dnr24.com Open in urlscan Pro
5.101.127.9  Public Scan

14 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

• https://money.yandex.ru/quickpay/shop-widget?writer=seller&targets=%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%20%D1%81%D0%B0%D0%B9%D1%82%D1%83&targets-hint=&default-sum=200&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=https%3A%2F%2Fdnr24.com%2F&quickpay=shop&account=410011357606438 HTTP 301
• https://yoomoney.ru/quickpay/shop-widget?writer=seller&targets=%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C+%D1%81%D0%B0%D0%B9%D1%82%D1%83&targets-hint=&default-sum=200&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=https%3A%2F%2Fdnr24.com%2F&quickpay=shop&account=410011357606438

Request Chain 60

• https://sync.1dmp.io/supersync?pid=w&o=ns&cid=d532925e-370a-4913-9238-e8b91206247f&brid=3fdc8267-2323-4ff5-80fe-dc2813a9742e&uid=rqGHAYZt HTTP 302
• https://sync.1dmp.io/supersync?t=634e9f91-e555-11eb-ad67-f832e4719dd9

Request Chain 62

• https://cm.p.altergeo.ru/relap?aid=rqGHAYZt&nc=l0AXh10L&url=https%3A%2F%2Frelap.io%2Fpartners%2Faltergeocs%3Fuid%3D%24%7BUSER_ID%7D HTTP 302
• https://relap.io/partners/altergeocs?uid=CMLurSeVoGRFGN2N_rjTqP9A==

Request Chain 64

• https://x01.aidata.io/0.gif?pid=RELAP&id=rqGHAYZt HTTP 302
• https://x01.aidata.io/0.gif?pid=RELAP&id=rqGHAYZt&bounce=1 HTTP 302
• https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
• https://x01.aidata.io/0.gif?pid=LIVE&id=DD444B62981288758D32&back=STOP

Request Chain 78

• https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//dnr24.com/;0.15943131212120387 HTTP 302
• https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//dnr24.com/;0.15943131212120387

Request Chain 147

• https://stats.mos.ru/gc/ynd/ HTTP 302
• https://an.yandex.ru/mapuid/ditmsk/Cg8qAmDwCm+pHlU4+PnsAgA=?time=1626344047.931 HTTP 302
• https://an.yandex.ru/mapuid/ditmsk/Cg8qAmDwCm+pHlU4+PnsAgA=?redir-setuniq=1&time=1626344047.931

Request Chain 148

• https://sonar.semantiqo.com/dmp/scr.php HTTP 302
• https://counter.yadro.ru/id127/reff-id.gif?sid=81654d4bd9f54417aa29195cee2beeb3 HTTP 302
• https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=75813290B5F0B07F&sid=81654d4bd9f54417aa29195cee2beeb3 HTTP 302
• https://cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/sess.php?sid=81654d4bd9f54417aa29195cee2beeb3&spid=75813290B5F0B07F&v= HTTP 302
• https://sync.magnitent.com/fbfli/ct_sync.php?ct=92ca1df335b44d3085acccae1219165c&sonar=81654d4bd9f54417aa29195cee2beeb3&spid=75813290B5F0B07F&v=

Request Chain 150

• https://an.yandex.ru/mapuid/google/ HTTP 302
• https://an.yandex.ru/mapuid/google/?redir-setuniq=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=D84E56A868485D47&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=D84E56A868485D47&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc= HTTP 302
• https://an.yandex.ru/resource/spacer.gif

Request Chain 151

• https://dmg.digitaltarget.ru/1/119/i/i?i=1626344046 HTTP 307
• https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&i=1626344046 HTTP 307
• https://an.yandex.ru/mapuid/dmpamberdata/PPQHmvFk-H458yx7R2bI

Request Chain 152

• https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
• https://an.yandex.ru/mapuid/dmpsegmento/forfXZ0QGF0F?sign=1425519309 HTTP 302
• https://an.yandex.ru/mapuid/dmpsegmento/forfXZ0QGF0F?redir-setuniq=1&sign=1425519309

Request Chain 153

• https://yandex-sync.rutarget.ru/sync HTTP 302
• https://an.yandex.ru/mapuid/rutargetis/D-PBg6TP0tg3 HTTP 302
• https://an.yandex.ru/mapuid/rutargetis/D-PBg6TP0tg3?redir-setuniq=1

Request Chain 154

• https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
• https://an.yandex.ru/mapuid/dmpaidatame/irFWD11ABJGO3AuVvBl1pg?sign=4042461442

Request Chain 155

• https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au HTTP 302
• https://an.yandex.ru/mapuid/dmpcleverdata/634e9f90-e555-11eb-ad67-f832e4719dd9?sign=2227967668

Request Chain 156

• https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 302
• https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=1857903850 HTTP 302
• https://an.yandex.ru/mapuid/dmpweborama/UtWm.PhmQYoGq09lm/rLvu

Request Chain 157

• https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
• https://an.yandex.ru/mapuid/ramblerssp/ HTTP 302
• https://an.yandex.ru/mapuid/ramblerssp/?redir-setuniq=1

Request Chain 158

• https://an.yandex.ru/mapuid/adobedmp/ HTTP 302
• https://an.yandex.ru/mapuid/adobedmp/?redir-setuniq=1 HTTP 302
• https://dpm.demdex.net/ibs:dpid=423652&dpuuid=52AC3A0A3DAD7600 HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=52AC3A0A3DAD7600

Request Chain 160

• https://cm.tns-counter.ru/yacm HTTP 302
• https://an.yandex.ru/mapuid/mediascope/7e5b07d4547c8c7db152222c5e27a8c10e019254bddac0655261100486c71169 HTTP 302
• https://an.yandex.ru/mapuid/mediascope/7e5b07d4547c8c7db152222c5e27a8c10e019254bddac0655261100486c71169?redir-setuniq=1

Request Chain 161

• https://sync.upravel.com/yandex/sync HTTP 302
• https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ

Request Chain 171

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 175

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 177

• https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJrUe8pJKmEjKTBIO4MuGOf8t-YbvRQl-4IJ29oumHmT8InidSO5b9iqqdih52aFy8Si_RhTfudQA9Dc7-MvCZMsPX6ctFT&google_gid=CAESEISMxFqpk4ViIfWA0QefZlY&google_cver=1 HTTP 307
• https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPCUwIcGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBKclVlOHBKS21FaktUQklPNE11R09mOHQtWWJ2UlFsLTRJSjI5b3VtSG1UOEluaWRTTzViOWlxcWRpaDUyYUZ5OFNpX1JoVGZ1ZFFBOURjNy1NdkNaTXNQWDZjdEZU HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwcUNmeUdPTmV5ZS1uUlp4LTNpaWZFSmE4bU9hTTBvU2E1TW0xLTZPa0Rvdw==&google_push

Request Chain 178

• https://rtb.openx.net/sync/dds?google_gid=CAESEHLgmiOyIyQw6QjjST1QREY&google_cver=1&google_push=AYg5qPIzNyrDJ-_PuVMZexKd5wTqh19vg-XdiUYUIgGtqdcFsdAhQ3ZRE8VlZIZLRWkqlfkTSMCPmLUI69k-v6a3DMkbJsxdt-2X HTTP 302
• https://rtb.openx.net/sync/dds?google_gid=CAESEHLgmiOyIyQw6QjjST1QREY&google_cver=1&google_push=AYg5qPIzNyrDJ-_PuVMZexKd5wTqh19vg-XdiUYUIgGtqdcFsdAhQ3ZRE8VlZIZLRWkqlfkTSMCPmLUI69k-v6a3DMkbJsxdt-2X&ox_sc=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIzNyrDJ-_PuVMZexKd5wTqh19vg-XdiUYUIgGtqdcFsdAhQ3ZRE8VlZIZLRWkqlfkTSMCPmLUI69k-v6a3DMkbJsxdt-2X&google_hm=UQY8mmiEwnE5F1mEVddvAQ==

Request Chain 179

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBG9KJgImWqdtuW5Dx_-AJA&google_cver=1&google_push=AYg5qPLm07A87GUkiPgg39v5fHolGhxbZeeLJ5if4tOQ3dbkcodaSngNudj0oqb3HbVjSWGkPXSFJsGNj7fzcl4frtqZMq8cnx84 HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBG9KJgImWqdtuW5Dx_-AJA&google_cver=1&google_push=AYg5qPLm07A87GUkiPgg39v5fHolGhxbZeeLJ5if4tOQ3dbkcodaSngNudj0oqb3HbVjSWGkPXSFJsGNj7fzcl4frtqZMq8cnx84&rdf=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Pp9iFJFSSaGVB6ycWmPyYg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLm07A87GUkiPgg39v5fHolGhxbZeeLJ5if4tOQ3dbkcodaSngNudj0oqb3HbVjSWGkPXSFJsGNj7fzcl4frtqZMq8cnx84

Request Chain 180

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-p-P5anFPp8DS99oXr7jM4XXc8g7WVZDMwpOsClPheqWkbH3x-3wT089eFszBJRw HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-p-P5anFPp8DS99oXr7jM4XXc8g7WVZDMwpOsClPheqWkbH3x-3wT089eFszBJRw&s=184023&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-p-P5anFPp8DS99oXr7jM4XXc8g7WVZDMwpOsClPheqWkbH3x-3wT089eFszBJRw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-p-P5anFPp8DS99oXr7jM4XXc8g7WVZDMwpOsClPheqWkbH3x-3wT089eFszBJRw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-p-P5anFPp8DS99oXr7jM4XXc8g7WVZDMwpOsClPheqWkbH3x-3wT089eFszBJRw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-p-P5anFPp8DS99oXr7jM4XXc8g7WVZDMwpOsClPheqWkbH3x-3wT089eFszBJRw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-p-P5anFPp8DS99oXr7jM4XXc8g7WVZDMwpOsClPheqWkbH3x-3wT089eFszBJRw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-p-P5anFPp8DS99oXr7jM4XXc8g7WVZDMwpOsClPheqWkbH3x-3wT089eFszBJRw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-p-P5anFPp8DS99oXr7jM4XXc8g7WVZDMwpOsClPheqWkbH3x-3wT089eFszBJRw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-p-P5anFPp8DS99oXr7jM4XXc8g7WVZDMwpOsClPheqWkbH3x-3wT089eFszBJRw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-p-P5anFPp8DS99oXr7jM4XXc8g7WVZDMwpOsClPheqWkbH3x-3wT089eFszBJRw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-p-P5anFPp8DS99oXr7jM4XXc8g7WVZDMwpOsClPheqWkbH3x-3wT089eFszBJRw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-p-P5anFPp8DS99oXr7jM4XXc8g7WVZDMwpOsClPheqWkbH3x-3wT089eFszBJRw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-p-P5anFPp8DS99oXr7jM4XXc8g7WVZDMwpOsClPheqWkbH3x-3wT089eFszBJRw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-p-P5anFPp8DS99oXr7jM4XXc8g7WVZDMwpOsClPheqWkbH3x-3wT089eFszBJRw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-p-P5anFPp8DS99oXr7jM4XXc8g7WVZDMwpOsClPheqWkbH3x-3wT089eFszBJRw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-p-P5anFPp8DS99oXr7jM4XXc8g7WVZDMwpOsClPheqWkbH3x-3wT089eFszBJRw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-p-P5anFPp8DS99oXr7jM4XXc8g7WVZDMwpOsClPheqWkbH3x-3wT089eFszBJRw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-p-P5anFPp8DS99oXr7jM4XXc8g7WVZDMwpOsClPheqWkbH3x-3wT089eFszBJRw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-p-P5anFPp8DS99oXr7jM4XXc8g7WVZDMwpOsClPheqWkbH3x-3wT089eFszBJRw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-p-P5anFPp8DS99oXr7jM4XXc8g7WVZDMwpOsClPheqWkbH3x-3wT089eFszBJRw

Request Chain 182

• https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPmNQiKUww-osgoR9hnSCv0&google_cver=1&google_push=AYg5qPJ4ed9Pz9mP6SXS8fqCbJOkc2AqFNdV3teOmVlpcq_UHN80dR1AKmPOMMpL-fXWpaKYnhYEyLCTkOVrnfJCmQUmp0LbPuhuag HTTP 301
• https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJ4ed9Pz9mP6SXS8fqCbJOkc2AqFNdV3teOmVlpcq_UHN80dR1AKmPOMMpL-fXWpaKYnhYEyLCTkOVrnfJCmQUmp0LbPuhuag&google_hm=

Request Chain 203

• https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=cQrwYOzlCZal3wOfg7SYCg&random=765993626&sscte=1&crd= HTTP 302
• https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=765993626&crd=&is_vtc=1&random=3772467705 HTTP 302
• https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=765993626&crd=&is_vtc=1&random=3772467705&ipr=y

Request Chain 204

• https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=cQrwYO_pCY-k3wPFs5moBg&random=338328196&sscte=1&crd= HTTP 302
• https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=338328196&crd=&is_vtc=1&random=1532159601 HTTP 302
• https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=338328196&crd=&is_vtc=1&random=1532159601&ipr=y

