvsid=363115766557444&pem=469&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=wdjYWTOucD&p=http%3A//gavgav.info&dtd=134
Frame ID: 1A12CFF4131DB39EED2811B75B7B59ED
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7934288943919642&output=html&h=125&adk=1243831463&adf=3753310071&w=125&lmt=1465823594&ad_type=text_image&format=125x125_as&color_bg=DFEFFF&color_border=6C82B5&color_link=000000&color_text=000000&color_url=008000&url=http%3A%2F%2Fgavgav.info%2F&flash=0&wgl=1&dt=1636279870787&bpp=3&bdt=192&idt=126&shv=r20211103&mjsv=m202111020101&ptt=5&saldr=sa&abxe=1&prev_fmts=120x60_as_rimg&correlator=4463890956446&frm=20&pv=1&ga_vid=808855875.1636279871&ga_sid=1636279871&ga_hid=1872902040&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=24&ady=672&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31061690&oid=2&pvsid=363115766557444&pem=469&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=4h3ugzFjNJ&p=http%3A//gavgav.info&dtd=139
Frame ID: 10DE87DB06A69A149983FAA02EA166F2
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7934288943919642&output=html&h=60&adk=1439102223&adf=461257661&w=468&lmt=1465823594&channel=5259868405&ad_type=text_image&format=468x60_as&color_bg=EEF2F7&color_border=FFFFFF&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Fgavgav.info%2F&flash=0&wgl=1&dt=1636279870798&bpp=5&bdt=203&idt=134&shv=r20211103&mjsv=m202111020101&ptt=5&saldr=sa&abxe=1&prev_fmts=120x60_as_rimg%2C125x125_as&correlator=4463890956446&frm=20&pv=1&ga_vid=808855875.1636279871&ga_sid=1636279871&ga_hid=1872902040&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=440&ady=338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31061690&oid=2&pvsid=363115766557444&pem=469&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=gg17lcBNAn&p=http%3A//gavgav.info&dtd=137
Frame ID: CD0F295BEFE2DD3C7C57E892AFE0DF64
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7934288943919642&output=html&h=60&adk=1885754182&adf=2570426279&w=468&lmt=1465823594&channel=5259868405&ad_type=text_image&format=468x60_as&color_bg=EEF2F7&color_border=FFFFFF&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Fgavgav.info%2F&flash=0&wgl=1&dt=1636279870820&bpp=3&bdt=224&idt=130&shv=r20211103&mjsv=m202111020101&ptt=5&saldr=sa&abxe=1&prev_fmts=120x60_as_rimg%2C125x125_as%2C468x60_as&correlator=4463890956446&pv_ch=5259868405%2B&frm=20&pv=1&ga_vid=808855875.1636279871&ga_sid=1636279871&ga_hid=1872902040&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=653&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31061690&oid=2&pvsid=363115766557444&pem=469&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=zsCEWEgYGf&p=http%3A//gavgav.info&dtd=135
Frame ID: D85FFF5F53DA9AFE1E7904C652A6EC86
Requests: 12 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=14
Frame ID: 60411040BFCF0C0C08FEC1808E03A7A8
Requests: 32 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F3EA687617900F91A028DC43B
Frame ID: 66EABCD6C05AE66B52D608722765BC67
Requests: 3 HTTP requests in this frame

Frame: https://cdn-rtb.sape.ru/js/prebid/prebid-between-5.19.0.js
Frame ID: 5D8A6D9A20356AF9AF176F8DD2872CA6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EC6438FC89F936DE60BA3847E36B1C00
Requests: 2 HTTP requests in this frame

Frame: http://co9.rktch.com/static/rb.js
Frame ID: 4E61BD6A5FE52FEBD2129782A4356D67
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Frame ID: 7F9962E20E06095D2D594C6F6316DFDA
Requests: 1 HTTP requests in this frame

Frame: https://tg.rktch.com/v0?i=11679&p=1&vw=240&vh=400&sw=1600&sh=1200&rk=yyfshL&url=http%3A%2F%2Fgavgav.info%2F&siteid=161590485
Frame ID: 22195E226EECEED4F244D1813573198C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FFFF62943CA249D6089DAEE86AF9DA41
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A9A920A0A025C6E8D0362B4AEC10C813
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Frame ID: A7DD6A226228E7020D04766E521498F3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Frame ID: 1D3697ADB0C99E2092F8E0628E90D099
Requests: 1 HTTP requests in this frame

Frame: https://cdn-rtb.sape.ru/js/prebid/prebid-otm-4.43.4.js
Frame ID: 7D53CAAB1E6F84B8BF4E318E32705B32
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Frame ID: 297339BD663B48B0867F41A550273640
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Гав-Гав.Инфо Собачий портал.

Page Statistics

155
Requests

64 %
HTTPS

32 %
IPv6

46
Domains

61
Subdomains

43
IPs

4
Countries

1357 kB
Transfer

2572 kB
Size

96
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://www.telderi.ru/ru/viewsite/605294/pid/5ebf9f

Search URL Search Domain Scan URL

URL: http://click.hotlog.ru/?392037

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: http://www.yandex.ru/cy?base=0&host=www.gavgav.info

Search URL Search Domain Scan URL

URL: http://www.mypagerank.net/

Search URL Search Domain Scan URL

URL: http://ijes.ru/?gavgav.info

Search URL Search Domain Scan URL

URL: http://www.gavgav.info/index.php?tree=4&cat=0
Title: Информация от наших партнеров

Search URL Search Domain Scan URL

URL: http://agro-russland.net/
Title: Агронет

Search URL Search Domain Scan URL

URL: https://pornoreka.tv/categories/full-length-porn-movies/
Title: Фильмы +18

Search URL Search Domain Scan URL

URL: http://www.ikarhomecenter.ru/
Title: Ikar

Search URL Search Domain Scan URL

URL: http://www.phpms.ru/
Title: phpMS

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

http://www.telderi.ru/uploads/promote/12/129186e8479112fbf27111314f31f816.png HTTP 301
https://www.telderi.ru/uploads/promote/12/129186e8479112fbf27111314f31f816.png HTTP 302
https://www.telderi.ru/ru/uploads/promote/12/129186e8479112fbf27111314f31f816.png

Request Chain 9

http://www.yandex.ru/cycounter?www.gavgav.info HTTP 302
https://www.yandex.ru/cycounter?www.gavgav.info

Request Chain 15

http://www.google-analytics.com/urchin.js HTTP 307
https://www.google-analytics.com/urchin.js

Request Chain 23

http://hit19.hotlog.ru/cgi-bin/hotlog/count?0.9557844838002496&s=392037&im=134&r=&pg=http%3A//gavgav.info/&c=Y&j=N&wh=1600x1200&px=24&js=1.3& HTTP 302
http://hit19.hotlog.ru/cgi-bin/hotlog/count?0.9557844838002496&s=392037&im=134&r=&pg=http%3A//gavgav.info/&c=Y&j=N&wh=1600x1200&px=24&js=1.3&&hl_ignore=Y HTTP 302
http://hit19.hotlog.ru/cgi-bin/hotlog/count?0.9557844838002496&s=392037&im=134&r=&pg=http%3A//gavgav.info/&c=Y&j=N&wh=1600x1200&px=24&js=1.3&&hl_ignore=Y&hl_ignore=Y HTTP 302
https://dmg.digitaltarget.ru/1/19/i/i?a=19&e=4506dd90634f65d7758364cfb62b9c&i=1481397027&r=https://hit19.hotlog.ru/cgi-bin/hotlog/count?s%3D392037%26im%3D134%26hl_hitback%3DY HTTP 307
https://dmg.digitaltarget.ru/awg/custom/19/i/i?call_source=awg&a=19&e=4506dd90634f65d7758364cfb62b9c&i=1481397027&r=https://hit19.hotlog.ru/cgi-bin/hotlog/count?s%3D392037%26im%3D134%26hl_hitback%3DY

Request Chain 24

http://counter.yadro.ru/hit?t26.6;r;s1600*1200*24;uhttp%3A//gavgav.info/;0.25612492677781207 HTTP 302
https://counter.yadro.ru/hit?t26.6;r;s1600*1200*24;uhttp%3A//gavgav.info/;0.25612492677781207 HTTP 302
https://counter.yadro.ru/hit?q;t26.6;r;s1600*1200*24;uhttp%3A//gavgav.info/;0.25612492677781207

Request Chain 28

http://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=808855875&utmcs=windows-1251&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%D0%93%D0%B0%D0%B2-%D0%93%D0%B0%D0%B2.%D0%98%D0%BD%D1%84%D0%BE%20%D0%A1%D0%BE%D0%B1%D0%B0%D1%87%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB.&utmhn=gavgav.info&utmhid=1872902040&utmr=-&utmp=/&utmac=UA-2428292-1&utmcc=__utma%3D119371551.808855875.1636279871.1636279871.1636279871.1%3B%2B__utmz%3D119371551.1636279871.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B HTTP 307
https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=808855875&utmcs=windows-1251&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%D0%93%D0%B0%D0%B2-%D0%93%D0%B0%D0%B2.%D0%98%D0%BD%D1%84%D0%BE%20%D0%A1%D0%BE%D0%B1%D0%B0%D1%87%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB.&utmhn=gavgav.info&utmhid=1872902040&utmr=-&utmp=/&utmac=UA-2428292-1&utmcc=__utma%3D119371551.808855875.1636279871.1636279871.1636279871.1%3B%2B__utmz%3D119371551.1636279871.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B

Request Chain 42

https://mc.yandex.com/sync_cookie_image_check?t=ti(4) HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9450.yIdcvD94EE4ADllMTLaeqC0QrSTjDxldtd56Xr4tbnUVi_31mZEfpMHj-oS6pwRz.nTjJK8Um_8jq6YHmp4YkJtb8ahg%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9450.nCXVoe2xAaZ1FWayefV_BpumG7ceQ8lOT1YfsVBocNckEBJz_396hEwsqW0kKo_MPeJ2IzziIXPaf-wLLWU-Kw%2C%2C.gQAgyIDNUwI7UR9hR3BFAJg-Q1o%2C

Request Chain 44

http://www.acint.net/mc/?dp=14 HTTP 302
https://www.acint.net/mc/?dp=14

Request Chain 45

http://www.acint.net/hit/?v=0.3.0&uid=59acea3e-8743-4c05-a6f5-867bfc9d480a&dp=14&tz=%2B00%3A00&nc=71795227&u=http%3A%2F%2Fgavgav.info%2F&r=&rs=1600x1200&t=%D0%93%D0%B0%D0%B2-%D0%93%D0%B0%D0%B2.%D0%98%D0%BD%D1%84%D0%BE%20%D0%A1%D0%BE%D0%B1%D0%B0%D1%87%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB.&oE=1&oP=1&dT=2021-11-07T10%3A11%3A11.016&fu=2e330588-a43e-449b-aaef-b97d55e38991 HTTP 302
https://www.acint.net/hit/?v=0.3.0&uid=59acea3e-8743-4c05-a6f5-867bfc9d480a&dp=14&tz=%2B00%3A00&nc=71795227&u=http%3A%2F%2Fgavgav.info%2F&r=&rs=1600x1200&t=%D0%93%D0%B0%D0%B2-%D0%93%D0%B0%D0%B2.%D0%98%D0%BD%D1%84%D0%BE%20%D0%A1%D0%BE%D0%B1%D0%B0%D1%87%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB.&oE=1&oP=1&dT=2021-11-07T10%3A11%3A11.016&fu=2e330588-a43e-449b-aaef-b97d55e38991

Request Chain 46

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F3EA687617900F91A028DC43B HTTP 302
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F3EA687617900F91A028DC43B&crf=1

Request Chain 47

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=0100007F3EA6876186002DAE0229575D

Request Chain 48

https://px.adhigh.net/p/cm/sape?u=0100007F3EA687617900F91A028DC43B HTTP 302
https://px.adhigh.net/p/cm/sape?u=0100007F3EA687617900F91A028DC43B&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=M58lZLDIFGK.AikABlF8-eFm4Q

Request Chain 50

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4995560509 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=Alt2FvSWNC5iX59jF0DPXvg&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F3EA687617900F91A028DC43B

Request Chain 52

https://sync.republer.com/match?dsp=sape HTTP 307
https://sync.republer.com/match?dsp=sape&qset=1 HTTP 307
https://sync.bumlam.com/?src=rp1&uid=4dbc0bda-85cc-45f8-9eeb-594eecfcb772 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABi_zJ6MBlIEioaQK2IkNGRiYzBiZGEtODVjYy00NWY4LTllZWItNTk0ZWVjZmNiNzcy HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARi_zJ6MBlIEioaQK2IkNGRiYzBiZGEtODVjYy00NWY4LTllZWItNTk0ZWVjZmNiNzcyogEQCGe-vj-zEeyG4AAlkMBkfA** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQABi_zJ6MBmIkNGRiYzBiZGEtODVjYy00NWY4LTllZWItNTk0ZWVjZmNiNzcyogEQCGe-vj-zEeyG4AAlkMBkfA** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQARi_zJ6MBmIkNGRiYzBiZGEtODVjYy00NWY4LTllZWItNTk0ZWVjZmNiNzcyogEQCGe-vj-zEeyG4AAlkMBkfA**

Request Chain 56

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfz6mh2F5APkaAo3EOw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfz6mh2F5APkaAo3EOw&google_tc= HTTP 302
https://www.acint.net/match?dp=77&euid=

Request Chain 57

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F3EA687617900F91A028DC43B HTTP 302
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F3EA687617900F91A028DC43B

Request Chain 60

https://adx.com.ru/sape-sync?uid=0100007F3EA687617900F91A028DC43B HTTP 302
https://adx.com.ru/sync?sspKey=25&sspUserID=0100007F3EA687617900F91A028DC43B HTTP 302
https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=6187a63fa897d8bfb7ec57a4&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru%252Fweborama-sync%253Furl%253Dhttps%25253A%25252F%25252Fprodmp.ru%25252Fyabbi.gif%25253Fuid%25253D6187a63fa897d8bfb7ec57a4%252526r%25253Dhttps%2525253A%2525252F%2525252Fx01.aidata.io%2525252F0.gif%2525253Fpid%2525253D9712851%25252526id%2525253D6187a63fa897d8bfb7ec57a4%25252526dest%2525253D%2526webouid%253D%7BWEBO_CID%7D HTTP 302
https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=6187a63fa897d8bfb7ec57a4&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru%252Fweborama-sync%253Furl%253Dhttps%25253A%25252F%25252Fprodmp.ru%25252Fyabbi.gif%25253Fuid%25253D6187a63fa897d8bfb7ec57a4%252526r%25253Dhttps%2525253A%2525252F%2525252Fx01.aidata.io%2525252F0.gif%2525253Fpid%2525253D9712851%25252526id%2525253D6187a63fa897d8bfb7ec57a4%25252526dest%2525253D%2526webouid%253D%7BWEBO_CID%7D&cs=1 HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D6187a63fa897d8bfb7ec57a4%2526r%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253D9712851%252526id%25253D6187a63fa897d8bfb7ec57a4%252526dest%25253D%26webouid%3D{WEBO_CID} HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D6187a63fa897d8bfb7ec57a4%2526r%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253D9712851%252526id%25253D6187a63fa897d8bfb7ec57a4%252526dest%25253D%26webouid%3D%7BWEBO_CID%7D&bounce=1&random=3878139706 HTTP 302
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D6187a63fa897d8bfb7ec57a4%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D6187a63fa897d8bfb7ec57a4%2526dest%253D&webouid=.XbZfHpoirO8f1rCWeXl9u HTTP 302
https://prodmp.ru/yabbi.gif?uid=6187a63fa897d8bfb7ec57a4&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D6187a63fa897d8bfb7ec57a4%26dest%3D HTTP 302
https://x01.aidata.io/0.gif?pid=9712851&id=6187a63fa897d8bfb7ec57a4&dest= HTTP 302
https://x01.aidata.io/0.gif?pid=9712851&id=6187a63fa897d8bfb7ec57a4&dest=&bounce=1

Request Chain 61

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F3EA687617900F91A028DC43B HTTP 302
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F3EA687617900F91A028DC43B&cs=1

Request Chain 62

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=6BE4tNBl8TZN

Request Chain 63

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://acint.net/match?dp=107&euid=61233898-6426-5337-b348-cd02d2cf6b3d

Request Chain 64

https://0100007f3ea687617900f91a028dc43b-sp.ops.beeline.ru/p?ssp=sp&id=0100007F3EA687617900F91A028DC43B HTTP 301
https://www.acint.net/match?dp=111&euid=7e5bd8c9-69e2-4a3f-a878-936d469d4a03

Request Chain 65

https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F3EA687617900F91A028DC43B HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP 302
https://ut.rktch.com/matchspm?pi=1000006&pui=.XbZfHpoirO8f1rCWeXl9u&noredirect

Request Chain 66

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F3EA687617900F91A028DC43B HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F3EA687617900F91A028DC43B HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=5807629d-56df-441b-8742-377df70cc284&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D30%2526em%253D7%2526ssp%253Daidata%2526id%253D%2524UID HTTP 302
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D7%26ssp%3Daidata%26id%3D%24UID

Request Chain 67

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=4cd133d3-7efb-48de-51d9-237ab82f65dc

Request Chain 68

https://s.uuidksinc.net/match/396/0100007F3EA687617900F91A028DC43B HTTP 302
https://www.acint.net/match?dp=127&euid=9BfsFfGf7nu78hksEy0T

