xn--80apebxaydq.xn--p1ai Open in urlscan Pro Puny
китайфото.рф IDN
81.16.141.103 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://xn--80apebxaydq.xn--p1ai/
Submission: On June 25 via api (June 25th 2022, 9:06:17 pm UTC) from FR — Scanned from FR

Summary HTTP 133 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 20 IPs in 7 countries across 19 domains to perform 133 HTTP transactions. The main IP is 81.16.141.103, located in Russian Federation and belongs to BITWEB-AS, RU. The main domain is xn--80apebxaydq.xn--p1ai.
TLS certificate: Issued by R3 on June 25th 2022. Valid for: 3 months.

This is the only time xn--80apebxaydq.xn--p1ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	81.16.141.103 81.16.141.103	57271 (BITWEB-AS) (BITWEB-AS)
5	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1 5	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
6	188.42.198.252 188.42.198.252	7979 (SERVERS-COM) (SERVERS-COM)
8	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1 4	185.106.81.236 185.106.81.236	7979 (SERVERS-COM) (SERVERS-COM)
15	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:777	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
2 2	104.89.42.102 104.89.42.102	16625 (AKAMAI-AS) (AKAMAI-AS)
4	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:8a99:96f8:9749:2848	16509 (AMAZON-02) (AMAZON-02)
133	20

32 81.16.141.103 (Russian Federation)

ASN57271 (BITWEB-AS, RU)
PTR: vanomak.bitweb.xyz

xn--80apebxaydq.xn--p1ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 188.42.198.252 (Luxembourg)

ASN7979 (SERVERS-COM, US)

www.travelpayouts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.106.81.236 (Netherlands) 1 redirects

ASN7979 (SERVERS-COM, US)

avsplow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:777 (United States)

ASN13335 (CLOUDFLARENET, US)

st.avsplow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.89.42.102 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-42-102.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:8a99:96f8:9749:2848 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	670 KB
32	function sub() { [native code] }.	624 KB
17	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	152 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com	176 KB
6	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 8	2 KB
6	travelpayouts.com www.travelpayouts.com — Cisco Umbrella Rank: 152250	101 KB
5	avsplow.com 1 redirects avsplow.com — Cisco Umbrella Rank: 181883 st.avsplow.com — Cisco Umbrella Rank: 216804	16 KB
5	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3472	57 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	170 KB
2	openx.net 2 redirects rtb.openx.net — Cisco Umbrella Rank: 1589	581 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1872	1 KB
2	google.fr adservice.google.fr — Cisco Umbrella Rank: 25125	914 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1383	296 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 336	460 B
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 629	166 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1107	464 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 867	657 B
0	casalemedia.com Failed ssum-sec.casalemedia.com — Cisco Umbrella Rank: 576 Failed
133	19

	Domain	Requested by
32	xn--80apebxaydq.xn--p1ai	xn--80apebxaydq.xn--p1ai
24	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
13	pagead2.googlesyndication.com	xn--80apebxaydq.xn--p1ai pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	fonts.gstatic.com	fonts.googleapis.com www.travelpayouts.com
6	www.travelpayouts.com	xn--80apebxaydq.xn--p1ai www.travelpayouts.com
5	www.gstatic.com	googleads.g.doubleclick.net
5	mc.yandex.ru	1 redirects xn--80apebxaydq.xn--p1ai mc.yandex.ru
5	fonts.googleapis.com	xn--80apebxaydq.xn--p1ai googleads.g.doubleclick.net
4	cm.g.doubleclick.net	googleads.g.doubleclick.net
4	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	www.googletagservices.com	googleads.g.doubleclick.net
4	avsplow.com	1 redirects xn--80apebxaydq.xn--p1ai st.avsplow.com
2	rtb.openx.net	2 redirects
2	e.dlx.addthis.com	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.fr	pagead2.googlesyndication.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	image6.pubmatic.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	st.avsplow.com	www.travelpayouts.com
0	ssum-sec.casalemedia.com Failed
133	24

This site contains links to these domains. Also see Links.

Domain
www.aviasales.ru
www.travelpayouts.com
hotellook.ru

Subject Issuer	Validity	Valid
xn--80apebxaydq.xn--p1ai R3	`2022-06-25` - `2022-09-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
travelpayouts.com R3	`2022-05-02` - `2022-07-31`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-15` - `2023-05-15`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
avsplow.com R3	`2022-05-21` - `2022-08-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://xn--80apebxaydq.xn--p1ai/
Frame ID: 7B169E168F7E667534EEB74E7A9D0B62
Requests: 73 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20190131/zrt_lookup.html
Frame ID: C3E447D381210B498DC1E3D8C632A883
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7685155712660169&output=html&adk=1812271804&adf=3025194257&lmt=1656191171&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fxn--80apebxaydq.xn--p1ai%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656191171187&bpp=3&bdt=388&idt=236&shv=r20220622&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1566887900717&frm=20&pv=2&ga_vid=781500676.1656191171&ga_sid=1656191171&ga_hid=312661581&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068200%2C42531606&oid=2&pvsid=2636524706717715&tmod=123537081&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=255
Frame ID: 32F36D378AA098E69D04998D2AC38C45
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7685155712660169&output=html&h=280&slotname=3688215582&adk=664760036&adf=3217791677&pi=t.ma~as.3688215582&w=1140&fwrn=4&fwrnh=100&lmt=1656191171&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fxn--80apebxaydq.xn--p1ai%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656191171190&bpp=2&bdt=391&idt=282&shv=r20220622&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1566887900717&frm=20&pv=1&ga_vid=781500676.1656191171&ga_sid=1656191171&ga_hid=312661581&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068200%2C42531606&oid=2&pvsid=2636524706717715&tmod=123537081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3Jhhmqb8Oq&p=https%3A//xn--80apebxaydq.xn--p1ai&dtd=286
Frame ID: 77C8EB0DE723AC0C43618501FC765E15
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7685155712660169&output=html&h=280&slotname=3688215582&adk=664760036&adf=549886277&pi=t.ma~as.3688215582&w=1140&fwrn=4&fwrnh=100&lmt=1656191171&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fxn--80apebxaydq.xn--p1ai%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656191171192&bpp=1&bdt=394&idt=298&shv=r20220622&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=1566887900717&frm=20&pv=1&ga_vid=781500676.1656191171&ga_sid=1656191171&ga_hid=312661581&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068200%2C42531606&oid=2&pvsid=2636524706717715&tmod=123537081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=D8sKCyfC2r&p=https%3A//xn--80apebxaydq.xn--p1ai&dtd=301
Frame ID: A11113E60E7187CD68F1AFA68C0FE3DD
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7685155712660169&output=html&h=280&adk=1918226732&adf=4092949745&pi=t.aa~a.3170725565~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1656191171&rafmt=1&to=qs&pwprc=4482657134&psa=0&format=1140x280&url=https%3A%2F%2Fxn--80apebxaydq.xn--p1ai%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656191171877&bpp=1&bdt=1079&idt=1&shv=r20220622&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3edaed224a4f05ec-22dda91fbecd0084%3AT%3D1656191171%3ART%3D1656191171%3AS%3DALNI_MYFkzMuQA64KZDFlORzHqXrV6H5Ag&prev_fmts=0x0%2C1140x280%2C1140x280&nras=2&correlator=1566887900717&frm=20&pv=1&ga_vid=781500676.1656191171&ga_sid=1656191171&ga_hid=312661581&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068200%2C42531606&oid=2&pvsid=2636524706717715&tmod=123537081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=b7fPkxvptQ&p=https%3A//xn--80apebxaydq.xn--p1ai&dtd=13
Frame ID: AD2AA89F9B79B1A749189E667469BB90
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
Frame ID: 484FB753C45D8EEC785109DAD92AF98E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6E75A77DDA32FD5239757511475D9866
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 1681852341E71A8D2F936E14E892D909
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 144DA8B023CC210C1A367AD33B2AA896
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VMIkCRcsBdnHjcKQySyKa4SHN4tvgvJmBLR4pWa9qeA.js
Frame ID: FBDDA5EB9B0F0DC1894B6577F8C4441D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VMIkCRcsBdnHjcKQySyKa4SHN4tvgvJmBLR4pWa9qeA.js
Frame ID: FCAB2BFA2BC890D1308CC544654FBFB8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VMIkCRcsBdnHjcKQySyKa4SHN4tvgvJmBLR4pWa9qeA.js
Frame ID: 8CB3155FCC7F77DA667F636EA2501ADC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D95D073E071F6307A78A82F74E74F7BC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VMIkCRcsBdnHjcKQySyKa4SHN4tvgvJmBLR4pWa9qeA.js
Frame ID: 0875B56BC583CDF3508480BDC371D9B7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 163361F5E54D2BD48F0F7C3A33CCD9B6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 55B2BD9CD1E3284F6E38AA7F2FEF63D7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Китай в фотографиях - Фото достопримечательностей Китая

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

133
Requests

95 %
HTTPS

59 %
IPv6

19
Domains

24
Subdomains

20
IPs

7
Countries

1971 kB
Transfer

4384 kB
Size

33
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.aviasales.ru/?marker=13235

Search URL Search Domain Scan URL

URL: https://www.travelpayouts.com/?marker=13235.poweredby&utm_source=powered_by&utm_medium=widget&utm_campaign=mewtwo