219 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
7 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response dnr24.com/	52 KB 15 KB	281ms 195ms	Document text/html	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Full URL https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash 34021d659d48815d160d6eec9bdb2139aee21ec62c977226584518379be9bddb Request headers Host dnr24.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Server nginx/1.18.0 Date Thu, 15 Jul 2021 10:14:05 GMT Content-Type text/html; charset=windows-1251 Transfer-Encoding chunked Connection keep-alive Set-Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7; path=/; domain=.dnr24.com; HttpOnly Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Content-Encoding gzip
GET H/1.1	200 OK	index.php Show response dnr24.com/engine/classes/min/	212 KB 63 KB	152ms 78ms	Script application/x-javascript	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Full URL https://dnr24.com/engine/classes/min/index.php?charset=windows-1251&g=general&16 Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash a1e15121c5021fd7cc0402888b4e65dd25fccb850ced277936ea1354087a6059 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:05 GMT Content-Encoding gzip Last-Modified Wed, 07 Oct 2015 20:52:56 GMT Server nginx/1.18.0 ETag "pub1444251176;gz" Vary Accept-Encoding Content-Type application/x-javascript; charset=windows-1251 Cache-Control max-age=31536000 Connection keep-alive Content-Length 64533 Expires Fri, 15 Jul 2022 10:14:05 GMT
GET H/1.1	200 OK	style.css dnr24.com/templates/FirstlineRed/css/	32 KB 7 KB	43ms 41ms	Stylesheet text/css	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Full URL https://dnr24.com/templates/FirstlineRed/css/style.css Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash f02b8cb48bdca48cbfa15bc52eb5142bda919ce0fad850b3a2f562c88958c7a1 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:05 GMT Content-Encoding gzip Last-Modified Wed, 08 Feb 2017 09:10:11 GMT Server nginx/1.18.0 ETag W/"589ae073-81ce" Transfer-Encoding chunked Content-Type text/css Cache-Control max-age=864000 Connection keep-alive Expires Sun, 25 Jul 2021 10:14:05 GMT
GET H/1.1	200 OK	engine.css dnr24.com/templates/FirstlineRed/css/	37 KB 8 KB	92ms 39ms	Stylesheet text/css	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Full URL https://dnr24.com/templates/FirstlineRed/css/engine.css Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash 1ddad84f516b72279920679811b8dd5fbb114792732e55ee23359e52f57ff2fc Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:05 GMT Content-Encoding gzip Last-Modified Wed, 08 Feb 2017 09:10:11 GMT Server nginx/1.18.0 ETag W/"589ae073-9558" Transfer-Encoding chunked Content-Type text/css Cache-Control max-age=864000 Connection keep-alive Expires Sun, 25 Jul 2021 10:14:05 GMT
GET H/1.1	200 OK	styles-carousel.css dnr24.com/templates/FirstlineRed/css/	1 KB 909 B	112ms 38ms	Stylesheet text/css	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Full URL https://dnr24.com/templates/FirstlineRed/css/styles-carousel.css Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash e2c0c9a39f1a0fa9ac1274200b083d8544889671bf72197e6db0e4e81484f781 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:05 GMT Content-Encoding gzip Last-Modified Wed, 08 Feb 2017 09:10:11 GMT Server nginx/1.18.0 ETag W/"589ae073-508" Transfer-Encoding chunked Content-Type text/css Cache-Control max-age=864000 Connection keep-alive Expires Sun, 25 Jul 2021 10:14:05 GMT
GET H/1.1	200 OK	carousel.js Show response dnr24.com/templates/FirstlineRed/js/	903 B 668 B	121ms 38ms	Script application/javascript	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Full URL https://dnr24.com/templates/FirstlineRed/js/carousel.js Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash 0c3c2da273e7347c9ab855e64caea95a45dbe52c51c0b3541dde622cf7f24444 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:05 GMT Content-Encoding gzip Last-Modified Wed, 08 Feb 2017 09:10:17 GMT Server nginx/1.18.0 ETag W/"589ae079-387" Transfer-Encoding chunked Content-Type application/javascript; charset=windows-1251 Cache-Control max-age=864000 Connection keep-alive Expires Sun, 25 Jul 2021 10:14:05 GMT
GET H/1.1	200 OK	jquery.ttabs.js Show response dnr24.com/templates/FirstlineRed/js/	2 KB 935 B	123ms 40ms	Script application/javascript	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Full URL https://dnr24.com/templates/FirstlineRed/js/jquery.ttabs.js Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash bd7cc8e7bf46ada2392fdaa2558147d6cbf48041fdf26a6fc24d0bf7a5c192d0 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:05 GMT Content-Encoding gzip Last-Modified Wed, 08 Feb 2017 09:10:17 GMT Server nginx/1.18.0 ETag W/"589ae079-6d3" Transfer-Encoding chunked Content-Type application/javascript; charset=windows-1251 Cache-Control max-age=864000 Connection keep-alive Expires Sun, 25 Jul 2021 10:14:05 GMT
GET H2	200	head.js Show response relap.io/api/v6/	193 KB 60 KB	251ms 119ms	Script text/javascript	95.163.37.253 MAILRU-AS Mail.Ru
General Check archive.org Show headers Download Go to Full URL https://relap.io/api/v6/head.js?token=A3sDhwOHTS_SavH0 Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU), Reverse DNS relap.io Software nginx / Resource Hash 8b64cb74976c18c5554d0d80f41f1512deb40979c7b0af1a3a0b6f4a65c33207 Security Headers Name Value Strict-Transport-Security max-age=5184000; includeSubdomains; X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:06 GMT content-encoding gzip x-content-type-options nosniff server nginx strict-transport-security max-age=5184000; includeSubdomains; content-type text/javascript; charset=utf-8 cache-control max-age=1, no-cache x-xss-protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
GET H3-29	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	134 KB 47 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 29f61229af2efaa731166afb8e6062ad973929e9302edf9ba6ad464f35b454f0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:14:05 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 48567 x-xss-protection 0 server cafe etag 13357764331943375706 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Thu, 15 Jul 2021 10:14:05 GMT
GET H/1.1	200 OK	spacer.gif dnr24.com/templates/FirstlineRed/images/	43 B 350 B	47ms 41ms	Image image/gif	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/templates/FirstlineRed/images/spacer.gif Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Wed, 08 Feb 2017 09:10:21 GMT Server nginx/1.18.0 ETag "589ae07d-2b" Content-Type image/gif Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 43 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	logo.png dnr24.com/templates/FirstlineRed/images/	7 KB 7 KB	58ms 51ms	Image image/png	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/templates/FirstlineRed/images/logo.png Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash 98bde57f64020feb288ea8f757f3ae08116e8f1191220bae8b7c708abc268d95 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Wed, 08 Feb 2017 09:10:20 GMT Server nginx/1.18.0 ETag "589ae07c-1c55" Content-Type image/png Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 7253 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	oficial.png dnr24.com/uploads/	44 KB 44 KB	81ms 74ms	Image image/png	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/uploads/oficial.png Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash 66db36ab0e74c1d45ec6ace784e82bc0c06205af2caae821ac568be108d27eb1 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Mon, 14 Sep 2015 07:16:28 GMT Server nginx/1.18.0 ETag "55f6744c-ae6f" Content-Type image/png Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 44655 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	1624896821_f268259d632a12a9e7b87b12621757cc.jpg dnr24.com/uploads/posts/2021-06/	32 KB 33 KB	80ms 73ms	Image image/jpeg	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/uploads/posts/2021-06/1624896821_f268259d632a12a9e7b87b12621757cc.jpg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash f36ce0125abd86267a67ae8dc2f3d028929b58f3c5fc47b420e8aa6f5fac00bf Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Mon, 28 Jun 2021 16:12:34 GMT Server nginx/1.18.0 ETag "60d9f4f2-8138" Content-Type image/jpeg Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 33080 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	1624949269_43_cover.jpg.1050x500_q95_crop_upscale.jpg dnr24.com/uploads/posts/2021-06/	32 KB 32 KB	57ms 51ms	Image image/jpeg	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/uploads/posts/2021-06/1624949269_43_cover.jpg.1050x500_q95_crop_upscale.jpg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash 546c36951869687e080c1911cfe40da3bf061747a1de6437e4a3afda0d6f66c0 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Tue, 29 Jun 2021 06:46:36 GMT Server nginx/1.18.0 ETag "60dac1cc-7eb3" Content-Type image/jpeg Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 32435 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	1626105150_foto_05042020.jpg dnr24.com/uploads/posts/2021-07/	28 KB 28 KB	88ms 81ms	Image image/jpeg	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/uploads/posts/2021-07/1626105150_foto_05042020.jpg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash bfdddf8b44d2ff1c4a1f9688608bb14826fcf4f7a310534e87e78442cf50db22 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Mon, 12 Jul 2021 15:50:59 GMT Server nginx/1.18.0 ETag "60ec64e3-6e13" Content-Type image/jpeg Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 28179 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	1626075953_5d87917976d3bc0d6410cad4450afbad.jpg dnr24.com/uploads/posts/2021-07/	31 KB 32 KB	133ms 39ms	Image image/jpeg	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/uploads/posts/2021-07/1626075953_5d87917976d3bc0d6410cad4450afbad.jpg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash 2925a1bcc07b3e8cc40636e359605d4560c6de3027d0a65d3a19f7660501aeff Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Mon, 12 Jul 2021 07:44:27 GMT Server nginx/1.18.0 ETag "60ebf2db-7db1" Content-Type image/jpeg Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 32177 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	1626076079_oplatit-kommunalku-pensioneram-e1626072494918.jpg dnr24.com/uploads/posts/2021-07/	33 KB 33 KB	69ms 41ms	Image image/jpeg	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/uploads/posts/2021-07/1626076079_oplatit-kommunalku-pensioneram-e1626072494918.jpg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash d3da83ca54c5d41dcde4c1ff43d0cc7571011ffa717f8ae4ad942c311d593cd7 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Mon, 12 Jul 2021 07:47:11 GMT Server nginx/1.18.0 ETag "60ebf37f-82f1" Content-Type image/jpeg Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 33521 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	svodkasfronta.jpg dnr24.com/uploads/	20 KB 21 KB	105ms 39ms	Image image/jpeg	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/uploads/svodkasfronta.jpg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash 4a47a7d36678c5a3f757fef5f96eeeb2356746a45cb5e12c71d6f6657b492a1f Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Wed, 11 Nov 2015 14:01:23 GMT Server nginx/1.18.0 ETag "56434a33-5191" Content-Type image/jpeg Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 20881 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	1614945587_pensionnyj-fond-dnr.jpg dnr24.com/uploads/posts/2021-03/	37 KB 37 KB	75ms 47ms	Image image/jpeg	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/uploads/posts/2021-03/1614945587_pensionnyj-fond-dnr.jpg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash 81f4139805e88614141910deb5a077a1cc396a8fdd73577a947c1406552906be Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Fri, 05 Mar 2021 11:59:17 GMT Server nginx/1.18.0 ETag "60421d15-9323" Content-Type image/jpeg Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 37667 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	1576480445_inx960x640.jpg dnr24.com/uploads/posts/2019-12/	36 KB 37 KB	39ms 39ms	Image image/jpeg	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/uploads/posts/2019-12/1576480445_inx960x640.jpg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash c213b64c6a85345d91161a2a8f04f75574ed4e1fb734687e8fbf15fa5af025eb Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Mon, 16 Dec 2019 07:13:35 GMT Server nginx/1.18.0 ETag "5df72e9f-90eb" Content-Type image/jpeg Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 37099 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	bank.jpg dnr24.com/uploads/	27 KB 28 KB	45ms 44ms	Image image/jpeg	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/uploads/bank.jpg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash 7c4c9f620c2898958d14f146aaf8b9045a67d1166e170c1b62ac496c72d0d9ee Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Tue, 20 Oct 2015 07:08:59 GMT Server nginx/1.18.0 ETag "5625e88b-6d58" Content-Type image/jpeg Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 27992 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	1604045514_koronavirus-1-1-960x540.jpg dnr24.com/uploads/posts/2020-10/	30 KB 30 KB	41ms 40ms	Image image/jpeg	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/uploads/posts/2020-10/1604045514_koronavirus-1-1-960x540.jpg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash 05950910bcbb6660d382bebf6f03eb64a30960deadc413877c910945e6bb5cdb Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Fri, 30 Oct 2020 08:11:43 GMT Server nginx/1.18.0 ETag "5f9bcabf-764f" Content-Type image/jpeg Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 30287 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	1622877685_maxresdefault.jpg dnr24.com/uploads/posts/2021-06/	39 KB 39 KB	81ms 44ms	Image image/jpeg	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/uploads/posts/2021-06/1622877685_maxresdefault.jpg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash 02ab967934bc6b70ce8366efc5aa696ce22af4664134851fac728b5f6a0c87bb Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Sat, 05 Jun 2021 07:20:52 GMT Server nginx/1.18.0 ETag "60bb25d4-9abe" Content-Type image/jpeg Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 39614 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	1621590649_184323_strelkov_igory_chelyabinsk__strelkov_igory_250x0_4256.2837.0.0.jpg dnr24.com/uploads/posts/2021-05/	23 KB 23 KB	47ms 46ms	Image image/jpeg	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/uploads/posts/2021-05/1621590649_184323_strelkov_igory_chelyabinsk__strelkov_igory_250x0_4256.2837.0.0.jpg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash f257baf95e836d680431da398b5dec5fd2b67454d5e720afc13509fc27a3fb5d Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Fri, 21 May 2021 09:49:17 GMT Server nginx/1.18.0 ETag "60a7821d-5b47" Content-Type image/jpeg Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 23367 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	1617946070_755979397742396.jpg dnr24.com/uploads/posts/2021-04/	23 KB 23 KB	44ms 43ms	Image image/jpeg	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/uploads/posts/2021-04/1617946070_755979397742396.jpg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash ea6fa8602f14c5ad6a95e17371fd233fa4d9ab02c343b62bcab8b342aa1c0d3c Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Fri, 09 Apr 2021 05:27:45 GMT Server nginx/1.18.0 ETag "606fe5d1-5ae3" Content-Type image/jpeg Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 23267 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	1617647256_7537567a7fd78ab541ee7b33cb8c30cc.jpg dnr24.com/uploads/posts/2021-04/	16 KB 16 KB	43ms 42ms	Image image/jpeg	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/uploads/posts/2021-04/1617647256_7537567a7fd78ab541ee7b33cb8c30cc.jpg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash 54df4c693081602d3099d4efb128cb175c0e26b296e59d7bf2db0c14b9e1c073 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Mon, 05 Apr 2021 18:26:39 GMT Server nginx/1.18.0 ETag "606b565f-3e04" Content-Type image/jpeg Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 15876 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	1617434114_kvr_000816_00048_1_t218_140927.jpg dnr24.com/uploads/posts/2021-04/	29 KB 30 KB	43ms 42ms	Image image/jpeg	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/uploads/posts/2021-04/1617434114_kvr_000816_00048_1_t218_140927.jpg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash 63a5d0ab4c132f5539b8e439f80b4fb7709c77f4be9e66b3045b28f6ed66691f Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Sat, 03 Apr 2021 07:14:50 GMT Server nginx/1.18.0 ETag "606815ea-750c" Content-Type image/jpeg Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 29964 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	LwFPXN1jwm8.jpg dnr24.com/uploads/	33 KB 33 KB	45ms 42ms	Image image/jpeg	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/uploads/LwFPXN1jwm8.jpg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash 0f187e55349fa02e65da852c330f197939c5775bf77546f55cab9a7bb0b1795a Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Sun, 07 Jun 2015 05:30:29 GMT Server nginx/1.18.0 ETag "5573d6f5-820d" Content-Type image/jpeg Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 33293 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	no_image.jpg dnr24.com/templates/FirstlineRed/dleimages/	11 KB 11 KB	79ms 78ms	Image image/jpeg	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/templates/FirstlineRed/dleimages/no_image.jpg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash 17c53ed9d84aa158f4e406e787b1091a4ffc52b02a4dc19034707b61634f4c56 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Wed, 08 Feb 2017 09:10:12 GMT Server nginx/1.18.0 ETag "589ae074-2c4d" Content-Type image/jpeg Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 11341 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H2	200	ukrainian-border-guards.jpg s1.ibtimes.com/sites/www.ibtimes.com/files/styles/full/public/2015/07/24/	163 KB 163 KB	55ms 17ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://s1.ibtimes.com/sites/www.ibtimes.com/files/styles/full/public/2015/07/24/ukrainian-border-guards.jpg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash 368782c79e310619cf868a7a76d192e894de6a2a7165c3efc94992f75c1304f1 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:14:06 GMT x-content-type-options nosniff age 0 grace none x-cache MISS x-ua-device pc content-length 166798 last-modified Thu, 18 Jan 2018 09:10:00 GMT etag "28b8e-56309541f8c8f" x-hw 1626344046.cds136.fr8.hn,1626344046.cds240.fr8.c content-type image/jpeg access-control-allow-origin * x-geoip RU cache-control max-age=1209600, public accept-ranges bytes x-cache-hits 0
GET H/1.1	200 OK	1620828438_wr-960.jpg dnr24.com/uploads/posts/2021-05/	51 KB 52 KB	57ms 54ms	Image image/jpeg	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/uploads/posts/2021-05/1620828438_wr-960.jpg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash acbd84cdb7c897a61091b39148754fd2f1a6fcff8fd5afe9fb758483652ad96c Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Wed, 12 May 2021 14:06:47 GMT Server nginx/1.18.0 ETag "609be0f7-cd28" Content-Type image/jpeg Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 52520 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	vazhno.jpg dnr24.com/uploads/	17 KB 17 KB	57ms 54ms	Image image/jpeg	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/uploads/vazhno.jpg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash ebba51677a0b71b1d3f297c9cd95a748ba0247f901bf27efa78c83f8a5426064 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Tue, 28 Apr 2015 19:24:15 GMT Server nginx/1.18.0 ETag "553fde5f-42ff" Content-Type image/jpeg Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 17151 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	1620552867_fpsnrfaqs0u.jpg dnr24.com/uploads/posts/2021-05/	65 KB 65 KB	57ms 54ms	Image image/jpeg	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/uploads/posts/2021-05/1620552867_fpsnrfaqs0u.jpg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash 474f3db004731235baf3eb1efbc207e21e5b778b7cd41dacb2f93b601bddc7e6 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Sun, 09 May 2021 09:34:22 GMT Server nginx/1.18.0 ETag "6097ac9e-10354" Content-Type image/jpeg Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 66388 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	1397556217_vnimanie1.jpg dnr24.com/uploads/	31 KB 31 KB	56ms 55ms	Image image/jpeg	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/uploads/1397556217_vnimanie1.jpg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash 417e0ddaed8b128af71fd7a49c39eaabb938f7f89b9a09be0b857e4cbc3c6297 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Tue, 03 Nov 2015 14:21:18 GMT Server nginx/1.18.0 ETag "5638c2de-7c05" Content-Type image/jpeg Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 31749 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	1547039180_qcaxjwlgl6k.jpg dnr24.com/uploads/posts/2019-01/	80 KB 81 KB	52ms 51ms	Image image/jpeg	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/uploads/posts/2019-01/1547039180_qcaxjwlgl6k.jpg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash 89b6ce459e7c4f44712b431312489a5adc8e25b19a81652f11737fbeff334cc0 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Wed, 09 Jan 2019 13:05:24 GMT Server nginx/1.18.0 ETag "5c35f194-140de" Content-Type image/jpeg Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 82142 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	Logoob.png dnr24.com/	10 KB 10 KB	85ms 41ms	Image image/png	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/Logoob.png Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash 6a8f8633b90bcfca4489db98e5f4d50549a8295c1de7851570ee44a10ba47400 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/ Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Tue, 06 Sep 2016 11:41:43 GMT Server nginx/1.18.0 ETag "57ceab77-2890" Content-Type image/png Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 10384 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	inject.js Show response mediametrics.ru/partner/inject/	31 KB 7 KB	151ms 47ms	Script application/javascript	88.212.196.113 UNITEDNET
General Check archive.org Show headers Download Go to Full URL https://mediametrics.ru/partner/inject/inject.js Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 88.212.196.113 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS host13.rax.ru Software nginx/1.11.1 / Resource Hash 044ec4f4c887d20484cfa7531fc996896933a0e2fd46c48dbd702efe4a2c537f Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Content-Encoding gzip Referrer-Policy origin-when-cross-origin Last-Modified Tue, 04 Feb 2020 12:12:26 GMT Server nginx/1.11.1 ETag "5e395faa-19c0" Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=86400 Connection keep-alive Content-Length 6592 Expires Fri, 16 Jul 2021 10:12:13 GMT
GET H2	200	usocial.pp.js Show response usocial.pro/usocial/	16 KB 5 KB	135ms 78ms	Script application/javascript	185.129.100.122 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://usocial.pro/usocial/usocial.pp.js?v=6.1.4 Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.122 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / PHP/7.4.21 Resource Hash 7494b72a5e2d7aaf6810e627615aa1be79257cebe3eccce2cca3388520952a69 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; content-encoding br server ddos-guard age 0 x-powered-by PHP/7.4.21 vary Accept-Encoding content-type application/javascript; charset=utf-8 date Thu, 15 Jul 2021 10:14:06 GMT x-ddg-cachegen 1625573019
GET H2	200	gtm.js Show response www.googletagmanager.com/	88 KB 35 KB	34ms 33ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-P83M3NV Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1bb3ff126ff5e7930656012ecfd765e6e475f082675b10752b083b919527a91e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:14:06 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35404 x-xss-protection 0 last-modified Thu, 15 Jul 2021 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 15 Jul 2021 10:14:06 GMT
GET		jquery-migrate-1.2.1.js code.jquery.com/	0 0
GET H/1.1	200 OK	topline.png dnr24.com/templates/FirstlineRed/images/	151 B 459 B	64ms 37ms	Image image/png	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/templates/FirstlineRed/images/topline.png Requested by Host: dnr24.com URL: https://dnr24.com/templates/FirstlineRed/css/style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash c747aecf10a6093012bc3bd41af8567047a2210d7b32f2ff2fb29483bd3d3371 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/templates/FirstlineRed/css/style.css Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/templates/FirstlineRed/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Wed, 08 Feb 2017 09:10:25 GMT Server nginx/1.18.0 ETag "589ae081-97" Content-Type image/png Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 151 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	searchbt.png dnr24.com/templates/FirstlineRed/images/	1014 B 1 KB	100ms 37ms	Image image/png	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/templates/FirstlineRed/images/searchbt.png Requested by Host: dnr24.com URL: https://dnr24.com/templates/FirstlineRed/css/style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash f80c683f3fd1fa5fad65c7997b6df0c51376679c5002bc1b962fc69ea3e4149d Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/templates/FirstlineRed/css/style.css Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/templates/FirstlineRed/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Wed, 08 Feb 2017 09:10:24 GMT Server nginx/1.18.0 ETag "589ae080-3f6" Content-Type image/png Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 1014 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	socialb.png dnr24.com/templates/FirstlineRed/images/	4 KB 4 KB	81ms 41ms	Image image/png	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/templates/FirstlineRed/images/socialb.png Requested by Host: dnr24.com URL: https://dnr24.com/templates/FirstlineRed/css/style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash 36dff035b6b5c2550028ec3d89a70d91967e9b71012460dd2d1380ec68aa3402 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/templates/FirstlineRed/css/style.css Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/templates/FirstlineRed/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Wed, 08 Feb 2017 09:10:22 GMT Server nginx/1.18.0 ETag "589ae07e-eb0" Content-Type image/png Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 3760 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET		watch.js mc.yandex.ru/metrika/	0 0