Request Chain 71

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F3EA687617900F91A028DC43B HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F3EA687617900F91A028DC43B&bounce=1 HTTP 302
https://sm.rtb.mts.ru/p?ssp=aidata&id=z%2B9abbNEKjcgRJWUxwGeyA HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=51&exu=z%2B9abbNEKjcgRJWUxwGeyA HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=5807629d-56df-441b-8742-377df70cc284&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FWAdinVbfRBuHQjd99wzChA%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D51%2526em%253D4%2526exu%253Dz%25252B9abbNEKjcgRJWUxwGeyA%26sign%3D3726058337 HTTP 302
https://an.yandex.ru/setud/mts_banner/WAdinVbfRBuHQjd99wzChA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D4%26exu%3Dz%252B9abbNEKjcgRJWUxwGeyA&sign=3726058337

Request Chain 73

https://an.yandex.ru/mapuid/sapeis/0100007F3EA687617900F91A028DC43B HTTP 302
https://an.yandex.ru/mapuid/sapeis/0100007F3EA687617900F91A028DC43B?redir-setuniq=1

Request Chain 82

https://mc.yandex.com/watch/71281900?wmode=7&page-url=http%3A%2F%2Fgavgav.info%2F&charset=utf-8&site-info=%7B%22site_id%22%3A31274%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyymqkmizds872r%3Afp%3A479%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A680%3Acn%3A2%3Adp%3A0%3Als%3A7749796027%3Ahid%3A1921646%3Az%3A0%3Ai%3A2021110701011010%3Aet%3A1636279871%3Ac%3A1%3Arn%3A482197726%3Arqn%3A1%3Au%3A1636279871367482018%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1636279870262%3Ads%3A202%2C5%2C125%2C43%2C0%2C0%2C%2C232%2C0%2C%2C%2C%2C566%3Adsn%3A201%2C5%2C125%2C43%2C%2C0%2C%2C191%2C0%2C%2C%2C%2C566%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1636279871%3At%3A%D0%93%D0%B0%D0%B2-%D0%93%D0%B0%D0%B2.%D0%98%D0%BD%D1%84%D0%BE%20%D0%A1%D0%BE%D0%B1%D0%B0%D1%87%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB.&t=gdpr(14)ti(2) HTTP 302
https://mc.yandex.com/watch/71281900/1?wmode=7&page-url=http%3A%2F%2Fgavgav.info%2F&charset=utf-8&site-info=%7B%22site_id%22%3A31274%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyymqkmizds872r%3Afp%3A479%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A680%3Acn%3A2%3Adp%3A0%3Als%3A7749796027%3Ahid%3A1921646%3Az%3A0%3Ai%3A2021110701011010%3Aet%3A1636279871%3Ac%3A1%3Arn%3A482197726%3Arqn%3A1%3Au%3A1636279871367482018%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1636279870262%3Ads%3A202%2C5%2C125%2C43%2C0%2C0%2C%2C232%2C0%2C%2C%2C%2C566%3Adsn%3A201%2C5%2C125%2C43%2C%2C0%2C%2C191%2C0%2C%2C%2C%2C566%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1636279871%3At%3A%D0%93%D0%B0%D0%B2-%D0%93%D0%B0%D0%B2.%D0%98%D0%BD%D1%84%D0%BE%20%D0%A1%D0%BE%D0%B1%D0%B0%D1%87%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB.&t=gdpr%2814%29ti%282%29

Request Chain 83

https://mc.yandex.com/watch/39014500?wmode=7&page-url=http%3A%2F%2Fgavgav.info%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyymqkmizds872r%3Afp%3A479%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A680%3Acn%3A1%3Adp%3A0%3Als%3A770680831885%3Ahid%3A1921646%3Az%3A0%3Ai%3A2021110701011010%3Aet%3A1636279871%3Ac%3A1%3Arn%3A89128119%3Arqn%3A1%3Au%3A1636279871367482018%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1636279870262%3Ads%3A202%2C5%2C125%2C43%2C0%2C0%2C%2C232%2C0%2C%2C%2C%2C566%3Adsn%3A201%2C5%2C125%2C43%2C%2C0%2C%2C191%2C0%2C%2C%2C%2C566%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1636279871%3At%3A%D0%93%D0%B0%D0%B2-%D0%93%D0%B0%D0%B2.%D0%98%D0%BD%D1%84%D0%BE%20%D0%A1%D0%BE%D0%B1%D0%B0%D1%87%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB.&t=gdpr(14)ti(2) HTTP 302
https://mc.yandex.com/watch/39014500/1?wmode=7&page-url=http%3A%2F%2Fgavgav.info%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyymqkmizds872r%3Afp%3A479%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A680%3Acn%3A1%3Adp%3A0%3Als%3A770680831885%3Ahid%3A1921646%3Az%3A0%3Ai%3A2021110701011010%3Aet%3A1636279871%3Ac%3A1%3Arn%3A89128119%3Arqn%3A1%3Au%3A1636279871367482018%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1636279870262%3Ads%3A202%2C5%2C125%2C43%2C0%2C0%2C%2C232%2C0%2C%2C%2C%2C566%3Adsn%3A201%2C5%2C125%2C43%2C%2C0%2C%2C191%2C0%2C%2C%2C%2C566%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1636279871%3At%3A%D0%93%D0%B0%D0%B2-%D0%93%D0%B0%D0%B2.%D0%98%D0%BD%D1%84%D0%BE%20%D0%A1%D0%BE%D0%B1%D0%B0%D1%87%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB.&t=gdpr%2814%29ti%282%29

Request Chain 109

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 125

https://dmg.digitaltarget.ru/1/1093/i/i?i=739574894891165.819215898526098&a=77&e=0100007F3EA687617900F91A028DC43B&pref=http%3A%2F%2Fgavgav.info%2F&c=ss:77.up:0100007F3EA687617900F91A028DC43B.sync:up.xdua:du3lL0XlSFw3zVfei8b_JFVw.xps:xpskmiJ_obxV3eOevQqRfCiC6.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=739574894891165.819215898526098&a=77&e=0100007F3EA687617900F91A028DC43B&pref=http%3A%2F%2Fgavgav.info%2F&c=ss:77.up:0100007F3EA687617900F91A028DC43B.sync:up.xdua:du3lL0XlSFw3zVfei8b_JFVw.xps:xpskmiJ_obxV3eOevQqRfCiC6.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Request Chain 141

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 147

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 158

http://www.acint.net/ping/?v=0.3.0&uid=59acea3e-8743-4c05-a6f5-867bfc9d480a&dp=14&tz=%2B00%3A00&nc=22028737&dT=2021-11-07T10%3A11%3A14.019 HTTP 302
https://www.acint.net/ping/?v=0.3.0&uid=59acea3e-8743-4c05-a6f5-867bfc9d480a&dp=14&tz=%2B00%3A00&nc=22028737&dT=2021-11-07T10%3A11%3A14.019

155 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
gavgav.info/ 35 KB
36 KB 331ms
124ms Document
text/html 82.146.56.251
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://gavgav.info/
Protocol: HTTP/1.1
Server: 82.146.56.251 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: pets-tree1.fvds.ru
Software: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/5.4.16
Resource Hash: 5d8480e3649c1e526bfd60c8b8ef761ac2aad946127aa64389885b25412da855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sun, 07 Nov 2021 10:11:10 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/5.4.16
Last-Modified: Mon, 13 Jun 2016 13:13:14 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK main.css
gavgav.info/ms/themes/gav/ 3 KB
3 KB 96ms
90ms Stylesheet
text/css 82.146.56.251
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://gavgav.info/ms/themes/gav/main.css
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: HTTP/1.1
Server: 82.146.56.251 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: pets-tree1.fvds.ru
Software: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash: bcc89b1ad5165e50c44e67dca5c588d784a965ca7c4ca97bc1eda3b05b3d7e53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:10 GMT
Last-Modified: Mon, 13 Jun 2016 13:10:21 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag: "bbb-535289c4fe940"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3003

GET
H/1.1 200
OK main.js Show response
gavgav.info/ms/includes/ 262 B
623 B 97ms
91ms Script
application/javascript 82.146.56.251
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://gavgav.info/ms/includes/main.js
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: HTTP/1.1
Server: 82.146.56.251 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: pets-tree1.fvds.ru
Software: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash: f0eaec04e8d2f59e71ed464819025eecd996b917ac786ddae6480ce299d2a3f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:10 GMT
Last-Modified: Mon, 13 Jun 2016 13:10:28 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag: "106-535289cbab900"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 262

GET
H/1.1 200
OK 31274.js Show response
cdn-rtb.sape.ru/rtb-b/js/274/2/ 120 KB
49 KB 102ms
90ms Script
application/javascript 95.181.171.231
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL

http://cdn-rtb.sape.ru/rtb-b/js/274/2/31274.js

Requested by

Host: gavgav.info
URL: http://gavgav.info/

Protocol

HTTP/1.1

Server

95.181.171.231 , Russian Federation, ASN50214 (QWARTA, RU),

Reverse DNS

asrv231.qwarta.ru

Software

openresty /

Resource Hash

84241e81d211a22ebafec5201cfcb1e0a3017710a60afe2bfecd5ce57e21c1f6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:10 GMT
Content-Encoding: gzip
Last-Modified: Sun, 07 Nov 2021 03:17:47 GMT
Server: openresty
X-Amz-Request-Id: 16B53BDF82BF2C16
ETag: W/"277d74d8d3ab751fe3ea4ed25254f776"
X-Cache-Status: MISS
Vary: Origin
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Content-Security-Policy: block-all-mixed-content
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Expires: Sun, 07 Nov 2021 11:11:10 GMT

GET
H/1.1 404
Not Found friendconnect.js
www.google.com/friendconnect/script/ 0
0 12ms
6ms Script
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://www.google.com/friendconnect/script/friendconnect.js
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1 200
OK top1.jpg
gavgav.info/ms/themes/gav/images/ 78 KB
78 KB 49ms
48ms Image
image/jpeg 82.146.56.251
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gavgav.info/ms/themes/gav/images/top1.jpg
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: HTTP/1.1
Server: 82.146.56.251 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: pets-tree1.fvds.ru
Software: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash: f7f1c630a4e3e1c1125fe1b38f34f3a2f47ce92ac0ddc6b7f39187d1750006df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:10 GMT
Last-Modified: Mon, 13 Jun 2016 13:10:22 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag: "136de-535289c5f2b80"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 79582

GET
H/1.1 200
OK top2.gif
gavgav.info/ms/themes/gav/images/ 4 KB
4 KB 49ms
48ms Image
image/gif 82.146.56.251
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gavgav.info/ms/themes/gav/images/top2.gif
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: HTTP/1.1
Server: 82.146.56.251 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: pets-tree1.fvds.ru
Software: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash: c6f677ff07dffd534217dd6be92c49913b0dff54e034f6789ae60ad80f9cedd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:10 GMT
Last-Modified: Mon, 13 Jun 2016 13:10:23 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag: "e8a-535289c6e6dc0"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3722

GET
H2

404

129186e8479112fbf27111314f31f816.png
www.telderi.ru/ru/uploads/promote/12/
Redirect Chain

http://www.telderi.ru/uploads/promote/12/129186e8479112fbf27111314f31f816.png
https://www.telderi.ru/uploads/promote/12/129186e8479112fbf27111314f31f816.png
https://www.telderi.ru/ru/uploads/promote/12/129186e8479112fbf27111314f31f816.png

0
0

365ms
364ms

Image
text/html

2606:4700:20::681a:826
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.telderi.ru/ru/uploads/promote/12/129186e8479112fbf27111314f31f816.png
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: H2
Server: 2606:4700:20::681a:826 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

date: Sun, 07 Nov 2021 10:11:11 GMT
x-content-type-options: nosniff, nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-length: 3199
server: cloudflare
cross-origin-opener-policy: same-origin, same-origin
x-frame-options: deny, deny
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;, max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zd05vqez2WH8rp1DSpoawzeiVxqpZ8j%2FQr4wQ8lfOmGxESDmvkws%2FmwNtw2%2FvblpFYrAL0F0LuJJEBFPri41G3Pu941i1D69x5FM4pnF2Qao8GfJbPFgHJXI9fIJb9u7CJJ%2F7rXj0CU47Coz"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://www.telderi.ru/ru/uploads/promote/12/129186e8479112fbf27111314f31f816.png
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-ray: 6aa5c6ad6be76949-FRA

GET
H/1.1 200
OK blank.gif
gavgav.info/ms/themes/gav/images/ 43 B
388 B 49ms
48ms Image
image/gif 82.146.56.251
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gavgav.info/ms/themes/gav/images/blank.gif
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: HTTP/1.1
Server: 82.146.56.251 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: pets-tree1.fvds.ru
Software: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:10 GMT
Last-Modified: Mon, 13 Jun 2016 13:10:22 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag: "2b-535289c5f2b80"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 43

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 112 KB
40 KB 46ms
26ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: gavgav.info
URL: http://gavgav.info/

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b158d7329276670d79bbffce3a56e9e9f26f80ec85685a1b99230c16a0b31ab9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sun, 07 Nov 2021 10:11:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 1284264302901690418
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 40404
X-XSS-Protection: 0
Expires: Sun, 07 Nov 2021 10:11:10 GMT

GET
H2

200

cycounter
www.yandex.ru/
Redirect Chain

http://www.yandex.ru/cycounter?www.gavgav.info
https://www.yandex.ru/cycounter?www.gavgav.info

658 B
1 KB

149ms
81ms

Image
image/png

2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.yandex.ru/cycounter?www.gavgav.info

Requested by

Host: gavgav.info
URL: http://gavgav.info/

Protocol

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

6ee16c90c1278aebfae182fa82ed18793ba0e73e90db17532fd5064570edb98a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
expires: Fri, 19 Nov 2021 08:34:14 GMT
last-modified: Fri, 05 Nov 2021 08:34:14 GMT
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/png

Redirect headers

Location: https://www.yandex.ru/cycounter?www.gavgav.info
X-Content-Type-Options: nosniff
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
Content-Length: 0
X-XSS-Protection: 1; mode=block
Report-To: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}

GET
H/1.1 200
OK seostats.php
www.mypagerank.net/services/seostats/ 658 B
1 KB 86ms
70ms Image
image/png 2606:4700:3031::6815:582f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.mypagerank.net/services/seostats/seostats.php?s=de510918a8ee62930397b0925f231a4d&bg=FFFFFF&textcolor=000000&bordercolor=999999&indicatorcolor=5EAA5E&ugo=1&uho=1&umo=1&amo=1&upr=1&tuv=1&tpv=1&yuv=1&ypv=1&ttuv=1&ttpv=1&uonline=1&f=7794
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:582f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e882affb10a010c1e033db55917aa1c10606bc4cea9dc57375dfba0f1a13a33f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
Date: Sun, 07 Nov 2021 10:11:10 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qwJEq5guFE9ch%2BFo1dStanueI10qClZ8yjvPwOfqDy4HWjVoMNpg5%2BQn2xP4c1lBxaXmVaLeHKc0NZYhufS%2FueTRACpQ2i%2FjDZKCR43K0zsR8Vm820VoYBlDcp%2BmgOmrc1RPKSJxczBPXz22rrN0tTc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
cache-control: max-age=604800
Connection: keep-alive
CF-RAY: 6aa5c6a808764e0e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 658
expires: Mon, 26 Jul 2018 05:00:00 GMT

GET
H/1.1 200
OK vozrasta_small.jpg
gavgav.info/images/ 10 KB
11 KB 97ms
90ms Image
image/jpeg 82.146.56.251
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gavgav.info/images/vozrasta_small.jpg
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: HTTP/1.1
Server: 82.146.56.251 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: pets-tree1.fvds.ru
Software: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash: 08576fb77d6a47bf44489bfc39832060294094016106d463c93ba043343e976a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:10 GMT
Last-Modified: Mon, 13 Jun 2016 13:09:26 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag: "290e-535289908ad80"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 10510

GET
H/1.1 200
OK album_thumbnail.php
gavgav.info/forum/ 3 KB
4 KB 67ms
67ms Image
image/jpeg 82.146.56.251
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gavgav.info/forum/album_thumbnail.php?pic_id=495
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: HTTP/1.1
Server: 82.146.56.251 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: pets-tree1.fvds.ru
Software: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/5.4.16
Resource Hash: 2606e42237c7d25ea46114fd499fda376442a048b75b71f279c2d996d03bd82c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:10 GMT
Last-Modified: Mon, 13 Jun 2016 13:10:50 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/5.4.16
Content-Type: image/jpeg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 3044

GET
H/1.1 200
OK album_thumbnail.php
gavgav.info/forum/ 2 KB
3 KB 64ms
64ms Image
image/jpeg 82.146.56.251
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gavgav.info/forum/album_thumbnail.php?pic_id=494
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: HTTP/1.1
Server: 82.146.56.251 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: pets-tree1.fvds.ru
Software: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/5.4.16
Resource Hash: c899790d19f20252fc3eeb86691acb24751ead4b329167e18f2c789c2919be35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:10 GMT
Last-Modified: Mon, 13 Jun 2016 13:10:50 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/5.4.16
Content-Type: image/jpeg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 2485