Search URL Search Domain Scan URL

URL: https://hotellook.ru/?marker=13235&language=ru

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://mc.yandex.ru/watch/8503732 HTTP 302
https://mc.yandex.ru/watch/8503732/1

Request Chain 39

https://avsplow.com/a/j.gif?p=web&tv=pixel&e=se&aid=tp_widgets&se_ca=mewtwo&se_ac=proxy_init&co=%7B%22schema%22%3A%22contexts%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22event%22%2C%22data%22%3A%7B%22widget_id%22%3A%220db4f2cb70ec5ce6575f3e0ecdbd5c2e%22%2C%22trace_id%22%3A%22Zz45592453a5da446cb5a50cef-13235%22%2C%22promo_id%22%3A%224238%22%7D%7D%5D%7D HTTP 302
https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%220db4f2cb70ec5ce6575f3e0ecdbd5c2e%22,%22trace_id%22:%22Zz45592453a5da446cb5a50cef-13235%22,%22promo_id%22:%224238%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web

Request Chain 98

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 107

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 130

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GDAYHKPliBKigVEBPVgogcbgszdmMowqy4_hlZC0KzP1sRc_4ZnJyE4g7zV-gj-AjZSpHce5Jx0BYr7kKk0M5ce-MSFE_n0&google_gid=CAESEB32jOSgol1XW4usEInlnIA&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GDAYHKPliBKigVEBPVgogcbgszdmMowqy4_hlZC0KzP1sRc_4ZnJyE4g7zV-gj-AjZSpHce5Jx0BYr7kKk0M5ce-MSFE_n0&google_gid=CAESEB32jOSgol1XW4usEInlnIA&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MjUyMTA2MTMwMDAxNTA3MDE4MTA2OQ%3D%3D&google_push=ARnp8GDAYHKPliBKigVEBPVgogcbgszdmMowqy4_hlZC0KzP1sRc_4ZnJyE4g7zV-gj-AjZSpHce5Jx0BYr7kKk0M5ce-MSFE_n0

Request Chain 131

https://rtb.openx.net/sync/dds?google_gid=CAESEB8xgzZBKscWUyybuqAdJGY&google_cver=1&google_push=ARnp8GB126XDHc1IAutBn9_q_EsxVF9LdRJm8n4BWhIaNAh4c-miMqN4kBh0B2qNagjKHdbyAtXseTj4_b9KYIK1_DNt6bbNRGVk HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEB8xgzZBKscWUyybuqAdJGY&google_cver=1&google_push=ARnp8GB126XDHc1IAutBn9_q_EsxVF9LdRJm8n4BWhIaNAh4c-miMqN4kBh0B2qNagjKHdbyAtXseTj4_b9KYIK1_DNt6bbNRGVk&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ARnp8GB126XDHc1IAutBn9_q_EsxVF9LdRJm8n4BWhIaNAh4c-miMqN4kBh0B2qNagjKHdbyAtXseTj4_b9KYIK1_DNt6bbNRGVk&google_hm=V2Q3hlNIxDUQ26SNt147gw==

Request Chain 133

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEABA29HlQ_aTFsqJBRG8wTs&google_cver=1&google_push=ARnp8GCvHy7AozGLV1x5tYJuwel1XpZEG_0mIFV9rhUf0FZ5p_0VMppDrt025A71f_6Xm-u53ZQA5R8_gbKxDc1zMLUslkxxgJc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRVREdOUU0tMTgtR1dHUg==&google_push=ARnp8GCvHy7AozGLV1x5tYJuwel1XpZEG_0mIFV9rhUf0FZ5p_0VMppDrt025A71f_6Xm-u53ZQA5R8_gbKxDc1zMLUslkxxgJc

Request Chain 134

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGTZBHvluYVSBKtzRTABBx8&google_cver=1&google_push=ARnp8GCAVVRadF4b08ksMwNPc0puWGtyDaLliwaBVVX1hwDQd_ffU4TG2VhV-q83Fidmb8ShLqVESnqDpESlXCxGjjGTIMzRiD0 HTTP 302
https://ssum-sec.casalemedia.com%2C%20r28.lb.indexww.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGTZBHvluYVSBKtzRTABBx8&google_push=ARnp8GCAVVRadF4b08ksMwNPc0puWGtyDaLliwaBVVX1hwDQd_ffU4TG2VhV-q83Fidmb8ShLqVESnqDpESlXCxGjjGTIMzRiD0&s=184023&C=1

133 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
xn--80apebxaydq.xn--p1ai/ 51 KB
13 KB 489ms
285ms Document
text/html 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx / PHP/7.4.5
Resource Hash: 688db1eb0c3386303b7de856d183ffb806aa93688699c23748114a420fca2246

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 25 Jun 2022 21:06:10 GMT
link: <https://xn--80apebxaydq.xn--p1ai/wp-json/>; rel="https://api.w.org/"
server: nginx
x-powered-by: PHP/7.4.5

GET
H2 200 style.min.css
xn--80apebxaydq.xn--p1ai/wp-includes/css/dist/block-library/ 81 KB
14 KB 73ms
61ms Stylesheet
text/css 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80apebxaydq.xn--p1ai/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx /
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:10 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 05:00:07 GMT
server: nginx
etag: W/"624d1e57-145db"
content-type: text/css

GET
H2 200 blocks.style.build.css
xn--80apebxaydq.xn--p1ai/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/ 184 B
303 B 73ms
60ms Stylesheet
text/css 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80apebxaydq.xn--p1ai/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/blocks.style.build.css?ver=2.0.54
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx /
Resource Hash: 36ed85dd058e4c2843e06146946e0ff1f9ace65760c22af5eb4f1b22319dddb5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:10 GMT
last-modified: Tue, 21 Jun 2022 09:04:36 GMT
server: nginx
accept-ranges: bytes
etag: "62b189a4-b8"
content-length: 184
content-type: text/css

GET
H2 200 frontend.css
xn--80apebxaydq.xn--p1ai/wp-content/plugins/multicolumn-category-widget/css/ 509 B
629 B 73ms
61ms Stylesheet
text/css 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80apebxaydq.xn--p1ai/wp-content/plugins/multicolumn-category-widget/css/frontend.css?ver=1.0.19
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx /
Resource Hash: 874392d9620c4b2c973cf5a7adfd7006426141de26f9e3dcdb2cc4c010491240

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:10 GMT
last-modified: Tue, 04 Aug 2020 01:15:07 GMT
server: nginx
accept-ranges: bytes
etag: "5f28b69b-1fd"
content-length: 509
content-type: text/css

GET
H2 200 style.css
xn--80apebxaydq.xn--p1ai/wp-content/themes/hustle/ 72 KB
17 KB 131ms
119ms Stylesheet
text/css 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80apebxaydq.xn--p1ai/wp-content/themes/hustle/style.css?ver=5.9.3
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx /
Resource Hash: f2339d35e2c484c5cf98fff4ceffde2beb0b6ebe796d5ae02771f3fb047e2691

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:10 GMT
content-encoding: gzip
last-modified: Wed, 22 Mar 2017 05:49:52 GMT
server: nginx
etag: W/"58d21080-1209a"
content-type: text/css

GET
H2 200 layout.css
xn--80apebxaydq.xn--p1ai/wp-content/themes/hustle/css/ 10 KB
3 KB 131ms
120ms Stylesheet
text/css 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80apebxaydq.xn--p1ai/wp-content/themes/hustle/css/layout.css?ver=5.9.3
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx /
Resource Hash: 88359a32870996dc91d7900efa183d15da08435206d70d78a2edeaf46ed1ed2a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:10 GMT
content-encoding: gzip
last-modified: Wed, 14 Feb 2018 01:56:51 GMT
server: nginx
etag: W/"5a839763-2866"
content-type: text/css

GET
H2 200 jquery.min.js Show response
xn--80apebxaydq.xn--p1ai/wp-includes/js/jquery/ 87 KB
35 KB 132ms
121ms Script
application/javascript 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80apebxaydq.xn--p1ai/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:10 GMT
content-encoding: gzip
last-modified: Fri, 06 Aug 2021 12:30:11 GMT
server: nginx
etag: W/"610d2b53-15db1"
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
xn--80apebxaydq.xn--p1ai/wp-includes/js/jquery/ 11 KB
5 KB 163ms
153ms Script
application/javascript 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80apebxaydq.xn--p1ai/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:10 GMT
content-encoding: gzip
last-modified: Fri, 06 Aug 2021 12:30:11 GMT
server: nginx
etag: W/"610d2b53-2bd8"
content-type: application/javascript

GET
H2 200 third-party.js Show response
xn--80apebxaydq.xn--p1ai/wp-content/themes/hustle/includes/js/ 4 KB
2 KB 163ms
154ms Script
application/javascript 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80apebxaydq.xn--p1ai/wp-content/themes/hustle/includes/js/third-party.js?ver=5.9.3
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx /
Resource Hash: 10de1c6ddc729b8498990df7445b2628bfd9c04185105517869910147b0ac16e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:10 GMT
content-encoding: gzip
last-modified: Wed, 22 Mar 2017 05:49:43 GMT
server: nginx
etag: W/"58d21077-110a"
content-type: application/javascript