GET H/1.1	200 OK	Cookie set shop-widget Show response yoomoney.ru/quickpay/ Frame F0EA Redirect Chain https://money.yandex.ru/quickpay/shop-widget?writer=seller&targets=%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C%20%D1%81%D0%B0%D0%B9%D1%82%D1%83&targets-hint=&default-sum=200&button-text=14&payment-type-ch... https://yoomoney.ru/quickpay/shop-widget?writer=seller&targets=%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C+%D1%81%D0%B0%D0%B9%D1%82%D1%83&targets-hint=&default-sum=200&button-text=14&payment-type-choice=o...	10 KB 4 KB	212ms 60ms	Document text/html	109.235.165.222 YOOMONEY-AS
General Check archive.org Show headers Download Go to Full URL https://yoomoney.ru/quickpay/shop-widget?writer=seller&targets=%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C+%D1%81%D0%B0%D0%B9%D1%82%D1%83&targets-hint=&default-sum=200&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=https%3A%2F%2Fdnr24.com%2F&quickpay=shop&account=410011357606438 Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.235.165.222 , Russian Federation, ASN43247 (YOOMONEY-AS, RU), Reverse DNS Software / Resource Hash 98ca134691925bb399c2d48742afe52f274abd72a81a57070534a48b46439420 Request headers Host yoomoney.ru Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Content-Type text/html; charset=utf-8 Connection keep-alive Keep-Alive timeout=120 Vary Accept-Encoding Set-Cookie srv_id1=116ffd8cf4922d392de63db3a944e617; path=/ TS015643f9=01f3111bafaff536502f7287ed4dfdc985eae6a8b20560dd5250021001673030d1150f799d62f4082ebcdd0ecd7c6b46c34605e527; Path=/ ETag W/"26c7-yoyGzzgPZs6PpoZdfaJPqAGPW3g" Cache-Control no-store, must-revalidate, max-age=0 Pragma no-cache Content-Encoding gzip Transfer-Encoding chunked Redirect headers Cache-Control public, max-age = 315360000 Content-Length 756 Content-Security-Policy-Report-Only script-src 'unsafe-inline' https: 'nonce-3qmdSAGJvLwypZa135hndg==' 'strict-dynamic' 'report-sample';object-src 'none';base-uri 'none';report-uri /transfer/report-csp; Content-Type text/html; charset=utf-8 Date Thu, 15 Jul 2021 10:14:06 GMT Expect-CT max-age=0 Expires Tue, 25 Aug 2025 14:20:35 Location https://yoomoney.ru/quickpay/shop-widget?writer=seller&targets=%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C+%D1%81%D0%B0%D0%B9%D1%82%D1%83&targets-hint=&default-sum=200&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=https%3A%2F%2Fdnr24.com%2F&quickpay=shop&account=410011357606438 Referrer-Policy same-origin Set-Cookie srv_id16=b56da4edcf6122550f635bb584b61fe0; path=/ Strict-Transport-Security max-age=15552000; includeSubDomains Vary Accept X-Content-Type-Options nosniff X-DNS-Prefetch-Control off X-Download-Options noopen X-Frame-Options SAMEORIGIN X-Permitted-Cross-Domain-Policies none X-Robots-Tag noindex X-XSS-Protection 0
GET H2	200	context.js Show response an.yandex.ru/system/	146 KB 40 KB	237ms 87ms	Script text/javascript	2a02:6b8::90 YANDEX
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/system/context.js Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 1dbc011027e5bf017631a3c2d6a689fd92f3ea66de5f6ffc9fa2e154dcc6a142 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers timing-allow-origin * strict-transport-security max-age=31536000 content-encoding br etag 1549738073 x-yandex-req-id 1626344046233750-1432610039854785909800302-production-app-host-man-pcode-60 content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control private, max-age=3600 x-robots-tag noindex, noarchive, nofollow expires Thu, 15 Jul 2021 11:14:06 GMT
GET H/1.1	200 OK	nav.png dnr24.com/templates/FirstlineRed/images/	219 B 527 B	97ms 44ms	Image image/png	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/templates/FirstlineRed/images/nav.png Requested by Host: dnr24.com URL: https://dnr24.com/templates/FirstlineRed/css/style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash 91960c4b4b1530d688dafb1f7133924b4b6a9201f7d1da6ba528b2148bcf2b29 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/templates/FirstlineRed/css/style.css Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/templates/FirstlineRed/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Wed, 08 Feb 2017 09:10:24 GMT Server nginx/1.18.0 ETag "589ae080-db" Content-Type image/png Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 219 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	label.png dnr24.com/templates/FirstlineRed/images/	421 B 730 B	148ms 41ms	Image image/png	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/templates/FirstlineRed/images/label.png Requested by Host: dnr24.com URL: https://dnr24.com/templates/FirstlineRed/css/style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash 6ef29a7ed74eb0fd6b1ae16b2ddc399ad433c1656543ed81263059c59188afc4 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/templates/FirstlineRed/css/style.css Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/templates/FirstlineRed/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Wed, 08 Feb 2017 09:10:23 GMT Server nginx/1.18.0 ETag "589ae07f-1a5" Content-Type image/png Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 421 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	black75.png dnr24.com/templates/FirstlineRed/images/	121 B 429 B	141ms 43ms	Image image/png	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/templates/FirstlineRed/images/black75.png Requested by Host: dnr24.com URL: https://dnr24.com/templates/FirstlineRed/css/style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash 5a1cc6eb414a0707764bff9703e65e3c059b29a34f40ae64be7d6037153d5c68 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/templates/FirstlineRed/css/style.css Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/templates/FirstlineRed/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Wed, 08 Feb 2017 09:10:25 GMT Server nginx/1.18.0 ETag "589ae081-79" Content-Type image/png Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 121 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	dataicon.png dnr24.com/templates/FirstlineRed/images/	628 B 937 B	145ms 39ms	Image image/png	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/templates/FirstlineRed/images/dataicon.png Requested by Host: dnr24.com URL: https://dnr24.com/templates/FirstlineRed/css/style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash 5d059fc972dc4b8eb12e7df636cea01af2452991e010dde074f8c2b70b16aa69 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/templates/FirstlineRed/css/style.css Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/templates/FirstlineRed/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Wed, 08 Feb 2017 09:10:25 GMT Server nginx/1.18.0 ETag "589ae081-274" Content-Type image/png Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 628 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	header.png dnr24.com/templates/FirstlineRed/images/	193 B 501 B	65ms 38ms	Image image/png	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/templates/FirstlineRed/images/header.png Requested by Host: dnr24.com URL: https://dnr24.com/templates/FirstlineRed/css/style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash c84acef3c376812a34a51940b7ae9b2686bfe8043f08a61b92338506f9c921dd Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/templates/FirstlineRed/css/style.css Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/templates/FirstlineRed/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Wed, 08 Feb 2017 09:10:24 GMT Server nginx/1.18.0 ETag "589ae080-c1" Content-Type image/png Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 193 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H3-29	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/	243 KB 90 KB	52ms 31ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4270514290018072&plah=dnr24.com&amaexp=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7d7731cd19278dd8d68435b1df5709fd2e12e8f13e43d86409ccc26f3354ea52 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:14:06 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 92103 x-xss-protection 0 server cafe etag 18322328620552464558 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 15 Jul 2021 10:14:06 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20210708/r20190131/ Frame 3531	10 KB 5 KB	10ms 5ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20210708/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20210708/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dnr24.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dnr24.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Thu, 15 Jul 2021 00:45:58 GMT expires Thu, 29 Jul 2021 00:45:58 GMT content-type text/html; charset=UTF-8 etag 15579341980913220427 x-content-type-options nosniff content-encoding gzip server cafe content-length 4579 x-xss-protection 0 age 34088 cache-control public, max-age=1209600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	25ms 16ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=puberror&context=165&msg=TagError%3A%20adsbygoogle.push()%20error%3A%20Only%20one%20%27enable_page_level_ads%27%20allowed%20per%20page.%0Aat%20Pm%20(https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%3A216%3A324)%0Aat%20Om%20(adsbygoogle.js%3A215%3A635)%0Aat%20Vm%20(adsbygoogle.js%3A222%3A365)%0Aat%20c%20(adsbygoogle.js%3A223%3A38)%0Aat%20Wm%20(adsbygoogle.js%3A223%3A156)%0Aat%20fn%20(adsbygoogle.js%3A231%3A279)%0Aat%20Xm%20(adsbygoogle.js%3A228%3A12)%0Aat%20adsbygoogle.js%3A224%3A47%0Aat%20Ne.n.ia%20(adsbygoogle.js%3A68%3A804)%0Aat%20Ve%20(adsbygoogle.js%3A76%3A106)&shv=r20210708&eid=42530672%2C31061683&client=ca-pub-4270514290018072&url=https%3A%2F%2Fdnr24.com%2F Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:06 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P83M3NV Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 09 Jun 2021 17:36:57 GMT server Golfe2 age 4987 date Thu, 15 Jul 2021 08:50:59 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19661 expires Thu, 15 Jul 2021 10:50:59 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	199 B 259 B	18ms 16ms	Script text/javascript	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=dnr24.com&callback=_gfp_s_&client=ca-pub-4270514290018072 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4270514290018072&plah=dnr24.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software cafe / Resource Hash f9a9231d26768a2bfa61cc6a063e4bd97d44102e1c8f5a559b70512b6241ab00 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:14:06 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 191 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 165 B	15ms 15ms	Script application/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=dnr24.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4270514290018072&plah=dnr24.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Thu, 15 Jul 2021 10:14:06 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	14ms 14ms	Script application/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=dnr24.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4270514290018072&plah=dnr24.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Thu, 15 Jul 2021 10:14:06 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 18DE	10 KB 908 B	61ms 60ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&adk=1812271804&adf=3025194257&lmt=1626344046&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdnr24.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046162&bpp=4&bdt=371&idt=214&shv=r20210708&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1564655746118&frm=20&pv=2&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=270 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4270514290018072&plah=dnr24.com&amaexp=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9846ab3843e36286c976b860c13d51230de3168202baaa3732a5b192fb924608 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-4270514290018072&output=html&adk=1812271804&adf=3025194257&lmt=1626344046&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdnr24.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046162&bpp=4&bdt=371&idt=214&shv=r20210708&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1564655746118&frm=20&pv=2&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=270 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dnr24.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dnr24.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Thu, 15 Jul 2021 10:14:06 GMT server cafe content-length 885 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Thu, 15-Jul-2021 10:29:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Thu, 15 Jul 2021 10:14:06 GMT cache-control private
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	73 KB 28 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4270514290018072&plah=dnr24.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3a5fe34971b4cbe72c700e5b903b7b4e93e36bbf951abb7cfc3a1bacd63ab255 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:14:06 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1626261977363740" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28063 x-xss-protection 0 expires Thu, 15 Jul 2021 10:14:06 GMT
GET H2	200	cc Show response relap.io/	45 B 501 B	67ms 65ms	Script text/javascript	95.163.37.253 MAILRU-AS Mail.Ru
General Check archive.org Show headers Download Go to Full URL https://relap.io/cc?_s=zBa5wg&callback=window.relap.callbackRegistry.relapCb585387 Requested by Host: relap.io URL: https://relap.io/api/v6/head.js?token=A3sDhwOHTS_SavH0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU), Reverse DNS relap.io Software nginx / Resource Hash 5bcec9e7d1102c662237409762050a32a1f7e33861a76cb91ac86dd0c454b4f0 Security Headers Name Value Strict-Transport-Security max-age=5184000; includeSubdomains; X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:06 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=5184000; includeSubdomains; content-type text/javascript; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 45 x-xss-protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
GET H2	204	supersync sync.1dmp.io/ Frame 2326 Redirect Chain https://sync.1dmp.io/supersync?pid=w&o=ns&cid=d532925e-370a-4913-9238-e8b91206247f&brid=3fdc8267-2323-4ff5-80fe-dc2813a9742e&uid=rqGHAYZt https://sync.1dmp.io/supersync?t=634e9f91-e555-11eb-ad67-f832e4719dd9	0 0	39ms 37ms	Document text/plain	95.216.101.186 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sync.1dmp.io/supersync?t=634e9f91-e555-11eb-ad67-f832e4719dd9 Requested by Host: relap.io URL: https://relap.io/api/v6/head.js?token=A3sDhwOHTS_SavH0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.216.101.186 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.186.101.216.95.clients.your-server.de Software nginx / Resource Hash Request headers :method GET :authority sync.1dmp.io :scheme https :path /supersync?t=634e9f91-e555-11eb-ad67-f832e4719dd9 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dnr24.com/ accept-encoding gzip, deflate, br accept-language en-US cookie uid=634e9f90-e555-11eb-ad67-f832e4719dd9; 634e9f91-e555-11eb-ad67-f832e4719dd9=cGlkPXcmbz1ucyZjaWQ9ZDUzMjkyNWUtMzcwYS00OTEzLTkyMzgtZThiOTEyMDYyNDdmJmJyaWQ9M2ZkYzgyNjctMjMyMy00ZmY1LTgwZmUtZGMyODEzYTk3NDJlJnVpZD1ycUdIQVladA== Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dnr24.com/ Response headers server nginx date Thu, 15 Jul 2021 10:14:06 GMT set-cookie uid=634e9f90-e555-11eb-ad67-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Fri, 15 Jul 2022 10:14:06 GMT; SameSite=None; Secure uid-legacy=634e9f90-e555-11eb-ad67-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Fri, 15 Jul 2022 10:14:06 GMT Redirect headers server nginx date Thu, 15 Jul 2021 10:14:06 GMT content-length 0 expires 0 cache-control private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate set-cookie uid=634e9f90-e555-11eb-ad67-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Fri, 15 Jul 2022 10:14:06 GMT; SameSite=None; Secure 634e9f91-e555-11eb-ad67-f832e4719dd9=cGlkPXcmbz1ucyZjaWQ9ZDUzMjkyNWUtMzcwYS00OTEzLTkyMzgtZThiOTEyMDYyNDdmJmJyaWQ9M2ZkYzgyNjctMjMyMy00ZmY1LTgwZmUtZGMyODEzYTk3NDJlJnVpZD1ycUdIQVladA==; Version=1; Path=/; Domain=.1dmp.io; Max-Age=10; SameSite=None; Secure 634e9f91-e555-11eb-ad67-f832e4719dd9-legacy=cGlkPXcmbz1ucyZjaWQ9ZDUzMjkyNWUtMzcwYS00OTEzLTkyMzgtZThiOTEyMDYyNDdmJmJyaWQ9M2ZkYzgyNjctMjMyMy00ZmY1LTgwZmUtZGMyODEzYTk3NDJlJnVpZD1ycUdIQVladA==; Version=1; Path=/; Domain=.1dmp.io; Max-Age=10 uid-legacy=634e9f90-e555-11eb-ad67-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Fri, 15 Jul 2022 10:14:06 GMT location /supersync?t=634e9f91-e555-11eb-ad67-f832e4719dd9
GET H2	200	pixel.gif relap.io/api/v1/	43 B 484 B	83ms 67ms	Image image/gif	95.163.37.253 MAILRU-AS Mail.Ru
General Check archive.org Show headers Download Go to Show image Full URL https://relap.io/api/v1/pixel.gif?event=hit&url=https%3A%2F%2Fdnr24.com%2F&referrer=&_s=zBa5wg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU), Reverse DNS relap.io Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Security Headers Name Value Strict-Transport-Security max-age=5184000; includeSubdomains; X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:06 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=5184000; includeSubdomains; content-type image/gif cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 43 x-xss-protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
GET H2	200	altergeocs relap.io/partners/ Redirect Chain https://cm.p.altergeo.ru/relap?aid=rqGHAYZt&nc=l0AXh10L&url=https%3A%2F%2Frelap.io%2Fpartners%2Faltergeocs%3Fuid%3D%24%7BUSER_ID%7D https://relap.io/partners/altergeocs?uid=CMLurSeVoGRFGN2N_rjTqP9A==	43 B 574 B	65ms 61ms	Image image/gif	95.163.37.253 MAILRU-AS Mail.Ru
General Check archive.org Show headers Download Go to Show image Full URL https://relap.io/partners/altergeocs?uid=CMLurSeVoGRFGN2N_rjTqP9A== Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU), Reverse DNS relap.io Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Security Headers Name Value Strict-Transport-Security max-age=5184000; includeSubdomains; X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:06 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=5184000; includeSubdomains; content-type image/gif cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 43 x-xss-protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection Redirect headers Pragma no-cache Date Thu, 15 Jul 2021 10:14:06 GMT Server nginx/1.16.0 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Location https://relap.io/partners/altergeocs?uid=CMLurSeVoGRFGN2N_rjTqP9A== Cache-Control max-age=0, no-cache, no-store Connection close Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	counter top-fwz1.mail.ru/	43 B 842 B	61ms 48ms	Image image/gif	217.69.133.145 MAILRU-AS Mail.Ru
General Check archive.org Show headers Download Go to Show image Full URL https://top-fwz1.mail.ru/counter?id=3136989;js=na Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU), Reverse DNS top-fwz1.mail.ru Software nginx / Resource Hash 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:14:06 GMT x-content-type-options nosniff p3p CP="NOI DSP COR NID CUR PSA OUR NOR" content-length 43 pragma no-cache amp-access-control-allow-source-origin * server nginx access-control-allow-methods GET, POST, HEAD, PUT, OPTIONS content-type image/gif access-control-allow-origin * access-control-expose-headers AMP-Access-Control-Allow-Source-Origin cache-control private, no-cache, no-store, max-age=0 access-control-allow-credentials true accept-ch-lifetime 86400 accept-ch DPR, Width, Viewport-Width, Downlink, Device-Memory timing-allow-origin * access-control-allow-headers *
GET H2	204	0.gif x01.aidata.io/ Redirect Chain https://x01.aidata.io/0.gif?pid=RELAP&id=rqGHAYZt https://x01.aidata.io/0.gif?pid=RELAP&id=rqGHAYZt&bounce=1 https://counter.yadro.ru/id-redir/aidata.gif?back=STOP https://x01.aidata.io/0.gif?pid=LIVE&id=DD444B62981288758D32&back=STOP	0 432 B	55ms 50ms	Image text/plain	89.108.120.68 AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://x01.aidata.io/0.gif?pid=LIVE&id=DD444B62981288758D32&back=STOP Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS d51803.reg.regrucolo.ru Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:07 GMT last-modified Thu, 15 Jul 2021 10:14:06 GMT server nginx access-control-allow-methods GET, POST p3p CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA' cache-control no-cache, no-store, must-revalidate, post-check=0, pre-check=0 expires Thu, 15 Jul 2021 10:14:06 GMT Redirect headers Location https://x01.aidata.io/0.gif?pid=LIVE&id=DD444B62981288758D32&back=STOP Date Thu, 15 Jul 2021 10:14:07 GMT Server nginx/1.17.9 Connection keep-alive Content-Length 344 Strict-Transport-Security max-age=86400 Content-Type text/html; charset=iso-8859-1
GET H2	200	abp.gif relap.io/	43 B 208 B	71ms 59ms	Image image/gif	95.163.37.253 MAILRU-AS Mail.Ru
General Check archive.org Show headers Download Go to Show image Full URL https://relap.io/abp.gif?ch=1&rn=1.8773725188345207 Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU), Reverse DNS relap.io Software nginx / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value Strict-Transport-Security max-age=5184000; includeSubdomains; Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:14:06 GMT last-modified Wed, 21 Apr 2021 09:31:42 GMT server nginx etag "607ff0fe-2b" strict-transport-security max-age=5184000; includeSubdomains; content-type image/gif accept-ranges bytes content-length 43
GET H2	200	abp.gif relap.io/	43 B 208 B	72ms 59ms	Image image/gif	95.163.37.253 MAILRU-AS Mail.Ru
General Check archive.org Show headers Download Go to Show image Full URL https://relap.io/abp.gif?ch=2&rn=1.8773725188345207 Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU), Reverse DNS relap.io Software nginx / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value Strict-Transport-Security max-age=5184000; includeSubdomains; Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:14:06 GMT last-modified Wed, 21 Apr 2021 09:31:42 GMT server nginx etag "607ff0fe-2b" strict-transport-security max-age=5184000; includeSubdomains; content-type image/gif accept-ranges bytes content-length 43
GET H2	200	ads.js relap.io/ads/	43 B 573 B	79ms 66ms	Image image/gif	95.163.37.253 MAILRU-AS Mail.Ru
General Check archive.org Show headers Download Go to Show image Full URL https://relap.io/ads/ads.js Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU), Reverse DNS relap.io Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Security Headers Name Value Strict-Transport-Security max-age=5184000; includeSubdomains; X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:06 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=5184000; includeSubdomains; content-type image/gif cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 43 x-xss-protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
GET H2	200	218432 Show response an.yandex.ru/meta/	38 KB 15 KB	181ms 179ms	XHR application/json	2a02:6b8::90 YANDEX
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/meta/218432?grab=dNCh0LDQudGCINCU0J3QoDog0L3QvtCy0L7RgdGC0Lgg0JTQvtC90LXRhtC60LAg0Lgg0J3QvtCy0L7RgNC-0YHRgdC40LggMjQg0YfQsNGB0LAsINGB0LLQvtC00LrQuCDQvtC_0L7Qu9GH0LXQvdC40Y8g0JTQvtC90LHQsNGB0YHQsCDQt9CwINGB0LXQs9C-0LTQvdGPCjLQoSAxINC40Y7Qu9GPINCyINCU0J3QoCDQstCy0L7QtNGP0YLRgdGPINC90L7QstGL0LUg0YLQsNGA0LjRhNGLINC90LAg0LrQvtC80LzRg9C90LDQu9GM0L3Ri9C1INGD0YHQu9GD0LPQuCAKMtCd0LDRh9Cw0YIg0L_RgNC40LXQvCDQt9Cw0Y_QstC70LXQvdC40Lkg0L3QsCDQv9C-0LvRg9GH0LXQvdC40LUg0KHQndCY0JvQoSDQuCDRg9GH0LXRgtC90L7QuSDQt9Cw0L_QuNGB0Lgg0L3QsCDQv9C-0YDRgtCw0LvQtSDCq9CT0L7RgdGD0YHQu9GD0LPQuMK7INCyINC-0YLQtNC10LvQtdC90LjRj9GFINCc0LjQs9GA0LDRhtC40L7QvdC90L7QuSDRgdC70YPQttCx0Ysg0JzQktCUINCU0J3QoCAKMtCd0LAg0L7RgtC00YvRhSDQsiDQoNC-0YHRgdC40Y46INC60LDQutC40LUg0LrQvtCy0LjQtNC90YvQtSDQvtCz0YDQsNC90LjRh9C10L3QuNGPINGB0LXQudGH0LDRgSDQtNC10LnRgdGC0LLRg9GO0YIg0LIg0LPQvtGA0L7QtNCw0YUg0KDQpD8gCjLQmtCw0Log0LbQuNGC0LXQu9GP0Lwg0JTQndCgINC_0L4%3D&target-ref=https%3A%2F%2Fdnr24.com%2F&charset=utf-8&pcode-test-ids=375469%2C0%2C6%3B385052%2C0%2C89%3B380014%2C0%2C2%3B385382%2C0%2C89%3B381842%2C0%2C53%3B383002%2C0%2C43%3B381569%2C0%2C82%3B382336%2C0%2C46%3B385318%2C0%2C9%3B371726%2C0%2C79%3B386746%2C0%2C29&pcode-flags=%7B%22ADAPTIVE_TOWER_PRICE%22%3A%22neutral-badges%22%2C%22ADAPTIVE_V3_VIDEO%22%3A%22exp%22%2C%22VISIBILITY_SLOT_CONTAINER_ENABLE%22%3A%22ctl%22%2C%22DISABLE_VIDEO_CONTROL%22%3A%22exp%22%2C%22USE_ADFOX_INSTEAD_CONTEXT%22%3Afalse%2C%22WIDGET_ADTUNE%22%3A%22exp%22%2C%22LEADERBOARD_VIDEO%22%3A%22exp%22%2C%22HBVER%22%3A15268%2C%22COMBO_HEADER%22%3A%22withoutHeader%22%2C%22ADFOX_MRC_VISIBILITY%22%3Atrue%2C%22SINGLE_CONTEXT_BLACKLIST%22%3A%5B%5D%2C%22USE_SUPERBUNDLE%22%3Atrue%2C%22USE_PUNY_DOMAIN%22%3A%22exp%22%2C%22DOTS_FLAGS%22%3A%22exp%22%2C%22NEW_ADTUNE%22%3A%22exp%22%2C%22RESPONSIVE_SQUARE%22%3A%22exp%22%2C%22SINGLE_CONTEXT%22%3Atrue%2C%22DEFAULT_BLACKLIST_PAGES%22%3A%5B%22419507%22%2C%22419506%22%2C%22106253%22%2C%22188382%22%2C%22189903%22%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22constructor%22%2C%22modernAdaptive%22%5D%2C%22ADAPTIVE_TOWER_VIDEO%22%3A%22exp%22%2C%22SSR_UNIFORMAT%22%3A%221%22%2C%22CONTENT_TYPE_CHARSET%22%3Atrue%2C%22TABLE_CONTAINER%22%3A%22exp%22%2C%22KEEP_CSR_DATA%22%3A1%2C%22COMBO_PACKSHOT_EXP%22%3A%22exp%22%2C%22SSR_SMART_CENTER%22%3A%22exp%22%2C%22CALLOUTS_IN_ADAPTIVE_FLAGS%22%3A%22ctl%22%2C%22RTB_BANNER_FLAGS%22%3A%22exp%22%2C%22NATIVE_COMBO_SKIPTOKEN%22%3Atrue%2C%22PCODEVER%22%3A%2215480%22%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0Aconstructor%0AmodernAdaptive&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=1208308611626344046&imp-id=2&enable-flat-highlight=1&test-tag=65970697994242&ad-session-id=3756521626344046525&target-id=59221699&tga-with-creatives=1&pcode-version=15480&pcodever=15480&flash-ver=0&available-width=300&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.3%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A990%2C%22top%22%3A2167%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&uniformat=true&callback=Ya%5B9056374887973%5D Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash a060600e9338dbff072f8148d9893db4296b3c8a7d1b7390205c089c13b57e15 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Thu, 15 Jul 2021 10:14:06 GMT content-encoding gzip ssr true x-yandex-req-id 1626344046571387-421282962425382628500278-production-app-host-sas-pcode-47 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" x-xss-protection 1; mode=block pragma no-cache last-modified Thu, 15 Jul 2021 10:14:06 GMT strict-transport-security max-age=31536000 content-type application/json access-control-allow-origin https://dnr24.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * uniformat true expires Thu, 15 Jul 2021 10:14:06 GMT