GET
H/1.1 200
OK album_thumbnail.php
gavgav.info/forum/ 3 KB
3 KB 89ms
72ms Image
image/jpeg 82.146.56.251
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gavgav.info/forum/album_thumbnail.php?pic_id=493
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: HTTP/1.1
Server: 82.146.56.251 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: pets-tree1.fvds.ru
Software: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/5.4.16
Resource Hash: 5b2ff869b3b660d6665d03d4025c339d22dfa4412200aee08a9d1254a4e2449a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:10 GMT
Last-Modified: Mon, 13 Jun 2016 13:10:50 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/5.4.16
Content-Type: image/jpeg
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 2834

GET
H2

200

urchin.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/urchin.js
https://www.google-analytics.com/urchin.js

22 KB
7 KB

30ms
7ms

Script
text/javascript

2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/urchin.js

Requested by

Host: gavgav.info
URL: http://gavgav.info/

Protocol

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 23:43:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 37689
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1209600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6847
expires: Sat, 20 Nov 2021 23:43:01 GMT

Redirect headers

Location: https://www.google-analytics.com/urchin.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 404
Not Found friendconnect.js
www.google.com/friendconnect/script/ 0
0 12ms
6ms Script
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://www.google.com/friendconnect/script/friendconnect.js
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1 404
Not Found bg.gif
gavgav.info/images/ 211 B
211 B 96ms
92ms Image
text/html 82.146.56.251
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gavgav.info/images/bg.gif
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: HTTP/1.1
Server: 82.146.56.251 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: pets-tree1.fvds.ru
Software: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash: 667c56378b6d66b1d065a61a43c326ba1e9b175e6ef3e6027f0f39ae5dee380f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:10 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 211
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK bg_top.gif
gavgav.info/ms/themes/gav/images/ 61 B
406 B 73ms
47ms Image
image/gif 82.146.56.251
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gavgav.info/ms/themes/gav/images/bg_top.gif
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: HTTP/1.1
Server: 82.146.56.251 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: pets-tree1.fvds.ru
Software: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash: 106a2681193f33ce29b75a0ac3a03bc0d9ceb8e61f9361ce70e5a459237aab22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:10 GMT
Last-Modified: Mon, 13 Jun 2016 13:10:22 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag: "3d-535289c5f2b80"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 61

GET
H/1.1 200
OK bg_menu.gif
gavgav.info/ms/themes/gav/images/ 85 B
430 B 73ms
47ms Image
image/gif 82.146.56.251
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gavgav.info/ms/themes/gav/images/bg_menu.gif
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: HTTP/1.1
Server: 82.146.56.251 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: pets-tree1.fvds.ru
Software: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash: 23315fde1aafe10585823a470a160b5da3a86cebca1d5ba0ad2e388a32749d12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:10 GMT
Last-Modified: Mon, 13 Jun 2016 13:10:23 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag: "55-535289c6e6dc0"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 85

GET
H/1.1 200
OK bg_green.gif
gavgav.info/ms/themes/gav/images/ 54 B
400 B 97ms
92ms Image
image/gif 82.146.56.251
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gavgav.info/ms/themes/gav/images/bg_green.gif
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: HTTP/1.1
Server: 82.146.56.251 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: pets-tree1.fvds.ru
Software: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash: 9f0f836a2c0c7bebbcea13060d203fc520721d0dfd275927416811dae28678bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:10 GMT
Last-Modified: Mon, 13 Jun 2016 13:10:23 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag: "36-535289c6e6dc0"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 54

GET
H/1.1 200
OK news.jpg
gavgav.info/ms/themes/gav/images/ 2 KB
2 KB 120ms
47ms Image
image/jpeg 82.146.56.251
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gavgav.info/ms/themes/gav/images/news.jpg
Requested by: Host: gavgav.info
URL: http://gavgav.info/ms/themes/gav/main.css
Protocol: HTTP/1.1
Server: 82.146.56.251 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: pets-tree1.fvds.ru
Software: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash: 358c7a0cf9c92991ac8a517efec8cd689c9c9424e7846789551f2e30be256f3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/ms/themes/gav/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:10 GMT
Last-Modified: Mon, 13 Jun 2016 13:10:23 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag: "64c-535289c6e6dc0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1612

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/ 268 KB
97 KB 62ms
37ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=pub-7934288943919642&plah=gavgav.info

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f98081076194f6885070d6ff9f5b86eb631716f88436a9e787850e6bb110acad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98224
x-xss-protection: 0
server: cafe
etag: 9040437908421206644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 07 Nov 2021 10:11:10 GMT

GET

i
dmg.digitaltarget.ru/awg/custom/19/i/
Redirect Chain

http://hit19.hotlog.ru/cgi-bin/hotlog/count?0.9557844838002496&s=392037&im=134&r=&pg=http%3A//gavgav.info/&c=Y&j=N&wh=1600x1200&px=24&js=1.3&
http://hit19.hotlog.ru/cgi-bin/hotlog/count?0.9557844838002496&s=392037&im=134&r=&pg=http%3A//gavgav.info/&c=Y&j=N&wh=1600x1200&px=24&js=1.3&&hl_ignore=Y
http://hit19.hotlog.ru/cgi-bin/hotlog/count?0.9557844838002496&s=392037&im=134&r=&pg=http%3A//gavgav.info/&c=Y&j=N&wh=1600x1200&px=24&js=1.3&&hl_ignore=Y&hl_ignore=Y
https://dmg.digitaltarget.ru/1/19/i/i?a=19&e=4506dd90634f65d7758364cfb62b9c&i=1481397027&r=https://hit19.hotlog.ru/cgi-bin/hotlog/count?s%3D392037%26im%3D134%26hl_hitback%3DY
https://dmg.digitaltarget.ru/awg/custom/19/i/i?call_source=awg&a=19&e=4506dd90634f65d7758364cfb62b9c&i=1481397027&r=https://hit19.hotlog.ru/cgi-bin/hotlog/count?s%3D392037%26im%3D134%26hl_hitback%3DY

0
0

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t26.6;r;s1600*1200*24;uhttp%3A//gavgav.info/;0.25612492677781207
https://counter.yadro.ru/hit?t26.6;r;s1600*1200*24;uhttp%3A//gavgav.info/;0.25612492677781207
https://counter.yadro.ru/hit?q;t26.6;r;s1600*1200*24;uhttp%3A//gavgav.info/;0.25612492677781207

118 B
604 B

42ms
42ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t26.6;r;s1600*1200*24;uhttp%3A//gavgav.info/;0.25612492677781207

Requested by

Host: gavgav.info
URL: http://gavgav.info/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ff866ad4913c7a799eaa325e54eb6c1e7c3cebfb43727408c37dc72a5a053e81

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 10:11:19 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 118
Expires: Fri, 06 Nov 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 10:11:19 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t26.6;r;s1600*1200*24;uhttp%3A//gavgav.info/;0.25612492677781207
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Fri, 06 Nov 2020 21:00:00 GMT

GET
H/1.1 404
Not Found stat
ijes.ru/ 0
0 186ms
13ms Image
text/html 62.171.136.180
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ijes.ru/stat?js=13&r=&j=false&s=1600*1200&d=24&rand=0.37538180740093186
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: HTTP/1.1
Server: 62.171.136.180 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: ip-180-136-171-62.static.contabo.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 130 KB
46 KB 123ms
58ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: gavgav.info
URL: http://gavgav.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

48b23ea142c9df1ee6c25a1e313128022d0fffbe051787cb974a1eb058273005

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:10 GMT
content-encoding: br
last-modified: Tue, 02 Nov 2021 12:32:57 GMT
etag: "618105c9-b7cf"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 47055
expires: Sun, 07 Nov 2021 11:11:10 GMT

GET
H/1.1 200
OK header_.jpg
gavgav.info/ms/themes/gav/images/ 3 KB
3 KB 54ms
47ms Image
image/jpeg 82.146.56.251
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gavgav.info/ms/themes/gav/images/header_.jpg
Requested by: Host: gavgav.info
URL: http://gavgav.info/ms/themes/gav/main.css
Protocol: HTTP/1.1
Server: 82.146.56.251 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: pets-tree1.fvds.ru
Software: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash: 5c2966e8692cc496af85be4a2bbae08f94e94b2d2ef97be2494b9784316ce097

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/ms/themes/gav/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:10 GMT
Last-Modified: Mon, 13 Jun 2016 13:10:23 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag: "c3f-535289c6e6dc0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3135

GET
H2

200

__utm.gif
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=808855875&utmcs=windows-1251&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%D0%93%D0%B0%D0%B2-%D0%93%D0%B0%D0%B2.%D...
https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=808855875&utmcs=windows-1251&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%D0%93%D0%B0%D0%B2-%D0%93%D0%B0%D0%B2.%...

35 B
194 B

8ms
6ms

Image
image/gif

2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=808855875&utmcs=windows-1251&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%D0%93%D0%B0%D0%B2-%D0%93%D0%B0%D0%B2.%D0%98%D0%BD%D1%84%D0%BE%20%D0%A1%D0%BE%D0%B1%D0%B0%D1%87%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB.&utmhn=gavgav.info&utmhid=1872902040&utmr=-&utmp=/&utmac=UA-2428292-1&utmcc=__utma%3D119371551.808855875.1636279871.1636279871.1636279871.1%3B%2B__utmz%3D119371551.1636279871.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B

Requested by

Host: gavgav.info
URL: http://gavgav.info/

Protocol

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 06:42:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12499
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=808855875&utmcs=windows-1251&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%D0%93%D0%B0%D0%B2-%D0%93%D0%B0%D0%B2.%D0%98%D0%BD%D1%84%D0%BE%20%D0%A1%D0%BE%D0%B1%D0%B0%D1%87%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB.&utmhn=gavgav.info&utmhid=1872902040&utmr=-&utmp=/&utmac=UA-2428292-1&utmcc=__utma%3D119371551.808855875.1636279871.1636279871.1636279871.1%3B%2B__utmz%3D119371551.1636279871.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK bottom.gif
gavgav.info/ms/themes/gav/images/ 58 B
403 B 47ms
47ms Image
image/gif 82.146.56.251
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gavgav.info/ms/themes/gav/images/bottom.gif
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: HTTP/1.1
Server: 82.146.56.251 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: pets-tree1.fvds.ru
Software: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash: de6127a6e5ef55f2a00cf807ba098780af9909fd02ced46fde46a86613c96db5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:10 GMT
Last-Modified: Mon, 13 Jun 2016 13:10:24 GMT
Server: Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag: "3a-535289c7db000"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 58

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
636 B 57ms
14ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=gavgav.info&callback=_gfp_s_&client=ca-pub-7934288943919642

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=pub-7934288943919642&plah=gavgav.info

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

dcb8f65532f2e270879290fc8fa37c7206e57283203f9522bb54b2aa7a1d46e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 56ms
17ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=gavgav.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 10:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 56ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gavgav.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 10:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1A12 91 KB
30 KB 458ms
457ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7934288943919642&output=html&h=60&adk=2331619251&adf=3459545230&w=120&lmt=1465823594&channel=3199118144&format=120x60_as_rimg&url=http%3A%2F%2Fgavgav.info%2F&flash=0&wgl=1&dt=1636279870770&bpp=16&bdt=174&idt=116&shv=r20211103&mjsv=m202111020101&ptt=5&saldr=sa&abxe=1&correlator=4463890956446&frm=20&pv=2&ga_vid=808855875.1636279871&ga_sid=1636279871&ga_hid=1872902040&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=27&ady=599&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31061690&oid=2&pvsid=363115766557444&pem=469&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=wdjYWTOucD&p=http%3A//gavgav.info&dtd=134

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9b0cee5e65a84a1b91e08cbdca816aa333912a960e17b2481113dd7b11e23f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 07 Nov 2021 10:11:11 GMT
server: cafe
content-length: 30722
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 07 Nov 2021 10:11:11 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 10DE 74 KB
27 KB 803ms
802ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7934288943919642&output=html&h=125&adk=1243831463&adf=3753310071&w=125&lmt=1465823594&ad_type=text_image&format=125x125_as&color_bg=DFEFFF&color_border=6C82B5&color_link=000000&color_text=000000&color_url=008000&url=http%3A%2F%2Fgavgav.info%2F&flash=0&wgl=1&dt=1636279870787&bpp=3&bdt=192&idt=126&shv=r20211103&mjsv=m202111020101&ptt=5&saldr=sa&abxe=1&prev_fmts=120x60_as_rimg&correlator=4463890956446&frm=20&pv=1&ga_vid=808855875.1636279871&ga_sid=1636279871&ga_hid=1872902040&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=24&ady=672&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31061690&oid=2&pvsid=363115766557444&pem=469&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=4h3ugzFjNJ&p=http%3A//gavgav.info&dtd=139

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b7b19fcd97be75e960f55e169e16a39bf3d46862dc165a78b271a49592879cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 07 Nov 2021 10:11:11 GMT
server: cafe
content-length: 27500
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 07 Nov 2021 10:11:11 GMT
cache-control: private

GET
H2 200 aci.js Show response
www.acint.net/ 21 KB
7 KB 42ms
11ms Script
application/x-javascript 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: cdn-rtb.sape.ru
URL: http://cdn-rtb.sape.ru/rtb-b/js/274/2/31274.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: 8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:10 GMT
content-encoding: gzip
last-modified: Sat, 02 Jan 2021 18:29:13 GMT
server: openresty
etag: "5ff0bb79-1baf"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 7087
expires: Sun, 07 Nov 2021 22:11:10 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CD0F 73 KB
27 KB 623ms
623ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7934288943919642&output=html&h=60&adk=1439102223&adf=461257661&w=468&lmt=1465823594&channel=5259868405&ad_type=text_image&format=468x60_as&color_bg=EEF2F7&color_border=FFFFFF&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Fgavgav.info%2F&flash=0&wgl=1&dt=1636279870798&bpp=5&bdt=203&idt=134&shv=r20211103&mjsv=m202111020101&ptt=5&saldr=sa&abxe=1&prev_fmts=120x60_as_rimg%2C125x125_as&correlator=4463890956446&frm=20&pv=1&ga_vid=808855875.1636279871&ga_sid=1636279871&ga_hid=1872902040&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=440&ady=338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31061690&oid=2&pvsid=363115766557444&pem=469&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=gg17lcBNAn&p=http%3A//gavgav.info&dtd=137

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94c942681939d7f8a6c6dcec8b1c4f66ad5280ab5e6e82228f15d4688bb2419b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 07 Nov 2021 10:11:11 GMT
server: cafe
content-length: 27255
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 07 Nov 2021 10:11:11 GMT
cache-control: private

GET
H/1.1 200
OK / Show response
ssp-rtb.sape.ru/data/ 30 B
543 B 129ms
93ms Script
application/javascript 159.69.74.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/data/?callback=sapeRTB_6187a63ef_41920303&srtbid=31274&scids=161590475&sx=1600&sy=1508&ref=&u=http%3A%2F%2Fgavgav.info%2F&allimps=1&fl=0&v=3&tz=%2B00%3A00
Requested by: Host: cdn-rtb.sape.ru
URL: http://cdn-rtb.sape.ru/rtb-b/js/274/2/31274.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.74.6 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1290922.sapientru.net
Software: openresty /
Resource Hash: 8995661306965912d55a6686ffdafb37e5c9f14fee713c4cc16d1ba56c266654

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:11 GMT
Server: openresty
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 30
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
340 B 22ms
12ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A31274%2C%22sc%22%3A0%2C%22pl%22%3A0%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A737%7D&sid=6187a63e-edd2-f0ty-wzq7-rhu0jyni35bt&ref=http%3A%2F%2Fgavgav.info%2F&r=1636279871
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:10 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
341 B 21ms
12ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=16&id=31274.87590.161590475.0.0.154&sid=6187a63e-edd2-f0ty-wzq7-rhu0jyni35bt&ref=http%3A%2F%2Fgavgav.info%2F&r=1636279871
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:10 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
340 B 20ms
11ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A31274%2C%22sc%22%3A0%2C%22pl%22%3A87590%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=6187a63e-edd2-f0ty-wzq7-rhu0jyni35bt&ref=http%3A%2F%2Fgavgav.info%2F&r=1636279871
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:10 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D85F 85 KB
29 KB 390ms
390ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7934288943919642&output=html&h=60&adk=1885754182&adf=2570426279&w=468&lmt=1465823594&channel=5259868405&ad_type=text_image&format=468x60_as&color_bg=EEF2F7&color_border=FFFFFF&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Fgavgav.info%2F&flash=0&wgl=1&dt=1636279870820&bpp=3&bdt=224&idt=130&shv=r20211103&mjsv=m202111020101&ptt=5&saldr=sa&abxe=1&prev_fmts=120x60_as_rimg%2C125x125_as%2C468x60_as&correlator=4463890956446&pv_ch=5259868405%2B&frm=20&pv=1&ga_vid=808855875.1636279871&ga_sid=1636279871&ga_hid=1872902040&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=653&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31061690&oid=2&pvsid=363115766557444&pem=469&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=zsCEWEgYGf&p=http%3A//gavgav.info&dtd=135

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f943c9b87ad645145dd247b977faa98fc42244f416123ae92ee91d59b46044cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 07 Nov 2021 10:11:11 GMT
server: cafe
content-length: 29560
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 07 Nov 2021 10:11:11 GMT
cache-control: private

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check?t=ti(4)
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9450.yIdcvD94EE4ADllMTLaeqC0QrSTjDxldtd56Xr4tbnUVi_31mZEfpMHj-oS6pwRz.nTjJK8Um_8jq6YHmp4YkJtb8ahg%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9450.nCXVoe2xAaZ1FWayefV_BpumG7ceQ8lOT1YfsVBocNckEBJz_396hEwsqW0kKo_MPeJ2IzziIXPaf-wLLWU-Kw%2C%2C.gQAgyIDNUwI7UR9hR3BFAJg-Q1o%2C