GET
H2 200 general.js Show response
xn--80apebxaydq.xn--p1ai/wp-content/themes/hustle/includes/js/ 1 KB
800 B 163ms
154ms Script
application/javascript 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80apebxaydq.xn--p1ai/wp-content/themes/hustle/includes/js/general.js?ver=5.9.3
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx /
Resource Hash: 92e5cbb97cb64daf6c803d11d0b4cb99b8adf4f07cda3323f4b34347558bffaa

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:10 GMT
content-encoding: gzip
last-modified: Wed, 22 Mar 2017 05:49:42 GMT
server: nginx
etag: W/"58d21076-52c"
content-type: application/javascript

GET
H2 200 jquery.flexslider-min.js Show response
xn--80apebxaydq.xn--p1ai/wp-content/themes/hustle/includes/js/ 16 KB
6 KB 161ms
154ms Script
application/javascript 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80apebxaydq.xn--p1ai/wp-content/themes/hustle/includes/js/jquery.flexslider-min.js?ver=5.9.3
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx /
Resource Hash: abe1eec47a616f2e9fd61201cd10086578e1817cf94fed785b3b8d33c01fd7f2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:10 GMT
content-encoding: gzip
last-modified: Wed, 22 Mar 2017 05:49:42 GMT
server: nginx
etag: W/"58d21076-3ff9"
content-type: application/javascript

GET
H2 200 featured-slider.js Show response
xn--80apebxaydq.xn--p1ai/wp-content/themes/hustle/includes/js/ 1 KB
482 B 161ms
154ms Script
application/javascript 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80apebxaydq.xn--p1ai/wp-content/themes/hustle/includes/js/featured-slider.js?ver=5.9.3
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx /
Resource Hash: c79ee6f56eb60a49ad942562d32b8f16051b264e822eb783d93922fcb958c9c2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:10 GMT
content-encoding: gzip
last-modified: Wed, 22 Mar 2017 05:49:43 GMT
server: nginx
etag: W/"58d21077-4c8"
content-type: application/javascript

GET
H2 200 default.css
xn--80apebxaydq.xn--p1ai/wp-content/themes/hustle/styles/ 18 B
135 B 126ms
120ms Stylesheet
text/css 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80apebxaydq.xn--p1ai/wp-content/themes/hustle/styles/default.css
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx /
Resource Hash: 13d490516dc5cff874922cd12280b651452dad5224a45107d947e38854eff405

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:10 GMT
last-modified: Wed, 22 Mar 2017 05:49:52 GMT
server: nginx
accept-ranges: bytes
etag: "58d21080-12"
content-length: 18
content-type: text/css

GET
H2 200 shortcodes.css
xn--80apebxaydq.xn--p1ai/wp-content/themes/hustle/functions/css/ 28 KB
6 KB 126ms
121ms Stylesheet
text/css 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80apebxaydq.xn--p1ai/wp-content/themes/hustle/functions/css/shortcodes.css
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx /
Resource Hash: ce414532ea8f46299416d195d80cc9d52dbd134e8493b0f006ce1025bebd45ab

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:10 GMT
content-encoding: gzip
last-modified: Wed, 22 Mar 2017 05:49:51 GMT
server: nginx
etag: W/"58d2107f-6e9e"
content-type: text/css

GET
H2 200 custom.css
xn--80apebxaydq.xn--p1ai/wp-content/themes/hustle/ 599 B
718 B 126ms
121ms Stylesheet
text/css 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80apebxaydq.xn--p1ai/wp-content/themes/hustle/custom.css
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx /
Resource Hash: 8845b72e3144d8e567ead02adb9f90797faa87b7601a201ef81481400f3f7ea1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:10 GMT
last-modified: Wed, 22 Mar 2017 05:49:44 GMT
server: nginx
accept-ranges: bytes
etag: "58d21078-257"
content-length: 599
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 1 KB
1002 B 100ms
34ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Arvo%3Aregular%2C%3Aitalic%2C%3A700%2C%3A700italic%7CCabin%3Aregular%2C%3Aitalic%2C%3A500%2C%3A500italic%2C%3A600%2C%3A600italic%2C%3A700%2C%3A700italic

Requested by

Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2706c58660adc4357fe8c2d82569566d6c1a1a50fdf97cb624d77642538aacf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 25 Jun 2022 21:06:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 25 Jun 2022 21:06:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Jun 2022 21:06:10 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
56 KB 140ms
67ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c86b048324556f57c3fe7b17544b290a8ba1bf3d4d25d1b3921d4ec38176d181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56602
x-xss-protection: 0
server: cafe
etag: 3371910370795813902
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 25 Jun 2022 21:06:11 GMT

GET
H2

200

1
mc.yandex.ru/watch/8503732/
Redirect Chain

https://mc.yandex.ru/watch/8503732
https://mc.yandex.ru/watch/8503732/1

43 B
83 B

108ms
107ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/8503732/1

Requested by

Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Jun 2022 21:06:11 GMT
last-modified: Sat, 25-Jun-2022 21:06:11 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 25-Jun-2022 21:06:11 GMT

Redirect headers

pragma: no-cache
date: Sat, 25 Jun 2022 21:06:11 GMT
last-modified: Sat, 25-Jun-2022 21:06:11 GMT
strict-transport-security: max-age=31536000
location: /watch/8503732/1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Sat, 25-Jun-2022 21:06:11 GMT

GET
H2 200 2-1100x207.jpg
xn--80apebxaydq.xn--p1ai/files/2017/04/ 53 KB
53 KB 97ms
93ms Image
image/jpeg 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--80apebxaydq.xn--p1ai/files/2017/04/2-1100x207.jpg
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx / PHP/7.4.5
Resource Hash: 822927c3e79deba86d4dfb8716ab68632013e44f06563d1ba139b8b0841fa492

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:11 GMT
etag: "27d2eca3c906b55cf740e5fa3bfba23b"
last-modified: Wed, 05 Apr 2017 02:21:40 GMT
server: nginx
x-powered-by: PHP/7.4.5
content-type: image/jpeg
content-length: 54299
expires: Tue, 26 Aug 2025 06:52:51 GMT

GET
H2 200 9-1100x206.jpg
xn--80apebxaydq.xn--p1ai/files/2017/04/ 37 KB
37 KB 89ms
85ms Image
image/jpeg 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--80apebxaydq.xn--p1ai/files/2017/04/9-1100x206.jpg
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx / PHP/7.4.5
Resource Hash: 67ebde870dcdaddbf5a85cc36a5a5055d115fbe56c67fe70f9fa35d6668c7f52

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:11 GMT
etag: "5ef35fc0ea80c965cc447c87d304d85f"
last-modified: Wed, 05 Apr 2017 03:24:14 GMT
server: nginx
x-powered-by: PHP/7.4.5
content-type: image/jpeg
content-length: 37395
expires: Tue, 26 Aug 2025 06:52:51 GMT

GET
H2 200 wp-emoji-release.min.js Show response
xn--80apebxaydq.xn--p1ai/wp-includes/js/ 18 KB
6 KB 66ms
62ms Script
application/javascript 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80apebxaydq.xn--p1ai/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:11 GMT
content-encoding: gzip
last-modified: Fri, 06 Aug 2021 12:30:11 GMT
server: nginx
etag: W/"610d2b53-4705"
content-type: application/javascript

GET
H2 200 5-1100x207.jpg
xn--80apebxaydq.xn--p1ai/files/2017/03/ 30 KB
31 KB 116ms
113ms Image
image/jpeg 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--80apebxaydq.xn--p1ai/files/2017/03/5-1100x207.jpg
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx / PHP/7.4.5
Resource Hash: 46dc41a1755bcd9adb8b9109853ad45777599ce6cb79fbb1d77b5c8b35de8f1c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:11 GMT
etag: "bd7a857198afbd37faa2b4c3deff9517"
last-modified: Wed, 05 Apr 2017 02:45:12 GMT
server: nginx
x-powered-by: PHP/7.4.5
content-type: image/jpeg
content-length: 31128
expires: Tue, 26 Aug 2025 06:52:51 GMT

GET
H2 200 7-1100x207.jpg
xn--80apebxaydq.xn--p1ai/files/2017/03/ 47 KB
48 KB 117ms
113ms Image
image/jpeg 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--80apebxaydq.xn--p1ai/files/2017/03/7-1100x207.jpg
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx / PHP/7.4.5
Resource Hash: dab94947ea894fbceb10d3a82eed9073de6481d3a267e0b1d4ad01f3055ad799

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:11 GMT
etag: "3553fdef8bd2b5c6199355e58e883767"
last-modified: Wed, 05 Apr 2017 03:07:29 GMT
server: nginx
x-powered-by: PHP/7.4.5
content-type: image/jpeg
content-length: 48551
expires: Tue, 26 Aug 2025 06:52:51 GMT

GET
H2 200 3-1100x207.jpg
xn--80apebxaydq.xn--p1ai/files/2017/04/ 54 KB
54 KB 151ms
147ms Image
image/jpeg 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--80apebxaydq.xn--p1ai/files/2017/04/3-1100x207.jpg
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx / PHP/7.4.5
Resource Hash: 5a0fd0a83fd3c9cc1880c25deb6b8b7a9a812a5ad85c9334692698d0a5e39b22

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:11 GMT
etag: "e8bcd203fee66b409614caf5a21ac709"
last-modified: Wed, 05 Apr 2017 02:49:22 GMT
server: nginx
x-powered-by: PHP/7.4.5
content-type: image/jpeg
content-length: 54830
expires: Tue, 26 Aug 2025 06:52:51 GMT