GET H2	200	ced881229fb6aff0145e.js Show response yastatic.net/partner-code-bundles/15480/	12 KB 5 KB	141ms 44ms	Script text/javascript	2a02:6b8:20::215 YANDEX
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/15480/ced881229fb6aff0145e.js Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software nginx/1.17.9 / Resource Hash a7f2290ad414ae2f60ff0223bbb0bd360a8cd37e075e6e15655f117fd1df36f8 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Origin https://dnr24.com Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:14:06 GMT content-encoding br vary Accept-Encoding nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 4205 last-modified Wed, 14 Jul 2021 14:42:38 GMT server nginx/1.17.9 etag "af845ddda3f28768831e5947578785ce" x-robots-tag noindex, noarchive, nofollow strict-transport-security max-age=43200000; includeSubDomains; report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * expires Sat, 15 Jul 2051 16:49:48 GMT
GET H2	200	a476958bdb5be066244d.js Show response yastatic.net/partner-code-bundles/15480/	498 KB 104 KB	195ms 99ms	Script text/javascript	2a02:6b8:20::215 YANDEX
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/15480/a476958bdb5be066244d.js Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software nginx/1.17.9 / Resource Hash 7bb4085e4cdf67dfa8a0f6064af8ed09bd40cb19a579ab9bf2075711a8eebefd Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Origin https://dnr24.com Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:14:06 GMT content-encoding br vary Accept-Encoding nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 105463 last-modified Wed, 14 Jul 2021 14:42:38 GMT server nginx/1.17.9 etag "86ca59b3948d0c79661babcc977e4cb9" x-robots-tag noindex, noarchive, nofollow strict-transport-security max-age=43200000; includeSubDomains; report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * expires Sat, 15 Jul 2051 16:45:27 GMT
GET H2	200	d2c8842d68727a9b43a4.js Show response yastatic.net/partner-code-bundles/15480/	340 KB 62 KB	251ms 154ms	Script text/javascript	2a02:6b8:20::215 YANDEX
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/15480/d2c8842d68727a9b43a4.js Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software nginx/1.17.9 / Resource Hash b82aa1c2ff7d898ffa7dff15d5e80ad27683c38454a69cd167da910c01e76258 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Origin https://dnr24.com Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:14:06 GMT content-encoding br vary Accept-Encoding nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 62923 last-modified Wed, 14 Jul 2021 14:42:38 GMT server nginx/1.17.9 etag "4a2e576045b70743b72e1f5aa266661d" x-robots-tag noindex, noarchive, nofollow strict-transport-security max-age=43200000; includeSubDomains; report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * expires Sat, 15 Jul 2051 16:49:54 GMT
GET H/1.1	200 OK	footer.png dnr24.com/templates/FirstlineRed/images/	3 KB 3 KB	45ms 44ms	Image image/png	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/templates/FirstlineRed/images/footer.png Requested by Host: dnr24.com URL: https://dnr24.com/templates/FirstlineRed/css/style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash b9bc5775cc62fd7d593f289b0adf779b36dd4a46ea54d626623c82099e9f5293 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/templates/FirstlineRed/css/style.css Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/templates/FirstlineRed/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Wed, 08 Feb 2017 09:10:20 GMT Server nginx/1.18.0 ETag "589ae07c-b21" Content-Type image/png Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 2849 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	separate.png dnr24.com/templates/FirstlineRed/images/	155 B 463 B	45ms 44ms	Image image/png	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/templates/FirstlineRed/images/separate.png Requested by Host: dnr24.com URL: https://dnr24.com/templates/FirstlineRed/css/style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash b028a2c3a7b50a540c56576dd3b54457e56b5cbae53f588ac1c4c622889cff95 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/templates/FirstlineRed/css/style.css Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7 Connection keep-alive Referer https://dnr24.com/templates/FirstlineRed/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Wed, 08 Feb 2017 09:10:20 GMT Server nginx/1.18.0 ETag "589ae07c-9b" Content-Type image/png Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 155 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H3-29	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 2979	97 KB 34 KB	502ms 500ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=90&slotname=1869487945&adk=4004539508&adf=3235933448&pi=t.ma~as.1869487945&w=728&lmt=1626344046&psa=0&format=728x90&url=https%3A%2F%2Fdnr24.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046168&bpp=3&bdt=378&idt=382&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=572&ady=40&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=68UiDlwvB8&p=https%3A//dnr24.com&dtd=396 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4270514290018072&plah=dnr24.com&amaexp=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8c538fff853f3901c945928e0ea67ca9f49044597900e5156428d9ccd4f32c30 Security Headers Name Value Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIm4t9nr5PECFWYf0wodHtsG5Q&gqi=bgrwYISNI8u4nsEPuea34Aw&layout=/sadbundle/%24csp%253Der3%24/5646111312527115393/index.html X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-4270514290018072&output=html&h=90&slotname=1869487945&adk=4004539508&adf=3235933448&pi=t.ma~as.1869487945&w=728&lmt=1626344046&psa=0&format=728x90&url=https%3A%2F%2Fdnr24.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046168&bpp=3&bdt=378&idt=382&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=572&ady=40&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=68UiDlwvB8&p=https%3A//dnr24.com&dtd=396 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dnr24.com/ accept-encoding gzip, deflate, br accept-language en-US cookie test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dnr24.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-security-policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIm4t9nr5PECFWYf0wodHtsG5Q&gqi=bgrwYISNI8u4nsEPuea34Aw&layout=/sadbundle/%24csp%253Der3%24/5646111312527115393/index.html content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Thu, 15 Jul 2021 10:14:07 GMT server cafe content-length 35178 x-xss-protection 0 set-cookie IDE=AHWqTUldEcB7gEx9FJbzPqjyDHC-QjkBKOFc4m0WieWOVMR8Xv3kZM0EZG3HK_7y2j4; expires=Tue, 09-Aug-2022 10:14:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Thu, 15 Jul 2021 10:14:07 GMT cache-control private
GET H/1.1	200 OK	inject_noff.css mediametrics.ru/partner/inject/	4 KB 1 KB	55ms 49ms	Stylesheet text/css	88.212.196.113 UNITEDNET
General Check archive.org Show headers Download Go to Full URL https://mediametrics.ru/partner/inject/inject_noff.css Requested by Host: mediametrics.ru URL: https://mediametrics.ru/partner/inject/inject.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 88.212.196.113 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS host13.rax.ru Software nginx/1.11.1 / Resource Hash d5a5ef10f19daefe69598a9657a199dc6112cff3a7e4f8fd15e2eaf6f446cd97 Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Content-Encoding gzip Referrer-Policy origin-when-cross-origin Last-Modified Wed, 24 May 2017 18:48:41 GMT Server nginx/1.11.1 ETag "5925d589-3f3" Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=86400 Connection keep-alive Content-Length 1011 Expires Fri, 16 Jul 2021 10:13:28 GMT
GET H/1.1	200 OK	online.ru.js Show response mediametrics.ru/partner/inject/	9 KB 5 KB	109ms 46ms	Script application/javascript	88.212.196.113 UNITEDNET
General Check archive.org Show headers Download Go to Full URL https://mediametrics.ru/partner/inject/online.ru.js Requested by Host: mediametrics.ru URL: https://mediametrics.ru/partner/inject/inject.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 88.212.196.113 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS host13.rax.ru Software nginx/1.11.1 / Resource Hash f1153a8e23ec3be9e525033fe9f0b6863cbe2a0bc9352ce53bf38e9526fdca82 Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Content-Encoding gzip Referrer-Policy origin-when-cross-origin Last-Modified Thu, 15 Jul 2021 10:03:02 GMT Server nginx/1.11.1 ETag W/"60f007d6-23dd" Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=300 Connection keep-alive Expires Thu, 15 Jul 2021 10:16:53 GMT
GET H2	200	hit c.hit.ua/	43 B 311 B	161ms 49ms	Image image/gif	89.184.81.35 MIROHOST Web hosting
General Check archive.org Show headers Download Go to Show image Full URL https://c.hit.ua/hit?i=126912&g=0&x=2&s=1&c=1&t=-120&w=1600&h=1200&d=24&0.09073896535232917&r=&u=https%3A//dnr24.com/ Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.184.81.35 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA), Reverse DNS c.hit.ua Software nginx/1.17.9 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:06 GMT cache-control no-cache, no-store, must-revalidate content-type image/gif server nginx/1.17.9 p3p policyref="/w3c/p3p.xml", CP="UNI" expires 0
GET H/1.1	200 OK	hit counter.yadro.ru/ Redirect Chain https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//dnr24.com/;0.15943131212120387 https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//dnr24.com/;0.15943131212120387	43 B 528 B	52ms 51ms	Image image/gif	88.212.201.216 UNITEDNET
General Check archive.org Show headers Download Go to Show image Full URL https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//dnr24.com/;0.15943131212120387 Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS Software nginx/1.17.9 / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 15 Jul 2021 10:14:06 GMT Server nginx/1.17.9 Strict-Transport-Security max-age=86400 P3P policyref="/w3c/p3p.xml", CP="UNI" Access-Control-Allow-Origin * Cache-control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 14 Jul 2020 21:00:00 GMT Redirect headers Pragma no-cache Date Thu, 15 Jul 2021 10:14:06 GMT Server nginx/1.17.9 Strict-Transport-Security max-age=86400 P3P policyref="/w3c/p3p.xml", CP="UNI" Location https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//dnr24.com/;0.15943131212120387 Cache-control no-cache Connection keep-alive Content-Type text/html Content-Length 32 Expires Tue, 14 Jul 2020 21:00:00 GMT
GET		top100.jcn counter.rambler.ru/	0 0
GET H2	200	seedr-player.min.js Show response cdn01.nativeroll.tv/js/	23 KB 9 KB	32ms 7ms	Script application/javascript	2a03:90c0:41:2801::254 GCORE
General Check archive.org Show headers Download Go to Full URL https://cdn01.nativeroll.tv/js/seedr-player.min.js Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash d390de8fd29ce494b16232163758132ae3f7b98f5ab771a08a0710a6c6d8f885 Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-id fr5-up-gc33 date Thu, 15 Jul 2021 10:14:06 GMT content-encoding gzip last-modified Wed, 14 Jul 2021 14:06:13 GMT server nginx etag W/"60eeef55-5c56" vary Accept-Encoding x-cached-since 2021-07-15T09:32:37+00:00 content-type application/javascript; charset=utf-8 cache-control max-age=7200 cache HIT expires Wed, 14 Jul 2021 17:32:13 GMT
GET H/1.1	200 OK	Projects-acb6b95409c0aa2468b874b90b8a00c9f86872f12089e0ef2f790e4a0d1374dd.js Show response focus-point.ru/widget-code/	67 KB 68 KB	2878ms 2710ms	Script text/javascript	185.221.152.238 EUROBYTE Eurobyte...
General Check archive.org Show headers Download Go to Full URL https://focus-point.ru/widget-code/Projects-acb6b95409c0aa2468b874b90b8a00c9f86872f12089e0ef2f790e4a0d1374dd.js Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.221.152.238 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU), Reverse DNS dev.seointellect.ru Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_wsgi/4.6.2 Python/3.6 PHP/7.2.34 / PHP/7.2.34 Resource Hash 567312534e898195c90b790766198bcd3cafea9e0d63da4f3e7c0b2ab522278a Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:11:02 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_wsgi/4.6.2 Python/3.6 PHP/7.2.34 X-Powered-By PHP/7.2.34 Transfer-Encoding chunked Content-Type text/javascript; charset=UTF-8 Cache-Control no-cache, private Connection Keep-Alive Keep-Alive timeout=5, max=100
GET H/1.1	200 OK	b_date.png dnr24.com/templates/FirstlineRed/images/	269 B 578 B	57ms 47ms	Image image/png	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/templates/FirstlineRed/images/b_date.png Requested by Host: dnr24.com URL: https://dnr24.com/templates/FirstlineRed/css/style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash df7c9a36ae6d2191c0948c85aa7ae92eb7cbb9dcec1c8f61b443750fae2d9c30 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/templates/FirstlineRed/css/style.css Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7; b=b Connection keep-alive Referer https://dnr24.com/templates/FirstlineRed/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Wed, 08 Feb 2017 09:10:20 GMT Server nginx/1.18.0 ETag "589ae07c-10d" Content-Type image/png Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 269 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H/1.1	200 OK	w30.png dnr24.com/templates/FirstlineRed/images/	149 B 457 B	49ms 46ms	Image image/png	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr24.com/templates/FirstlineRed/images/w30.png Requested by Host: dnr24.com URL: https://dnr24.com/templates/FirstlineRed/css/style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash 323cfe02e8306d16f81eb0335a6c0811274ede0f8ae21cca3d101e714fd0cf3c Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host dnr24.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://dnr24.com/templates/FirstlineRed/css/style.css Cookie PHPSESSID=4tie9je9tt6o8s23dt40m640c7; b=b Connection keep-alive Referer https://dnr24.com/templates/FirstlineRed/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Last-Modified Wed, 08 Feb 2017 09:10:25 GMT Server nginx/1.18.0 ETag "589ae081-95" Content-Type image/png Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 149 Expires Sun, 25 Jul 2021 10:14:06 GMT
GET H3-29	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 326F	86 KB 27 KB	642ms 641ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=5351352692&adk=3703005410&adf=1615624222&pi=t.ma~as.5351352692&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046171&bpp=3&bdt=381&idt=444&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oTVm7cefzT&p=https%3A//dnr24.com&dtd=470 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4270514290018072&plah=dnr24.com&amaexp=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d1d5ec30f76d4c714cd71955ccc56816c45273230c6c0f7f9202bbe8d1999a4c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=5351352692&adk=3703005410&adf=1615624222&pi=t.ma~as.5351352692&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046171&bpp=3&bdt=381&idt=444&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oTVm7cefzT&p=https%3A//dnr24.com&dtd=470 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dnr24.com/ accept-encoding gzip, deflate, br accept-language en-US cookie test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dnr24.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Thu, 15 Jul 2021 10:14:07 GMT server cafe content-length 28066 x-xss-protection 0 set-cookie IDE=AHWqTUk3onrRlBhxNXGOw-vKb3UlHm0pi-QGt3oaw1MzfByKeCAVaHMSbcR12ceifp4; expires=Tue, 09-Aug-2022 10:14:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Thu, 15 Jul 2021 10:14:07 GMT cache-control private
POST H3-29	200	collect Show response www.google-analytics.com/j/	1 B 21 B	14ms 13ms	XHR text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j91&a=2125483651&t=pageview&_s=1&dl=https%3A%2F%2Fdnr24.com%2F&ul=en-us&de=windows-1251&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%94%D0%9D%D0%A0%3A%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%94%D0%BE%D0%BD%D0%B5%D1%86%D0%BA%D0%B0%20%D0%B8%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%80%D0%BE%D1%81%D1%81%D0%B8%D0%B8%2024%20%D1%87%D0%B0%D1%81%D0%B0%2C%20%D1%81%D0%B2%D0%BE%D0%B4%D0%BA%D0%B8%20%D0%BE%D0%BF%D0%BE%D0%BB%D1%87%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%94%D0%BE%D0%BD%D0%B1%D0%B0%D1%81%D1%81%D0%B0%20%D0%B7%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=165716314&gjid=1909790723&cid=2093601208.1626344046&tid=gtm.js&_gid=1953640733.1626344047&_r=1&gtm=2wg7e0P83M3NV&z=690180125 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:06 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://dnr24.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	21ms 20ms	Script application/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=dnr24.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4270514290018072&plah=dnr24.com&amaexp=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Thu, 15 Jul 2021 10:14:06 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	22ms 19ms	Script application/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=dnr24.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4270514290018072&plah=dnr24.com&amaexp=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Thu, 15 Jul 2021 10:14:06 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame AE05	65 KB 23 KB	554ms 553ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=9731553745&adk=1676835415&adf=2852835187&pi=t.ma~as.9731553745&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046174&bpp=1&bdt=384&idt=519&shv=r20210708&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc73ad1f7581f9ca8-220874716dc90059%3AT%3D1626344046%3ART%3D1626344046%3AS%3DALNI_MblpG2InOzo5DXhN46D0svFamzj0Q&prev_fmts=0x0%2C728x90%2C300x600&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=wWdlYMRl5g&p=https%3A//dnr24.com&dtd=536 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4270514290018072&plah=dnr24.com&amaexp=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0481b6e33c7b8973f27f4b73c26cdb8c67970d51ce81f239d14e25f723ffdb63 Security Headers Name Value Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMnWwNnr5PECFXUC0wodEDIHtw&gqi=bgrwYMieLJ21nsEPpaqx2Ac&layout=/sadbundle/%24csp%253Der3%24/17626451119355985920/index.html X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=9731553745&adk=1676835415&adf=2852835187&pi=t.ma~as.9731553745&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046174&bpp=1&bdt=384&idt=519&shv=r20210708&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc73ad1f7581f9ca8-220874716dc90059%3AT%3D1626344046%3ART%3D1626344046%3AS%3DALNI_MblpG2InOzo5DXhN46D0svFamzj0Q&prev_fmts=0x0%2C728x90%2C300x600&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=wWdlYMRl5g&p=https%3A//dnr24.com&dtd=536 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dnr24.com/ accept-encoding gzip, deflate, br accept-language en-US cookie test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dnr24.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-security-policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMnWwNnr5PECFXUC0wodEDIHtw&gqi=bgrwYMieLJ21nsEPpaqx2Ac&layout=/sadbundle/%24csp%253Der3%24/17626451119355985920/index.html content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Thu, 15 Jul 2021 10:14:07 GMT server cafe content-length 23192 x-xss-protection 0 set-cookie IDE=AHWqTUmXQgSA2AIZgmaVz-IfZNM7_n5E-T5Jt5DoE_vJJbUFmtNjQN-uhLZfmlroJOU; expires=Tue, 09-Aug-2022 10:14:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Thu, 15 Jul 2021 10:14:07 GMT cache-control private
GET H2	200	uscl-public-popup.css usocial.pro/usocial/css/	48 KB 10 KB	38ms 24ms	Stylesheet text/css	185.129.100.122 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://usocial.pro/usocial/css/uscl-public-popup.css?v=7.1.5 Requested by Host: usocial.pro URL: https://usocial.pro/usocial/usocial.pp.js?v=6.1.4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.122 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash eab928bc7ae1c23049bbb829809d0cba995c897253bef7cea1383b9ba8387c86 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; content-encoding gzip etag "5e3977aa-bf25" age 273 x-ddg-cachegen 1625573019 content-length 9752 last-modified Tue, 04 Feb 2020 13:54:50 GMT server ddos-guard date Thu, 15 Jul 2021 10:09:33 GMT vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control max-age=300, public access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	19ms 14ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-4270514290018072&warn=12%2C13&w=1600&h=1200&eatf=false&reatf=true&a=6%2C1%2C5%2C7&apv=20210713_104640&sat=1626337265883&afm=0&as_count=3&d_count=0&ng_count=0&am_count=0&atf_count=2&mdns=0.430&alldns=0.430&allp=47&pgh=2998&su=dnr24.com&pvc=1098336550174130&r=0.1 Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:06 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	_bc-common.css yoomoney.ru/b/desktop/ Frame F0EA	61 KB 14 KB	95ms 92ms	Stylesheet text/css	109.235.165.222 YOOMONEY-AS
General Check archive.org Show headers Download Go to Full URL https://yoomoney.ru/b/desktop/_bc-common.css?v=oQYLgL2n4M9Z3fK8kMFCX5v8jxo Requested by Host: yoomoney.ru URL: https://yoomoney.ru/quickpay/shop-widget?writer=seller&targets=%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C+%D1%81%D0%B0%D0%B9%D1%82%D1%83&targets-hint=&default-sum=200&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=https%3A%2F%2Fdnr24.com%2F&quickpay=shop&account=410011357606438 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.235.165.222 , Russian Federation, ASN43247 (YOOMONEY-AS, RU), Reverse DNS Software / Resource Hash 4d2cb5a37889b937fa0812cd37440af132c322e8f6032ee9d754795565dddb48 Request headers Referer https://yoomoney.ru/quickpay/shop-widget?writer=seller&targets=%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C+%D1%81%D0%B0%D0%B9%D1%82%D1%83&targets-hint=&default-sum=200&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=https%3A%2F%2Fdnr24.com%2F&quickpay=shop&account=410011357606438 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Content-Encoding gzip Last-Modified Tue, 13 Jul 2021 23:34:21 GMT ETag W/"60ee22fd-f2b4" Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age = 315360000, public, max-age = 315360000 Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=120 Expires Tue, 25 Aug 2025 14:20:35, Tue, 25 Aug 2025 14:20:35
GET H/1.1	200 OK	_quickpay.css yoomoney.ru/b/desktop/ Frame F0EA	30 KB 9 KB	156ms 59ms	Stylesheet text/css	109.235.165.222 YOOMONEY-AS
General Check archive.org Show headers Download Go to Full URL https://yoomoney.ru/b/desktop/_quickpay.css?v=kEahvx5xtnO9GbVtpsrCHAjNaik Requested by Host: yoomoney.ru URL: https://yoomoney.ru/quickpay/shop-widget?writer=seller&targets=%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C+%D1%81%D0%B0%D0%B9%D1%82%D1%83&targets-hint=&default-sum=200&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=https%3A%2F%2Fdnr24.com%2F&quickpay=shop&account=410011357606438 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.235.165.222 , Russian Federation, ASN43247 (YOOMONEY-AS, RU), Reverse DNS Software / Resource Hash e1ff6b539b81426a49710f2f419f6d12dd58e08f32028a9d40dfe12cbe9f3312 Request headers Referer https://yoomoney.ru/quickpay/shop-widget?writer=seller&targets=%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C+%D1%81%D0%B0%D0%B9%D1%82%D1%83&targets-hint=&default-sum=200&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=https%3A%2F%2Fdnr24.com%2F&quickpay=shop&account=410011357606438 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Content-Encoding gzip Last-Modified Tue, 13 Jul 2021 23:34:21 GMT ETag W/"60ee22fd-77ba" Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age = 315360000, public, max-age = 315360000 Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=120 Expires Tue, 25 Aug 2025 14:20:35, Tue, 25 Aug 2025 14:20:35
GET H/1.1	200 OK	lodash.min.js Show response static.yoomoney.ru/files-front/libs/lodash/4.5.1/ Frame F0EA	121 KB 32 KB	207ms 51ms	Script application/javascript	109.235.165.77 YOOMONEY-AS
General Check archive.org Show headers Download Go to Full URL https://static.yoomoney.ru/files-front/libs/lodash/4.5.1/lodash.min.js Requested by Host: yoomoney.ru URL: https://yoomoney.ru/quickpay/shop-widget?writer=seller&targets=%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C+%D1%81%D0%B0%D0%B9%D1%82%D1%83&targets-hint=&default-sum=200&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=https%3A%2F%2Fdnr24.com%2F&quickpay=shop&account=410011357606438 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.235.165.77 , Russian Federation, ASN43247 (YOOMONEY-AS, RU), Reverse DNS Software nginx / Resource Hash 0979b35103ffa497dab8e62aba344b213725750c85376ce87de3a48dc3d68b76 Request headers Referer https://yoomoney.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:07 GMT Content-Encoding gzip last-modified Thu, 08 Jul 2021 12:23:00 GMT Server nginx x-amz-request-id tx00000000000000016b3de-0060ec3e85-23919-ugr etag W/"94cb4013083d6624379e2d87cec67883" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control no-cache, public, max-age = 315360000 x-rgw-object-type Normal Connection keep-alive Transfer-Encoding chunked Keep-Alive timeout=120 Expires Thu, 01 Jan 1970 00:00:01 GMT, Tue, 25 Aug 2025 14:20:35