75 B
75 B

32ms
32ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9450.nCXVoe2xAaZ1FWayefV_BpumG7ceQ8lOT1YfsVBocNckEBJz_396hEwsqW0kKo_MPeJ2IzziIXPaf-wLLWU-Kw%2C%2C.gQAgyIDNUwI7UR9hR3BFAJg-Q1o%2C

Requested by

Host: gavgav.info
URL: http://gavgav.info/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:11 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9450.nCXVoe2xAaZ1FWayefV_BpumG7ceQ8lOT1YfsVBocNckEBJz_396hEwsqW0kKo_MPeJ2IzziIXPaf-wLLWU-Kw%2C%2C.gQAgyIDNUwI7UR9hR3BFAJg-Q1o%2C
date: Sun, 07 Nov 2021 10:11:11 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 37ms
36ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif?t=ti(4)

Requested by

Host: gavgav.info
URL: http://gavgav.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:11 GMT
last-modified: Tue, 02 Nov 2021 12:32:57 GMT
etag: "618105c9-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 07 Nov 2021 11:11:11 GMT

GET
H2

200

/ Show response
www.acint.net/mc/ Frame 6041
Redirect Chain

http://www.acint.net/mc/?dp=14
https://www.acint.net/mc/?dp=14

3 KB
4 KB

12ms
11ms

Document
text/html

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=14
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: 646506f4a7b0d4c2a109aa315733f1a61e51a370b2a872576db239ba55964b63

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/

Response headers

server: openresty
date: Sun, 07 Nov 2021 10:11:11 GMT
content-type: text/html
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip

Redirect headers

Server: openresty
Date: Sun, 07 Nov 2021 10:11:11 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/mc/?dp=14

GET
H2

200

/
www.acint.net/hit/
Redirect Chain

http://www.acint.net/hit/?v=0.3.0&uid=59acea3e-8743-4c05-a6f5-867bfc9d480a&dp=14&tz=%2B00%3A00&nc=71795227&u=http%3A%2F%2Fgavgav.info%2F&r=&rs=1600x1200&t=%D0%93%D0%B0%D0%B2-%D0%93%D0%B0%D0%B2.%D0%...
https://www.acint.net/hit/?v=0.3.0&uid=59acea3e-8743-4c05-a6f5-867bfc9d480a&dp=14&tz=%2B00%3A00&nc=71795227&u=http%3A%2F%2Fgavgav.info%2F&r=&rs=1600x1200&t=%D0%93%D0%B0%D0%B2-%D0%93%D0%B0%D0%B2.%D0...

43 B
224 B

12ms
12ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.3.0&uid=59acea3e-8743-4c05-a6f5-867bfc9d480a&dp=14&tz=%2B00%3A00&nc=71795227&u=http%3A%2F%2Fgavgav.info%2F&r=&rs=1600x1200&t=%D0%93%D0%B0%D0%B2-%D0%93%D0%B0%D0%B2.%D0%98%D0%BD%D1%84%D0%BE%20%D0%A1%D0%BE%D0%B1%D0%B0%D1%87%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB.&oE=1&oP=1&dT=2021-11-07T10%3A11%3A11.016&fu=2e330588-a43e-449b-aaef-b97d55e38991
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:11 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/hit/?v=0.3.0&uid=59acea3e-8743-4c05-a6f5-867bfc9d480a&dp=14&tz=%2B00%3A00&nc=71795227&u=http%3A%2F%2Fgavgav.info%2F&r=&rs=1600x1200&t=%D0%93%D0%B0%D0%B2-%D0%93%D0%B0%D0%B2.%D0%98%D0%BD%D1%84%D0%BE%20%D0%A1%D0%BE%D0%B1%D0%B0%D1%87%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB.&oE=1&oP=1&dT=2021-11-07T10%3A11%3A11.016&fu=2e330588-a43e-449b-aaef-b97d55e38991
Date: Sun, 07 Nov 2021 10:11:11 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H2

200

match
ads.betweendigital.com/ Frame 6041
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F3EA687617900F91A028DC43B
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F3EA687617900F91A028DC43B&crf=1

68 B
607 B

98ms
97ms

Image
image/png

96.46.183.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F3EA687617900F91A028DC43B&crf=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=73&external_user_id=0100007F3EA687617900F91A028DC43B&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 6041
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=0100007F3EA6876186002DAE0229575D

43 B
269 B

17ms
11ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=0100007F3EA6876186002DAE0229575D
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:11 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Sun, 07 Nov 2021 10:11:11 GMT
Server: openresty
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Location: https://acint.net/match?dp=14&euid=0100007F3EA6876186002DAE0229575D
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: text/html
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame 6041
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=0100007F3EA687617900F91A028DC43B
https://px.adhigh.net/p/cm/sape?u=0100007F3EA687617900F91A028DC43B&bounced=1
https://acint.net/match?dp=17&euid=M58lZLDIFGK.AikABlF8-eFm4Q

43 B
269 B

11ms
11ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=M58lZLDIFGK.AikABlF8-eFm4Q
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:11 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 10:11:11 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f13-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://acint.net/match?dp=17&euid=M58lZLDIFGK.AikABlF8-eFm4Q
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame 6041 43 B
764 B 214ms
55ms Image
image/gif 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=0100007F3EA687617900F91A028DC43B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:11 GMT
Last-Modified: Sun, 07 Nov 2021 10:11:11 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Sun, 07 Nov 2021 16:11:11 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 6041
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4995560509
https://www.acint.net/rmatch?dp=45&euid=Alt2FvSWNC5iX59jF0DPXvg&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F3EA687617900F91A028DC43B

42 B
201 B

54ms
54ms

Image
image/gif

81.222.128.214
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F3EA687617900F91A028DC43B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Server: 81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad14.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:11 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Sun, 07 Nov 2021 10:11:11 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F3EA687617900F91A028DC43B
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 sync
a.utraff.com/ Frame 6041 0
818 B 53ms
22ms Image
text/plain 2606:4700:3039::6815:c03a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=sape
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c03a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xb5lj3Z69Q4VAg0FoI0OmRcJRvHEXES7ER%2FZERwaeN5lW932r3nu9NfGXeCVZ1aYbYiNnoY%2BeM5wc355FInF5WIvJZMtGLM0sNaEm8G7RYpPLrkSjRAH9bdl2EJavf%2BSmGqYUETv679QLg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 6aa5c6aa7c4e6927-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame 6041
Redirect Chain

https://sync.republer.com/match?dsp=sape
https://sync.republer.com/match?dsp=sape&qset=1
https://sync.bumlam.com/?src=rp1&uid=4dbc0bda-85cc-45f8-9eeb-594eecfcb772
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABi_zJ6MBlIEioaQK2IkNGRiYzBiZGEtODVjYy00NWY4LTllZWItNTk0ZWVjZmNiNzcy
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARi_zJ6MBlIEioaQK2IkNGRiYzBiZGEtODVjYy00NWY4LTllZWItNTk0ZWVjZmNiNzcyogEQCGe-vj-zEeyG4AAlkMBkfA**
https://sync.bumlam.com/?src=rp1&s_data=CAIQABi_zJ6MBmIkNGRiYzBiZGEtODVjYy00NWY4LTllZWItNTk0ZWVjZmNiNzcyogEQCGe-vj-zEeyG4AAlkMBkfA**
https://sync.bumlam.com/?src=rp1&s_data=CAIQARi_zJ6MBmIkNGRiYzBiZGEtODVjYy00NWY4LTllZWItNTk0ZWVjZmNiNzcyogEQCGe-vj-zEeyG4AAlkMBkfA**

43 B
552 B

14ms
13ms

Image
image/gif

31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=rp1&s_data=CAIQARi_zJ6MBmIkNGRiYzBiZGEtODVjYy00NWY4LTllZWItNTk0ZWVjZmNiNzcyogEQCGe-vj-zEeyG4AAlkMBkfA**
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Server: 31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:11 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Sun, 07 Nov 2021 10:11:11 GMT
Server: nginx
ETag: 0867bebe-3fb3-11ec-86e0-002590c0647c
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=rp1&s_data=CAIQARi_zJ6MBmIkNGRiYzBiZGEtODVjYy00NWY4LTllZWItNTk0ZWVjZmNiNzcyogEQCGe-vj-zEeyG4AAlkMBkfA**
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2 204 match
dm-eu.hybrid.ai/ Frame 6041 0
238 B 52ms
12ms Image
text/plain 37.18.103.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=106&vid=0100007F3EA687617900F91A028DC43B

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.103.16 , Netherlands, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 10:11:11 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 502
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame 6041 3 KB
3 KB 160ms
46ms Script
application/javascript 185.15.175.144
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.144 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:11 GMT
Last-Modified: Thu, 14 Oct 2021 23:50:04 GMT
Server: nginx
ETag: "6168c22c-beb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3051

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame 6041 0
69 B 63ms
16ms Image
text/plain 138.201.65.68
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=0100007F3EA687617900F91A028DC43B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.65.68 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.68.65.201.138.clients.your-server.de
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 07 Nov 2021 10:11:11 GMT
server: nginx/1.17.4

GET
H2

200

match
www.acint.net/ Frame 6041
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfz6mh2F5APkaAo3EOw
https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfz6mh2F5APkaAo3EOw&google_tc=
https://www.acint.net/match?dp=77&euid=

43 B
269 B

14ms
11ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=77&euid=
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:11 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 10:11:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.acint.net/match?dp=77&euid=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
adlmerge.com/merge_gpsid/ Frame 6041
Redirect Chain

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F3EA687617900F91A028DC43B
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F3EA687617900F91A028DC43B

43 B
115 B

60ms
14ms

Image
image/gif

95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F3EA687617900F91A028DC43B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

iseu: eu
server: nginx/1.16.0
date: Sun, 07 Nov 2021 10:11:11 GMT
content-type: image/gif

Redirect headers

location: //adlmerge.com/merge_gpsid/?sid=50&id=0100007F3EA687617900F91A028DC43B
date: Sun, 07 Nov 2021 10:11:11 GMT
server: nginx
content-length: 0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 6041 42 B
201 B 226ms
55ms Image
image/gif 81.222.128.214
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F3EA687617900F91A028DC43B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad14.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:11 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2 200 sprcs
relap.io/partners/ Frame 6041 43 B
1016 B 246ms
62ms Image
image/gif 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/partners/sprcs?uid=0100007F3EA687617900F91A028DC43B

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 10:11:11 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-server: back13
content-length: 43
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H2

204

0.gif
x01.aidata.io/ Frame 6041
Redirect Chain

https://adx.com.ru/sape-sync?uid=0100007F3EA687617900F91A028DC43B
https://adx.com.ru/sync?sspKey=25&sspUserID=0100007F3EA687617900F91A028DC43B
https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=6187a63fa897d8bfb7ec57a4&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru...
https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=6187a63fa897d8bfb7ec57a4&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru...
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D6187a63fa897d8bfb7ec57a4%2526r%253Dhttps%25253A...
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D6187a63fa897d8bfb7ec57a4%2526r%253Dhttps%25253A...
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D6187a63fa897d8bfb7ec57a4%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D6187a63fa8...
https://prodmp.ru/yabbi.gif?uid=6187a63fa897d8bfb7ec57a4&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D6187a63fa897d8bfb7ec57a4%26dest%3D
https://x01.aidata.io/0.gif?pid=9712851&id=6187a63fa897d8bfb7ec57a4&dest=
https://x01.aidata.io/0.gif?pid=9712851&id=6187a63fa897d8bfb7ec57a4&dest=&bounce=1

0
433 B

52ms
52ms

Image
text/plain

89.108.119.43
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=9712851&id=6187a63fa897d8bfb7ec57a4&dest=&bounce=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51370.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 10:11:11 GMT
last-modified: Sun, 07 Nov 2021 10:11:10 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Sun, 07 Nov 2021 10:11:10 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 10:11:11 GMT
last-modified: Sun, 07 Nov 2021 10:11:10 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://x01.aidata.io/0.gif?pid=9712851&id=6187a63fa897d8bfb7ec57a4&dest=&bounce=1
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sun, 07 Nov 2021 10:11:10 GMT

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 6041
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F3EA687617900F91A028DC43B
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F3EA687617900F91A028DC43B&cs=1

35 B
376 B

11ms
11ms

Image
image/gif

88.99.214.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F3EA687617900F91A028DC43B&cs=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 88.99.214.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-214-77.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:11 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F3EA687617900F91A028DC43B&cs=1
date: Sun, 07 Nov 2021 10:11:11 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2

200

match
www.acint.net/ Frame 6041
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=6BE4tNBl8TZN

43 B
269 B

11ms
11ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=6BE4tNBl8TZN
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:11 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=6BE4tNBl8TZN
Date: Sun, 07 Nov 2021 10:11:11 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame 6041
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
https://acint.net/match?dp=107&euid=61233898-6426-5337-b348-cd02d2cf6b3d

43 B
269 B

12ms
11ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=61233898-6426-5337-b348-cd02d2cf6b3d
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:11 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=61233898-6426-5337-b348-cd02d2cf6b3d
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 6041
Redirect Chain

https://0100007f3ea687617900f91a028dc43b-sp.ops.beeline.ru/p?ssp=sp&id=0100007F3EA687617900F91A028DC43B
https://www.acint.net/match?dp=111&euid=7e5bd8c9-69e2-4a3f-a878-936d469d4a03

43 B
269 B

11ms
10ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=111&euid=7e5bd8c9-69e2-4a3f-a878-936d469d4a03
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:11 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Sun, 07 Nov 2021 10:11:11 GMT
x-route: http://upstream_cookiesync
server: nginx
location: https://www.acint.net/match?dp=111&euid=7e5bd8c9-69e2-4a3f-a878-936d469d4a03
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true, true
x-host: 192.168.152.37
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

matchspm
ut.rktch.com/ Frame 6041
Redirect Chain

https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F3EA687617900F91A028DC43B
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
https://ut.rktch.com/matchspm?pi=1000006&pui=.XbZfHpoirO8f1rCWeXl9u&noredirect

88 B
88 B

50ms
49ms

Image
image/png

89.108.97.2
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=1000006&pui=.XbZfHpoirO8f1rCWeXl9u&noredirect
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Server: 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d50603.reg.regrucolo.ru
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:11 GMT
Server: nginx/1.18.0
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: image/png
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Content-Length: 88

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 10:11:11 GMT
via: 1.1 google
last-modified: Sun, 07 Nov 2021 10:11:11 GMT
server: nginx/1.12.0
location: https://ut.rktch.com/matchspm?pi=1000006&pui=.XbZfHpoirO8f1rCWeXl9u&noredirect
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

204

0.gif
x01.aidata.io/ Frame 6041
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F3EA687617900F91A028DC43B
https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F3EA687617900F91A028DC43B
https://tech.rtb.mts.ru/?dsp_uid=5807629d-56df-441b-8742-377df70cc284&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D3...
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D7%26ssp%3Daidata%26id%3D%24UID

0
433 B

49ms
48ms

Image
text/plain

89.108.119.43
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D7%26ssp%3Daidata%26id%3D%24UID
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51370.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 10:11:11 GMT
last-modified: Sun, 07 Nov 2021 10:11:10 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Sun, 07 Nov 2021 10:11:10 GMT

Redirect headers

Date: Sun, 07 Nov 2021 10:11:11 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D7%26ssp%3Daidata%26id%3D%24UID
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

match
www.acint.net/ Frame 6041
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=4cd133d3-7efb-48de-51d9-237ab82f65dc

43 B
269 B

11ms
11ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=4cd133d3-7efb-48de-51d9-237ab82f65dc
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:11 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=4cd133d3-7efb-48de-51d9-237ab82f65dc
date: Sun, 07 Nov 2021 10:11:11 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame 6041
Redirect Chain

https://s.uuidksinc.net/match/396/0100007F3EA687617900F91A028DC43B
https://www.acint.net/match?dp=127&euid=9BfsFfGf7nu78hksEy0T

43 B
269 B

12ms
12ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=9BfsFfGf7nu78hksEy0T
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:11 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=127&euid=9BfsFfGf7nu78hksEy0T
date: Sun, 07 Nov 2021 10:11:11 GMT
server: nginx/1.19.0
content-length: 0

GET userbind
match.new-programmatic.com/ Frame 6041 0
0

GET
H2 204 0100007F3EA687617900F91A028DC43B
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame 6041 0
189 B 153ms
49ms Image
text/plain 93.95.102.105
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F3EA687617900F91A028DC43B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:11 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H2

404

WAdinVbfRBuHQjd99wzChA
an.yandex.ru/setud/mts_banner/ Frame 6041
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F3EA687617900F91A028DC43B
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F3EA687617900F91A028DC43B&bounce=1
https://sm.rtb.mts.ru/p?ssp=aidata&id=z%2B9abbNEKjcgRJWUxwGeyA
https://sm.rtb.mts.ru/match/second?ssp=51&exu=z%2B9abbNEKjcgRJWUxwGeyA
https://tech.rtb.mts.ru/?dsp_uid=5807629d-56df-441b-8742-377df70cc284&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FWAdinVbfRBuHQjd99wzChA%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts...
https://an.yandex.ru/setud/mts_banner/WAdinVbfRBuHQjd99wzChA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D4%26exu%3Dz%252B9abbNEKjcgRJWUxwGeyA&sign=3726058337