GET
H2 200 DSCN5200-235x235.jpg
xn--80apebxaydq.xn--p1ai/files/2021/03/ 18 KB
18 KB 158ms
154ms Image
image/jpeg 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--80apebxaydq.xn--p1ai/files/2021/03/DSCN5200-235x235.jpg
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx / PHP/7.4.5
Resource Hash: 8d416c0b440852674aa765c408d399982b74afc85057276921b90f09863809ee

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:11 GMT
etag: "9dd2f320dfb44188a8989f9577fd2983"
last-modified: Sun, 07 Mar 2021 04:08:30 GMT
server: nginx
x-powered-by: PHP/7.4.5
content-type: image/jpeg
content-length: 18631
expires: Tue, 26 Aug 2025 06:52:51 GMT

GET
H2 200 DSCN5850-235x235.jpg
xn--80apebxaydq.xn--p1ai/files/2021/01/ 34 KB
35 KB 159ms
156ms Image
image/jpeg 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--80apebxaydq.xn--p1ai/files/2021/01/DSCN5850-235x235.jpg
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx / PHP/7.4.5
Resource Hash: 852d4471b05d47644e7fb854e656e1f1d2474b86eb0b4936e0f9f7c5a8cd7b1e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:11 GMT
etag: "2b328c0b51c50d3b016eb3a50e687d37"
last-modified: Mon, 11 Jan 2021 05:39:30 GMT
server: nginx
x-powered-by: PHP/7.4.5
content-type: image/jpeg
content-length: 35158
expires: Tue, 26 Aug 2025 06:52:51 GMT

GET
H2 200 IMG_20190527_122152-235x235.jpg
xn--80apebxaydq.xn--p1ai/files/2020/12/ 28 KB
29 KB 174ms
171ms Image
image/jpeg 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--80apebxaydq.xn--p1ai/files/2020/12/IMG_20190527_122152-235x235.jpg
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx / PHP/7.4.5
Resource Hash: 3c28fdc364821fe193dfb741140edec6a6342a4b5604e8eed9b6b7eb99881f74

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:11 GMT
etag: "11f099a52bd46a9b6c665a16ab24ae94"
last-modified: Mon, 07 Dec 2020 04:55:56 GMT
server: nginx
x-powered-by: PHP/7.4.5
content-type: image/jpeg
content-length: 29016
expires: Tue, 26 Aug 2025 06:52:51 GMT

GET
H2 200 DSCN5490-235x235.jpg
xn--80apebxaydq.xn--p1ai/files/2020/10/ 34 KB
34 KB 176ms
173ms Image
image/jpeg 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--80apebxaydq.xn--p1ai/files/2020/10/DSCN5490-235x235.jpg
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx / PHP/7.4.5
Resource Hash: ade2c404d6637245552ede27f6806c16efa157a06a767c52fdd836b3628883ae

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:11 GMT
etag: "291223b87df88816757b837f8c10f07f"
last-modified: Wed, 28 Oct 2020 03:26:31 GMT
server: nginx
x-powered-by: PHP/7.4.5
content-type: image/jpeg
content-length: 34324
expires: Tue, 26 Aug 2025 06:52:51 GMT

GET
H2 200 DSCN6040-235x235.jpg
xn--80apebxaydq.xn--p1ai/files/2020/09/ 11 KB
11 KB 195ms
192ms Image
image/jpeg 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--80apebxaydq.xn--p1ai/files/2020/09/DSCN6040-235x235.jpg
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx / PHP/7.4.5
Resource Hash: 7fdc80afb5adfa8f768c4f799c828fb1f676c3a9c658ebc8d0c91c854be112bb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:11 GMT
etag: "695509842299575aaa1664a5635cf2f0"
last-modified: Tue, 15 Sep 2020 03:14:29 GMT
server: nginx
x-powered-by: PHP/7.4.5
content-type: image/jpeg
content-length: 11211
expires: Tue, 26 Aug 2025 06:52:51 GMT

GET
H2 200 IMG_20190526_135038-235x235.jpg
xn--80apebxaydq.xn--p1ai/files/2020/08/ 33 KB
33 KB 210ms
208ms Image
image/jpeg 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--80apebxaydq.xn--p1ai/files/2020/08/IMG_20190526_135038-235x235.jpg
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx / PHP/7.4.5
Resource Hash: ca3d013acfa9a0ceba28ba8e58b5cadcb761e812a82c3b2689dc5cebce755746

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:11 GMT
etag: "215b12757e20903fe1d38f2ed7d2fffd"
last-modified: Sun, 09 Aug 2020 02:53:39 GMT
server: nginx
x-powered-by: PHP/7.4.5
content-type: image/jpeg
content-length: 33488
expires: Tue, 26 Aug 2025 06:52:51 GMT

GET
H2 200 DSCN5947-235x235.jpg
xn--80apebxaydq.xn--p1ai/files/2020/07/ 31 KB
31 KB 209ms
206ms Image
image/jpeg 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--80apebxaydq.xn--p1ai/files/2020/07/DSCN5947-235x235.jpg
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx / PHP/7.4.5
Resource Hash: 18cddfd5541eaf0c67ed1e41728882440734ae3c2154b840440a9b66cac0d048

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:11 GMT
etag: "af772b1ec8c2d65d0137810176b52a92"
last-modified: Sun, 05 Jul 2020 03:59:03 GMT
server: nginx
x-powered-by: PHP/7.4.5
content-type: image/jpeg
content-length: 31430
expires: Tue, 26 Aug 2025 06:52:51 GMT

GET
H2 200 DSCN5742-235x235.jpg
xn--80apebxaydq.xn--p1ai/files/2020/06/ 31 KB
31 KB 209ms
207ms Image
image/jpeg 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--80apebxaydq.xn--p1ai/files/2020/06/DSCN5742-235x235.jpg
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx / PHP/7.4.5
Resource Hash: 9934bd8afaf853d29692c606044ad59da6b60f4e35f4cf5427b5768dfc57a845

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:11 GMT
etag: "68856efe27ea8c8559cc398f4ec391cc"
last-modified: Mon, 08 Jun 2020 05:07:16 GMT
server: nginx
x-powered-by: PHP/7.4.5
content-type: image/jpeg
content-length: 31852
expires: Tue, 26 Aug 2025 06:52:51 GMT

GET
H2 200 DSCN6224-235x235.jpg
xn--80apebxaydq.xn--p1ai/files/2020/05/ 29 KB
30 KB 210ms
208ms Image
image/jpeg 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--80apebxaydq.xn--p1ai/files/2020/05/DSCN6224-235x235.jpg
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx / PHP/7.4.5
Resource Hash: 02945ad76bf5b9714cb7f85e79a7699bff1e357e951be9246675d677887ce84c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:11 GMT
etag: "8b26d91deaf058f12f5d7958e65eb055"
last-modified: Sun, 17 May 2020 04:38:00 GMT
server: nginx
x-powered-by: PHP/7.4.5
content-type: image/jpeg
content-length: 29954
expires: Tue, 26 Aug 2025 06:52:51 GMT

GET
H2 200 0db4f2cb70ec5ce6575f3e0ecdbd5c2e.js Show response
www.travelpayouts.com/widgets/ 7 KB
3 KB 154ms
65ms Script
application/javascript 188.42.198.252
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/widgets/0db4f2cb70ec5ce6575f3e0ecdbd5c2e.js?v=204
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.198.252 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 8e01b68fd61928b6bbb32da52da0acbb8f6239aab3b37e478365dd657c2f197e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 25 Jun 2022 21:06:11 GMT
content-encoding: br
server: nginx
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=0
x-robots-tag: noindex
link: </mewtwo/styles.css?v=002>; rel=preload; as=style, </widgets_static/0db4f2cb70ec5ce6575f3e0ecdbd5c2e.js?v=204>; rel=preload; as=script
x-promo-id: 4238
x-request-id: 191ecc1c38badcb79d2fb8e947ec48fd

GET
H2 200 ads.js Show response
xn--80apebxaydq.xn--p1ai/wp-content/plugins/quick-adsense-reloaded/assets/js/ 78 B
206 B 61ms
61ms Script
application/javascript 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80apebxaydq.xn--p1ai/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.54
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx /
Resource Hash: 2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:11 GMT
last-modified: Tue, 21 Jun 2022 09:04:36 GMT
server: nginx
accept-ranges: bytes
etag: "62b189a4-4e"
content-length: 78
content-type: application/javascript

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 158 KB
56 KB 262ms
126ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d7edc4f0a8e7bd4756ead78916047257bc8482bd557c97af0c8044c2314f70ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:11 GMT
content-encoding: br
last-modified: Fri, 24 Jun 2022 09:57:02 GMT
etag: "62b5603e-dd75"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 56693
expires: Sat, 25 Jun 2022 22:06:11 GMT

GET
H2 200 u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alxw.woff2
fonts.gstatic.com/s/cabin/v24/ 15 KB
16 KB 88ms
26ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cabin/v24/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alxw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arvo%3Aregular%2C%3Aitalic%2C%3A700%2C%3A700italic%7CCabin%3Aregular%2C%3Aitalic%2C%3A500%2C%3A500italic%2C%3A600%2C%3A600italic%2C%3A700%2C%3A700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc26ff26c1a190035ec393a1d049a1451022349d7f1885ca7051b55f6d2b876e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xn--80apebxaydq.xn--p1ai
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 20:44:52 GMT
x-content-type-options: nosniff
age: 174079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15468
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:34:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Jun 2023 20:44:52 GMT