GET H/1.1	200 OK	babel-polyfill.min.js Show response yoomoney.ru/b/resources/ Frame F0EA	96 KB 38 KB	192ms 95ms	Script application/javascript	109.235.165.222 YOOMONEY-AS
General Check archive.org Show headers Download Go to Full URL https://yoomoney.ru/b/resources/babel-polyfill.min.js Requested by Host: yoomoney.ru URL: https://yoomoney.ru/quickpay/shop-widget?writer=seller&targets=%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C+%D1%81%D0%B0%D0%B9%D1%82%D1%83&targets-hint=&default-sum=200&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=https%3A%2F%2Fdnr24.com%2F&quickpay=shop&account=410011357606438 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.235.165.222 , Russian Federation, ASN43247 (YOOMONEY-AS, RU), Reverse DNS Software / Resource Hash da7bbca9d163f4033d5d177be44029dd744610a891a6b58be213cc858923d79d Request headers Referer https://yoomoney.ru/quickpay/shop-widget?writer=seller&targets=%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C+%D1%81%D0%B0%D0%B9%D1%82%D1%83&targets-hint=&default-sum=200&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=https%3A%2F%2Fdnr24.com%2F&quickpay=shop&account=410011357606438 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Content-Encoding gzip Last-Modified Tue, 13 Jul 2021 23:34:21 GMT ETag W/"60ee22fd-17e06" Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age = 315360000, public, max-age = 315360000 Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=120 Expires Tue, 25 Aug 2025 14:20:35, Tue, 25 Aug 2025 14:20:35
GET H/1.1	200 OK	_bc-common.bemhtml.js Show response yoomoney.ru/b/desktop/ Frame F0EA	46 KB 17 KB	191ms 94ms	Script application/x-javascript	109.235.165.222 YOOMONEY-AS
General Check archive.org Show headers Download Go to Full URL https://yoomoney.ru/b/desktop/_bc-common.bemhtml.js?v=CUziEUY0z7BUKtX3yJkDqzs27yQ Requested by Host: yoomoney.ru URL: https://yoomoney.ru/quickpay/shop-widget?writer=seller&targets=%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C+%D1%81%D0%B0%D0%B9%D1%82%D1%83&targets-hint=&default-sum=200&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=https%3A%2F%2Fdnr24.com%2F&quickpay=shop&account=410011357606438 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.235.165.222 , Russian Federation, ASN43247 (YOOMONEY-AS, RU), Reverse DNS Software / Resource Hash 59da8cdf13013df822c0f9d43ec1ededdf2407398aa0643cccca82fdddf889aa Request headers Referer https://yoomoney.ru/quickpay/shop-widget?writer=seller&targets=%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C+%D1%81%D0%B0%D0%B9%D1%82%D1%83&targets-hint=&default-sum=200&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=https%3A%2F%2Fdnr24.com%2F&quickpay=shop&account=410011357606438 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Content-Encoding gzip Last-Modified Tue, 13 Jul 2021 23:34:21 GMT ETag W/"60ee22fd-b671" Vary Accept-Encoding Content-Type application/x-javascript Cache-Control public, max-age = 315360000, public, max-age = 315360000 Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=120 Expires Tue, 25 Aug 2025 14:20:35, Tue, 25 Aug 2025 14:20:35
GET H/1.1	200 OK	_bc-common.en.js Show response yoomoney.ru/b/desktop/ Frame F0EA	265 KB 92 KB	193ms 96ms	Script application/x-javascript	109.235.165.222 YOOMONEY-AS
General Check archive.org Show headers Download Go to Full URL https://yoomoney.ru/b/desktop/_bc-common.en.js?v=VEZvna2GRfYQOmzUiQLi5llwewg Requested by Host: yoomoney.ru URL: https://yoomoney.ru/quickpay/shop-widget?writer=seller&targets=%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C+%D1%81%D0%B0%D0%B9%D1%82%D1%83&targets-hint=&default-sum=200&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=https%3A%2F%2Fdnr24.com%2F&quickpay=shop&account=410011357606438 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.235.165.222 , Russian Federation, ASN43247 (YOOMONEY-AS, RU), Reverse DNS Software / Resource Hash a29c9fd0da4883fbb9e487f9373788f7ae46482e07105412b7340c0448608da6 Request headers Referer https://yoomoney.ru/quickpay/shop-widget?writer=seller&targets=%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C+%D1%81%D0%B0%D0%B9%D1%82%D1%83&targets-hint=&default-sum=200&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=https%3A%2F%2Fdnr24.com%2F&quickpay=shop&account=410011357606438 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Content-Encoding gzip Last-Modified Tue, 13 Jul 2021 23:34:21 GMT ETag W/"60ee22fd-4247c" Vary Accept-Encoding Content-Type application/x-javascript Cache-Control public, max-age = 315360000, public, max-age = 315360000 Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=120 Expires Tue, 25 Aug 2025 14:20:35, Tue, 25 Aug 2025 14:20:35
GET H/1.1	200 OK	_quickpay.en.js Show response yoomoney.ru/b/desktop/ Frame F0EA	150 KB 46 KB	197ms 100ms	Script application/x-javascript	109.235.165.222 YOOMONEY-AS
General Check archive.org Show headers Download Go to Full URL https://yoomoney.ru/b/desktop/_quickpay.en.js?v=93bvZO_9yfD9HYuXsW1SZDlSQ84 Requested by Host: yoomoney.ru URL: https://yoomoney.ru/quickpay/shop-widget?writer=seller&targets=%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C+%D1%81%D0%B0%D0%B9%D1%82%D1%83&targets-hint=&default-sum=200&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=https%3A%2F%2Fdnr24.com%2F&quickpay=shop&account=410011357606438 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.235.165.222 , Russian Federation, ASN43247 (YOOMONEY-AS, RU), Reverse DNS Software / Resource Hash f0a9b156b9f253b9c7cbbc8565e86a85d6a5d24115a4d43bf704897486f48ed5 Request headers Referer https://yoomoney.ru/quickpay/shop-widget?writer=seller&targets=%D0%9F%D0%BE%D0%BC%D0%BE%D1%89%D1%8C+%D1%81%D0%B0%D0%B9%D1%82%D1%83&targets-hint=&default-sum=200&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=https%3A%2F%2Fdnr24.com%2F&quickpay=shop&account=410011357606438 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Content-Encoding gzip Last-Modified Tue, 13 Jul 2021 23:34:21 GMT ETag W/"60ee22fd-2579c" Vary Accept-Encoding Content-Type application/x-javascript Cache-Control public, max-age = 315360000, public, max-age = 315360000 Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=120 Expires Tue, 25 Aug 2025 14:20:35, Tue, 25 Aug 2025 14:20:35
GET H/1.1	200 OK	tver.aif.ru.ico mediametrics.ru/favicon/	1 KB 1 KB	54ms 45ms	Image image/png	88.212.196.113 UNITEDNET
General Check archive.org Show headers Download Go to Show image Full URL https://mediametrics.ru/favicon/tver.aif.ru.ico Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 88.212.196.113 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS host13.rax.ru Software nginx/1.11.1 / Resource Hash 6fab04c019d38271c21dca420fb82d5c2b2bb795460132d7a09a59594b081a27 Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Referrer-Policy origin-when-cross-origin Last-Modified Wed, 14 Jul 2021 09:02:02 GMT Server nginx/1.11.1 Content-Type image/png Connection keep-alive Content-Length 1229 Expires Sat, 17 Jul 2021 14:38:37 GMT
GET H/1.1	200 OK	ria.ru.ico mediametrics.ru/favicon/	633 B 910 B	64ms 53ms	Image image/png	88.212.196.113 UNITEDNET
General Check archive.org Show headers Download Go to Show image Full URL https://mediametrics.ru/favicon/ria.ru.ico Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 88.212.196.113 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS host13.rax.ru Software nginx/1.11.1 / Resource Hash 29d4f8f39378b5f34256e23a6e0c123aaab984079d77a427ba7e51d7324695a7 Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Referrer-Policy origin-when-cross-origin Last-Modified Mon, 12 Jul 2021 09:41:51 GMT Server nginx/1.11.1 Content-Type image/png Connection keep-alive Content-Length 633 Expires Sat, 17 Jul 2021 14:37:18 GMT
GET H/1.1	200 OK	www.province.ru.ico mediametrics.ru/favicon/	700 B 977 B	98ms 45ms	Image image/png	88.212.196.113 UNITEDNET
General Check archive.org Show headers Download Go to Show image Full URL https://mediametrics.ru/favicon/www.province.ru.ico Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 88.212.196.113 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS host13.rax.ru Software nginx/1.11.1 / Resource Hash c57ba48914d0311356b601bf156db99ec229c7ff73767e11dc01f8132670e6b7 Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Referrer-Policy origin-when-cross-origin Last-Modified Mon, 12 Jul 2021 02:30:47 GMT Server nginx/1.11.1 Content-Type image/png Connection keep-alive Content-Length 700 Expires Sat, 17 Jul 2021 14:47:38 GMT
GET H/1.1	200 OK	russian.rt.com.ico mediametrics.ru/favicon/	409 B 686 B	109ms 45ms	Image image/png	88.212.196.113 UNITEDNET
General Check archive.org Show headers Download Go to Show image Full URL https://mediametrics.ru/favicon/russian.rt.com.ico Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 88.212.196.113 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS host13.rax.ru Software nginx/1.11.1 / Resource Hash 13f842223ca63dec893973e9b82faebd0e2e367195fb2e46f102c5682a360fe9 Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Referrer-Policy origin-when-cross-origin Last-Modified Wed, 14 Jul 2021 09:01:42 GMT Server nginx/1.11.1 Content-Type image/png Connection keep-alive Content-Length 409 Expires Sat, 17 Jul 2021 14:37:49 GMT
GET H/1.1	200 OK	reporter64.ru.ico mediametrics.ru/favicon/	3 KB 4 KB	148ms 54ms	Image image/png	88.212.196.113 UNITEDNET
General Check archive.org Show headers Download Go to Show image Full URL https://mediametrics.ru/favicon/reporter64.ru.ico Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 88.212.196.113 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS host13.rax.ru Software nginx/1.11.1 / Resource Hash ecbb3f39b974dc3c4425204e78df04a438dce0b24070415a20e5116fce5a0460 Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:06 GMT Referrer-Policy origin-when-cross-origin Last-Modified Wed, 14 Jul 2021 12:19:46 GMT Server nginx/1.11.1 Content-Type image/png Connection keep-alive Content-Length 3395 Expires Sat, 17 Jul 2021 23:54:08 GMT
OPTIONS H2	200	event_confirmation an.yandex.ru/ Frame	0 0	170ms 74ms	Preflight	2a02:6b8::90 YANDEX
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/event_confirmation Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://dnr24.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers timing-allow-origin * access-control-allow-methods GET, POST, OPTIONS date Thu, 15 Jul 2021 10:14:06 GMT access-control-max-age 1728000 access-control-allow-headers content-type access-control-allow-origin https://dnr24.com access-control-allow-credentials true x-xss-protection 1; mode=block p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-encoding gzip strict-transport-security max-age=31536000
POST H2	200	event_confirmation Show response an.yandex.ru/	0 290 B	55ms 53ms	XHR text/plain	2a02:6b8::90 YANDEX
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/event_confirmation Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:07 GMT content-encoding gzip last-modified Thu, 15 Jul 2021 10:14:07 GMT strict-transport-security max-age=31536000 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" access-control-allow-origin https://dnr24.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 15 Jul 2021 10:14:07 GMT
GET H2	200	host.js Show response yastatic.net/safeframe-bundles/0.80/	29 KB 8 KB	43ms 42ms	Script text/javascript	2a02:6b8:20::215 YANDEX
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/safeframe-bundles/0.80/host.js Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software nginx/1.17.9 / Resource Hash 9a10b1418ae87e1667a44c85f39b5e1af9b8a24279d9a2743c0859d478f3f925 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Origin https://dnr24.com Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:14:06 GMT content-encoding br vary Accept-Encoding nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 8120 last-modified Wed, 13 Jan 2021 14:53:48 GMT server nginx/1.17.9 etag "7fa61ab429a981f415ba1c49d1babdbb" x-robots-tag noindex, noarchive, nofollow strict-transport-security max-age=43200000; includeSubDomains; report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * expires Sat, 15 Jul 2051 16:45:20 GMT
GET		watch.js mc.yandex.ru/metrika/	0 0
GET H2	200	y300 avatars.mds.yandex.net/get-direct/4694892/ba5fYr-vFEUFbKRGQnQAaw/	15 KB 16 KB	203ms 64ms	Image image/webp	2a02:6b8::184 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://avatars.mds.yandex.net/get-direct/4694892/ba5fYr-vFEUFbKRGQnQAaw/y300 Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software nginx / Resource Hash 376ed2d7511d4f0c498520f046ef2a4e85898551fe150987dee28f879e43ce14 Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:14:07 GMT last-modified Sun, 14 Feb 2021 13:56:42 GMT server nginx nel {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01} report-to {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]} content-type image/webp access-control-allow-origin * cache-control max-age=604800,immutable access-control-allow-credentials true timing-allow-origin * content-length 15520 x-request-id cb3dd5a25e914725
GET DATA	200 OK	truncated / Frame F0EA	151 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 290af256ae2e41a4ba2a4bc48c9836ca7e6fd200ff3e29cb5630820ce20f75f6 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml;charset=US-ASCII
GET H/1.1	200 OK	sqJ2MGna3IZGNFXC9k4QOrzUG-c.svg yoomoney.ru/b/_/ Frame F0EA	668 B 1 KB	51ms 49ms	Image image/svg+xml	109.235.165.222 YOOMONEY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://yoomoney.ru/b/_/sqJ2MGna3IZGNFXC9k4QOrzUG-c.svg Requested by Host: yoomoney.ru URL: https://yoomoney.ru/b/desktop/_quickpay.css?v=kEahvx5xtnO9GbVtpsrCHAjNaik Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.235.165.222 , Russian Federation, ASN43247 (YOOMONEY-AS, RU), Reverse DNS Software / Resource Hash 53fb0a91995bf1fe7c9bc7ca7773ae1ae76bb350967c190123abb15c98053d9a Request headers Referer https://yoomoney.ru/b/desktop/_quickpay.css?v=kEahvx5xtnO9GbVtpsrCHAjNaik User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:07 GMT Content-Encoding gzip Last-Modified Tue, 13 Jul 2021 23:34:21 GMT ETag W/"60ee22fd-29c" Vary Accept-Encoding Content-Type image/svg+xml Cache-Control public, max-age = 315360000, public, max-age = 315360000 Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=120 Expires Tue, 25 Aug 2025 14:20:35, Tue, 25 Aug 2025 14:20:35
GET H/1.1	200 OK	znDCcGN9U__lRVsmiQ6akvmMXuE.svg yoomoney.ru/b/_/ Frame F0EA	1 KB 1 KB	49ms 48ms	Image image/svg+xml	109.235.165.222 YOOMONEY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://yoomoney.ru/b/_/znDCcGN9U__lRVsmiQ6akvmMXuE.svg Requested by Host: yoomoney.ru URL: https://yoomoney.ru/b/desktop/_quickpay.css?v=kEahvx5xtnO9GbVtpsrCHAjNaik Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.235.165.222 , Russian Federation, ASN43247 (YOOMONEY-AS, RU), Reverse DNS Software / Resource Hash 90c6deed367ca50fb856426567e29f814451f8c5a934d7ca6847d9fa7180f963 Request headers Referer https://yoomoney.ru/b/desktop/_quickpay.css?v=kEahvx5xtnO9GbVtpsrCHAjNaik User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:07 GMT Content-Encoding gzip Last-Modified Tue, 13 Jul 2021 23:34:21 GMT ETag W/"60ee22fd-56c" Vary Accept-Encoding Content-Type image/svg+xml Cache-Control public, max-age = 315360000, public, max-age = 315360000 Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=120 Expires Tue, 25 Aug 2025 14:20:35, Tue, 25 Aug 2025 14:20:35
GET DATA	200 OK	truncated / Frame F0EA	262 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1e3527e17719927fa4b18e350a61a9213abcce23cf32413a49c8a4481b326bf1 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml;charset=US-ASCII
GET H/1.1	200 OK	sIJpt2WHDXpNt0Pyuj-a0ZnY-h8.woff yoomoney.ru/b/_/ Frame F0EA	2 KB 2 KB	50ms 49ms	Font application/octet-stream	109.235.165.222 YOOMONEY-AS
General Check archive.org Show headers Download Go to Full URL https://yoomoney.ru/b/_/sIJpt2WHDXpNt0Pyuj-a0ZnY-h8.woff Requested by Host: yoomoney.ru URL: https://yoomoney.ru/b/desktop/_bc-common.css?v=oQYLgL2n4M9Z3fK8kMFCX5v8jxo Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.235.165.222 , Russian Federation, ASN43247 (YOOMONEY-AS, RU), Reverse DNS Software / Resource Hash 6cb0a771fbc5512e0d5aae15bde8a4926c9ff9856fc3f87a32e5f8b647a8e1dd Request headers Origin https://yoomoney.ru Referer https://yoomoney.ru/b/desktop/_bc-common.css?v=oQYLgL2n4M9Z3fK8kMFCX5v8jxo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:07 GMT Last-Modified Tue, 13 Jul 2021 23:34:21 GMT ETag "60ee22fd-6fc" Content-Type application/octet-stream Cache-Control public, max-age = 315360000, public, max-age = 315360000 Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=120 Content-Length 1788 Expires Tue, 25 Aug 2025 14:20:35, Tue, 25 Aug 2025 14:20:35
GET H2	200	render.html Show response yastatic.net/safeframe-bundles/0.80/1-1-0/ Frame 4D85	22 KB 6 KB	137ms 48ms	Document text/html	2a02:6b8:20::215 YANDEX
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html Requested by Host: yastatic.net URL: https://yastatic.net/safeframe-bundles/0.80/host.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software nginx/1.17.9 / Resource Hash 40cc818c8b06374b11230d18b2b54f8c7f2a7668b94ac9ee00d6a106cf0efd8b Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers :method GET :authority yastatic.net :scheme https :path /safeframe-bundles/0.80/1-1-0/render.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dnr24.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dnr24.com/ Response headers server nginx/1.17.9 date Thu, 15 Jul 2021 10:14:07 GMT content-type text/html content-length 6026 access-control-allow-origin * cache-control public, max-age=946708560 content-encoding br etag "f883bd7781c332870c9968db60e89349" expires Sat, 15 Jul 2051 16:45:23 GMT last-modified Wed, 13 Jan 2021 14:53:48 GMT nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} strict-transport-security max-age=43200000; includeSubDomains; timing-allow-origin * vary Accept-Encoding x-robots-tag noindex, noarchive, nofollow accept-ranges bytes
GET H/1.1	200 OK	jquery.min.js Show response static.yoomoney.ru/files-front/libs/jquery/1.8.3/ Frame F0EA	91 KB 38 KB	55ms 51ms	Script application/javascript	109.235.165.77 YOOMONEY-AS
General Check archive.org Show headers Download Go to Full URL https://static.yoomoney.ru/files-front/libs/jquery/1.8.3/jquery.min.js Requested by Host: yoomoney.ru URL: https://yoomoney.ru/b/desktop/_bc-common.en.js?v=VEZvna2GRfYQOmzUiQLi5llwewg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 109.235.165.77 , Russian Federation, ASN43247 (YOOMONEY-AS, RU), Reverse DNS Software nginx / Resource Hash 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf Request headers Referer https://yoomoney.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:07 GMT Content-Encoding gzip last-modified Thu, 08 Jul 2021 12:23:00 GMT Server nginx x-amz-request-id tx00000000000000016b3dd-0060ec3e85-23919-ugr etag W/"3576a6e73c9dccdbbc4a2cf8ff544ad7" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control no-cache, public, max-age = 315360000 x-rgw-object-type Normal Connection keep-alive Transfer-Encoding chunked Keep-Alive timeout=120 Expires Thu, 01 Jan 1970 00:00:01 GMT, Tue, 25 Aug 2025 14:20:35
GET H3-29	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210708/r20110914/ Frame 2979	17 KB 7 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210708/r20110914/abg_lite_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=90&slotname=1869487945&adk=4004539508&adf=3235933448&pi=t.ma~as.1869487945&w=728&lmt=1626344046&psa=0&format=728x90&url=https%3A%2F%2Fdnr24.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046168&bpp=3&bdt=378&idt=382&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=572&ady=40&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=68UiDlwvB8&p=https%3A//dnr24.com&dtd=396 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ed045b94f4874ac13890f9c4370e2b14b30c2a12a79d22e52d20872440b60ede Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:07:06 GMT content-encoding gzip x-content-type-options nosniff age 421 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7114 x-xss-protection 0 server cafe etag 15784850791818150134 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 29 Jul 2021 10:07:06 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/ Frame 2979	3 KB 1 KB	9ms 7ms	Script text/javascript	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=90&slotname=1869487945&adk=4004539508&adf=3235933448&pi=t.ma~as.1869487945&w=728&lmt=1626344046&psa=0&format=728x90&url=https%3A%2F%2Fdnr24.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046168&bpp=3&bdt=378&idt=382&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=572&ady=40&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=68UiDlwvB8&p=https%3A//dnr24.com&dtd=396 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:13:46 GMT content-encoding gzip x-content-type-options nosniff age 21 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1385 x-xss-protection 0 server cafe etag 10711834930267210186 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 29 Jul 2021 10:13:46 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 2979	124 KB 37 KB	25ms 22ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=90&slotname=1869487945&adk=4004539508&adf=3235933448&pi=t.ma~as.1869487945&w=728&lmt=1626344046&psa=0&format=728x90&url=https%3A%2F%2Fdnr24.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046168&bpp=3&bdt=378&idt=382&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=572&ady=40&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=68UiDlwvB8&p=https%3A//dnr24.com&dtd=396 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 67eba3529a67e088bd83ae179b0fcab337a0e5804ca07132d47a5013dff6e43d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:14:07 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1626261971611604" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38113 x-xss-protection 0 expires Thu, 15 Jul 2021 10:14:07 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/ Frame 2979	14 KB 6 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=90&slotname=1869487945&adk=4004539508&adf=3235933448&pi=t.ma~as.1869487945&w=728&lmt=1626344046&psa=0&format=728x90&url=https%3A%2F%2Fdnr24.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046168&bpp=3&bdt=378&idt=382&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=572&ady=40&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=68UiDlwvB8&p=https%3A//dnr24.com&dtd=396 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7e5e8d7a52cffab98c6c3957e1c30af475c697d4d50ba91aeab0b11eea32a166 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:14:00 GMT content-encoding gzip x-content-type-options nosniff age 7 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6198 x-xss-protection 0 server cafe etag 11976405653130873325 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 29 Jul 2021 10:14:00 GMT