43 B
103 B

62ms
62ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/mts_banner/WAdinVbfRBuHQjd99wzChA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D4%26exu%3Dz%252B9abbNEKjcgRJWUxwGeyA&sign=3726058337

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 10:11:11 GMT
content-encoding: gzip
last-modified: Sun, 07 Nov 2021 10:11:11 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 07 Nov 2021 10:11:11 GMT

Redirect headers

Date: Sun, 07 Nov 2021 10:11:11 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/WAdinVbfRBuHQjd99wzChA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D4%26exu%3Dz%252B9abbNEKjcgRJWUxwGeyA&sign=3726058337
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H/1.1 200
OK /
sync.bumlam.com/ Frame 6041 0
523 B 7ms
6ms Image
text/html 31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=sap1&uid=0100007F3EA687617900F91A028DC43B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:11 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

200

0100007F3EA687617900F91A028DC43B
an.yandex.ru/mapuid/sapeis/ Frame 6041
Redirect Chain

https://an.yandex.ru/mapuid/sapeis/0100007F3EA687617900F91A028DC43B
https://an.yandex.ru/mapuid/sapeis/0100007F3EA687617900F91A028DC43B?redir-setuniq=1

43 B
108 B

54ms
54ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0100007F3EA687617900F91A028DC43B?redir-setuniq=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 10:11:11 GMT
content-encoding: gzip
last-modified: Sun, 07 Nov 2021 10:11:11 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 07 Nov 2021 10:11:11 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 10:11:11 GMT
content-encoding: gzip
last-modified: Sun, 07 Nov 2021 10:11:11 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/sapeis/0100007F3EA687617900F91A028DC43B?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 07 Nov 2021 10:11:11 GMT

GET
H2 200 frame.html Show response
s3.advarkads.com/modules/match/ Frame 66EA 187 B
404 B 122ms
94ms Document
text/html 2606:4700:10::ac43:dab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F3EA687617900F91A028DC43B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:dab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/

Response headers

date: Sun, 07 Nov 2021 10:11:11 GMT
content-type: text/html
cache-control: max-age=60
last-modified: Wed, 13 Oct 2021 12:55:49 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6aa5c6aa79d905d8-FRA
content-encoding: gzip

GET
H2 200 prebid-between-5.19.0.js Show response
cdn-rtb.sape.ru/js/prebid/ Frame 5D8A 182 KB
182 KB 165ms
74ms Script
text/javascript 95.181.171.231
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-rtb.sape.ru/js/prebid/prebid-between-5.19.0.js

Requested by

Host: cdn-rtb.sape.ru
URL: http://cdn-rtb.sape.ru/rtb-b/js/274/2/31274.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.181.171.231 , Russian Federation, ASN50214 (QWARTA, RU),

Reverse DNS

asrv231.qwarta.ru

Software

openresty /

Resource Hash

005dae70297e564c263b5ba0765ef45701a11dcc95c8b2f27b0859f8118cba5f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content
last-modified: Wed, 27 Oct 2021 11:35:46 GMT
server: openresty
x-amz-request-id: 16B53BDF9CC516D6
etag: "504d41f6ad861ff04561571042afa239"
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
date: Sun, 07 Nov 2021 10:11:11 GMT
access-control-allow-credentials: true
content-length: 186176
accept-ranges: bytes

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 11ms
11ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=16&id=31274.87590.161590475.0.0.154&sid=6187a63e-edd2-f0ty-wzq7-rhu0jyni35bt&ref=http%3A%2F%2Fgavgav.info%2F&r=1636279871
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:11 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
DATA 200
OK truncated
/ 612 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74dcd398eafd7dbc3d07b76625839f63f464de97b26adca97ac30883cf79b0d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 12ms
11ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A31274%2C%22sc%22%3A0%2C%22pl%22%3A87590%2C%22ev%22%3A%22vis0%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=6187a63e-edd2-f0ty-wzq7-rhu0jyni35bt&ref=http%3A%2F%2Fgavgav.info%2F&r=1636279871
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:11 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 5
www.acint.net/pxl/ 43 B
224 B 12ms
11ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/5?dp=154&id=31274.87590.161590483.0.1.183&sid=6187a63e-edd2-f0ty-wzq7-rhu0jyni35bt&ref=http%3A%2F%2Fgavgav.info%2F&r=1636279871
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:11 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 5
www.acint.net/pxl/ 43 B
224 B 11ms
11ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/5?dp=54&id=31274.87590.161590480.0.3.7&sid=6187a63e-edd2-f0ty-wzq7-rhu0jyni35bt&ref=http%3A%2F%2Fgavgav.info%2F&r=1636279871
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:11 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
224 B 11ms
11ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=7&id=31274.87590.161590479.0.4.83&sid=6187a63e-edd2-f0ty-wzq7-rhu0jyni35bt&ref=http%3A%2F%2Fgavgav.info%2F&r=1636279871
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:11 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/71281900/
Redirect Chain

https://mc.yandex.com/watch/71281900?wmode=7&page-url=http%3A%2F%2Fgavgav.info%2F&charset=utf-8&site-info=%7B%22site_id%22%3A31274%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyymqkmizds872r%3Afp%3...
https://mc.yandex.com/watch/71281900/1?wmode=7&page-url=http%3A%2F%2Fgavgav.info%2F&charset=utf-8&site-info=%7B%22site_id%22%3A31274%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyymqkmizds872r%3Afp...

331 B
413 B

33ms
33ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/71281900/1?wmode=7&page-url=http%3A%2F%2Fgavgav.info%2F&charset=utf-8&site-info=%7B%22site_id%22%3A31274%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyymqkmizds872r%3Afp%3A479%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A680%3Acn%3A2%3Adp%3A0%3Als%3A7749796027%3Ahid%3A1921646%3Az%3A0%3Ai%3A2021110701011010%3Aet%3A1636279871%3Ac%3A1%3Arn%3A482197726%3Arqn%3A1%3Au%3A1636279871367482018%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1636279870262%3Ads%3A202%2C5%2C125%2C43%2C0%2C0%2C%2C232%2C0%2C%2C%2C%2C566%3Adsn%3A201%2C5%2C125%2C43%2C%2C0%2C%2C191%2C0%2C%2C%2C%2C566%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1636279871%3At%3A%D0%93%D0%B0%D0%B2-%D0%93%D0%B0%D0%B2.%D0%98%D0%BD%D1%84%D0%BE%20%D0%A1%D0%BE%D0%B1%D0%B0%D1%87%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB.&t=gdpr%2814%29ti%282%29

Requested by

Host: gavgav.info
URL: http://gavgav.info/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

19b381eb5713aa9c2db426f9a4acc310d0e52a5f5881a947159c13736cfdfa78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 10:11:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 07-Nov-2021 10:11:11 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://gavgav.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Sun, 07-Nov-2021 10:11:11 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 10:11:11 GMT
last-modified: Sun, 07-Nov-2021 10:11:11 GMT
location: /watch/71281900/1?wmode=7&page-url=http%3A%2F%2Fgavgav.info%2F&charset=utf-8&site-info=%7B%22site_id%22%3A31274%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyymqkmizds872r%3Afp%3A479%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A680%3Acn%3A2%3Adp%3A0%3Als%3A7749796027%3Ahid%3A1921646%3Az%3A0%3Ai%3A2021110701011010%3Aet%3A1636279871%3Ac%3A1%3Arn%3A482197726%3Arqn%3A1%3Au%3A1636279871367482018%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1636279870262%3Ads%3A202%2C5%2C125%2C43%2C0%2C0%2C%2C232%2C0%2C%2C%2C%2C566%3Adsn%3A201%2C5%2C125%2C43%2C%2C0%2C%2C191%2C0%2C%2C%2C%2C566%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1636279871%3At%3A%D0%93%D0%B0%D0%B2-%D0%93%D0%B0%D0%B2.%D0%98%D0%BD%D1%84%D0%BE%20%D0%A1%D0%BE%D0%B1%D0%B0%D1%87%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB.&t=gdpr%2814%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://gavgav.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 07-Nov-2021 10:11:11 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/39014500/
Redirect Chain

https://mc.yandex.com/watch/39014500?wmode=7&page-url=http%3A%2F%2Fgavgav.info%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyymqkmizds872r%3Afp%3A479%3Afu%3A0%3Aen%3Awindows-1251%3Ala...
https://mc.yandex.com/watch/39014500/1?wmode=7&page-url=http%3A%2F%2Fgavgav.info%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyymqkmizds872r%3Afp%3A479%3Afu%3A0%3Aen%3Awindows-1251%3A...

331 B
362 B

39ms
38ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/39014500/1?wmode=7&page-url=http%3A%2F%2Fgavgav.info%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyymqkmizds872r%3Afp%3A479%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A680%3Acn%3A1%3Adp%3A0%3Als%3A770680831885%3Ahid%3A1921646%3Az%3A0%3Ai%3A2021110701011010%3Aet%3A1636279871%3Ac%3A1%3Arn%3A89128119%3Arqn%3A1%3Au%3A1636279871367482018%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1636279870262%3Ads%3A202%2C5%2C125%2C43%2C0%2C0%2C%2C232%2C0%2C%2C%2C%2C566%3Adsn%3A201%2C5%2C125%2C43%2C%2C0%2C%2C191%2C0%2C%2C%2C%2C566%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1636279871%3At%3A%D0%93%D0%B0%D0%B2-%D0%93%D0%B0%D0%B2.%D0%98%D0%BD%D1%84%D0%BE%20%D0%A1%D0%BE%D0%B1%D0%B0%D1%87%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB.&t=gdpr%2814%29ti%282%29

Requested by

Host: gavgav.info
URL: http://gavgav.info/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e1db9d5ab621b790791d0a2e48006453c96c5c6b09d73846a6ea05a0fa670e6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 10:11:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 07-Nov-2021 10:11:11 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://gavgav.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Sun, 07-Nov-2021 10:11:11 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 10:11:11 GMT
last-modified: Sun, 07-Nov-2021 10:11:11 GMT
location: /watch/39014500/1?wmode=7&page-url=http%3A%2F%2Fgavgav.info%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A9ezyymqkmizds872r%3Afp%3A479%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A680%3Acn%3A1%3Adp%3A0%3Als%3A770680831885%3Ahid%3A1921646%3Az%3A0%3Ai%3A2021110701011010%3Aet%3A1636279871%3Ac%3A1%3Arn%3A89128119%3Arqn%3A1%3Au%3A1636279871367482018%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1636279870262%3Ads%3A202%2C5%2C125%2C43%2C0%2C0%2C%2C232%2C0%2C%2C%2C%2C566%3Adsn%3A201%2C5%2C125%2C43%2C%2C0%2C%2C191%2C0%2C%2C%2C%2C566%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1636279871%3At%3A%D0%93%D0%B0%D0%B2-%D0%93%D0%B0%D0%B2.%D0%98%D0%BD%D1%84%D0%BE%20%D0%A1%D0%BE%D0%B1%D0%B0%D1%87%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB.&t=gdpr%2814%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://gavgav.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 07-Nov-2021 10:11:11 GMT

GET
H2 200 frame.js Show response
s3.advarkads.com/modules/match/ Frame 66EA 22 KB
7 KB 12ms
12ms Script
application/javascript 2606:4700:10::ac43:dab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/match/frame.js
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F3EA687617900F91A028DC43B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:dab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5a0f4fa617d5d9940c099afe919047ba8e53e171df11a2dd7afd3e3eb53c230

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F3EA687617900F91A028DC43B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 18 Oct 2021 16:55:30 GMT
server: cloudflare
age: 56
etag: "02d1df540c4d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
cf-ray: 6aa5c6ab1b5305d8-FRA
content-length: 7379

GET
H/1.1 200
OK match
api.advarkads.com/api/statistic/ Frame 66EA 43 B
389 B 167ms
65ms Image
image/gif 88.212.233.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.advarkads.com/api/statistic/match?id=8113-1-1&uid=0100007F3EA687617900F91A028DC43B
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F3EA687617900F91A028DC43B
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.212.233.36 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.14.1 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3.advarkads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 11:10:16 GMT
Server: nginx/1.14.1
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: -1

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame 6041 15 KB
15 KB 86ms
85ms Script
application/javascript 185.15.175.144
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=903942262081004
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.144 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 9a6b50131cc9b2e010aafa2e58d6a1672df5781ebee2120a2e80e04db9d89007

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:11 GMT
Last-Modified: Thu, 14 Oct 2021 23:50:04 GMT
Server: nginx
ETag: "6168c22c-3cc1"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15553

POST
H2 200 adjson Show response
ads.betweendigital.com/ Frame 5D8A 5 KB
3 KB 114ms
113ms XHR
application/json 96.46.183.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/js/prebid/prebid-between-5.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 3f1489a53da89cf0265f842701985f4a1f8800e2ac28ef957ef67c64dc132d3f

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://gavgav.info
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

GET
H2 200 css
fonts.googleapis.com/ Frame D85F 3 KB
1 KB 40ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7934288943919642&output=html&h=60&adk=1885754182&adf=2570426279&w=468&lmt=1465823594&channel=5259868405&ad_type=text_image&format=468x60_as&color_bg=EEF2F7&color_border=FFFFFF&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Fgavgav.info%2F&flash=0&wgl=1&dt=1636279870820&bpp=3&bdt=224&idt=130&shv=r20211103&mjsv=m202111020101&ptt=5&saldr=sa&abxe=1&prev_fmts=120x60_as_rimg%2C125x125_as%2C468x60_as&correlator=4463890956446&pv_ch=5259868405%2B&frm=20&pv=1&ga_vid=808855875.1636279871&ga_sid=1636279871&ga_hid=1872902040&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=653&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31061690&oid=2&pvsid=363115766557444&pem=469&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=zsCEWEgYGf&p=http%3A//gavgav.info&dtd=135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 07 Nov 2021 08:45:36 GMT
server: ESF
date: Sun, 07 Nov 2021 10:11:11 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sun, 07 Nov 2021 10:11:11 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame D85F 2 KB
991 B 39ms
11ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 10:02:36 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame D85F 19 KB
8 KB 14ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 10:10:37 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame D85F 3 KB
2 KB 18ms
11ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:09:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 10:09:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D85F 120 KB
37 KB 52ms
28ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 07 Nov 2021 10:11:11 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame D85F 15 KB
7 KB 15ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:09:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 10:09:27 GMT

GET
H2 200 5193475774055ccce470a7af02e48ef6.js Show response
www.gstatic.com/mysidia/ Frame D85F 27 KB
12 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5193475774055ccce470a7af02e48ef6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

024bf58839434bcdbb669f44e683ecbb58be25cde0d0e721d68031a67a40dd40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 09:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11340
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 05:34:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 09:28:10 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame D85F 0
0 34ms
33ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8HnhPqaHYaWuPKeF9fgPgPSyoALhyImnYvOi2_KGCLCQHxABIMDplQRglbqsgrQHoAGCmP3gA8gBAakCCL4yBLposz6oAwHIA8sEqgS4AU_QACrTKD57Vs79y6xtM7ULlgHykELvuEiTKzwYxJiqhSkzDrLewSaxlGcHIDaHrN3weg-ImqYSZbR_4-4n_KpUh8esMx4KWuUMEovBkVL5sIgCl0k1WwsczMNG_ws11REN1_6OZjwwCEg-C0HxwxoE9L7lvwC7AFW3fu9-AwueRakpgY8YZCSI1Jk3gcWm3gAnkw7QEFUgzZBgpjzvd7ji8BupeR7glFF6oEGjDKEDyiPhDzuKbJnABNWM0cfUAZIFBAgEGAGSBQQIBRgEgAe58fwlqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEKvfCNIICQiA4YAQEAEYX4AKAcgLAdgTDYgUAtAVAYAXAbIXHAoaCAASFHB1Yi03OTM0Mjg4OTQzOTE5NjQyGAA&sigh=p8m-_3bTIMY&uach_m=[UACH]

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7934288943919642&output=html&h=60&adk=1885754182&adf=2570426279&w=468&lmt=1465823594&channel=5259868405&ad_type=text_image&format=468x60_as&color_bg=EEF2F7&color_border=FFFFFF&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Fgavgav.info%2F&flash=0&wgl=1&dt=1636279870820&bpp=3&bdt=224&idt=130&shv=r20211103&mjsv=m202111020101&ptt=5&saldr=sa&abxe=1&prev_fmts=120x60_as_rimg%2C125x125_as%2C468x60_as&correlator=4463890956446&pv_ch=5259868405%2B&frm=20&pv=1&ga_vid=808855875.1636279871&ga_sid=1636279871&ga_hid=1872902040&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=653&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31061690&oid=2&pvsid=363115766557444&pem=469&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=zsCEWEgYGf&p=http%3A//gavgav.info&dtd=135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 07 Nov 2021 10:11:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 41da6f2331623d3b8845889ffd3555e0.js Show response
www.gstatic.com/mysidia/ Frame 1A12 8 KB
3 KB 22ms
12ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/41da6f2331623d3b8845889ffd3555e0.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7934288943919642&output=html&h=60&adk=2331619251&adf=3459545230&w=120&lmt=1465823594&channel=3199118144&format=120x60_as_rimg&url=http%3A%2F%2Fgavgav.info%2F&flash=0&wgl=1&dt=1636279870770&bpp=16&bdt=174&idt=116&shv=r20211103&mjsv=m202111020101&ptt=5&saldr=sa&abxe=1&correlator=4463890956446&frm=20&pv=2&ga_vid=808855875.1636279871&ga_sid=1636279871&ga_hid=1872902040&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=27&ady=599&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31061690&oid=2&pvsid=363115766557444&pem=469&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=wdjYWTOucD&p=http%3A//gavgav.info&dtd=134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb656577f4277a4ded7b312fe6d4a32f3aabbeff803485b75a66fdea67b678af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 05:25:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3349
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 05:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 02 Feb 2022 05:25:36 GMT