GET
H2 200 tDbD2oWUg0MKqScQ7Q.woff2
fonts.gstatic.com/s/arvo/v20/ 17 KB
17 KB 90ms
34ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arvo/v20/tDbD2oWUg0MKqScQ7Q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a444f75e21c8b900953619df3cbc2ecf9e2227416e07d774709adf722bcb415

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xn--80apebxaydq.xn--p1ai
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 22:53:11 GMT
x-content-type-options: nosniff
age: 339180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17300
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:36:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 22:53:11 GMT

GET
H2 200 styles.css
www.travelpayouts.com/mewtwo/ 169 KB
12 KB 29ms
0ms Stylesheet
text/css 188.42.198.252
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/mewtwo/styles.css?v=002
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.198.252 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 8f90ca8086e3a8827af8a77f407a2a9533d6c507b22c369f8741b6b83133db66

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:11 GMT
content-encoding: br
last-modified: Wed, 04 May 2022 06:39:17 GMT
server: nginx
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=600
content-length: 12051

GET
H2 200 0db4f2cb70ec5ce6575f3e0ecdbd5c2e.js Show response
www.travelpayouts.com/widgets_static/ 319 KB
63 KB 90ms
0ms Script
application/javascript 188.42.198.252
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/widgets_static/0db4f2cb70ec5ce6575f3e0ecdbd5c2e.js?v=204
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.198.252 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 9a449f2f8dd3d38397c218e2c911b615b5c85a319a626f629ffe2f3eef44519b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:11 GMT
content-encoding: gzip
last-modified: Wed, 04 May 2022 07:48:36 GMT
server: nginx
etag: W/"62722fd4-4fbe6"
content-type: application/javascript; charset=utf-8

GET
H2

200

j.gif
avsplow.com/a/
Redirect Chain

https://avsplow.com/a/j.gif?p=web&tv=pixel&e=se&aid=tp_widgets&se_ca=mewtwo&se_ac=proxy_init&co=%7B%22schema%22%3A%22contexts%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22event%22%2C%22data%22%3A%7B%2...
https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%220db4f2cb70ec5ce6575f3e0ecdbd5c2e%22,%22trace_...

43 B
387 B

50ms
49ms

Image
image/gif

185.106.81.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%220db4f2cb70ec5ce6575f3e0ecdbd5c2e%22,%22trace_id%22:%22Zz45592453a5da446cb5a50cef-13235%22,%22promo_id%22:%224238%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Server: 185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:11 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
content-length: 43

Redirect headers

date: Sat, 25 Jun 2022 21:06:11 GMT
server: nginx
location: https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%220db4f2cb70ec5ce6575f3e0ecdbd5c2e%22,%22trace_id%22:%22Zz45592453a5da446cb5a50cef-13235%22,%22promo_id%22:%224238%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 0

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/ 339 KB
120 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7685155712660169&plah=xn--80apebxaydq.xn--p1ai&bust=31068200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b17f4e676017f9891961d824f461bc9e854b9f0c14dcc81fed15747f3158c1cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122442
x-xss-protection: 0
server: cafe
etag: 8108742432852097426
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 25 Jun 2022 21:06:11 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220622/r20190131/ Frame C3E4 10 KB
5 KB 86ms
25ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220622/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--80apebxaydq.xn--p1ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1321
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Jun 2022 20:44:10 GMT
etag: 10429905676100781186
expires: Sat, 09 Jul 2022 20:44:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sp.js Show response
st.avsplow.com/19.18.9/ 42 KB
14 KB 84ms
31ms Script
application/javascript 2606:4700:20::681a:777
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://st.avsplow.com/19.18.9/sp.js
Requested by: Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/widgets_static/0db4f2cb70ec5ce6575f3e0ecdbd5c2e.js?v=204
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:777 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 953af01affd97621869fdb141a98da9fd0e2a1417ae0e3f27c0c3cd49032f5af

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Apr 2022 07:56:12 GMT
server: cloudflare
age: 7659
etag: W/"62610e1c-a686"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESFnO71H%2BAejEvinJUVSyVpfCWlyQj%2Bf0j%2BP%2BHu0um84Qi78M4Sl6FFxoEnQxVI%2FvOFTA33rrLE%2F61oMpDG1ta7e9k%2Fx8hBHiAQ8eKENxIsLN8EE2uxdnksZ%2B0YP%2BryFMVoZiUPxei4vaCQN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7210aa64ce0e3b9d-CDG
expires: Sat, 25 Jun 2022 22:58:32 GMT

GET
H2 200 whereami Show response
www.travelpayouts.com/ 134 B
290 B 291ms
291ms Script
application/x-javascript 188.42.198.252
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/whereami?locale=ru&callback=mewtwoForms.geoIPSetter.lang_ru
Requested by: Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/widgets_static/0db4f2cb70ec5ce6575f3e0ecdbd5c2e.js?v=204
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.198.252 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 8df4a44d549c31065f603f4fbf9be2d839f7c07fd095bc6f01d9087d43a54f94

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 25 Jun 2022 21:06:11 GMT
content-encoding: br
server: nginx
x-request-id: e2f61500e5466ae9b1d318d4a75373ac
content-type: application/x-javascript; charset=utf-8

GET
H2 200 logos.css
www.travelpayouts.com/mewtwo/ 116 KB
17 KB 34ms
34ms Stylesheet
text/css 188.42.198.252
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/mewtwo/logos.css
Requested by: Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/widgets_static/0db4f2cb70ec5ce6575f3e0ecdbd5c2e.js?v=204
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.198.252 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: e6bb914a60890b63e904defe37b2cf8f3e589de0812d1398a03895b406f6a97c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:11 GMT
content-encoding: br
last-modified: Wed, 04 May 2022 06:39:17 GMT
server: nginx
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=600
content-length: 16655

GET
H3 200 cJZKeOuBrn4kERxqtaUH3ZBw1xU1rKptJj_0jans920.woff2
fonts.gstatic.com/s/opensans/v13/ 10 KB
10 KB 84ms
30ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3ZBw1xU1rKptJj_0jans920.woff2

Requested by

Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/mewtwo/styles.css?v=002

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.travelpayouts.com/
Origin: https://xn--80apebxaydq.xn--p1ai
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 07:30:01 GMT
x-content-type-options: nosniff
age: 135370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10352
x-xss-protection: 0
last-modified: Mon, 27 Apr 2015 23:45:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Jun 2023 07:30:01 GMT

GET
DATA 200
OK truncated
/ 611 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c22b83b631a5293a1acd2dd2e6e8d19f254d46990b5e2115d572fc24a6a2c461

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 381 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd67ee7ca8d8e8492d61c34033243e78d6f478551aaba5ee30367cc47c53f4e0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 129 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7aba1186b73911d9422fbdef504b34963dc896c16c53daacb94c06d304b3653c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 180 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f16e1cb28067e3d13d953e07794d6b724aa73a2965e68ea7373259c1b8ec5dbf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 MTP_ySUJH_bn48VBG8sNShdwxCXfZpKo5kWAx_74bHs.woff2
fonts.gstatic.com/s/opensans/v13/ 6 KB
6 KB 74ms
28ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/MTP_ySUJH_bn48VBG8sNShdwxCXfZpKo5kWAx_74bHs.woff2

Requested by

Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/mewtwo/styles.css?v=002

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d197d86dd0257b43f6ec34f257b68f1ba315caa3e01874e5176d4028bb1ae4bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.travelpayouts.com/
Origin: https://xn--80apebxaydq.xn--p1ai
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 08:45:37 GMT
x-content-type-options: nosniff
age: 390034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5868
x-xss-protection: 0
last-modified: Mon, 27 Apr 2015 23:45:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 08:45:37 GMT

GET
H3 200 RjgO7rYTmqiVp7vzi-Q5UYX0hVgzZQUfRDuZrPvH3D8.woff2
fonts.gstatic.com/s/opensans/v13/ 6 KB
6 KB 78ms
36ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/RjgO7rYTmqiVp7vzi-Q5UYX0hVgzZQUfRDuZrPvH3D8.woff2

Requested by

Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/mewtwo/styles.css?v=002

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28add160ac626b83c6f7ce827f0c0cb8bf6f7914b140c0bd242f59d545ba3d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.travelpayouts.com/
Origin: https://xn--80apebxaydq.xn--p1ai
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 08:46:03 GMT
x-content-type-options: nosniff
age: 390008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5916
x-xss-protection: 0
last-modified: Mon, 27 Apr 2015 23:46:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 08:46:03 GMT

GET
H3 200 MTP_ySUJH_bn48VBG8sNShampu5_7CjHW5spxoeN3Vs.woff2
fonts.gstatic.com/s/opensans/v13/ 10 KB
10 KB 72ms
40ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/MTP_ySUJH_bn48VBG8sNShampu5_7CjHW5spxoeN3Vs.woff2

Requested by

Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/mewtwo/styles.css?v=002

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

417e156e282af4b7d146d16b8fc9505255de2d8d085d40e37afe5089b8fe9b77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.travelpayouts.com/
Origin: https://xn--80apebxaydq.xn--p1ai
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 01:45:58 GMT
x-content-type-options: nosniff
age: 156013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10328
x-xss-protection: 0
last-modified: Mon, 27 Apr 2015 23:45:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Jun 2023 01:45:58 GMT