GET H3-29	200	index.html Show response tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/ Frame 5666	92 KB 22 KB	8ms 7ms	Document text/html	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/index.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=90&slotname=1869487945&adk=4004539508&adf=3235933448&pi=t.ma~as.1869487945&w=728&lmt=1626344046&psa=0&format=728x90&url=https%3A%2F%2Fdnr24.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046168&bpp=3&bdt=378&idt=382&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=572&ady=40&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=68UiDlwvB8&p=https%3A//dnr24.com&dtd=396 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dff01daed626ba5cceec848f483670a27c525643b6a3c26adb5796b668d1c253 Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sadbundle/$csp%3Der3$/5646111312527115393/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://googleads.g.doubleclick.net/ Response headers accept-ranges bytes vary Accept-Encoding content-type text/html access-control-allow-origin * content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' cross-origin-resource-policy cross-origin timing-allow-origin * date Tue, 13 Jul 2021 01:25:26 GMT expires Wed, 13 Jul 2022 01:25:26 GMT last-modified Fri, 28 May 2021 09:13:00 GMT x-content-type-options nosniff x-dns-prefetch-control off content-encoding gzip server sffe x-xss-protection 0 content-length 22289 age 204521 cache-control public, max-age=31536000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	adview googleads.g.doubleclick.net/pagead/ Frame 2979	0 0	18ms 17ms	Fetch text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CjER6bgrwYInJI-a-zAaetpuoDrmOwYljr82r4YgOyvnTpIUlEAEg16-5JWCVAqAB3qfX2gPIAQmpAkRdscZp3rM-qAMByANIqgTMAU_QEt7QEM9UO5M6Xomhu5TSX-03TgN_4m3cOnXpEwlZdXTNQ-4iHEpQhjI6utLbbuUcaSjoLxbd4n8wd8CThEbZHVlOKaDOqxDbwbXC0IJs4qWOo2GB-hR3sTEqns3bWBsNCdr0fLegXNfnkw73z_XDYY4vDvJZFrqLLinYw-PE1tyGwIuXazlDw_m42NrBDztygEKHrEXu_gLpz6M7jrU1C1tcdqvAgBLOXNhHdsQ96DK-p53Gibw2fORE5tOjPvMjqunzCI-l42SKlMAE7obI8ssDkgUECAQYAZIFBAgFGASgBi6AB4nZ1kOoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQpqAX0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTQyNzA1MTQyOTAwMTgwNzI&sigh=_APRJk-yETA&template_id=419 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=90&slotname=1869487945&adk=4004539508&adf=3235933448&pi=t.ma~as.1869487945&w=728&lmt=1626344046&psa=0&format=728x90&url=https%3A%2F%2Fdnr24.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046168&bpp=3&bdt=378&idt=382&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=572&ady=40&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=68UiDlwvB8&p=https%3A//dnr24.com&dtd=396 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=90&slotname=1869487945&adk=4004539508&adf=3235933448&pi=t.ma~as.1869487945&w=728&lmt=1626344046&psa=0&format=728x90&url=https%3A%2F%2Fdnr24.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046168&bpp=3&bdt=378&idt=382&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=572&ady=40&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=68UiDlwvB8&p=https%3A//dnr24.com&dtd=396 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Thu, 15 Jul 2021 10:14:07 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3-29	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 6489	143 B 163 B	7ms 6ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=90&slotname=1869487945&adk=4004539508&adf=3235933448&pi=t.ma~as.1869487945&w=728&lmt=1626344046&psa=0&format=728x90&url=https%3A%2F%2Fdnr24.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046168&bpp=3&bdt=378&idt=382&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=572&ady=40&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=68UiDlwvB8&p=https%3A//dnr24.com&dtd=396 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software safe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/drt/s?v=r20120211 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=90&slotname=1869487945&adk=4004539508&adf=3235933448&pi=t.ma~as.1869487945&w=728&lmt=1626344046&psa=0&format=728x90&url=https%3A%2F%2Fdnr24.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046168&bpp=3&bdt=378&idt=382&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=572&ady=40&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=68UiDlwvB8&p=https%3A//dnr24.com&dtd=396 accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUk3onrRlBhxNXGOw-vKb3UlHm0pi-QGt3oaw1MzfByKeCAVaHMSbcR12ceifp4 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=90&slotname=1869487945&adk=4004539508&adf=3235933448&pi=t.ma~as.1869487945&w=728&lmt=1626344046&psa=0&format=728x90&url=https%3A%2F%2Fdnr24.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046168&bpp=3&bdt=378&idt=382&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=572&ady=40&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=68UiDlwvB8&p=https%3A//dnr24.com&dtd=396 Response headers content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Thu, 15 Jul 2021 09:42:56 GMT server safe content-length 145 x-xss-protection 0 cache-control public, max-age=3600 age 1871 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3-29	204	gen_csp pagead2.googlesyndication.com/pagead/ Frame 2979	0 20 B	28ms 14ms	Other image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIm4t9nr5PECFWYf0wodHtsG5Q&gqi=bgrwYISNI8u4nsEPuea34Aw&layout=/sadbundle/%24csp%253Der3%24/5646111312527115393/index.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=90&slotname=1869487945&adk=4004539508&adf=3235933448&pi=t.ma~as.1869487945&w=728&lmt=1626344046&psa=0&format=728x90&url=https%3A%2F%2Fdnr24.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046168&bpp=3&bdt=378&idt=382&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=572&ady=40&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=68UiDlwvB8&p=https%3A//dnr24.com&dtd=396 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/csp-report Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:07 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/ Frame AE05	3 KB 1 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=9731553745&adk=1676835415&adf=2852835187&pi=t.ma~as.9731553745&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046174&bpp=1&bdt=384&idt=519&shv=r20210708&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc73ad1f7581f9ca8-220874716dc90059%3AT%3D1626344046%3ART%3D1626344046%3AS%3DALNI_MblpG2InOzo5DXhN46D0svFamzj0Q&prev_fmts=0x0%2C728x90%2C300x600&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=wWdlYMRl5g&p=https%3A//dnr24.com&dtd=536 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:13:46 GMT content-encoding gzip x-content-type-options nosniff age 21 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1385 x-xss-protection 0 server cafe etag 10711834930267210186 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 29 Jul 2021 10:13:46 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame AE05	124 KB 37 KB	14ms 14ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=9731553745&adk=1676835415&adf=2852835187&pi=t.ma~as.9731553745&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046174&bpp=1&bdt=384&idt=519&shv=r20210708&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc73ad1f7581f9ca8-220874716dc90059%3AT%3D1626344046%3ART%3D1626344046%3AS%3DALNI_MblpG2InOzo5DXhN46D0svFamzj0Q&prev_fmts=0x0%2C728x90%2C300x600&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=wWdlYMRl5g&p=https%3A//dnr24.com&dtd=536 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 67eba3529a67e088bd83ae179b0fcab337a0e5804ca07132d47a5013dff6e43d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:14:07 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1626261971611604" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38113 x-xss-protection 0 expires Thu, 15 Jul 2021 10:14:07 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/ Frame AE05	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=9731553745&adk=1676835415&adf=2852835187&pi=t.ma~as.9731553745&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046174&bpp=1&bdt=384&idt=519&shv=r20210708&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc73ad1f7581f9ca8-220874716dc90059%3AT%3D1626344046%3ART%3D1626344046%3AS%3DALNI_MblpG2InOzo5DXhN46D0svFamzj0Q&prev_fmts=0x0%2C728x90%2C300x600&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=wWdlYMRl5g&p=https%3A//dnr24.com&dtd=536 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7e5e8d7a52cffab98c6c3957e1c30af475c697d4d50ba91aeab0b11eea32a166 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:14:00 GMT content-encoding gzip x-content-type-options nosniff age 7 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6198 x-xss-protection 0 server cafe etag 11976405653130873325 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 29 Jul 2021 10:14:00 GMT
GET H3-29	200	index.html Show response tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame B951	223 KB 37 KB	10ms 9ms	Document text/html	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=9731553745&adk=1676835415&adf=2852835187&pi=t.ma~as.9731553745&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046174&bpp=1&bdt=384&idt=519&shv=r20210708&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc73ad1f7581f9ca8-220874716dc90059%3AT%3D1626344046%3ART%3D1626344046%3AS%3DALNI_MblpG2InOzo5DXhN46D0svFamzj0Q&prev_fmts=0x0%2C728x90%2C300x600&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=wWdlYMRl5g&p=https%3A//dnr24.com&dtd=536 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a7bf67883867f93d08cbf4eeac0485e641cb9e5b123e18bef046b7c706cffd28 Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sadbundle/$csp%3Der3$/17626451119355985920/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://googleads.g.doubleclick.net/ Response headers accept-ranges bytes vary Accept-Encoding content-type text/html access-control-allow-origin * content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' cross-origin-resource-policy cross-origin timing-allow-origin * date Tue, 13 Jul 2021 07:52:01 GMT expires Wed, 13 Jul 2022 07:52:01 GMT last-modified Mon, 03 May 2021 14:21:52 GMT x-content-type-options nosniff x-dns-prefetch-control off content-encoding gzip server sffe x-xss-protection 0 content-length 38330 age 181326 cache-control public, max-age=31536000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	adview googleads.g.doubleclick.net/pagead/ Frame AE05	0 0	29ms 18ms	Fetch text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=ClGDMbgrwYMnnLPWEzAaQ5Jy4C-W2js5i_8r3gfYNv-EeEAEg16-5JWCVAqABlc_o8QPIAQmpAkRdscZp3rM-qAMByAMCqgTUAU_QZ6ZnsYSxhAnRhSbRcj812qSNahuRNg-xBADgD7Wg7z1ERUNgh3qb94_rfpRotbC9ZQceLSRB5lIpfAMCqGxbwG9amCT5kOKxukQbg4w9BDSGYgyEo9JMZMvWDGKUtRA6pQVhRLm8B4OCYXikVBi8H6fYTHAyU5MAuDc4vfmQL9FRfwC3KH1ocW3yoMonRHkF-_mYF81HqRbpLs-WxJT635HOGIayW-fRkKfkr6XdG4IumNoec4PmgO7WBt8JRnrzJBkSkDnqNb9-_kq0ltgoZhZQwATarIXYywOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGXYAH07CXDqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCo2THSCAkIgOGAEBABGB-ACgHICwHYEw2IFAHQFQGYFgGAFwGyFxoKGAgAEhRwdWItNDI3MDUxNDI5MDAxODA3Mg&sigh=6t3g6xEQDus Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=9731553745&adk=1676835415&adf=2852835187&pi=t.ma~as.9731553745&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046174&bpp=1&bdt=384&idt=519&shv=r20210708&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc73ad1f7581f9ca8-220874716dc90059%3AT%3D1626344046%3ART%3D1626344046%3AS%3DALNI_MblpG2InOzo5DXhN46D0svFamzj0Q&prev_fmts=0x0%2C728x90%2C300x600&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=wWdlYMRl5g&p=https%3A//dnr24.com&dtd=536 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=9731553745&adk=1676835415&adf=2852835187&pi=t.ma~as.9731553745&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046174&bpp=1&bdt=384&idt=519&shv=r20210708&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc73ad1f7581f9ca8-220874716dc90059%3AT%3D1626344046%3ART%3D1626344046%3AS%3DALNI_MblpG2InOzo5DXhN46D0svFamzj0Q&prev_fmts=0x0%2C728x90%2C300x600&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=wWdlYMRl5g&p=https%3A//dnr24.com&dtd=536 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Thu, 15 Jul 2021 10:14:07 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3-29	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame B308	143 B 163 B	15ms 7ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=9731553745&adk=1676835415&adf=2852835187&pi=t.ma~as.9731553745&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046174&bpp=1&bdt=384&idt=519&shv=r20210708&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc73ad1f7581f9ca8-220874716dc90059%3AT%3D1626344046%3ART%3D1626344046%3AS%3DALNI_MblpG2InOzo5DXhN46D0svFamzj0Q&prev_fmts=0x0%2C728x90%2C300x600&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=wWdlYMRl5g&p=https%3A//dnr24.com&dtd=536 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software safe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/drt/s?v=r20120211 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=9731553745&adk=1676835415&adf=2852835187&pi=t.ma~as.9731553745&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046174&bpp=1&bdt=384&idt=519&shv=r20210708&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc73ad1f7581f9ca8-220874716dc90059%3AT%3D1626344046%3ART%3D1626344046%3AS%3DALNI_MblpG2InOzo5DXhN46D0svFamzj0Q&prev_fmts=0x0%2C728x90%2C300x600&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=wWdlYMRl5g&p=https%3A//dnr24.com&dtd=536 accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUk3onrRlBhxNXGOw-vKb3UlHm0pi-QGt3oaw1MzfByKeCAVaHMSbcR12ceifp4 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=9731553745&adk=1676835415&adf=2852835187&pi=t.ma~as.9731553745&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046174&bpp=1&bdt=384&idt=519&shv=r20210708&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc73ad1f7581f9ca8-220874716dc90059%3AT%3D1626344046%3ART%3D1626344046%3AS%3DALNI_MblpG2InOzo5DXhN46D0svFamzj0Q&prev_fmts=0x0%2C728x90%2C300x600&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=wWdlYMRl5g&p=https%3A//dnr24.com&dtd=536 Response headers content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Thu, 15 Jul 2021 09:42:56 GMT server safe content-length 145 x-xss-protection 0 cache-control public, max-age=3600 age 1871 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	css fonts.googleapis.com/ Frame 326F	3 KB 687 B	18ms 15ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=5351352692&adk=3703005410&adf=1615624222&pi=t.ma~as.5351352692&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046171&bpp=3&bdt=381&idt=444&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oTVm7cefzT&p=https%3A//dnr24.com&dtd=470 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 15 Jul 2021 09:39:14 GMT server ESF date Thu, 15 Jul 2021 10:14:07 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 15 Jul 2021 10:14:07 GMT
GET DATA	200 OK	truncated / Frame 2979	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b6305f9b99633e8680a8e6f26a432079d836d3a8f983cf3f7b7995b891a18acd Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	load_preloaded_resource_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/ Frame 326F	1 KB 914 B	6ms 6ms	Script text/javascript	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/load_preloaded_resource_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=5351352692&adk=3703005410&adf=1615624222&pi=t.ma~as.5351352692&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046171&bpp=3&bdt=381&idt=444&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oTVm7cefzT&p=https%3A//dnr24.com&dtd=470 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:13:48 GMT content-encoding gzip x-content-type-options nosniff age 19 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 882 x-xss-protection 0 server cafe etag 11243716317595354070 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 29 Jul 2021 10:13:48 GMT
GET H3-29	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210708/r20110914/ Frame 326F	17 KB 7 KB	12ms 10ms	Script text/javascript	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210708/r20110914/abg_lite_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=5351352692&adk=3703005410&adf=1615624222&pi=t.ma~as.5351352692&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046171&bpp=3&bdt=381&idt=444&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oTVm7cefzT&p=https%3A//dnr24.com&dtd=470 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ed045b94f4874ac13890f9c4370e2b14b30c2a12a79d22e52d20872440b60ede Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:07:06 GMT content-encoding gzip x-content-type-options nosniff age 421 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7114 x-xss-protection 0 server cafe etag 15784850791818150134 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 29 Jul 2021 10:07:06 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/ Frame 326F	3 KB 1 KB	12ms 11ms	Script text/javascript	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=5351352692&adk=3703005410&adf=1615624222&pi=t.ma~as.5351352692&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046171&bpp=3&bdt=381&idt=444&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oTVm7cefzT&p=https%3A//dnr24.com&dtd=470 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:13:46 GMT content-encoding gzip x-content-type-options nosniff age 21 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1385 x-xss-protection 0 server cafe etag 10711834930267210186 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 29 Jul 2021 10:13:46 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 326F	124 KB 37 KB	16ms 15ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=5351352692&adk=3703005410&adf=1615624222&pi=t.ma~as.5351352692&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046171&bpp=3&bdt=381&idt=444&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oTVm7cefzT&p=https%3A//dnr24.com&dtd=470 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 67eba3529a67e088bd83ae179b0fcab337a0e5804ca07132d47a5013dff6e43d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:14:07 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1626261971611604" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38113 x-xss-protection 0 expires Thu, 15 Jul 2021 10:14:07 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/ Frame 326F	14 KB 6 KB	12ms 11ms	Script text/javascript	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210708/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=5351352692&adk=3703005410&adf=1615624222&pi=t.ma~as.5351352692&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046171&bpp=3&bdt=381&idt=444&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oTVm7cefzT&p=https%3A//dnr24.com&dtd=470 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7e5e8d7a52cffab98c6c3957e1c30af475c697d4d50ba91aeab0b11eea32a166 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:14:00 GMT content-encoding gzip x-content-type-options nosniff age 7 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6198 x-xss-protection 0 server cafe etag 11976405653130873325 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 29 Jul 2021 10:14:00 GMT
GET H3-29	204	l www.google.com/ads/measurement/ Frame 326F	0 0	16ms 15ms	Image text/html	2a00:1450:4001:801::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ4bmcrKR3JNh_gH92vQHtdKV25AZvel-LrynExSaCyMLZUYbiiPVYYoUyFZAq9I-VKYi1nbShlVnZxzMhF3_0SB0sjSg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=5351352692&adk=3703005410&adf=1615624222&pi=t.ma~as.5351352692&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046171&bpp=3&bdt=381&idt=444&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oTVm7cefzT&p=https%3A//dnr24.com&dtd=470 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-29	200	ef3ed83fa5244dfc7f7ca8c70cdace65.js Show response www.gstatic.com/mysidia/ Frame 326F	26 KB 11 KB	11ms 11ms	Script text/javascript	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/ef3ed83fa5244dfc7f7ca8c70cdace65.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=5351352692&adk=3703005410&adf=1615624222&pi=t.ma~as.5351352692&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046171&bpp=3&bdt=381&idt=444&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oTVm7cefzT&p=https%3A//dnr24.com&dtd=470 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ea13739a6ab669cc2f16a95685c1ed8c0fa771606e3a217cc2093b91103012df Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 06:50:42 GMT content-encoding gzip x-content-type-options nosniff age 12205 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10755 x-xss-protection 0 last-modified Tue, 13 Jul 2021 05:41:01 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 13 Oct 2021 06:50:42 GMT
POST H3-29	204	gen_csp pagead2.googlesyndication.com/pagead/ Frame AE05	0 20 B	17ms 15ms	Other image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMnWwNnr5PECFXUC0wodEDIHtw&gqi=bgrwYMieLJ21nsEPpaqx2Ac&layout=/sadbundle/%24csp%253Der3%24/17626451119355985920/index.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=9731553745&adk=1676835415&adf=2852835187&pi=t.ma~as.9731553745&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046174&bpp=1&bdt=384&idt=519&shv=r20210708&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc73ad1f7581f9ca8-220874716dc90059%3AT%3D1626344046%3ART%3D1626344046%3AS%3DALNI_MblpG2InOzo5DXhN46D0svFamzj0Q&prev_fmts=0x0%2C728x90%2C300x600&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=wWdlYMRl5g&p=https%3A//dnr24.com&dtd=536 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/csp-report Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:07 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	css fonts.googleapis.com/ Frame 5666	672 B 359 B	16ms 14ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:300 Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 1f4623db072ce1ab396e285ee6885ac3be5525853e0b795831201de566f7d384 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 15 Jul 2021 09:02:54 GMT server ESF date Thu, 15 Jul 2021 10:14:07 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 15 Jul 2021 10:14:07 GMT
GET H3-29	200	Enabler.js Show response tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5666	16 KB 6 KB	11ms 10ms	Script text/javascript	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 07:06:18 GMT content-encoding gzip x-content-type-options nosniff age 11269 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5866 x-xss-protection 0 server cafe etag 544157900006238945 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=86400 timing-allow-origin * expires Fri, 16 Jul 2021 07:06:18 GMT
GET H3-29	200	addata.js Show response tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5666	26 KB 10 KB	12ms 11ms	Script text/javascript	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 18:31:13 GMT content-encoding gzip x-content-type-options nosniff age 56574 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10382 x-xss-protection 0 server cafe etag 12806417668659483808 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=86400 timing-allow-origin * expires Thu, 15 Jul 2021 18:31:13 GMT
GET H3-29	200	downsize_200k_v1 tpc.googlesyndication.com/simgad/1323506538989237841/ Frame 326F	17 KB 17 KB	13ms 11ms	Image image/jpeg	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/1323506538989237841/downsize_200k_v1?w=400&h=209 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=5351352692&adk=3703005410&adf=1615624222&pi=t.ma~as.5351352692&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046171&bpp=3&bdt=381&idt=444&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oTVm7cefzT&p=https%3A//dnr24.com&dtd=470 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a3a0c17f79efc055aa581916ab8dab7fbee8735d6acdd2a0d2cd327852a49d7b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Jul 2021 07:50:44 GMT x-content-type-options nosniff age 181403 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17219 x-xss-protection 0 last-modified Tue, 03 Nov 2020 11:17:09 GMT server sffe content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Jul 2022 07:50:44 GMT
GET DATA	200 OK	truncated / Frame 326F	209 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame AE05	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f6064d6000c5ec56b371620dcec539048f485ae795ff2d8b3915711e1083d996 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	adview googleads.g.doubleclick.net/pagead/ Frame 326F	0 0	20ms 17ms	Fetch text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=COTtrbgrwYM_xKJGFzAam5YSwD_vhl-JisvS0vfMNldKx9egkEAEg16-5JWCVAqAB49mmmQLIAQmpAnUXkXcoXZE-qAMByAPLBKoEzwFP0JzmP1ueSNEZh4n8UPWKNQuVJt-2xvasovFFT2BkWWQ3ETQqNPPXKj3Tm3loy1VJGshaOUguQGUzp5ysM_GvZ3WnIzUP9OqUl9hUnkX8e1yRF23WTNPbSynjONjBuuKy82oDDByTrsz5iKoMPmK52rn20nV8i3ZpmOfjZC1OEWChatEOQcL7w59wRzxL1UQehYNuAhK4nOL58gWRD-pquqVVN3nMLvM9EI5NTgp1o7WD7hMm7ORkd_yeQN98qLpz60q9JrOWWAMMi10AgzbABOGgiqDFA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeFptnmAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCOngvSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMC0BUBmBYBgBcBshcaChgIABIUcHViLTQyNzA1MTQyOTAwMTgwNzI&sigh=VoqM6mvITE4&template_id=5000 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=5351352692&adk=3703005410&adf=1615624222&pi=t.ma~as.5351352692&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046171&bpp=3&bdt=381&idt=444&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oTVm7cefzT&p=https%3A//dnr24.com&dtd=470 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=5351352692&adk=3703005410&adf=1615624222&pi=t.ma~as.5351352692&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046171&bpp=3&bdt=381&idt=444&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oTVm7cefzT&p=https%3A//dnr24.com&dtd=470 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Thu, 15 Jul 2021 10:14:07 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H/1.1	200 Ok	d.png ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame 4D85	95 B 400 B	139ms 45ms	Image image/png	2a02:6b8::5:114 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::5:114 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software nginx/1.14.2 / Resource Hash 18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:07 GMT Server nginx/1.14.2 Strict-Transport-Security max-age=315360000; includeSubDomains X-RT-IH 0.0002 Content-Type image/png Cache-Control private Connection close X-RT-IQ 0.0002 Content-Length 95 Expires Fri, 16 Jul 2021 10:14:07 GMT
GET H2	200	Cg8qAmDwCm+pHlU4+PnsAgA= an.yandex.ru/mapuid/ditmsk/ Frame 4D85 Redirect Chain https://stats.mos.ru/gc/ynd/ https://an.yandex.ru/mapuid/ditmsk/Cg8qAmDwCm+pHlU4+PnsAgA=?time=1626344047.931 https://an.yandex.ru/mapuid/ditmsk/Cg8qAmDwCm+pHlU4+PnsAgA=?redir-setuniq=1&time=1626344047.931	43 B 80 B	52ms 50ms	Image image/gif	2a02:6b8::90 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/ditmsk/Cg8qAmDwCm+pHlU4+PnsAgA=?redir-setuniq=1&time=1626344047.931 Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:08 GMT content-encoding gzip last-modified Thu, 15 Jul 2021 10:14:08 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 15 Jul 2021 10:14:08 GMT Redirect headers pragma no-cache date Thu, 15 Jul 2021 10:14:08 GMT content-encoding gzip last-modified Thu, 15 Jul 2021 10:14:08 GMT strict-transport-security max-age=31536000 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" location https://an.yandex.ru/mapuid/ditmsk/Cg8qAmDwCm+pHlU4+PnsAgA=?redir-setuniq=1&time=1626344047.931 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 15 Jul 2021 10:14:08 GMT
GET H2	200	ct_sync.php sync.magnitent.com/fbfli/ Frame 4D85 Redirect Chain https://sonar.semantiqo.com/dmp/scr.php https://counter.yadro.ru/id127/reff-id.gif?sid=81654d4bd9f54417aa29195cee2beeb3 https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=75813290B5F0B07F&sid=81654d4bd9f54417aa29195cee2beeb3 https://cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/sess.php?sid=81654d4bd9f54417aa29195cee2beeb3&spid=75813290B5F0B07F&v= https://sync.magnitent.com/fbfli/ct_sync.php?ct=92ca1df335b44d3085acccae1219165c&sonar=81654d4bd9f54417aa29195cee2beeb3&spid=75813290B5F0B07F&v=	0 568 B	42ms 15ms	Image text/html	148.251.41.166 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.magnitent.com/fbfli/ct_sync.php?ct=92ca1df335b44d3085acccae1219165c&sonar=81654d4bd9f54417aa29195cee2beeb3&spid=75813290B5F0B07F&v= Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 148.251.41.166 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.166.41.251.148.clients.your-server.de Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin *, * date Thu, 15 Jul 2021 10:14:08 GMT mode no-cors, no-cors server nginx/1.18.0 cache-control no-cache, no-cache content-encoding gzip content-type text/html; charset=UTF-8 Redirect headers location https://sync.magnitent.com/fbfli/ct_sync.php?ct=92ca1df335b44d3085acccae1219165c&sonar=81654d4bd9f54417aa29195cee2beeb3&spid=75813290B5F0B07F&v= date Thu, 15 Jul 2021 10:14:08 GMT mode no-cors server nginx/1.18.0 access-control-allow-origin * content-type text/html; charset=UTF-8
GET H/1.1	200 OK	sync.cgi ssp.adriver.ru/cgi-bin/ Frame 4D85	42 B 201 B	266ms 66ms	Image image/gif	81.222.128.213 ELTEL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109 Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.222.128.213 , Russian Federation, ASN20597 (ELTEL-AS, RU), Reverse DNS ad13.adriver.ru Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:07 GMT Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type image/gif