GET
H2 200 05bb46b82d1d2bf4ab0b6db8ff47e7f4.js Show response
www.gstatic.com/mysidia/ Frame 1A12 11 KB
5 KB 23ms
13ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/05bb46b82d1d2bf4ab0b6db8ff47e7f4.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f484f11c123bfcec431cff1be48303a3f303e5a394f15f5767e667f53242ed8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 06:28:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4964
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 05:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 02 Feb 2022 06:28:23 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1A12 4 KB
693 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 07 Nov 2021 08:52:38 GMT
server: ESF
date: Sun, 07 Nov 2021 10:11:11 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sun, 07 Nov 2021 10:11:11 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 1A12 2 KB
946 B 285ms
12ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 10:02:36 GMT

GET
H2 200 d7ad32caf732a821be052b8b21af5e27.js Show response
www.gstatic.com/mysidia/ Frame 1A12 5 KB
2 KB 18ms
9ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d7ad32caf732a821be052b8b21af5e27.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d7845c01468ed82f644cac1c1cbdea3d717fb3f48909e24d6a413b3b5d57dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 06:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 271780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2131
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 05:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 02 Feb 2022 06:41:31 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 1A12 19 KB
8 KB 307ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 10:10:37 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 1A12 3 KB
1 KB 284ms
11ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:09:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 10:09:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1A12 120 KB
37 KB 46ms
43ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 07 Nov 2021 10:11:11 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 1A12 15 KB
7 KB 308ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:09:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 10:09:27 GMT

GET
H2 200 c5d443f94f59031b290788a54ae3dbc2.js Show response
www.gstatic.com/mysidia/ Frame 1A12 27 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 05:25:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11508
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 05:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 02 Feb 2022 05:25:36 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EC64 143 B
222 B 7ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7934288943919642&output=html&h=60&adk=1885754182&adf=2570426279&w=468&lmt=1465823594&channel=5259868405&ad_type=text_image&format=468x60_as&color_bg=EEF2F7&color_border=FFFFFF&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Fgavgav.info%2F&flash=0&wgl=1&dt=1636279870820&bpp=3&bdt=224&idt=130&shv=r20211103&mjsv=m202111020101&ptt=5&saldr=sa&abxe=1&prev_fmts=120x60_as_rimg%2C125x125_as%2C468x60_as&correlator=4463890956446&pv_ch=5259868405%2B&frm=20&pv=1&ga_vid=808855875.1636279871&ga_sid=1636279871&ga_hid=1872902040&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=653&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31061690&oid=2&pvsid=363115766557444&pem=469&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=zsCEWEgYGf&p=http%3A//gavgav.info&dtd=135

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 07 Nov 2021 09:43:12 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1679
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7662061820494921715/ Frame 1A12 16 KB
16 KB 284ms
12ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7662061820494921715/downsize_200k_v1?w=200&h=200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

555e09da045430922958cbb42155c361dda6e4fea116298fa1302e0ec71f8b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 08:50:50 GMT
x-content-type-options: nosniff
age: 436821
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16269
x-xss-protection: 0
last-modified: Tue, 25 May 2021 10:54:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 02 Nov 2022 08:50:50 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1A12 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CO0UCPqaHYbzdOITZtwfZlK64B-nD8KRm64r_tuEOwI23ARABIMDplQRglbqsgrQHoAHcmtz7AcgBCakCCL4yBLposz6oAwHIA8sEqgS-AU_Qw4Jdc07_1iJvCnxd8gz1P1eDfedMW3J7vQostlFh0QwrQJl7NAmYyopaFUqCDbCeLvV_pXfxdHoiKbcekt-HWDMUrueLIZZd6AfoSeAEOSF6Z6JxQphR80swHobRQGFsQuMaMb2KKd3MUMRD75rgryw2LyhJVWfEEsLJr5MJbpxAjVu9M7lZ19e4aaV2UpoOPQOhzsMNpDhYmAUk6dsMZQIdRr8RDdCrv_jQCeus42YofXfik6jcUbFii6XABOfdtbbpA5IFBAgEGAGSBQQIBRgEoAYugAeM5aOEAqgH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBD-pFjSCAkIgOGAEBABGF-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNzkzNDI4ODk0MzkxOTY0MhgA&sigh=E3iq1YQvsbM&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7934288943919642&output=html&h=60&adk=2331619251&adf=3459545230&w=120&lmt=1465823594&channel=3199118144&format=120x60_as_rimg&url=http%3A%2F%2Fgavgav.info%2F&flash=0&wgl=1&dt=1636279870770&bpp=16&bdt=174&idt=116&shv=r20211103&mjsv=m202111020101&ptt=5&saldr=sa&abxe=1&correlator=4463890956446&frm=20&pv=2&ga_vid=808855875.1636279871&ga_sid=1636279871&ga_hid=1872902040&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=27&ady=599&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31061690&oid=2&pvsid=363115766557444&pem=469&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=wdjYWTOucD&p=http%3A//gavgav.info&dtd=134
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 07 Nov 2021 10:11:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EC64
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
216 B

64ms
63ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 07 Nov 2021 10:11:11 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 07 Nov 2021 10:11:11 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 07 Nov 2021 10:11:11 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame D85F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f06f9fb1a20ed66de1f13f1d0984ec446569f90c40c33959c24fb54b6457bb1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame D85F 21 KB
22 KB 28ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 488985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 01 Nov 2022 18:21:26 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame D85F 21 KB
21 KB 32ms
13ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 02:15:39 GMT
x-content-type-options: nosniff
age: 287732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 02:15:39 GMT

GET
H/1.1 200
OK rb.js Show response
co9.rktch.com/static/ Frame 4E61 6 KB
2 KB 107ms
94ms Script
application/javascript 176.99.7.123
LOGOL-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://co9.rktch.com/static/rb.js
Requested by: Host: cdn-rtb.sape.ru
URL: http://cdn-rtb.sape.ru/rtb-b/js/274/2/31274.js
Protocol: HTTP/1.1
Server: 176.99.7.123 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS: d40665.acod.regrucolo.ru
Software: nginx/1.14.2 /
Resource Hash: 37d9fdcb589bfab4d9557628567c02db962393f3306d31658425f073721b317d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Aug 2020 09:34:49 GMT
Server: nginx/1.14.2
ETag: W/"5f350939-1945"
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Expose-Headers: Content-Length,Content-Range
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 11ms
11ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=7&id=31274.87590.161590479.0.4.83&sid=6187a63e-edd2-f0ty-wzq7-rhu0jyni35bt&ref=http%3A%2F%2Fgavgav.info%2F&r=1636279872
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:11 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
224 B 11ms
10ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=112&id=31274.87590.161590485.0.6.68&sid=6187a63e-edd2-f0ty-wzq7-rhu0jyni35bt&ref=http%3A%2F%2Fgavgav.info%2F&r=1636279872
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:11 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A12 0
119 B 41ms
40ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgcIByoDd2ViCgcICCoDbHRyCg4IASoKdG93ZXJTbWFsbAoKCAIqBnNlcnZlcgoxCAQqLW15c2lkaWFfYW5hbHl0aWNzX2V4cDIsbXlzaWRpYV9yZWxlYXNlX2NhbmFyeQoNECshAAAAAAAAJkAwBAoNEAMhAAAAMzNvgUAwBAoNEAohAAAAAAAA4D8wBAoNEA0hAAAAAAAAAAAwBAoMEB4qBjEyMHg2MDAECgwQGSoGMTIweDYwMAQKDRAOIQAAAACgmbk_MAQKDRAEIQAAAM3MeIFAMAQKDRAPIQAAAAAAAAAAMAQKDRArIQAAAAAAACxAMAQKDRAFIQAAAM3MeIFAMAQSGkNMejAxc09CaHZRQ0ZZVHM3UW9kV1lvTGR3IhxzY3JlYW0vdGhyb25lX2ltYWdlX2xvZ29fb2NoKBE=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/05bb46b82d1d2bf4ab0b6db8ff47e7f4.js?tag=pingback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 10:11:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 534693197663528916
tpc.googlesyndication.com/simgad/ Frame CD0F 14 KB
14 KB 167ms
13ms Image
image/gif 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/534693197663528916

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7934288943919642&output=html&h=60&adk=1439102223&adf=461257661&w=468&lmt=1465823594&channel=5259868405&ad_type=text_image&format=468x60_as&color_bg=EEF2F7&color_border=FFFFFF&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Fgavgav.info%2F&flash=0&wgl=1&dt=1636279870798&bpp=5&bdt=203&idt=134&shv=r20211103&mjsv=m202111020101&ptt=5&saldr=sa&abxe=1&prev_fmts=120x60_as_rimg%2C125x125_as&correlator=4463890956446&frm=20&pv=1&ga_vid=808855875.1636279871&ga_sid=1636279871&ga_hid=1872902040&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=440&ady=338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31061690&oid=2&pvsid=363115766557444&pem=469&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=gg17lcBNAn&p=http%3A//gavgav.info&dtd=137

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df4fc40471bf118a01aab9001624506259fd3967f7b61631fa806f0e540b9e19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 05:32:16 GMT
x-content-type-options: nosniff
age: 448735
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14537
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 07:13:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 02 Nov 2022 05:32:16 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame CD0F 19 KB
8 KB 162ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 10:10:37 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame CD0F 3 KB
1 KB 159ms
10ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:09:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 10:09:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CD0F 120 KB
37 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 07 Nov 2021 10:11:11 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame CD0F 15 KB
7 KB 158ms
9ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:09:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 10:09:27 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame CD0F 27 KB
11 KB 163ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

958cb8992e75141f60d67383af5df25397e04446753f027dd317be9d51136ab0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 07:14:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11538
x-xss-protection: 0
server: cafe
etag: 16299297374704173702
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 07:14:53 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame CD0F 0
0 37ms
36ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_thXPqaHYcD5OtazbKj8saAO29io-GW2l8z0yQ7A3JOYQxABIMDplQRglbqsgrQHoAHtosPSAcgBA6kC9z9lYpRRfz6oAwHIA8kEqgS6AU_Qc9UW5UD9BmLpoiPgAScUC1dFmbI4WKprquEN2KzDIvdBsbKjr4a7b2f00TIJkFODgHX-Vp_JGYHG6aLrXlLxs1mUADH0jS9XAhaDjGNlYi9RzI5CGt-lcpMZWNoKtBoOedpV3NnUO783MoXxVTz93_PqCSgNPGeQzvE4FcIIPSPeWnLkFsbJ8kSRTBehwmukZ_cqEWiWNEeT-9zVRHkKPnEAkpUatzHnLq_33ytcL8aOZz1zhLjV7cAE_Zb-zN0DkgUECAQYAZIFBAgFGASgBgOAB_azitQCqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEKPCL9IICQiA4YAQEAEYX4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi03OTM0Mjg4OTQzOTE5NjQyGAA&sigh=-EIDucBqrmA&uach_m=[UACH]

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7934288943919642&output=html&h=60&adk=1439102223&adf=461257661&w=468&lmt=1465823594&channel=5259868405&ad_type=text_image&format=468x60_as&color_bg=EEF2F7&color_border=FFFFFF&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Fgavgav.info%2F&flash=0&wgl=1&dt=1636279870798&bpp=5&bdt=203&idt=134&shv=r20211103&mjsv=m202111020101&ptt=5&saldr=sa&abxe=1&prev_fmts=120x60_as_rimg%2C125x125_as&correlator=4463890956446&frm=20&pv=1&ga_vid=808855875.1636279871&ga_sid=1636279871&ga_hid=1872902040&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=440&ady=338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31061690&oid=2&pvsid=363115766557444&pem=469&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=gg17lcBNAn&p=http%3A//gavgav.info&dtd=137
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 07 Nov 2021 10:11:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame 7F99 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 13:02:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 13:02:04 GMT

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 6041
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=739574894891165.819215898526098&a=77&e=0100007F3EA687617900F91A028DC43B&pref=http%3A%2F%2Fgavgav.info%2F&c=ss:77.up:0100007F3EA687617900F91A028DC43B.sync:u...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=739574894891165.819215898526098&a=77&e=0100007F3EA687617900F91A028DC43B&pref=http%3A%2F%2Fgavgav.info%2F&c=ss:77.up:0100007F3EA687...

49 B
603 B

123ms
123ms

Image
image/gif

185.15.175.145
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=739574894891165.819215898526098&a=77&e=0100007F3EA687617900F91A028DC43B&pref=http%3A%2F%2Fgavgav.info%2F&c=ss:77.up:0100007F3EA687617900F91A028DC43B.sync:up.xdua:du3lL0XlSFw3zVfei8b_JFVw.xps:xpskmiJ_obxV3eOevQqRfCiC6.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

HTTP/1.1

Server

185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 48
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Sun, 07 Nov 2021 10:11:11 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=739574894891165.819215898526098&a=77&e=0100007F3EA687617900F91A028DC43B&pref=http%3A%2F%2Fgavgav.info%2F&c=ss:77.up:0100007F3EA687617900F91A028DC43B.sync:up.xdua:du3lL0XlSFw3zVfei8b_JFVw.xps:xpskmiJ_obxV3eOevQqRfCiC6.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET i
dmg.digitaltarget.ru/1/1093/i/ Frame 6041 0
0

GET
H/1.1 200
OK v0 Show response
tg.rktch.com/ Frame 2219 487 B
837 B 153ms
46ms Document
text/html 176.99.5.169
LOGOL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tg.rktch.com/v0?i=11679&p=1&vw=240&vh=400&sw=1600&sh=1200&rk=yyfshL&url=http%3A%2F%2Fgavgav.info%2F&siteid=161590485
Requested by: Host: co9.rktch.com
URL: http://co9.rktch.com/static/rb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.99.5.169 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS: d41257.acod.regrucolo.ru
Software: nginx/1.14.2 /
Resource Hash: 6052e03212c04490f8d846425e020643e2820a3f2a4f48c6af65f33a75ff9f84

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/

Response headers

Server: nginx/1.14.2
Date: Sun, 07 Nov 2021 10:11:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 86400
Access-Control-Allow-Headers: Content-Type, Authorization, x-ad4-*

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FFFF 143 B
198 B 12ms
12ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7934288943919642&output=html&h=60&adk=1439102223&adf=461257661&w=468&lmt=1465823594&channel=5259868405&ad_type=text_image&format=468x60_as&color_bg=EEF2F7&color_border=FFFFFF&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Fgavgav.info%2F&flash=0&wgl=1&dt=1636279870798&bpp=5&bdt=203&idt=134&shv=r20211103&mjsv=m202111020101&ptt=5&saldr=sa&abxe=1&prev_fmts=120x60_as_rimg%2C125x125_as&correlator=4463890956446&frm=20&pv=1&ga_vid=808855875.1636279871&ga_sid=1636279871&ga_hid=1872902040&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=440&ady=338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31061690&oid=2&pvsid=363115766557444&pem=469&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=gg17lcBNAn&p=http%3A//gavgav.info&dtd=137

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 07 Nov 2021 09:43:12 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1679
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame CD0F 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee92ad4eaa2239d38645c6015e556f5e3c04085b53571ea19c770589258da98c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1A12 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f38d88b5bef191b9acb7e44d2a650efba974a9f8b3bf9bea26d48210339bf48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4371041263337179111
tpc.googlesyndication.com/simgad/ Frame 10DE 23 KB
23 KB 9ms
9ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4371041263337179111?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql__sMpbBf8dbV45787B3q9ujHY0A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7934288943919642&output=html&h=125&adk=1243831463&adf=3753310071&w=125&lmt=1465823594&ad_type=text_image&format=125x125_as&color_bg=DFEFFF&color_border=6C82B5&color_link=000000&color_text=000000&color_url=008000&url=http%3A%2F%2Fgavgav.info%2F&flash=0&wgl=1&dt=1636279870787&bpp=3&bdt=192&idt=126&shv=r20211103&mjsv=m202111020101&ptt=5&saldr=sa&abxe=1&prev_fmts=120x60_as_rimg&correlator=4463890956446&frm=20&pv=1&ga_vid=808855875.1636279871&ga_sid=1636279871&ga_hid=1872902040&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=24&ady=672&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31061690&oid=2&pvsid=363115766557444&pem=469&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=4h3ugzFjNJ&p=http%3A//gavgav.info&dtd=139

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38a2a7db5c95b8d7a8a418a692dc925b09c7ceb6c1eddd65cf3f06f03043f7fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 09:43:03 GMT
x-content-type-options: nosniff
age: 347288
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23812
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 14:15:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Nov 2022 09:43:03 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 10DE 19 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 10:10:37 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 10DE 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:09:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 10:09:08 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 10DE 120 KB
37 KB 963ms
963ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 07 Nov 2021 10:11:12 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 10DE 15 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:09:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 10:09:27 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 10DE 27 KB
11 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