GET
DATA 200
OK truncated
/ 503 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9648446cf73c35ef331ed5fc53fb53b06f5cdb11af3d7b64f5d54ae24758b449

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 635 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd338f829b37a85daaccdfd14453413263221708c477ff625bd998a16c7482f8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 261 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2230398f87d352705d47c785d3d5bb37371117dbb6e43fda5e037ab119eac90a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 704 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecf943a2cf5766e5670b13704019b465da46918e6a40823072a275193bac0574

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 as.png
www.travelpayouts.com/powered_by/img/ 6 KB
6 KB 57ms
56ms Image
image/png 188.42.198.252
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelpayouts.com/powered_by/img/as.png
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.198.252 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 068a90b88efbf99bd6a06e7d9eb40cd02fdcf505a7058c3e207802190d9eca2b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:11 GMT
last-modified: Tue, 13 Jul 2021 11:24:18 GMT
server: nginx
accept-ranges: bytes
etag: "60ed77e2-191d"
content-length: 6429
content-type: image/png

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f0008ab048bf107abaeb1f41f34ae29a3908cbe9398054eac3d0f9f3b489a09

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 8503732 Show response
mc.yandex.ru/watch/ 338 B
473 B 65ms
65ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/8503732?wmode=7&page-url=https%3A%2F%2Fxn--80apebxaydq.xn--p1ai%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7ezf5swi7z3s%3Afp%3A708%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A724536841822%3Ahid%3A244068445%3Az%3A0%3Ai%3A20220625210611%3Aet%3A1656191171%3Ac%3A1%3Arn%3A712619921%3Arqn%3A1%3Au%3A1656191171449602941%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656191170300%3Ads%3A54%2C150%2C285%2C62%2C0%2C0%2C%2C282%2C2%2C%2C%2C%2C834%3Aco%3A0%3Arqnl%3A1%3Ast%3A1656191171%3At%3A%D0%9A%D0%B8%D1%82%D0%B0%D0%B9%20%D0%B2%20%D1%84%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84%D0%B8%D1%8F%D1%85%20-%20%D0%A4%D0%BE%D1%82%D0%BE%20%D0%B4%D0%BE%D1%81%D1%82%D0%BE%D0%BF%D1%80%D0%B8%D0%BC%D0%B5%D1%87%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B5%D0%B9%20%D0%9A%D0%B8%D1%82%D0%B0%D1%8F&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d93d31dca5739606a0c40253b3ce1813755d293feec3030f6ee95dba903f542a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Jun 2022 21:06:11 GMT
x-content-type-options: nosniff
last-modified: Sat, 25-Jun-2022 21:06:11 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://xn--80apebxaydq.xn--p1ai
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Sat, 25-Jun-2022 21:06:11 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
100 B 68ms
67ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:11 GMT
last-modified: Fri, 24 Jun 2022 09:57:02 GMT
etag: "62b5603e-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 25 Jun 2022 22:06:11 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 228 B
657 B 149ms
36ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=xn--80apebxaydq.xn--p1ai&callback=_gfp_s_&client=ca-pub-7685155712660169

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7685155712660169&plah=xn--80apebxaydq.xn--p1ai&bust=31068200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

dbc610a4cb06642b2751a3d34ef51380d8232eda6bacff9638fbb3408c2d1f50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 213
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 126ms
35ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=xn--80apebxaydq.xn--p1ai

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 25 Jun 2022 21:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 109ms
35ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=xn--80apebxaydq.xn--p1ai

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 25 Jun 2022 21:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 32F3 178 KB
44 KB 388ms
335ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7685155712660169&output=html&adk=1812271804&adf=3025194257&lmt=1656191171&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fxn--80apebxaydq.xn--p1ai%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656191171187&bpp=3&bdt=388&idt=236&shv=r20220622&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1566887900717&frm=20&pv=2&ga_vid=781500676.1656191171&ga_sid=1656191171&ga_hid=312661581&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068200%2C42531606&oid=2&pvsid=2636524706717715&tmod=123537081&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=255

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

295468f44476d461bfd3c778c8426fe74edb1a384dfcbf45e36f327b2dce7d70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--80apebxaydq.xn--p1ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 45482
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Jun 2022 21:06:11 GMT
expires: Sat, 25 Jun 2022 21:06:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 j
avsplow.com/a/ 2 B
343 B 27ms
27ms Ping
text/plain 185.106.81.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://avsplow.com/a/j
Requested by: Host: st.avsplow.com
URL: https://st.avsplow.com/19.18.9/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://xn--80apebxaydq.xn--p1ai/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://xn--80apebxaydq.xn--p1ai
date: Sat, 25 Jun 2022 21:06:11 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/plain; charset=UTF-8
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 77C8 99 KB
32 KB 406ms
386ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7685155712660169&output=html&h=280&slotname=3688215582&adk=664760036&adf=3217791677&pi=t.ma~as.3688215582&w=1140&fwrn=4&fwrnh=100&lmt=1656191171&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fxn--80apebxaydq.xn--p1ai%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656191171190&bpp=2&bdt=391&idt=282&shv=r20220622&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1566887900717&frm=20&pv=1&ga_vid=781500676.1656191171&ga_sid=1656191171&ga_hid=312661581&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068200%2C42531606&oid=2&pvsid=2636524706717715&tmod=123537081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3Jhhmqb8Oq&p=https%3A//xn--80apebxaydq.xn--p1ai&dtd=286

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62e3c7fb4c31253b993eebc8a6cab30dcc210da10121d2b66ae70f9389980e9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--80apebxaydq.xn--p1ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33065
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Jun 2022 21:06:11 GMT
expires: Sat, 25 Jun 2022 21:06:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A111 96 KB
31 KB 320ms
317ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7685155712660169&output=html&h=280&slotname=3688215582&adk=664760036&adf=549886277&pi=t.ma~as.3688215582&w=1140&fwrn=4&fwrnh=100&lmt=1656191171&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fxn--80apebxaydq.xn--p1ai%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656191171192&bpp=1&bdt=394&idt=298&shv=r20220622&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=1566887900717&frm=20&pv=1&ga_vid=781500676.1656191171&ga_sid=1656191171&ga_hid=312661581&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068200%2C42531606&oid=2&pvsid=2636524706717715&tmod=123537081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=D8sKCyfC2r&p=https%3A//xn--80apebxaydq.xn--p1ai&dtd=301

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39e686953cf5eed8e4444daca9ba86fe9e1d9d75c31d9d3e65869d56c3ddc108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--80apebxaydq.xn--p1ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31689
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Jun 2022 21:06:11 GMT
expires: Sat, 25 Jun 2022 21:06:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 j
avsplow.com/a/ 2 B
343 B 53ms
53ms Ping
text/plain 185.106.81.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://avsplow.com/a/j
Requested by: Host: st.avsplow.com
URL: https://st.avsplow.com/19.18.9/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://xn--80apebxaydq.xn--p1ai/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://xn--80apebxaydq.xn--p1ai
date: Sat, 25 Jun 2022 21:06:11 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/plain; charset=UTF-8
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"

GET
H2 200 4405407991428666700
tpc.googlesyndication.com/simgad/ Frame A111 107 KB
107 KB 109ms
34ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4405407991428666700?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qns2c_5i3IA1jI06vy1MZvm-rwrUQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7685155712660169&output=html&h=280&slotname=3688215582&adk=664760036&adf=549886277&pi=t.ma~as.3688215582&w=1140&fwrn=4&fwrnh=100&lmt=1656191171&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fxn--80apebxaydq.xn--p1ai%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656191171192&bpp=1&bdt=394&idt=298&shv=r20220622&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=1566887900717&frm=20&pv=1&ga_vid=781500676.1656191171&ga_sid=1656191171&ga_hid=312661581&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068200%2C42531606&oid=2&pvsid=2636524706717715&tmod=123537081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=D8sKCyfC2r&p=https%3A//xn--80apebxaydq.xn--p1ai&dtd=301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44708c35a066caf33aecaec74ee4c954a3cecfd02e34dc172c731891a6253d9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 11:21:08 GMT
x-content-type-options: nosniff
age: 467103
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109588
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 09:22:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 20 Jun 2023 11:21:08 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/ Frame A111 21 KB
9 KB 100ms
25ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 20:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Jul 2022 20:53:05 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame A111 3 KB
1 KB 103ms
33ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 20:50:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Jul 2022 20:50:17 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame A111 67 B
188 B 162ms
92ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 7583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 2462972746714251406
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Sun, 26 Jun 2022 18:59:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A111 137 KB
43 KB 478ms
404ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e11546a93f99f4b0b79d7e9a993b8f0a9a239fb1e101810738f3bff890ba549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43180
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655912982481896"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 25 Jun 2022 21:06:12 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame A111 17 KB
7 KB 100ms
30ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 20:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Jul 2022 20:44:48 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame A111 31 KB
13 KB 162ms
93ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b87ba9f38a8905c569f57b2e7f262a904383984fb76af355216f2cd31e856a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 08:46:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44379
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12977
x-xss-protection: 0
server: cafe
etag: 4929431275013645188
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Jul 2022 08:46:32 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A111 0
0 70ms
69ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cjnc0w3i3Yoa9IIOhtwew_6jgCrfTwM1q8MKViLkQitGj7b4BEAEgqbS2A2D7AaAB5ribyQPIAQKpAvfq8Mf4DWI-qAMByAPJBKoE4gFP0Akjxzx1x_sevJFV-78X1M1qivjImo9YwnRgpixY6KDQft-90FCAXR82cjwNA05_kz3Og-clB3RJHi692hpJBEyvmIDNPG9TSsiXFWktz-_Xgc07-LDCduzhiauE1Do27DjPcS_sTYZGTBWoZcgAk_GbJYtwdqOqiyA-QoFwOhPOlAJyMyb7iqTw8g8ML0hpjYvQfBjhtlSDvdXPNwWlLgOsUEzlQcYpeaatmj6LWPxAgT889Zua_QvbJM3FPh-XSExjWrlCMLy3J6Okp42xlzOHZmbilHvsJgOEl9clmM56wAS0mIWmlASSBQQIBBgBkgUECAUYBKAGAoAH7s3IOKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEM3BA9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTc2ODUxNTU3MTI2NjAxNjkYAA&sigh=AWYNmwo1nLI&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7685155712660169&output=html&h=280&slotname=3688215582&adk=664760036&adf=549886277&pi=t.ma~as.3688215582&w=1140&fwrn=4&fwrnh=100&lmt=1656191171&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fxn--80apebxaydq.xn--p1ai%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656191171192&bpp=1&bdt=394&idt=298&shv=r20220622&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=1566887900717&frm=20&pv=1&ga_vid=781500676.1656191171&ga_sid=1656191171&ga_hid=312661581&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068200%2C42531606&oid=2&pvsid=2636524706717715&tmod=123537081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=D8sKCyfC2r&p=https%3A//xn--80apebxaydq.xn--p1ai&dtd=301
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 25 Jun 2022 21:06:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 25 Jun 2022 21:06:11 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/ 149 KB
53 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/reactive_library_fy2019.js?bust=31068200