GET H2	200	spacer.gif an.yandex.ru/resource/ Frame 4D85 Redirect Chain https://an.yandex.ru/mapuid/google/ https://an.yandex.ru/mapuid/google/?redir-setuniq=1 https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=D84E56A868485D47&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=D84E56A868485D47&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc= https://an.yandex.ru/resource/spacer.gif	43 B 135 B	50ms 48ms	Image image/gif	2a02:6b8::90 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/resource/spacer.gif Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Thu, 15 Jul 2021 10:14:08 GMT content-encoding gzip last-modified Wed, 18 Apr 2001 10:28:03 GMT strict-transport-security max-age=31536000 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif x-xss-protection 1; mode=block expires Thu, 30 Jun 2022 10:14:08 GMT Redirect headers pragma no-cache date Thu, 15 Jul 2021 10:14:08 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://an.yandex.ru/resource/spacer.gif cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 237 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	PPQHmvFk-H458yx7R2bI an.yandex.ru/mapuid/dmpamberdata/ Frame 4D85 Redirect Chain https://dmg.digitaltarget.ru/1/119/i/i?i=1626344046 https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&i=1626344046 https://an.yandex.ru/mapuid/dmpamberdata/PPQHmvFk-H458yx7R2bI	43 B 80 B	51ms 51ms	Image image/gif	2a02:6b8::90 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/dmpamberdata/PPQHmvFk-H458yx7R2bI Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:08 GMT content-encoding gzip last-modified Thu, 15 Jul 2021 10:14:08 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 15 Jul 2021 10:14:08 GMT Redirect headers Date Thu, 15 Jul 2021 10:14:08 GMT Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin Server nginx X-Frame-Options DENY Access-Control-Allow-Methods GET, POST, OPTIONS Location https://an.yandex.ru/mapuid/dmpamberdata/PPQHmvFk-H458yx7R2bI X-XSS-Protection 1; mode=block X-Permitted-Cross-Domain-Policies master-only Access-Control-Allow-Credentials true Access-Control-Max-Age 86400 Connection keep-alive Request-Time 38 Content-Length 0 X-Content-Type-Options nosniff
GET H2	200	forfXZ0QGF0F an.yandex.ru/mapuid/dmpsegmento/ Frame 4D85 Redirect Chain https://yandex-dmp-sync.rutarget.ru/sync https://an.yandex.ru/mapuid/dmpsegmento/forfXZ0QGF0F?sign=1425519309 https://an.yandex.ru/mapuid/dmpsegmento/forfXZ0QGF0F?redir-setuniq=1&sign=1425519309	43 B 80 B	51ms 51ms	Image image/gif	2a02:6b8::90 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/dmpsegmento/forfXZ0QGF0F?redir-setuniq=1&sign=1425519309 Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:08 GMT content-encoding gzip last-modified Thu, 15 Jul 2021 10:14:08 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 15 Jul 2021 10:14:08 GMT Redirect headers pragma no-cache date Thu, 15 Jul 2021 10:14:08 GMT content-encoding gzip last-modified Thu, 15 Jul 2021 10:14:08 GMT strict-transport-security max-age=31536000 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" location https://an.yandex.ru/mapuid/dmpsegmento/forfXZ0QGF0F?redir-setuniq=1&sign=1425519309 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 15 Jul 2021 10:14:08 GMT
GET H2	200	D-PBg6TP0tg3 an.yandex.ru/mapuid/rutargetis/ Frame 4D85 Redirect Chain https://yandex-sync.rutarget.ru/sync https://an.yandex.ru/mapuid/rutargetis/D-PBg6TP0tg3 https://an.yandex.ru/mapuid/rutargetis/D-PBg6TP0tg3?redir-setuniq=1	43 B 80 B	63ms 63ms	Image image/gif	2a02:6b8::90 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/rutargetis/D-PBg6TP0tg3?redir-setuniq=1 Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:08 GMT content-encoding gzip last-modified Thu, 15 Jul 2021 10:14:08 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 15 Jul 2021 10:14:08 GMT Redirect headers pragma no-cache date Thu, 15 Jul 2021 10:14:08 GMT content-encoding gzip last-modified Thu, 15 Jul 2021 10:14:08 GMT strict-transport-security max-age=31536000 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" location https://an.yandex.ru/mapuid/rutargetis/D-PBg6TP0tg3?redir-setuniq=1 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 15 Jul 2021 10:14:08 GMT
GET H2	200	irFWD11ABJGO3AuVvBl1pg an.yandex.ru/mapuid/dmpaidatame/ Frame 4D85 Redirect Chain https://x01.aidata.io/0.gif?pid=YANDEX https://an.yandex.ru/mapuid/dmpaidatame/irFWD11ABJGO3AuVvBl1pg?sign=4042461442	43 B 80 B	99ms 94ms	Image image/gif	2a02:6b8::90 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/dmpaidatame/irFWD11ABJGO3AuVvBl1pg?sign=4042461442 Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:07 GMT content-encoding gzip last-modified Thu, 15 Jul 2021 10:14:07 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 15 Jul 2021 10:14:07 GMT Redirect headers pragma no-cache date Thu, 15 Jul 2021 10:14:07 GMT last-modified Thu, 15 Jul 2021 10:14:06 GMT server nginx access-control-allow-methods GET, POST p3p CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA' location https://an.yandex.ru/mapuid/dmpaidatame/irFWD11ABJGO3AuVvBl1pg?sign=4042461442 cache-control no-cache, no-store, must-revalidate, post-check=0, pre-check=0 content-length 0 expires Thu, 15 Jul 2021 10:14:06 GMT
GET H2	200	634e9f90-e555-11eb-ad67-f832e4719dd9 an.yandex.ru/mapuid/dmpcleverdata/ Frame 4D85 Redirect Chain https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au https://an.yandex.ru/mapuid/dmpcleverdata/634e9f90-e555-11eb-ad67-f832e4719dd9?sign=2227967668	43 B 99 B	76ms 71ms	Image image/gif	2a02:6b8::90 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/dmpcleverdata/634e9f90-e555-11eb-ad67-f832e4719dd9?sign=2227967668 Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:07 GMT content-encoding gzip last-modified Thu, 15 Jul 2021 10:14:07 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 15 Jul 2021 10:14:07 GMT Redirect headers location https://an.yandex.ru/mapuid/dmpcleverdata/634e9f90-e555-11eb-ad67-f832e4719dd9?sign=2227967668 date Thu, 15 Jul 2021 10:14:07 GMT cache-control private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate, private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate server nginx content-length 0 expires 0, 0
GET H2	200	rLvu an.yandex.ru/mapuid/dmpweborama/UtWm.PhmQYoGq09lm/ Frame 4D85 Redirect Chain https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=1857903850 https://an.yandex.ru/mapuid/dmpweborama/UtWm.PhmQYoGq09lm/rLvu	43 B 80 B	75ms 73ms	Image image/gif	2a02:6b8::90 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/dmpweborama/UtWm.PhmQYoGq09lm/rLvu Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:07 GMT content-encoding gzip last-modified Thu, 15 Jul 2021 10:14:07 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 15 Jul 2021 10:14:07 GMT Redirect headers pragma no-cache date Thu, 15 Jul 2021 10:14:07 GMT via 1.1 google last-modified Thu, 15 Jul 2021 10:14:07 GMT server nginx/1.12.0 location https://an.yandex.ru/mapuid/dmpweborama/UtWm.PhmQYoGq09lm/rLvu p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 alt-svc clear content-length 0 expires Tue, 03 Jul 2001 06:00:00 GMT
GET H2	200	/ an.yandex.ru/mapuid/ramblerssp/ Frame 4D85 Redirect Chain https://profile.ssp.rambler.ru/sync3.302?pid=188 https://an.yandex.ru/mapuid/ramblerssp/ https://an.yandex.ru/mapuid/ramblerssp/?redir-setuniq=1	43 B 80 B	49ms 49ms	Image image/gif	2a02:6b8::90 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/ramblerssp/?redir-setuniq=1 Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:08 GMT content-encoding gzip last-modified Thu, 15 Jul 2021 10:14:08 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 15 Jul 2021 10:14:08 GMT Redirect headers pragma no-cache date Thu, 15 Jul 2021 10:14:08 GMT content-encoding gzip last-modified Thu, 15 Jul 2021 10:14:08 GMT strict-transport-security max-age=31536000 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" location https://an.yandex.ru/mapuid/ramblerssp/?redir-setuniq=1 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 15 Jul 2021 10:14:08 GMT
GET H/1.1	200 OK	demconf.jpg dpm.demdex.net/ Frame 4D85 Redirect Chain https://an.yandex.ru/mapuid/adobedmp/ https://an.yandex.ru/mapuid/adobedmp/?redir-setuniq=1 https://dpm.demdex.net/ibs:dpid=423652&dpuuid=52AC3A0A3DAD7600 https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=52AC3A0A3DAD7600	42 B 958 B	41ms 39ms	Image image/gif	18.203.33.226 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=52AC3A0A3DAD7600 Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.203.33.226 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v012-0c7f2393d.edge-irl1.demdex.com 6.3.1.20210623115127 Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID Hhvx1lDqTT0= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers DCS dcs-prod-irl1-2-v012-0183b7191.edge-irl1.demdex.com 6.3.1.20210623115127 Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID DkCzXWbfTKE= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=52AC3A0A3DAD7600 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	204	yandexdmp-match dm.hybrid.ai/ Frame 4D85	0 238 B	134ms 43ms	Image text/plain	37.18.16.23 HYBRID-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dm.hybrid.ai/yandexdmp-match Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.18.16.23 , Netherlands, ASN205675 (HYBRID-AS, RU), Reverse DNS Software Hybrid Web Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:07 GMT server Hybrid Web Server p3p CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC" access-control-allow-origin * cache-control no-cache, no-store x-mode 101 x-xss-protection 1; mode=block expires -1
GET H2	200	7e5b07d4547c8c7db152222c5e27a8c10e019254bddac0655261100486c71169 an.yandex.ru/mapuid/mediascope/ Frame 4D85 Redirect Chain https://cm.tns-counter.ru/yacm https://an.yandex.ru/mapuid/mediascope/7e5b07d4547c8c7db152222c5e27a8c10e019254bddac0655261100486c71169 https://an.yandex.ru/mapuid/mediascope/7e5b07d4547c8c7db152222c5e27a8c10e019254bddac0655261100486c71169?redir-setuniq=1	43 B 80 B	51ms 50ms	Image image/gif	2a02:6b8::90 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/mediascope/7e5b07d4547c8c7db152222c5e27a8c10e019254bddac0655261100486c71169?redir-setuniq=1 Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:08 GMT content-encoding gzip last-modified Thu, 15 Jul 2021 10:14:08 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 15 Jul 2021 10:14:08 GMT Redirect headers pragma no-cache date Thu, 15 Jul 2021 10:14:08 GMT content-encoding gzip last-modified Thu, 15 Jul 2021 10:14:08 GMT strict-transport-security max-age=31536000 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" location https://an.yandex.ru/mapuid/mediascope/7e5b07d4547c8c7db152222c5e27a8c10e019254bddac0655261100486c71169?redir-setuniq=1 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Thu, 15 Jul 2021 10:14:08 GMT
GET H2	204	sync sync.upravel.com/yandex/ Frame 4D85 Redirect Chain https://sync.upravel.com/yandex/sync https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ	0 260 B	28ms 24ms	Image text/plain	148.251.129.43 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 148.251.129.43 Eislingen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS prod-hzeu-bidder-23.community.moscow Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Thu, 15 Jul 2021 10:14:08 GMT access-control-allow-credentials false server nginx access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range access-control-allow-methods GET, POST, OPTIONS access-control-expose-headers Content-Length,Content-Range Redirect headers date Thu, 15 Jul 2021 10:14:07 GMT server nginx location https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ access-control-allow-methods GET, POST, OPTIONS p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range access-control-allow-credentials false content-type image/png access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range content-length 0
GET H3-29	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame ABAA	1 KB 749 B	7ms 6ms	Document text/html	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=5351352692&adk=3703005410&adf=1615624222&pi=t.ma~as.5351352692&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046171&bpp=3&bdt=381&idt=444&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oTVm7cefzT&p=https%3A//dnr24.com&dtd=470 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://googleads.g.doubleclick.net/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Thu, 15 Jul 2021 03:09:05 GMT expires Fri, 16 Jul 2021 03:09:05 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 25502 cache-control public, max-age=86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame 326F	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bd412da1bc1d29d31ea68991f7c053f5cc486c8458be604b380f2571dfe53e3d Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	css fonts.googleapis.com/ Frame 5666	2 KB 414 B	25ms 23ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:300,400,700 Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7a2dd21532e68bb69249e38f9f22315cd53843f618a78b6169c3ae64ac02294f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 15 Jul 2021 09:13:09 GMT server ESF date Thu, 15 Jul 2021 10:14:07 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 15 Jul 2021 10:14:07 GMT
GET H3-29	200	css fonts.googleapis.com/ Frame B951	2 KB 499 B	20ms 15ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2130554153fa8c200d17c28a5c70c3b0cf4bd9b4796d6e431c89c7f99417a1a9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 15 Jul 2021 10:12:11 GMT server ESF date Thu, 15 Jul 2021 10:14:07 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 15 Jul 2021 10:14:07 GMT
GET		tag.js mc.yandex.ru/metrika/ Frame F0EA	0 0
GET H3-29	200	Enabler.js Show response tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B951	16 KB 6 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 07:06:18 GMT content-encoding gzip x-content-type-options nosniff age 11269 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5866 x-xss-protection 0 server cafe etag 544157900006238945 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=86400 timing-allow-origin * expires Fri, 16 Jul 2021 07:06:18 GMT
GET H3-29	200	addata.js Show response tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B951	26 KB 10 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 18:31:13 GMT content-encoding gzip x-content-type-options nosniff age 56574 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10382 x-xss-protection 0 server cafe etag 12806417668659483808 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=86400 timing-allow-origin * expires Thu, 15 Jul 2021 18:31:13 GMT
GET H3-29	200	4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2 fonts.gstatic.com/s/googlesans/v27/ Frame 326F	21 KB 21 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://googleads.g.doubleclick.net Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Jul 2021 02:22:18 GMT x-content-type-options nosniff age 201109 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21716 x-xss-protection 0 last-modified Wed, 11 Nov 2020 20:26:21 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Jul 2022 02:22:18 GMT
GET H3-29	200	4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2 fonts.gstatic.com/s/googlesans/v27/ Frame 326F	21 KB 21 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://googleads.g.doubleclick.net Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Jul 2021 13:46:22 GMT x-content-type-options nosniff age 160065 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21552 x-xss-protection 0 last-modified Wed, 11 Nov 2020 20:26:16 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Jul 2022 13:46:22 GMT
GET H3-29	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 6489 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si	0 16 B	17ms 16ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=90&slotname=1869487945&adk=4004539508&adf=3235933448&pi=t.ma~as.1869487945&w=728&lmt=1626344046&psa=0&format=728x90&url=https%3A%2F%2Fdnr24.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046168&bpp=3&bdt=378&idt=382&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=572&ady=40&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=68UiDlwvB8&p=https%3A//dnr24.com&dtd=396 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software safe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/drt/si pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUk3onrRlBhxNXGOw-vKb3UlHm0pi-QGt3oaw1MzfByKeCAVaHMSbcR12ceifp4 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type text/html; charset=UTF-8 x-content-type-options nosniff date Thu, 15 Jul 2021 10:14:07 GMT server safe content-length 0 x-xss-protection 0 set-cookie DSID=NO_DATA; expires=Thu, 15-Jul-2021 11:14:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Thu, 15 Jul 2021 10:14:07 GMT cache-control private Redirect headers location https://googleads.g.doubleclick.net/pagead/drt/si cache-control private content-type text/html; charset=UTF-8 x-content-type-options nosniff date Thu, 15 Jul 2021 10:14:07 GMT server safe content-length 246 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v17/ Frame B951	23 KB 23 KB	8ms 7ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin null Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Jul 2021 00:16:41 GMT x-content-type-options nosniff age 208646 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23484 x-xss-protection 0 last-modified Tue, 15 Sep 2020 18:10:46 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Jul 2022 00:16:41 GMT
GET H3-29	200	N0bU2SZBIuF2PU_0DXR1.woff2 fonts.gstatic.com/s/bungee/v6/ Frame B951	17 KB 17 KB	9ms 8ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/bungee/v6/N0bU2SZBIuF2PU_0DXR1.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b00176dbbd9e4c77629b36fae58d076c8c3b55754e7c2dd3a6e4986e7ec9c37b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin null Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Jul 2021 04:57:56 GMT x-content-type-options nosniff age 191771 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17268 x-xss-protection 0 last-modified Tue, 01 Sep 2020 03:47:49 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Jul 2022 04:57:56 GMT
GET H3-29	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.gstatic.com/s/lato/v17/ Frame B951	22 KB 22 KB	8ms 7ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:regular,700|Bungee:regular Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin null Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Jul 2021 08:34:22 GMT x-content-type-options nosniff age 178785 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 22992 x-xss-protection 0 last-modified Tue, 15 Sep 2020 18:12:12 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Jul 2022 08:34:22 GMT
GET H3-29	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame B308 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si	0 16 B	15ms 14ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=9731553745&adk=1676835415&adf=2852835187&pi=t.ma~as.9731553745&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046174&bpp=1&bdt=384&idt=519&shv=r20210708&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc73ad1f7581f9ca8-220874716dc90059%3AT%3D1626344046%3ART%3D1626344046%3AS%3DALNI_MblpG2InOzo5DXhN46D0svFamzj0Q&prev_fmts=0x0%2C728x90%2C300x600&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=1554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=wWdlYMRl5g&p=https%3A//dnr24.com&dtd=536 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software safe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/drt/si pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUk3onrRlBhxNXGOw-vKb3UlHm0pi-QGt3oaw1MzfByKeCAVaHMSbcR12ceifp4; DSID=NO_DATA Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type text/html; charset=UTF-8 x-content-type-options nosniff date Thu, 15 Jul 2021 10:14:07 GMT server safe content-length 0 x-xss-protection 0 set-cookie DSID=NO_DATA; expires=Thu, 15-Jul-2021 11:14:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Thu, 15 Jul 2021 10:14:07 GMT cache-control private Redirect headers location https://googleads.g.doubleclick.net/pagead/drt/si cache-control private content-type text/html; charset=UTF-8 x-content-type-options nosniff date Thu, 15 Jul 2021 10:14:07 GMT server safe content-length 246 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	dpixel cms.quantserve.com/ Frame ABAA	35 B 462 B	46ms 8ms	Image image/gif	2620:116:800d:21:8c6e:cf2c:8d6:9fb5 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBjUtv8Dep1C8H6FbXJnzQc&google_cver=1&google_push=AYg5qPJ_ioAMhJvmf7LGXLRCFbe0cKgy9CIl8t8mh5KK-0aRZck91Lk29dFpbg4MVcavHmkgi-NqPbZ5k47E2LdAoz501LoqhO0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=5351352692&adk=3703005410&adf=1615624222&pi=t.ma~as.5351352692&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046171&bpp=3&bdt=381&idt=444&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oTVm7cefzT&p=https%3A//dnr24.com&dtd=470 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:08 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame ABAA Redirect Chain https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJrUe8pJKmEjKTBIO4MuGOf8t-YbvRQl-4IJ29oumHmT8InidSO5b9iqqdih52aFy8Si_RhTfudQA9Dc7-MvCZMsPX6ctFT&google_gid=CAESEISMxFqpk4ViIfWA0QefZlY&goo... https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPCUwIcGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBKclVlOHBKS21FaktUQklPNE11R09mOHQtWWJ2UlFsLTRJSjI5b3VtSG1UOEluaWRTTzViOWlxcWRpaDUyYUZ5OFNpX1JoVGZ1ZFFBOURjNy... https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwcUNmeUdPTmV5ZS1uUlp4LTNpaWZFSmE4bU9hTTBvU2E1TW0xLTZPa0Rvdw==&google_push	170 B 188 B	20ms 17ms	Image image/png	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwcUNmeUdPTmV5ZS1uUlp4LTNpaWZFSmE4bU9hTTBvU2E1TW0xLTZPa0Rvdw==&google_push Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:08 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Thu, 15 Jul 2021 10:14:08 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwcUNmeUdPTmV5ZS1uUlp4LTNpaWZFSmE4bU9hTTBvU2E1TW0xLTZPa0Rvdw==&google_push cache-control no-cache, no-store timing-allow-origin * alt-svc clear content-length 0
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame ABAA Redirect Chain https://rtb.openx.net/sync/dds?google_gid=CAESEHLgmiOyIyQw6QjjST1QREY&google_cver=1&google_push=AYg5qPIzNyrDJ-_PuVMZexKd5wTqh19vg-XdiUYUIgGtqdcFsdAhQ3ZRE8VlZIZLRWkqlfkTSMCPmLUI69k-v6a3DMkbJsxdt-2X https://rtb.openx.net/sync/dds?google_gid=CAESEHLgmiOyIyQw6QjjST1QREY&google_cver=1&google_push=AYg5qPIzNyrDJ-_PuVMZexKd5wTqh19vg-XdiUYUIgGtqdcFsdAhQ3ZRE8VlZIZLRWkqlfkTSMCPmLUI69k-v6a3DMkbJsxdt-2X&... https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIzNyrDJ-_PuVMZexKd5wTqh19vg-XdiUYUIgGtqdcFsdAhQ3ZRE8VlZIZLRWkqlfkTSMCPmLUI69k-v6a3DMkbJsxdt-2X&google_hm=UQY8mmiEwnE5F1mEVddvAQ==	170 B 188 B	19ms 17ms	Image image/png	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIzNyrDJ-_PuVMZexKd5wTqh19vg-XdiUYUIgGtqdcFsdAhQ3ZRE8VlZIZLRWkqlfkTSMCPmLUI69k-v6a3DMkbJsxdt-2X&google_hm=UQY8mmiEwnE5F1mEVddvAQ== Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:08 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 15 Jul 2021 10:14:07 GMT via 1.1 google server Cowboy access-control-allow-origin null vary Origin p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIzNyrDJ-_PuVMZexKd5wTqh19vg-XdiUYUIgGtqdcFsdAhQ3ZRE8VlZIZLRWkqlfkTSMCPmLUI69k-v6a3DMkbJsxdt-2X&google_hm=UQY8mmiEwnE5F1mEVddvAQ== access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true alt-svc clear content-length 0 x-request-id qib2dehh23ejfmjutknn2jkfuie0rg6n
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame ABAA Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Pp9iFJFSSaGVB6ycWmPyYg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...	170 B 188 B	18ms 17ms	Image image/png	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Pp9iFJFSSaGVB6ycWmPyYg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLm07A87GUkiPgg39v5fHolGhxbZeeLJ5if4tOQ3dbkcodaSngNudj0oqb3HbVjSWGkPXSFJsGNj7fzcl4frtqZMq8cnx84 Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:08 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Pp9iFJFSSaGVB6ycWmPyYg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLm07A87GUkiPgg39v5fHolGhxbZeeLJ5if4tOQ3dbkcodaSngNudj0oqb3HbVjSWGkPXSFJsGNj7fzcl4frtqZMq8cnx84 date Thu, 15 Jul 2021 10:14:07 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET		pixel cm.g.doubleclick.net/ Frame ABAA Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&googl... https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_push=AY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-...	0 0
GET H2	200	trk ag.innovid.com/ Frame ABAA	43 B 296 B	78ms 21ms	Image image/gif	2a05:d01c:1d8:8100:9065:1944:fd14:ef66 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ag.innovid.com/trk?tid=11711&google_gid=CAESENkm0vvwJj93vAGuQ3OLRIs&google_cver=1&google_push=AYg5qPJxqB6X0TM7uUTLZb0dq48-Rvtq7wd0_htRUCLEZTJ9dXD2PJGVlPCuUHhakHJvU9cSdD-guVgQWRpbjO3CpT2Lwwh3F5I Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=5351352692&adk=3703005410&adf=1615624222&pi=t.ma~as.5351352692&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046171&bpp=3&bdt=381&idt=444&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oTVm7cefzT&p=https%3A//dnr24.com&dtd=470 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d01c:1d8:8100:9065:1944:fd14:ef66 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:08 GMT cache-control no-cache content-type image/gif content-length 43 request-time 1 expires -1
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame ABAA Redirect Chain https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPmNQiKUww-osgoR9hnSCv0&google_cver=1&google_push=AYg5qPJ4ed9Pz9mP6SXS8fqC... https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJ4ed9Pz9mP6SXS8fqCbJOkc2AqFNdV3teOmVlpcq_UHN80dR1AKmPOMMpL-fXWpaKYnhYEyLCTkOVrnfJCmQUmp0LbPuhuag&google_hm=	170 B 188 B	30ms 18ms	Image image/png	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJ4ed9Pz9mP6SXS8fqCbJOkc2AqFNdV3teOmVlpcq_UHN80dR1AKmPOMMpL-fXWpaKYnhYEyLCTkOVrnfJCmQUmp0LbPuhuag&google_hm= Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:08 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 15 Jul 2021 10:14:08 GMT server GHC p3p CP="NOI DSP COR NID PSAo OUR IND" location https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJ4ed9Pz9mP6SXS8fqCbJOkc2AqFNdV3teOmVlpcq_UHN80dR1AKmPOMMpL-fXWpaKYnhYEyLCTkOVrnfJCmQUmp0LbPuhuag&google_hm= cache-control no-store, no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin accept-ranges none content-length 0 expires Wed, 14 Jul 2021 10:14:08 GMT