958cb8992e75141f60d67383af5df25397e04446753f027dd317be9d51136ab0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 07:14:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11538
x-xss-protection: 0
server: cafe
etag: 16299297374704173702
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 07:14:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 1A12 15 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 01:55:14 GMT
x-content-type-options: nosniff
age: 202557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 05 Nov 2022 01:55:14 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 10DE 0
0 34ms
34ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CL4T8PqaHYdmdOon0btLdmpgGzoHSuWT8xPLR3w6sq_SZtgkQASDA6ZUEYJW6rIK0B6ABjbfslwPIAQKpAgi-MgS6aLM-qAMByAPJBKoEuQFP0PK-QAa9QKLmkFxpd-2ZzPHWyxIx4hj4lBTbXSd4CBjQ5CI2_cgLVaHPLa9pB70pa_l-FHGOdRo2ME4OHEqdDtXqmDwe5uDwBq0L2mP-TPG1q2e50LI3I_WAmWR6dNwXiR1HP5n98S-aOQ-QPCvy_Apj9hWmpfJjyrETV67X04MRdRdABbvfl6soTBvGr8gPe_qNE3Nsqo0QjVIStQJmrY7uzZLbm_ZOyXHenxNzp6tDOH1TjPHrwMAE-s6v08IDkgUECAQYAZIFBAgFGASgBgKAB9vIk2ioB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQu-wK0ggJCIDhgBAQARhfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTc5MzQyODg5NDM5MTk2NDIYAA&sigh=z0NZc-Dziio&uach_m=[UACH]

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7934288943919642&output=html&h=125&adk=1243831463&adf=3753310071&w=125&lmt=1465823594&ad_type=text_image&format=125x125_as&color_bg=DFEFFF&color_border=6C82B5&color_link=000000&color_text=000000&color_url=008000&url=http%3A%2F%2Fgavgav.info%2F&flash=0&wgl=1&dt=1636279870787&bpp=3&bdt=192&idt=126&shv=r20211103&mjsv=m202111020101&ptt=5&saldr=sa&abxe=1&prev_fmts=120x60_as_rimg&correlator=4463890956446&frm=20&pv=1&ga_vid=808855875.1636279871&ga_sid=1636279871&ga_hid=1872902040&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=24&ady=672&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31061690&oid=2&pvsid=363115766557444&pem=469&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=4h3ugzFjNJ&p=http%3A//gavgav.info&dtd=139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 07 Nov 2021 10:11:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A9A9 143 B
198 B 7ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7934288943919642&output=html&h=125&adk=1243831463&adf=3753310071&w=125&lmt=1465823594&ad_type=text_image&format=125x125_as&color_bg=DFEFFF&color_border=6C82B5&color_link=000000&color_text=000000&color_url=008000&url=http%3A%2F%2Fgavgav.info%2F&flash=0&wgl=1&dt=1636279870787&bpp=3&bdt=192&idt=126&shv=r20211103&mjsv=m202111020101&ptt=5&saldr=sa&abxe=1&prev_fmts=120x60_as_rimg&correlator=4463890956446&frm=20&pv=1&ga_vid=808855875.1636279871&ga_sid=1636279871&ga_hid=1872902040&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=24&ady=672&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31061690&oid=2&pvsid=363115766557444&pem=469&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=4h3ugzFjNJ&p=http%3A//gavgav.info&dtd=139

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 07 Nov 2021 09:43:12 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1679
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame A7DD 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 13:02:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 13:02:04 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FFFF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
225 B

49ms
49ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 07 Nov 2021 10:11:11 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 07 Nov 2021 10:11:11 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 07 Nov 2021 10:11:11 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame 1D36 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 13:02:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 13:02:04 GMT

GET
H2 200 prebid-otm-4.43.4.js Show response
cdn-rtb.sape.ru/js/prebid/ Frame 7D53 168 KB
168 KB 67ms
67ms Script
text/javascript 95.181.171.231
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-rtb.sape.ru/js/prebid/prebid-otm-4.43.4.js

Requested by

Host: cdn-rtb.sape.ru
URL: http://cdn-rtb.sape.ru/rtb-b/js/274/2/31274.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.181.171.231 , Russian Federation, ASN50214 (QWARTA, RU),

Reverse DNS

asrv231.qwarta.ru

Software

openresty /

Resource Hash

13215235b2cb1408756d85724e8104bf1a6c76db5e7e62a1dd9a6a1c3ed34efa

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content
last-modified: Wed, 20 Oct 2021 14:50:45 GMT
server: openresty
x-amz-request-id: 16B53BDFC9D81037
etag: "f87d42b7563e73c39795752aeeeb48e6"
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
date: Sun, 07 Nov 2021 10:11:11 GMT
access-control-allow-credentials: true
content-length: 171647
accept-ranges: bytes

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 11ms
10ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=112&id=31274.87590.161590485.0.6.68&sid=6187a63e-edd2-f0ty-wzq7-rhu0jyni35bt&ref=http%3A%2F%2Fgavgav.info%2F&r=1636279872
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:11 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
224 B 11ms
11ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=68&id=31274.87590.161590477.0.7.95&sid=6187a63e-edd2-f0ty-wzq7-rhu0jyni35bt&ref=http%3A%2F%2Fgavgav.info%2F&r=1636279872
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:11 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A12 0
56 B 40ms
40ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgcIByoDd2ViCgcICCoDbHRyCg4IASoKdG93ZXJTbWFsbAoKCAIqBnNlcnZlcgoxCAQqLW15c2lkaWFfYW5hbHl0aWNzX2V4cDIsbXlzaWRpYV9yZWxlYXNlX2NhbmFyeQoNEBAhAAAAAIBL3kAwBAoNEBEhAAAAAMCu0UAwBAoNEBIhAAAAAAAAIEAwBAoNEBMhAAAAAAAAEEAwBAoNEBchAAAAMzPHi0AwBAoNEBQhAAAAAGBj6UAwBAoNEBUhAAAAAAAAKkAwBAoNEBYhAAAAAAAAFEAwBAoNEBghAAAAmZnVjEAwBBIaQ0x6MDFzT0JodlFDRllUczdRb2RXWW9MZHciHHNjcmVhbS90aHJvbmVfaW1hZ2VfbG9nb19vY2goEQ==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/05bb46b82d1d2bf4ab0b6db8ff47e7f4.js?tag=pingback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 10:11:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A9A9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
167 B

107ms
107ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 07 Nov 2021 10:11:12 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 07 Nov 2021 10:11:12 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 07 Nov 2021 10:11:12 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 adjson Show response
ssp.otm-r.com/ Frame 7D53 2 B
298 B 48ms
11ms XHR
application/javascript 178.63.43.235
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.otm-r.com/adjson?tz=0&w=240&h=400&s=ck6s195mdyv1m0868lv9fis3e&bidid=2fb788ee6dac5c&transactionid=f7ba1332-0665-43f2-bf68-811f97a72c60&auctionid=45471d30-6b9a-4949-91ee-c4bc9a18e802&bidfloor=5
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/js/prebid/prebid-otm-4.43.4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.63.43.235 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.235.43.63.178.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 10:11:12 GMT
server: nginx/1.17.10
vary: Origin
content-type: application/javascript
access-control-allow-origin: http://gavgav.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2
expires: 0

GET
H/1.1 200
OK / Show response
ssp-rtb.sape.ru/data/ 30 B
381 B 95ms
95ms Script
application/javascript 159.69.74.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/data/?callback=sapeRTB_6187a6402_57619992&srtbid=31274&scids=161590475&sx=1600&sy=1508&ref=&u=http%3A%2F%2Fgavgav.info%2F&allimps=0&fl=0&v=3&deal=9&tz=%2B00%3A00
Requested by: Host: cdn-rtb.sape.ru
URL: http://cdn-rtb.sape.ru/rtb-b/js/274/2/31274.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.74.6 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1290922.sapientru.net
Software: openresty /
Resource Hash: 1d52d98618b3587362fd4b589d3fe97cf0572133ed7f13c6279ac0795def1eda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 10:11:12 GMT
Server: openresty
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 30
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 11ms
11ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=68&id=31274.87590.161590477.0.7.95&sid=6187a63e-edd2-f0ty-wzq7-rhu0jyni35bt&ref=http%3A%2F%2Fgavgav.info%2F&r=1636279872
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:12 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 12ms
11ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A31274%2C%22sc%22%3A0%2C%22pl%22%3A87590%2C%22ev%22%3A%22vis100%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=6187a63e-edd2-f0ty-wzq7-rhu0jyni35bt&ref=http%3A%2F%2Fgavgav.info%2F&r=1636279872
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:12 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 11ms
11ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A31274%2C%22sc%22%3A0%2C%22pl%22%3A87590%2C%22ev%22%3A%22cheap%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=6187a63e-edd2-f0ty-wzq7-rhu0jyni35bt&ref=http%3A%2F%2Fgavgav.info%2F&r=1636279872
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:12 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
DATA 200
OK truncated
/ Frame 10DE 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 580d38350010932ee2f6501617031686b5eb5c295149cd061a4332955c2f1328

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CD0F 42 B
497 B 51ms
29ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtlXl9vT4bgkfbtjNwuMgKYD4cfq0MnbqmN8kg0XqmHzAEsBvAXO2gATvCplQQR69ADIampzITolFrk8xrOr6DzbBXUEQqnOC47KZp4rr-FJTmti8z-g&sai=AMfl-YSwE5_c9yADFObMmhbG-TE0M085tc2DE7z-VBqEnSgKXGZRQYsLG-sKtemCivCDte3jekvPlzjKWPLY&sig=Cg0ArKJSzC6LzcXdNxWQEAE&id=lidar2&mcvt=1007&p=0,0,60,468&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1439102223&rs=2&la=0&cr=0&vs=4&r=v&rst=1636279870936&rpt=838&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 10:11:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame 2973 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 13:02:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 13:02:04 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1A12 42 B
108 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssd6IBaKCUnK-LRVVnqSKw-Ug3KWojkqkDo3gfjyZKYjF1pNOkxV84JChAk0i390Q_LPjzQoYY8cXPHFIogStLxm4cJnoFo2OVQ6FBaARmQPblgVaQ_lA&sai=AMfl-YReA5u6tyWmDHN2kmzWtkeyFu_17ZXaW91Zy6dc5d5Ph2Mn9QJctQqH6gE-WYIboozsiZ_AmVwlcf7F&sig=Cg0ArKJSzBSHtfaIMFIEEAE&id=lidar2&mcvt=1048&p=0,0,60,120&mtos=1048,1048,1048,1048,1048&tos=1048,0,0,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2331619251&rs=2&la=0&cr=0&vs=4&r=v&rst=1636279870906&rpt=923&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 10:11:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 10DE 42 B
108 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuW5mp7A4Gg1lzLiui-EJv2fZeIrhkqKtBfc0W5xEsTz5_iJVEwh9Z2P9PkTk3SRETplMJXdaM33efc_dbOp6URVFRv2DMMMoLnP2NzDlwtZaP5PmtkEw&sai=AMfl-YQ8YCdrLb-dVN8mZEntITkVOWFN-qfL1MKtUz8_Xum91vIzLjM5Zk4Doi7N9yW-jga4SEHnfiYgbCBN&sig=Cg0ArKJSzJ_XHlpCNNI2EAE&id=lidar2&mcvt=1000&p=0,0,125,125&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1243831463&rs=2&la=0&cr=0&vs=4&r=v&rst=1636279870927&rpt=1876&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 10:11:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.acint.net/ping/
Redirect Chain

http://www.acint.net/ping/?v=0.3.0&uid=59acea3e-8743-4c05-a6f5-867bfc9d480a&dp=14&tz=%2B00%3A00&nc=22028737&dT=2021-11-07T10%3A11%3A14.019
https://www.acint.net/ping/?v=0.3.0&uid=59acea3e-8743-4c05-a6f5-867bfc9d480a&dp=14&tz=%2B00%3A00&nc=22028737&dT=2021-11-07T10%3A11%3A14.019

43 B
224 B

11ms
10ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.3.0&uid=59acea3e-8743-4c05-a6f5-867bfc9d480a&dp=14&tz=%2B00%3A00&nc=22028737&dT=2021-11-07T10%3A11%3A14.019
Requested by: Host: gavgav.info
URL: http://gavgav.info/
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://gavgav.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:11:14 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/ping/?v=0.3.0&uid=59acea3e-8743-4c05-a6f5-867bfc9d480a&dp=14&tz=%2B00%3A00&nc=22028737&dT=2021-11-07T10%3A11%3A14.019
Date: Sun, 07 Nov 2021 10:11:14 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dmg.digitaltarget.ru
URL: https://dmg.digitaltarget.ru/awg/custom/19/i/i?call_source=awg&a=19&e=4506dd90634f65d7758364cfb62b9c&i=1481397027&r=https://hit19.hotlog.ru/cgi-bin/hotlog/count?s%3D392037%26im%3D134%26hl_hitback%3DY

Domain: match.new-programmatic.com
URL: https://match.new-programmatic.com/userbind?src=sape&id=0100007F3EA687617900F91A028DC43B

Domain: dmg.digitaltarget.ru
URL: https://dmg.digitaltarget.ru/1/1093/i/i?i=739574894891165.430360265862260&a=77&e=0100007F3EA687617900F91A028DC43B&pref=http%3A%2F%2Fgavgav.info%2F&c=ss:77.up:0100007F3EA687617900F91A028DC43B.sync:up.xdua:du3lL0XlSFw3zVfei8b_JFVw.xps:xpskmiJ_obxV3eOevQqRfCiC6.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Verdicts & Comments Add Verdict or Comment