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66fef10c3f4447a1e487fcdccd60f78b88093ffd366a7564acb61381eb53f584

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54418
x-xss-protection: 0
server: cafe
etag: 6689320174116155042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Jun 2022 21:06:11 GMT

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 91ms
35ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=xn--80apebxaydq.xn--p1ai

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 25 Jun 2022 21:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 89ms
34ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=xn--80apebxaydq.xn--p1ai

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 25 Jun 2022 21:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AD2A 99 KB
34 KB 412ms
412ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7685155712660169&output=html&h=280&adk=1918226732&adf=4092949745&pi=t.aa~a.3170725565~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1656191171&rafmt=1&to=qs&pwprc=4482657134&psa=0&format=1140x280&url=https%3A%2F%2Fxn--80apebxaydq.xn--p1ai%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656191171877&bpp=1&bdt=1079&idt=1&shv=r20220622&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3edaed224a4f05ec-22dda91fbecd0084%3AT%3D1656191171%3ART%3D1656191171%3AS%3DALNI_MYFkzMuQA64KZDFlORzHqXrV6H5Ag&prev_fmts=0x0%2C1140x280%2C1140x280&nras=2&correlator=1566887900717&frm=20&pv=1&ga_vid=781500676.1656191171&ga_sid=1656191171&ga_hid=312661581&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068200%2C42531606&oid=2&pvsid=2636524706717715&tmod=123537081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=b7fPkxvptQ&p=https%3A//xn--80apebxaydq.xn--p1ai&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15041be8f1a1c84b842536e0d1f935e01352a8f66bea824574326ed69a4878a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--80apebxaydq.xn--p1ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35167
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Jun 2022 21:06:12 GMT
expires: Sat, 25 Jun 2022 21:06:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 77C8 8 KB
711 B 89ms
35ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A300%2C400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7685155712660169&output=html&h=280&slotname=3688215582&adk=664760036&adf=3217791677&pi=t.ma~as.3688215582&w=1140&fwrn=4&fwrnh=100&lmt=1656191171&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fxn--80apebxaydq.xn--p1ai%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656191171190&bpp=2&bdt=391&idt=282&shv=r20220622&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1566887900717&frm=20&pv=1&ga_vid=781500676.1656191171&ga_sid=1656191171&ga_hid=312661581&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068200%2C42531606&oid=2&pvsid=2636524706717715&tmod=123537081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3Jhhmqb8Oq&p=https%3A//xn--80apebxaydq.xn--p1ai&dtd=286

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

012bb7853079db95a8f44671bc867eec7d09ff13c92794d75ba81003747bfbe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 25 Jun 2022 20:47:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 25 Jun 2022 21:06:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Jun 2022 21:06:11 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame 77C8 2 KB
983 B 93ms
92ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7685155712660169&output=html&h=280&slotname=3688215582&adk=664760036&adf=3217791677&pi=t.ma~as.3688215582&w=1140&fwrn=4&fwrnh=100&lmt=1656191171&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fxn--80apebxaydq.xn--p1ai%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656191171190&bpp=2&bdt=391&idt=282&shv=r20220622&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1566887900717&frm=20&pv=1&ga_vid=781500676.1656191171&ga_sid=1656191171&ga_hid=312661581&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068200%2C42531606&oid=2&pvsid=2636524706717715&tmod=123537081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3Jhhmqb8Oq&p=https%3A//xn--80apebxaydq.xn--p1ai&dtd=286

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Jul 2022 21:01:37 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/ Frame 77C8 21 KB
9 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7685155712660169&output=html&h=280&slotname=3688215582&adk=664760036&adf=3217791677&pi=t.ma~as.3688215582&w=1140&fwrn=4&fwrnh=100&lmt=1656191171&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fxn--80apebxaydq.xn--p1ai%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656191171190&bpp=2&bdt=391&idt=282&shv=r20220622&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1566887900717&frm=20&pv=1&ga_vid=781500676.1656191171&ga_sid=1656191171&ga_hid=312661581&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068200%2C42531606&oid=2&pvsid=2636524706717715&tmod=123537081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3Jhhmqb8Oq&p=https%3A//xn--80apebxaydq.xn--p1ai&dtd=286

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 20:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Jul 2022 20:53:05 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame 77C8 3 KB
1 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7685155712660169&output=html&h=280&slotname=3688215582&adk=664760036&adf=3217791677&pi=t.ma~as.3688215582&w=1140&fwrn=4&fwrnh=100&lmt=1656191171&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fxn--80apebxaydq.xn--p1ai%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656191171190&bpp=2&bdt=391&idt=282&shv=r20220622&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1566887900717&frm=20&pv=1&ga_vid=781500676.1656191171&ga_sid=1656191171&ga_hid=312661581&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068200%2C42531606&oid=2&pvsid=2636524706717715&tmod=123537081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3Jhhmqb8Oq&p=https%3A//xn--80apebxaydq.xn--p1ai&dtd=286

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 20:50:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Jul 2022 20:50:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 77C8 137 KB
42 KB 456ms
455ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7685155712660169&output=html&h=280&slotname=3688215582&adk=664760036&adf=3217791677&pi=t.ma~as.3688215582&w=1140&fwrn=4&fwrnh=100&lmt=1656191171&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fxn--80apebxaydq.xn--p1ai%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656191171190&bpp=2&bdt=391&idt=282&shv=r20220622&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1566887900717&frm=20&pv=1&ga_vid=781500676.1656191171&ga_sid=1656191171&ga_hid=312661581&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068200%2C42531606&oid=2&pvsid=2636524706717715&tmod=123537081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3Jhhmqb8Oq&p=https%3A//xn--80apebxaydq.xn--p1ai&dtd=286

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e11546a93f99f4b0b79d7e9a993b8f0a9a239fb1e101810738f3bff890ba549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43180
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655912982481896"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 25 Jun 2022 21:06:12 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame 77C8 17 KB
7 KB 93ms
92ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7685155712660169&output=html&h=280&slotname=3688215582&adk=664760036&adf=3217791677&pi=t.ma~as.3688215582&w=1140&fwrn=4&fwrnh=100&lmt=1656191171&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fxn--80apebxaydq.xn--p1ai%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656191171190&bpp=2&bdt=391&idt=282&shv=r20220622&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1566887900717&frm=20&pv=1&ga_vid=781500676.1656191171&ga_sid=1656191171&ga_hid=312661581&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068200%2C42531606&oid=2&pvsid=2636524706717715&tmod=123537081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3Jhhmqb8Oq&p=https%3A//xn--80apebxaydq.xn--p1ai&dtd=286

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 20:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Jul 2022 20:44:48 GMT

GET
H2 200 10f77a9ed5e9dbc13462adf17b625271.js Show response
www.gstatic.com/mysidia/ Frame 77C8 31 KB
13 KB 86ms
25ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/10f77a9ed5e9dbc13462adf17b625271.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7685155712660169&output=html&h=280&slotname=3688215582&adk=664760036&adf=3217791677&pi=t.ma~as.3688215582&w=1140&fwrn=4&fwrnh=100&lmt=1656191171&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fxn--80apebxaydq.xn--p1ai%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656191171190&bpp=2&bdt=391&idt=282&shv=r20220622&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1566887900717&frm=20&pv=1&ga_vid=781500676.1656191171&ga_sid=1656191171&ga_hid=312661581&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068200%2C42531606&oid=2&pvsid=2636524706717715&tmod=123537081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3Jhhmqb8Oq&p=https%3A//xn--80apebxaydq.xn--p1ai&dtd=286