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame ABAA	0 244 B	51ms 15ms	Image text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KZTaJu1qMC2RE-jO5IfjQDhZI0piT4WQVun2XK7PXWH_V-BtJY9XWNWZqaydwFLtLFgjtF1w Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=5351352692&adk=3703005410&adf=1615624222&pi=t.ma~as.5351352692&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046171&bpp=3&bdt=381&idt=444&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oTVm7cefzT&p=https%3A//dnr24.com&dtd=470 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:14:08 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Show response pagead2.googlesyndication.com/bg/ Frame 5666	35 KB 13 KB	10ms 5ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 06:50:46 GMT content-encoding br x-content-type-options nosniff age 12202 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13308 x-xss-protection 0 last-modified Tue, 06 Jul 2021 09:28:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 15 Jul 2022 06:50:46 GMT
GET H2	200	Logo.png tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/ Frame 5666	5 KB 6 KB	10ms 7ms	Image image/png	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/Logo.png Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a02ab9d3883933c49b321fb264b3e3a49630e5c7f10e6251fead1a76092a7903 Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' x-content-type-options nosniff age 176190 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5102 x-xss-protection 0 last-modified Fri, 28 May 2021 09:13:00 GMT server sffe date Tue, 13 Jul 2021 09:17:38 GMT content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Jul 2022 09:17:38 GMT
GET H2	200	composing.png tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/ Frame 5666	42 KB 42 KB	10ms 8ms	Image image/png	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/composing.png Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a54881af4fc9b48716c5a62b0e245049b1195576e34bf01b3259deb347aece76 Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' x-content-type-options nosniff age 211183 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42743 x-xss-protection 0 last-modified Fri, 28 May 2021 09:13:00 GMT server sffe date Mon, 12 Jul 2021 23:34:25 GMT content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 12 Jul 2022 23:34:25 GMT
GET H2	200	Bottom.jpg tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/ Frame 5666	14 KB 14 KB	11ms 9ms	Image image/jpeg	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/Bottom.jpg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1711c534228fdd8f0d0a0a50b83b115c264b30340007236be0148fde08227c6c Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' x-content-type-options nosniff age 208714 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14518 x-xss-protection 0 last-modified Fri, 28 May 2021 09:13:00 GMT server sffe date Tue, 13 Jul 2021 00:15:34 GMT content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Jul 2022 00:15:34 GMT
GET H2	200	BG.jpg tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/ Frame 5666	35 KB 35 KB	11ms 9ms	Image image/jpeg	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/BG.jpg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3da840f7a6235a91f38fcfaf0547093c7305d1c4e9a218b0797989fcba7e175 Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' x-content-type-options nosniff age 181321 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35682 x-xss-protection 0 last-modified Fri, 28 May 2021 09:13:00 GMT server sffe date Tue, 13 Jul 2021 07:52:07 GMT content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Jul 2022 07:52:07 GMT
GET H2	200	exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Show response pagead2.googlesyndication.com/bg/ Frame 1459	35 KB 13 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4270514290018072&output=html&h=600&slotname=5351352692&adk=3703005410&adf=1615624222&pi=t.ma~as.5351352692&w=300&fwrn=4&fwrnh=100&lmt=1626344046&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fdnr24.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626344046171&bpp=3&bdt=381&idt=444&shv=r20210708&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1564655746118&frm=20&pv=1&ga_vid=2093601208.1626344046&ga_sid=1626344046&ga_hid=2125483651&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061683&oid=3&pvsid=1098336550174130&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oTVm7cefzT&p=https%3A//dnr24.com&dtd=470 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 06:50:46 GMT content-encoding br x-content-type-options nosniff age 12202 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13308 x-xss-protection 0 last-modified Tue, 06 Jul 2021 09:28:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 15 Jul 2022 06:50:46 GMT
GET H3-29	200	null-leasing-logo-final_white_1.png tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame B951	2 KB 2 KB	14ms 8ms	Image image/png	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/null-leasing-logo-final_white_1.png Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 62cdccf1ab4b4215586295612a4a2ef96fa490250fa96dbccc565f659cab86ab Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' x-content-type-options nosniff age 228716 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1738 x-xss-protection 0 last-modified Mon, 03 May 2021 14:21:52 GMT server sffe date Mon, 12 Jul 2021 18:42:12 GMT content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 12 Jul 2022 18:42:12 GMT
GET H3-29	200	autos_licht_1.png tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame B951	6 KB 6 KB	12ms 8ms	Image image/png	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/autos_licht_1.png Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a87352099e9b3946d71f4f73c69f9217ef99278088a177d5eef09df78c11e4ae Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' x-content-type-options nosniff age 204538 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5867 x-xss-protection 0 last-modified Mon, 03 May 2021 14:21:52 GMT server sffe date Tue, 13 Jul 2021 01:25:10 GMT content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Jul 2022 01:25:10 GMT
GET H3-29	200	autos.png tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame B951	48 KB 48 KB	16ms 12ms	Image image/png	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/autos.png Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1c45bfa2dc80f54eb8564aa778a0929a00811168617ee6340cc59f0af48e5cca Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' x-content-type-options nosniff age 194949 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49113 x-xss-protection 0 last-modified Mon, 03 May 2021 14:21:52 GMT server sffe date Tue, 13 Jul 2021 04:04:59 GMT content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Jul 2022 04:04:59 GMT
GET H3-29	200	hintergrund_plain.jpg tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/ Frame B951	30 KB 30 KB	13ms 9ms	Image image/jpeg	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17626451119355985920/hintergrund_plain.jpg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 969231fe165a93933d6908d45bfa09c364b66de37160efea47d87d18d7d37bd8 Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' x-content-type-options nosniff age 195809 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30604 x-xss-protection 0 last-modified Mon, 03 May 2021 14:21:52 GMT server sffe date Tue, 13 Jul 2021 03:50:39 GMT content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Jul 2022 03:50:39 GMT
GET DATA	200 OK	truncated / Frame 5666	43 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif
GET H3-29	200	BG.jpg tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/ Frame 5666	35 KB 35 KB	8ms 7ms	Image image/jpeg	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/BG.jpg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3da840f7a6235a91f38fcfaf0547093c7305d1c4e9a218b0797989fcba7e175 Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' x-content-type-options nosniff age 181321 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35682 x-xss-protection 0 last-modified Fri, 28 May 2021 09:13:00 GMT server sffe date Tue, 13 Jul 2021 07:52:07 GMT content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Jul 2022 07:52:07 GMT
GET H3-29	200	Bottom.jpg tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/ Frame 5666	14 KB 14 KB	9ms 8ms	Image image/jpeg	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5646111312527115393/Bottom.jpg Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1711c534228fdd8f0d0a0a50b83b115c264b30340007236be0148fde08227c6c Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' x-content-type-options nosniff age 208714 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14518 x-xss-protection 0 last-modified Fri, 28 May 2021 09:13:00 GMT server sffe date Tue, 13 Jul 2021 00:15:34 GMT content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Jul 2022 00:15:34 GMT
GET H3-29	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 2979	42 B 64 B	22ms 22ms	Fetch image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqIwP5pf2uKvOlBlUuv1rCvKTzgbEUt__Wc5M5AQ9beYnKP2UMzYSmA3iDKq5gGJ9Q-T3KmhfIxhFFkarmrv38YzF4HNQYtR2qaFYVWf3Nc4lpJGmOG0mxoHGqr7x8TAcEwp1JCW4PQK7UZsodmtRB&sai=AMfl-YTw9ZZ0FK1WbicmozB2OEp2pm7HUK6J8iu_SvT8mmwQ4ABX2AX4SUKNjlyM0_R_uteVGJey48D-V0tAV220IWGpDrweuYL5piY&sig=Cg0ArKJSzHcZNfaFPxkCEAE&cid=CAASF-RokI8G3x8B6rf09ZEBeCztuxmDdx8Q&id=lidar2&mcvt=1000&p=40,572,130,1300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210714&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=4004539508&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1626344046568&dlt=577&rpt=182&isd=0&msd=0&r=v Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:08 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bundle.js Show response yastatic.net/q/set/s/rsya-tag-users/ Frame 4D85	105 KB 35 KB	60ms 59ms	Script application/javascript	2a02:6b8:20::215 YANDEX
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/q/set/s/rsya-tag-users/bundle.js Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software nginx/1.17.9 / Resource Hash e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:14:08 GMT content-encoding gzip last-modified Wed, 19 May 2021 13:42:44 GMT server nginx/1.17.9 etag W/"82bdc8db563d3e71c35534315f8a9fd5" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type application/javascript access-control-allow-origin * expires Sat, 17 Jul 2021 22:09:32 GMT cache-control public, max-age=31556952 nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} strict-transport-security max-age=43200000; includeSubDomains; timing-allow-origin * x-nginx-request-id 0eadb311d89da379
GET		watch.js mc.yandex.ru/metrika/ Frame 4D85	0 0
GET H2	200	data Show response yandex.ru/set/s/rsya-tag-users/ Frame 4D85	403 B 1 KB	176ms 69ms	Fetch application/json	2a02:6b8:a::a YANDEX
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fdnr24.com%2F Requested by Host: yastatic.net URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 1cc02b8d0e6fb38b49dc0b6c80ccfff8a1ba84ae0c4c095b472be1ed9a034cbe Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:14:09 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1} report-to { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type application/json; charset=utf-8 access-control-allow-origin https://yastatic.net cache-control public,max-age=300 access-control-allow-credentials true cookie _yasc=QN+D0C12Upr+iQbrRdMDthpNapKGyl6FpGas9HSXe1XPFpTG; domain=.yandex.ru; path=/; expires=Sat, 14-Aug-2021 10:14:09 GMT; secure x-xss-protection 1; mode=block
GET H3-29	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 326F	42 B 64 B	21ms 20ms	Fetch image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvPDVrh6BcZN4MuVAQaRP64wJU9ckDZAwyf-Z1KtYdBCZKhVSooXhjbLLNUFbj88DefMqHUeAoFsBB4253qbK8hBSvlXrrJd4NvU1NsL5zbqiVcAcPO-Gn1loydiNwdGwh9dddiKPRRhjiNWiGajGKF&sai=AMfl-YQVHGo2_MvkP_t38E6AMwqavZOaJSxHuVy9m7TOPZapauzCBVN5H4mY96RKuCMyLfCiFj6wOPXFng5fDSqq8Hz-YzdpCC6a5l4&sig=Cg0ArKJSzAcaVsjv6oO6EAE&cid=CAASF-RoXIGO1e4OQ8YQd_X5dzD29UZ-axWT&id=lidar2&mcvt=1000&p=306,990,906,1290&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210714&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3703005410&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1626344046646&dlt=668&rpt=109&isd=0&msd=0&r=v Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:09 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/ Frame 4D85	36 KB 14 KB	18ms 17ms	Script text/javascript	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: yastatic.net URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash 3863aa27a94c63552443bac3e301ede9d17255a7e1794bba5b6ff21850c66e35 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:14:09 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13978 x-xss-protection 0 server cafe etag 8394079078796230488 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Thu, 15 Jul 2021 10:14:09 GMT
GET H3-29	200	/ www.google.de/pagead/1p-user-list/1014923426/ Frame 4D85 Redirect Chain https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=cQrwYOzlCZal3wOfg7SYCg... https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=765993626&crd=&is_vtc=1&random=3772467705 https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=765993626&crd=&is_vtc=1&random=3772467705&ipr=y	42 B 64 B	20ms 20ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=765993626&crd=&is_vtc=1&random=3772467705&ipr=y Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:09 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 15 Jul 2021 10:14:09 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/gif location https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=765993626&crd=&is_vtc=1&random=3772467705&ipr=y cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/1014923426/ Frame 4D85 Redirect Chain https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=cQrwYO_pCY-k3wPFs5moBg... https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=338328196&crd=&is_vtc=1&random=1532159601 https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=338328196&crd=&is_vtc=1&random=1532159601&ipr=y	42 B 108 B	16ms 16ms	Image image/gif	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=338328196&crd=&is_vtc=1&random=1532159601&ipr=y Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:09 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 15 Jul 2021 10:14:09 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/gif location https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=338328196&crd=&is_vtc=1&random=1532159601&ipr=y cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 4D85	3 KB 1 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1626344049178&cv=9&fst=1626344049178&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fdnr24.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ab99f62bf42f52445cf80957811097ab0890148f9820002f3bd27d541ad0d411 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:09 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1117 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 4D85	3 KB 1 KB	52ms 51ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1626344049183&cv=9&fst=1626344049183&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fdnr24.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 288113a31235836f1682571130d21d627e5f99bba0c5099e4f916e15e90a44d9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:09 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1115 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 4D85	3 KB 1 KB	22ms 22ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1626344049185&cv=9&fst=1626344049185&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fdnr24.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b363b2a0aa64cacc62a4e26f200265f075a9c6629f18d8bbd1c74232bc8ad7ca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:09 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1116 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 4D85	3 KB 1 KB	54ms 52ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1626344049189&cv=9&fst=1626344049189&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fdnr24.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a5da631aabc219a772850529f09e49a32b43046db2b13374b0865d1eb07bf179 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:09 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1115 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/947884341/ Frame 4D85	42 B 120 B	18ms 17ms	Image image/gif	2a00:1450:4001:801::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/947884341/?random=1626344049178&cv=9&fst=1626343200000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fdnr24.com%2F&async=1&fmt=3&is_vtc=1&random=3906779897&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:09 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/947884341/ Frame 4D85	42 B 154 B	19ms 18ms	Image image/gif	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/947884341/?random=1626344049178&cv=9&fst=1626343200000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fdnr24.com%2F&async=1&fmt=3&is_vtc=1&random=3906779897&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:09 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/947884341/ Frame 4D85	42 B 120 B	21ms 21ms	Image image/gif	2a00:1450:4001:801::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/947884341/?random=1626344049185&cv=9&fst=1626343200000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fdnr24.com%2F&async=1&fmt=3&is_vtc=1&random=1324455689&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:09 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/947884341/ Frame 4D85	42 B 108 B	18ms 17ms	Image image/gif	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/947884341/?random=1626344049185&cv=9&fst=1626343200000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fdnr24.com%2F&async=1&fmt=3&is_vtc=1&random=1324455689&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:09 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	/ www.google.com/pagead/1p-user-list/693627671/ Frame 4D85	42 B 64 B	17ms 17ms	Image image/gif	2a00:1450:4001:801::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/693627671/?random=1626344049183&cv=9&fst=1626343200000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fdnr24.com%2F&async=1&fmt=3&is_vtc=1&random=2500188004&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:09 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	/ www.google.de/pagead/1p-user-list/693627671/ Frame 4D85	42 B 64 B	26ms 26ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/693627671/?random=1626344049183&cv=9&fst=1626343200000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fdnr24.com%2F&async=1&fmt=3&is_vtc=1&random=2500188004&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:09 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	/ www.google.com/pagead/1p-user-list/693627671/ Frame 4D85	42 B 64 B	18ms 17ms	Image image/gif	2a00:1450:4001:801::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/693627671/?random=1626344049189&cv=9&fst=1626343200000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fdnr24.com%2F&async=1&fmt=3&is_vtc=1&random=2401653251&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:09 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	/ www.google.de/pagead/1p-user-list/693627671/ Frame 4D85	42 B 64 B	20ms 20ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/693627671/?random=1626344049189&cv=9&fst=1626343200000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fdnr24.com%2F&async=1&fmt=3&is_vtc=1&random=2401653251&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:09 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	Signals-2a5856fc8ab16a1e27afbb4017043634292dc0f3cc93b3deaa3b1cb2f5325957.css focus-point.ru/widget-code/	62 KB 6 KB	3182ms 3181ms	Stylesheet text/css	185.221.152.238 EUROBYTE Eurobyte...
General Check archive.org Show headers Download Go to Full URL https://focus-point.ru/widget-code/Signals-2a5856fc8ab16a1e27afbb4017043634292dc0f3cc93b3deaa3b1cb2f5325957.css?1626343863 Requested by Host: focus-point.ru URL: https://focus-point.ru/widget-code/Projects-acb6b95409c0aa2468b874b90b8a00c9f86872f12089e0ef2f790e4a0d1374dd.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.221.152.238 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU), Reverse DNS dev.seointellect.ru Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_wsgi/4.6.2 Python/3.6 PHP/7.2.34 / PHP/7.2.34 Resource Hash 32e520b74d7163a6e5bcf9cf258de05c98fe9d0fd4d538cd609d08be3ba2041d Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:11:05 GMT Content-Encoding gzip Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_wsgi/4.6.2 Python/3.6 PHP/7.2.34 X-Powered-By PHP/7.2.34 Vary Accept-Encoding Content-Type text/css; charset=UTF-8 Cache-Control no-cache, private Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 4540
GET H/1.1	200 OK	Logoob.png dnr-board.com/images/cat/	10 KB 10 KB	142ms 41ms	Image image/png	5.101.127.9 PAGM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dnr-board.com/images/cat/Logoob.png Requested by Host: dnr24.com URL: https://dnr24.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 5.101.127.9 , Estonia, ASN198068 (PAGM-AS, EE), Reverse DNS Software nginx/1.18.0 / Resource Hash 6a8f8633b90bcfca4489db98e5f4d50549a8295c1de7851570ee44a10ba47400 Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Jul 2021 10:14:12 GMT Last-Modified Wed, 01 Mar 2017 07:24:38 GMT Server nginx/1.18.0 ETag "58b67736-2890" Content-Type image/png Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 10384 Expires Sun, 25 Jul 2021 10:14:12 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	11 KB 8 KB	18ms 18ms	XHR application/json	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210708&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4270514290018072&plah=dnr24.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b0bb60e5eafc2b03243d94a6f1147986e00276a53d88c7b17c2c686556bbed56 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Thu, 15 Jul 2021 10:14:12 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8507 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210708/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4270514290018072&plah=dnr24.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Jul 2021 10:14:12 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6467 x-xss-protection 0 expires Thu, 15 Jul 2021 10:14:12 GMT
GET H3-29	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/224/ Frame F22A	12 KB 5 KB	8ms 6ms	Document text/html	2a00:1450:4001:828::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/224/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dnr24.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dnr24.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5029 date Thu, 15 Jul 2021 09:37:26 GMT expires Fri, 15 Jul 2022 09:37:26 GMT last-modified Wed, 02 Jun 2021 17:09:45 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 2206 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	aframe Show response www.google.com/recaptcha/api2/ Frame 10DC	783 B 531 B	17ms 15ms	Document text/html	2a00:1450:4001:801::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 62d584df0affabc02d8683b5f60e1284931246c6b36b9c46f9f1d8b553b1f778 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-OCN0ngRRmnT4upqtU3x2og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://dnr24.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://dnr24.com/ Response headers expires Thu, 15 Jul 2021 10:14:12 GMT date Thu, 15 Jul 2021 10:14:12 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-OCN0ngRRmnT4upqtU3x2og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 512 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Show response pagead2.googlesyndication.com/bg/ Frame F22A	35 KB 13 KB	12ms 6ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Jul 2021 21:39:03 GMT content-encoding br x-content-type-options nosniff age 45310 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13308 x-xss-protection 0 last-modified Tue, 06 Jul 2021 09:28:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 14 Jul 2022 21:39:03 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 56 B	42ms 42ms	Image image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210708&jk=1098336550174130&bg=!TU6lTgrNAAZjFomlYxY7ACkAdvg8WubJNvV8php4ks6-6zZg4_0fhBZInam9YLe4vFkzFiswUmn4qwIAAAC3UgAAAAloAQeZAn34FsPG7LOhnpx6WAGecAaQ3OHVcVNVgGI3w08IK42HQrX0ivwQQSoKhqMefB12072nlk33DDP3rGiET7EcHKwe0Q6jYj875I0Y1gVrfiXDtvlhutjnCmEdTsWVP2f-RRqn5nfbq70aQVfWjHIuC0UGuPhJN9BEbS_smo0gTlBJxqpyKJn8GwZQvmvrVvkGxd4078vzI89yWbMrmThk9DHwKe-uIWafLrsOKz34GOtQV-e0Dm5VIAKt08y8mXSrY1-XUGlcUxIWCN-NmUC5zyAAciKeitiU2l364yu39Uj1QCaFAUQZUgkN19YNKyj6AmUGvSHEhRj1_Kd5le-eRhmeHpADGFVFzMT4AIggtb6HvX60YIwMWCrOw9XkGorRQ7_Wo2px19W090sq5BR3ur8BcwP_zvXfclWvGKD2dtUu1gFWXKr_eB3loa4a07TVDfrsMjoXfmJ7YLuWGbVW3GoEQs8Ze-Jrsvp7rJFfCTnhrgjjeLXB95IlH0sYTdcRs3NELEn07cLeE9KGXwRB0OrPWj7WIRpqfoTEC6_qWpqDpK43WcDXoYh788TK5RF7h0RVKeTFqSf5_uCbv_A-CrItJYjPCF9H1jFF1LmZj-yCkuVeFHGfzi5vzN36U-Run8tKOBzaTPfmW-J9vtLIcSDBggh59LyzdkXLuR7wUjmqHjKFYElDf98sBAA7YAh2O__Vn9X-DE2zc_MoM8BfU_KuFK9rBwJyz6xzcf4ZzztyPDXMcqHOT-hQJ-FxRDhGxBeOL2pTwNbsHsLrJRT7_xi06fjp3UDR1NUQrdigoRt_ShUuAgaMCEvDn7m3i8rUR2FQVfm61zi49z-XMLlQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dnr24.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 15 Jul 2021 10:14:13 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

code.jquery.com

URL

http://code.jquery.com/jquery-migrate-1.2.1.js

Domain

mc.yandex.ru

URL

https://mc.yandex.ru/metrika/watch.js

Domain

counter.rambler.ru

URL

http://counter.rambler.ru/top100.jcn?4437248

Domain

mc.yandex.ru

URL

https://mc.yandex.ru/metrika/watch.js

Domain

mc.yandex.ru

URL

https://mc.yandex.ru/metrika/tag.js

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPAKcFWq2WPFaUeSM5rnEAAABL4AAAAB&google_gid=CAESELR7Yt2jorD5qvMNk2R-I8Q&google_cver=1&google_push=AYg5qPLQ5p36z0Wvm0g7YcnNACjfW23e6qBr-p-P5anFPp8DS99oXr7jM4XXc8g7WVZDMwpOsClPheqWkbH3x-3wT089eFszBJRw

Domain

mc.yandex.ru

URL

https://mc.yandex.ru/metrika/watch.js