252 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

96 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gavgav.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: vlugqn6bd55mvaqmfn7mo4stp1
gavgav.info/	1969-12-31 23:59:59	Name: hotlog Value: 1
.gavgav.info/	1970-01-20 16:02:31	Name: __utma Value: 119371551.808855875.1636279871.1636279871.1636279871.1
.gavgav.info/	1970-01-19 22:31:21	Name: __utmb Value: 119371551
.gavgav.info/	1969-12-31 23:59:59	Name: __utmc Value: 119371551
.gavgav.info/	1970-01-20 02:54:07	Name: __utmz Value: 119371551.1636279871.1.1.utmccn=(direct)\|utmcsr=(direct)\|utmcmd=(none)
.gavgav.info/	1970-01-20 07:16:55	Name: cookieforumddru_data Value: a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bs%3A0%3A%22%22%3Bs%3A6%3A%22userid%22%3Bi%3A-1%3B%7D
.gavgav.info/	1969-12-31 23:59:59	Name: cookieforumddru_sid Value: 6aeb5e30e3ca691bd9bb4fc1dd668142
.yandex.ru/	1970-01-20 16:02:31	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 16:02:31	Name: is_gdpr_b Value: COaIGBDNTxgB
.yandex.ru/	1970-01-20 16:02:31	Name: i Value: 7Sa3pjka05XXuXuskrV9SiDPPBpxqyQlWdYkbZ35JSYgyDbqDtpymVkCGVZCAHu/3CHKLmam1panrJ7lJEiz1gZe2Bo=
.acint.net/	1970-01-25 20:05:16	Name: aid Value: fwAAAWGHpj4a+QB5O8SNAsCntHDu9GRhLtKW/9fEIz3dEPQX
.gavgav.info/	1970-01-20 07:16:55	Name: _ym_uid Value: 1636279871367482018
.gavgav.info/	1970-01-20 07:16:55	Name: _ym_d Value: 1636279871
.gavgav.info/	1970-01-20 07:52:55	Name: __gads Value: ID=79d964d401628e59-2298fc9c32cb00c8:T=1636279870:RT=1636279870:S=ALNI_Mao60A2k0ltBm8suFwaE8Xv_kqDmg
gavgav.info/	1978-01-11 21:31:40	Name: fid Value: 2e330588-a43e-449b-aaef-b97d55e38991
.yadro.ru/	1970-01-20 07:16:08	Name: FTID Value: 1XXwP72TUGuC1XXwP70014pf
.mc.yandex.com/	1970-01-19 22:31:20	Name: sync_cookie_csrf Value: 2814293252fake
.gavgav.info/	1970-01-19 22:32:31	Name: _ym_isad Value: 2
.acint.net/	1970-01-19 23:14:31	Name: cSyncDp7v2 Value: 1636279871
.acint.net/	1970-01-19 23:14:31	Name: cSyncDp14v3 Value: 1636279871
.acint.net/	1970-01-19 23:14:31	Name: cSyncDp17 Value: 1636279871
.acint.net/	1970-01-19 23:14:31	Name: cSyncDp32 Value: 1636279871
.acint.net/	1970-01-19 22:32:46	Name: cSyncDp45v3 Value: 1636279871
.acint.net/	1970-01-19 23:14:31	Name: cSyncDp53 Value: 1636279871
.acint.net/	1970-01-19 23:14:31	Name: cSyncDp54v2 Value: 1636279871
.acint.net/	1970-01-19 23:14:31	Name: cSyncDp62 Value: 1636279871
.acint.net/	1970-01-19 23:14:31	Name: cSyncDp67v2 Value: 1636279871
.acint.net/	1970-01-19 23:14:31	Name: cSyncDp68 Value: 1636279871
.acint.net/	1970-01-19 22:51:29	Name: cSyncDp77 Value: 1636279871
.acint.net/	1970-01-19 23:14:31	Name: cSyncDp84 Value: 1636279871
.acint.net/	1970-01-19 23:14:31	Name: cSyncDp85 Value: 1636279871
.acint.net/	1970-01-19 23:14:31	Name: cSyncDp88 Value: 1636279871
.acint.net/	1970-01-19 23:14:31	Name: cSyncDp95v2 Value: 1636279871
.acint.net/	1970-01-19 23:14:31	Name: cSyncDp101 Value: 1636279871
.acint.net/	1970-01-19 22:51:29	Name: cSyncDp104v2 Value: 1636279871
.acint.net/	1970-01-19 23:14:31	Name: cSyncDp107 Value: 1636279871
.acint.net/	1970-01-19 22:51:29	Name: cSyncDp111v2 Value: 1636279871
.acint.net/	1970-01-19 23:14:31	Name: cSyncDp112v2 Value: 1636279871
.acint.net/	1970-01-19 22:52:55	Name: cSyncDp125v2 Value: 1636279871
.acint.net/	1970-01-19 23:14:31	Name: cSyncDp126 Value: 1636279871
.acint.net/	1970-01-19 23:14:31	Name: cSyncDp127 Value: 1636279871
.acint.net/	1970-01-19 23:14:31	Name: cSyncDp136 Value: 1636279871
.acint.net/	1970-01-19 23:14:31	Name: cSyncDp138 Value: 1636279871
.acint.net/	1970-01-19 23:14:31	Name: cSyncDp144 Value: 1636279871
.acint.net/	1970-01-19 23:14:31	Name: cSyncDp146 Value: 1636279871
.acint.net/	1970-01-19 23:14:31	Name: cSyncDp149 Value: 1636279871
.acint.net/	1970-01-19 23:14:31	Name: cSyncDp151 Value: 1636279871
.mc.yandex.ru/	1970-01-19 22:31:20	Name: sync_cookie_csrf Value: 4209446793fake
.ssp-rtb.sape.ru/	1970-01-25 20:05:16	Name: sspuid Value: fwAAAWGHpj6uLQCGXVcpAjalgx2aa3EmySlIqA3M8yFdbbdH
.yadro.ru/	1970-01-20 07:16:08	Name: VID Value: 2wSM-g1AG8uC1XXwP7001Js4
.utraff.com/	1970-01-19 23:14:42	Name: preutid Value: 1
.yandex.com/	1970-01-20 07:16:55	Name: ymex Value: 1667815871.yrts.1636279871#1667815871.yrtsi.1636279871
.yandex.com/	1970-01-20 07:16:55	Name: yandexuid Value: 7983893841636279871
.yandex.com/	1970-01-20 07:16:55	Name: yuidss Value: 7983893841636279871
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1819388231636279871
.yandex.com/	1970-01-23 14:07:19	Name: i Value: qLNYEG6ZPyrk0IcbQRt4MO+gOxDetyFDt22JbhUtx1UdJc62BJvhoYlpPgFWl1kqJ783Fc6JqnpCKil+Be9/s1zTcm0=
.doubleclick.net/	1970-01-20 07:52:55	Name: IDE Value: AHWqTUnC4_ZBsnXfDNtyQT7qHJX1XDch2zAjdfkdYLbxd9bL_8pSj1uLIGlv1mRoJQA
.adhigh.net/	1970-01-20 07:16:55	Name: gi_u Value: M58lZLDIFGK.AikABlF8-eFm4Q
adx.com.ru/	1970-01-20 07:16:55	Name: yabbi-user Value: 6187a63fa897d8bfb7ec57a4
.1dmp.io/	1970-01-20 07:16:55	Name: uid Value: 084f66c2-3fb3-11ec-9752-901b0e8d9836
.republer.com/	1970-01-20 07:16:55	Name: ruid Value: 4dbc0bda-85cc-45f8-9eeb-594eecfcb772
.mail.ru/	1970-01-20 07:18:22	Name: VID Value: 1guUbB2OTO2600000X12H426:::0-0-0-6a1feff:CAASEJv6J2fDh-Yfathe_NE_lX4aYDUxp09SQ8UvvcxzwAN1VZ8baVE1eVErnQqkSM-n6fUV-bRDJ0WpstYr1pZukOzt3F4YjTaDE_8z9ha2bKgN4JoOAwSUqF4t7efArd_H-pnZkH_4fVbuiEBwwvAPIEl5Pw
.weborama.fr/	1970-01-20 08:03:00	Name: AFFICHE_W Value: 4YgQ-0Mqr5Xh65
.adriver.ru/	1970-01-20 16:02:31	Name: cid Value: Alt2FvSWNC5iX59jF0DPXvg
.betweendigital.com/	1970-01-20 07:16:55	Name: dc Value: was1
.betweendigital.com/	1970-01-20 07:16:55	Name: ss Value: 1
.betweendigital.com/	1970-01-20 07:16:55	Name: tuuid Value: 61233898-6426-5337-b348-cd02d2cf6b3d
.relap.io/	1970-01-23 14:07:19	Name: unique Value: MtGsJS0c
.relap.io/	1970-01-23 14:07:19	Name: fsts Value: 1636279871
.relap.io/	1970-01-23 14:07:19	Name: lsts Value: 1636279871
.relap.io/	1969-12-31 23:59:59	Name: suid Value: 27c57ba0bd44cef516ff7189967585cdbd82363b--45f1bdba140269c568b2ed1604038e4320ba9920bcafc420bcf80344501343b7
.relap.io/	1970-01-19 22:32:46	Name: hllc Value: 1
.relap.io/	1970-01-20 07:16:55	Name: rlpsprcs Value: eyJ0cyI6MTYzNjI3OTg3MSwidWlkIjoiMDEwMDAwN0YzRUE2ODc2MTc5MDBGOTFBMDI4REM0M0IifQ--e6130a0e9a50a3a9238ee42f37b3229e87960bf4d6b0f7c2980e348bd916b509
.advarkads.com/	1970-01-20 16:02:31	Name: u Value: EAJqP--Z6k--tHExTN8RcA
.adsniper.ru/	1970-01-27 05:43:19	Name: uuid3 Value: IiQwODY3YmViZS0zZmIzLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.bumlam.com/	1970-01-27 05:43:19	Name: suuid3 Value: IiQwODY3YmViZS0zZmIzLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.uuidksinc.net/	1970-01-20 07:16:55	Name: jcsuuid Value: 9BfsFfGf7nu78hksEy0T
.betweendigital.com/	1970-01-20 07:16:55	Name: ut Value: YYemPwAG9UA6FFW5YN3icB3diQmNpI_cIUsDUg==
.rktch.com/	1970-01-19 23:14:31	Name: b_uid Value: 708c6c4dcc0f524ff175347b445206360b19
.mts.ru/	1970-01-20 07:03:58	Name: dspid Value: 5807629d-56df-441b-8742-377df70cc284
.rutarget.ru/	1970-01-20 02:50:31	Name: userId Value: 6BE4tNBl8TZN
prodmp.ru/	1970-01-20 00:40:55	Name: rai Value: 7cb086aab79dcaa9d7824088110fc651
.adhigh.net/	1970-01-20 07:16:55	Name: sape_sync Value: IYR
.ops.beeline.ru/	1970-01-20 07:03:58	Name: BeeAID Value: 7e5bd8c9-69e2-4a3f-a878-936d469d4a03
.gnezdo.ru/	1970-01-25 20:05:16	Name: uid Value: XV9maWGHpj9e7ZYtM9KYAg==
.doubleclick.net/	1970-01-19 22:31:23	Name: DSID Value: NO_DATA
.aidata.io/	1970-01-20 16:02:31	Name: __upints Value: 1636279871
.aidata.io/	1970-01-20 16:02:31	Name: __upin Value: z+9abbNEKjcgRJWUxwGeyA
.yandex.ru/	1970-01-23 14:07:19	Name: yuidss Value: 7926316931636279871
.yandex.ru/	1970-01-23 14:07:19	Name: yandexuid Value: 7926316931636279871
x01.aidata.io/	1970-01-19 22:35:39	Name: mts Value: 1
.mts.ru/	1970-01-23 12:55:19	Name: mts_id Value: 85ff65b1-f0fc-4f5f-9cfd-aa138459d0e1
.mts.ru/	1970-01-23 12:55:19	Name: mts_id_last_sync Value: 1636279871
.otm-r.com/	1970-01-20 07:16:55	Name: mpid Value: NjE4N2E2NDAwYzA1ZGEzYw==
.dmg.digitaltarget.ru/	1970-01-21 00:26:31	Name: viuserid Value: n0McZTLdTK1si9R7X-rH

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://www.google.com/friendconnect/script/friendconnect.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.google.com/friendconnect/script/friendconnect.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://gavgav.info/images/bg.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://ijes.ru/stat?js=13&r=&j=false&s=16001200&d=24&rand=0.37538180740093186 Message*: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9450.nCXVoe2xAaZ1FWayefV_BpumG7ceQ8lOT1YfsVBocNckEBJz_396hEwsqW0kKo_MPeJ2IzziIXPaf-wLLWU-Kw%2C%2C.gQAgyIDNUwI7UR9hR3BFAJg-Q1o%2C Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://an.yandex.ru/setud/mts_banner/WAdinVbfRBuHQjd99wzChA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D4%26exu%3Dz%252B9abbNEKjcgRJWUxwGeyA&sign=3726058337 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.telderi.ru/ru/uploads/promote/12/129186e8479112fbf27111314f31f816.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0100007f3ea687617900f91a028dc43b-sp.ops.beeline.ru
a.utraff.com
acint.net
ad.adriver.ru
ad.mail.ru
adlmerge.com
ads.betweendigital.com
adservice.google.com
adservice.google.de
adx.com.ru
an.yandex.ru
api.advarkads.com
cdn-rtb.sape.ru
cm.g.doubleclick.net
co9.rktch.com
counter.yadro.ru
dm-eu.hybrid.ai
dmg.digitaltarget.ru
exchange.buzzoola.com
fcgi4.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
gavgav.info
googleads.g.doubleclick.net
ijes.ru
match.new-programmatic.com
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
prodmp.ru
px.adhigh.net
redirect.frontend.weborama.fr
relap.io
s.uuidksinc.net
s3.advarkads.com
sape-sync.rutarget.ru
sm.rtb.mts.ru
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.otm-r.com
stat.adlabs.ru
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.republer.com
sync3.adsniper.ru
tag.digitaltarget.ru
tech.rtb.mts.ru
tg.rktch.com
tpc.googlesyndication.com
ut.rktch.com
www.acint.net
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.mypagerank.net
www.telderi.ru
www.yandex.ru
x01.aidata.io
dmg.digitaltarget.ru
match.new-programmatic.com
109.248.237.37
138.201.65.68
142.250.185.66
159.69.74.6
176.9.158.88
176.99.5.169
176.99.7.123
178.63.43.235
185.15.175.144
185.15.175.145
188.34.131.134
193.106.92.202
193.232.148.152
194.190.117.94
195.201.243.72
195.209.108.46
213.87.44.187
216.58.212.130
217.66.147.161
2606:4700:10::ac43:dab
2606:4700:20::681a:826
2606:4700:3031::6815:582f
2606:4700:3039::6815:c03a
2a00:1148:db00::17
2a00:1450:4001:808::200e
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2004
2a00:1450:4001:831::2003
2a02:6b8::1:119
2a02:6b8::90
2a02:6b8:a::a
31.172.81.158
31.172.81.160
31.220.27.134
35.190.16.14
37.18.103.16
37.9.245.57
62.171.136.180
80.64.106.148
81.222.128.214
82.146.56.251
88.212.201.198
88.212.233.36
88.99.214.77
89.108.119.43
89.108.97.2
93.95.102.105
95.163.37.253
95.181.171.231
95.211.66.35
96.46.183.20
005dae70297e564c263b5ba0765ef45701a11dcc95c8b2f27b0859f8118cba5f
01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d
024bf58839434bcdbb669f44e683ecbb58be25cde0d0e721d68031a67a40dd40
08576fb77d6a47bf44489bfc39832060294094016106d463c93ba043343e976a
0d7845c01468ed82f644cac1c1cbdea3d717fb3f48909e24d6a413b3b5d57dc2
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f38d88b5bef191b9acb7e44d2a650efba974a9f8b3bf9bea26d48210339bf48
106a2681193f33ce29b75a0ac3a03bc0d9ceb8e61f9361ce70e5a459237aab22
13215235b2cb1408756d85724e8104bf1a6c76db5e7e62a1dd9a6a1c3ed34efa
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19b381eb5713aa9c2db426f9a4acc310d0e52a5f5881a947159c13736cfdfa78
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1d52d98618b3587362fd4b589d3fe97cf0572133ed7f13c6279ac0795def1eda
23315fde1aafe10585823a470a160b5da3a86cebca1d5ba0ad2e388a32749d12
2606e42237c7d25ea46114fd499fda376442a048b75b71f279c2d996d03bd82c
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
358c7a0cf9c92991ac8a517efec8cd689c9c9424e7846789551f2e30be256f3a
37d9fdcb589bfab4d9557628567c02db962393f3306d31658425f073721b317d
38a2a7db5c95b8d7a8a418a692dc925b09c7ceb6c1eddd65cf3f06f03043f7fc
3b7b19fcd97be75e960f55e169e16a39bf3d46862dc165a78b271a49592879cc
3f1489a53da89cf0265f842701985f4a1f8800e2ac28ef957ef67c64dc132d3f
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
48b23ea142c9df1ee6c25a1e313128022d0fffbe051787cb974a1eb058273005
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
555e09da045430922958cbb42155c361dda6e4fea116298fa1302e0ec71f8b96
580d38350010932ee2f6501617031686b5eb5c295149cd061a4332955c2f1328
5b2ff869b3b660d6665d03d4025c339d22dfa4412200aee08a9d1254a4e2449a
5c2966e8692cc496af85be4a2bbae08f94e94b2d2ef97be2494b9784316ce097
5d8480e3649c1e526bfd60c8b8ef761ac2aad946127aa64389885b25412da855
6052e03212c04490f8d846425e020643e2820a3f2a4f48c6af65f33a75ff9f84
646506f4a7b0d4c2a109aa315733f1a61e51a370b2a872576db239ba55964b63
65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621
667c56378b6d66b1d065a61a43c326ba1e9b175e6ef3e6027f0f39ae5dee380f
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
6ee16c90c1278aebfae182fa82ed18793ba0e73e90db17532fd5064570edb98a
74dcd398eafd7dbc3d07b76625839f63f464de97b26adca97ac30883cf79b0d9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84241e81d211a22ebafec5201cfcb1e0a3017710a60afe2bfecd5ce57e21c1f6
8995661306965912d55a6686ffdafb37e5c9f14fee713c4cc16d1ba56c266654
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
94c942681939d7f8a6c6dcec8b1c4f66ad5280ab5e6e82228f15d4688bb2419b
958cb8992e75141f60d67383af5df25397e04446753f027dd317be9d51136ab0
9a6b50131cc9b2e010aafa2e58d6a1672df5781ebee2120a2e80e04db9d89007
9f0f836a2c0c7bebbcea13060d203fc520721d0dfd275927416811dae28678bc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b158d7329276670d79bbffce3a56e9e9f26f80ec85685a1b99230c16a0b31ab9
b9b0cee5e65a84a1b91e08cbdca816aa333912a960e17b2481113dd7b11e23f5
bcc89b1ad5165e50c44e67dca5c588d784a965ca7c4ca97bc1eda3b05b3d7e53
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c6f677ff07dffd534217dd6be92c49913b0dff54e034f6789ae60ad80f9cedd8
c899790d19f20252fc3eeb86691acb24751ead4b329167e18f2c789c2919be35
cb656577f4277a4ded7b312fe6d4a32f3aabbeff803485b75a66fdea67b678af
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dcb8f65532f2e270879290fc8fa37c7206e57283203f9522bb54b2aa7a1d46e8
de6127a6e5ef55f2a00cf807ba098780af9909fd02ced46fde46a86613c96db5
df4fc40471bf118a01aab9001624506259fd3967f7b61631fa806f0e540b9e19
e1db9d5ab621b790791d0a2e48006453c96c5c6b09d73846a6ea05a0fa670e6e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e882affb10a010c1e033db55917aa1c10606bc4cea9dc57375dfba0f1a13a33f
ee92ad4eaa2239d38645c6015e556f5e3c04085b53571ea19c770589258da98c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f06f9fb1a20ed66de1f13f1d0984ec446569f90c40c33959c24fb54b6457bb1a
f0eaec04e8d2f59e71ed464819025eecd996b917ac786ddae6480ce299d2a3f0
f484f11c123bfcec431cff1be48303a3f303e5a394f15f5767e667f53242ed8f
f5a0f4fa617d5d9940c099afe919047ba8e53e171df11a2dd7afd3e3eb53c230
f7f1c630a4e3e1c1125fe1b38f34f3a2f47ce92ac0ddc6b7f39187d1750006df
f943c9b87ad645145dd247b977faa98fc42244f416123ae92ee91d59b46044cd
f98081076194f6885070d6ff9f5b86eb631716f88436a9e787850e6bb110acad
ff866ad4913c7a799eaa325e54eb6c1e7c3cebfb43727408c37dc72a5a053e81

gavgav.info Open in urlscan Pro 82.146.56.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

155 Requests

64 %HTTPS

32 %IPv6

46 Domains

61 Subdomains

43 IPs

4 Countries

1357 kBTransfer

2572 kBSize

96 Cookies

11 Outgoing links

Redirected requests

155 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gavgav.info Open in urlscan Pro
82.146.56.251 Public Scan

Screenshot
Live screenshot

Full Image

155
Requests

64 %
HTTPS

32 %
IPv6

46
Domains

61
Subdomains

43
IPs

4
Countries

1357 kB
Transfer

2572 kB
Size

96
Cookies

155 HTTP transactions
5 data transactions