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f570d3cfc5df9a889452f6a2e8ea3ea6c3e6691824d54106d8928efc3abf8600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 13:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 284997
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12964
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 22:50:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 20 Sep 2022 13:56:14 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 77C8 0
0 70ms
70ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRR1ww3i3YuDKIIfvtweZ5ZrQAeft0ZZjnujYoKgNsJAfEAEgqbS2A2D7AaAB5aGy7APIAQmoAwHIA8sEqgTjAU_Q_aXgEc_LdqnfzSqh3E_txKtAh6OaXPhYD4_85aD_ZVygdWFmgJrZrhaojX7ZrrnkFroaxbeIV6CrsI6gLX1DR3QDSmj75JIDoKNKM5Neh57rZCXnhNZZEaKRJpXc4rXDJ5jUVizjyx7zxIBiYJB8Jyis47gPq9KmrThskzgmwiXOO8oqNOQHW9AaQEV0X9sF11TVMOUXCWayjjw8b9XeqriUH0NIehJTzaEyji7C7wBZELEClrfrSZDzp6KYfObSXWNkQEvm4Ph41KGdxcXuskHBqn87At4240nNgqJyhds0wATw7-SH5wGSBQQIBBgBkgUECAUYBKAGLoAHnb6rf6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMnqAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBOIJ9gTDNAVAYAXAbIXHAoaCAASFHB1Yi03Njg1MTU1NzEyNjYwMTY5GAA&sigh=TaYMNQmEtd0&uach_m=[UACH]&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7685155712660169&output=html&h=280&slotname=3688215582&adk=664760036&adf=3217791677&pi=t.ma~as.3688215582&w=1140&fwrn=4&fwrnh=100&lmt=1656191171&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fxn--80apebxaydq.xn--p1ai%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656191171190&bpp=2&bdt=391&idt=282&shv=r20220622&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1566887900717&frm=20&pv=1&ga_vid=781500676.1656191171&ga_sid=1656191171&ga_hid=312661581&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068200%2C42531606&oid=2&pvsid=2636524706717715&tmod=123537081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3Jhhmqb8Oq&p=https%3A//xn--80apebxaydq.xn--p1ai&dtd=286

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7685155712660169&output=html&h=280&slotname=3688215582&adk=664760036&adf=3217791677&pi=t.ma~as.3688215582&w=1140&fwrn=4&fwrnh=100&lmt=1656191171&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fxn--80apebxaydq.xn--p1ai%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656191171190&bpp=2&bdt=391&idt=282&shv=r20220622&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1566887900717&frm=20&pv=1&ga_vid=781500676.1656191171&ga_sid=1656191171&ga_hid=312661581&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068200%2C42531606&oid=2&pvsid=2636524706717715&tmod=123537081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3Jhhmqb8Oq&p=https%3A//xn--80apebxaydq.xn--p1ai&dtd=286
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 25 Jun 2022 21:06:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/667433450620933124/ Frame 77C8 43 KB
44 KB 79ms
79ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/667433450620933124/downsize_200k_v1?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7685155712660169&output=html&h=280&slotname=3688215582&adk=664760036&adf=3217791677&pi=t.ma~as.3688215582&w=1140&fwrn=4&fwrnh=100&lmt=1656191171&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fxn--80apebxaydq.xn--p1ai%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656191171190&bpp=2&bdt=391&idt=282&shv=r20220622&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1566887900717&frm=20&pv=1&ga_vid=781500676.1656191171&ga_sid=1656191171&ga_hid=312661581&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068200%2C42531606&oid=2&pvsid=2636524706717715&tmod=123537081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3Jhhmqb8Oq&p=https%3A//xn--80apebxaydq.xn--p1ai&dtd=286

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f20d19aa08a9da29acbfba03857818802858197a2f7b3181180e148eec4c78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 09:22:26 GMT
x-content-type-options: nosniff
age: 387825
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44454
x-xss-protection: 0
last-modified: Tue, 08 Dec 2020 01:53:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Jun 2023 09:22:26 GMT

GET
DATA 200
OK truncated
/ Frame 77C8 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 77C8 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/ Frame 484F 10 KB
4 KB 25ms
25ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--80apebxaydq.xn--p1ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 76118
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 23:57:33 GMT
etag: 10429905676100781186
expires: Fri, 08 Jul 2022 23:57:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6E75 143 B
163 B 26ms
25ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7685155712660169&output=html&h=280&slotname=3688215582&adk=664760036&adf=549886277&pi=t.ma~as.3688215582&w=1140&fwrn=4&fwrnh=100&lmt=1656191171&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fxn--80apebxaydq.xn--p1ai%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656191171192&bpp=1&bdt=394&idt=298&shv=r20220622&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=1566887900717&frm=20&pv=1&ga_vid=781500676.1656191171&ga_sid=1656191171&ga_hid=312661581&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2548&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068200%2C42531606&oid=2&pvsid=2636524706717715&tmod=123537081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=D8sKCyfC2r&p=https%3A//xn--80apebxaydq.xn--p1ai&dtd=301
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1407
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 25 Jun 2022 20:42:45 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 484F 4 KB
636 B 35ms
35ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 25 Jun 2022 20:40:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 25 Jun 2022 21:06:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Jun 2022 21:06:12 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 484F 205 B
229 B 86ms
34ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:00:16 GMT
x-content-type-options: nosniff
age: 356
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 25 Jun 2023 21:00:16 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 484F 604 B
628 B 84ms
32ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:00:02 GMT
x-content-type-options: nosniff
age: 370
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 25 Jun 2023 21:00:02 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/elements/html/ Frame 484F 19 KB
8 KB 88ms
33ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8263
x-xss-protection: 0
server: cafe
etag: 17157773748623750166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Jul 2022 21:04:05 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6E75
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

72ms
72ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 25 Jun 2022 21:06:12 GMT
expires: Sat, 25 Jun 2022 21:06:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 25 Jun 2022 21:06:12 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 1681 8 KB
893 B 35ms
35ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 25 Jun 2022 19:09:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 25 Jun 2022 21:06:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Jun 2022 21:06:12 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame 1681 2 KB
902 B 45ms
39ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:04:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Jul 2022 21:04:31 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/ Frame 1681 21 KB
8 KB 30ms
26ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 20:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Jul 2022 20:57:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame 1681 3 KB
1 KB 43ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 20:55:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 655
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Jul 2022 20:55:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1681 137 KB
42 KB 258ms
258ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e11546a93f99f4b0b79d7e9a993b8f0a9a239fb1e101810738f3bff890ba549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43180
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655912982481896"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 25 Jun 2022 21:06:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame 1681 17 KB
7 KB 32ms
28ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Jul 2022 21:05:28 GMT

GET
H3 200 10f77a9ed5e9dbc13462adf17b625271.js Show response
www.gstatic.com/mysidia/ Frame 1681 31 KB
13 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/10f77a9ed5e9dbc13462adf17b625271.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f570d3cfc5df9a889452f6a2e8ea3ea6c3e6691824d54106d8928efc3abf8600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 13:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 284998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12964
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 22:50:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 20 Sep 2022 13:56:14 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 144D 143 B
163 B 26ms
25ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 1407
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 25 Jun 2022 20:42:45 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 144D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

72ms
71ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220622/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 25 Jun 2022 21:06:12 GMT
expires: Sat, 25 Jun 2022 21:06:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 25 Jun 2022 21:06:12 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A111 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b50cf8689d55984d157206873f71332bf9f3cc29e5c874b3126a6d980d9cb008

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 VMIkCRcsBdnHjcKQySyKa4SHN4tvgvJmBLR4pWa9qeA.js Show response
pagead2.googlesyndication.com/bg/ Frame FBDD 35 KB
13 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VMIkCRcsBdnHjcKQySyKa4SHN4tvgvJmBLR4pWa9qeA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c22409172c05d9c78dc290c92c8a6b8487378b6f82f26604b478a566bda9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 13:56:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 284996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13719
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Jun 2023 13:56:16 GMT

GET
DATA 200
OK truncated
/ Frame 77C8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dad49f85bc1059e2153eb4f44f8b16ea58d96f043a22f0a4b8f1791681bf58db

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 77C8 44 KB
44 KB 27ms
27ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A300%2C400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 12:16:38 GMT
x-content-type-options: nosniff
age: 463774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jun 2023 12:16:38 GMT

GET
H3 200 VMIkCRcsBdnHjcKQySyKa4SHN4tvgvJmBLR4pWa9qeA.js Show response
pagead2.googlesyndication.com/bg/ Frame FCAB 35 KB
13 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VMIkCRcsBdnHjcKQySyKa4SHN4tvgvJmBLR4pWa9qeA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7685155712660169&output=html&h=280&slotname=3688215582&adk=664760036&adf=3217791677&pi=t.ma~as.3688215582&w=1140&fwrn=4&fwrnh=100&lmt=1656191171&rafmt=1&psa=0&format=1140x280&url=https%3A%2F%2Fxn--80apebxaydq.xn--p1ai%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656191171190&bpp=2&bdt=391&idt=282&shv=r20220622&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1566887900717&frm=20&pv=1&ga_vid=781500676.1656191171&ga_sid=1656191171&ga_hid=312661581&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=253&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068200%2C42531606&oid=2&pvsid=2636524706717715&tmod=123537081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3Jhhmqb8Oq&p=https%3A//xn--80apebxaydq.xn--p1ai&dtd=286

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c22409172c05d9c78dc290c92c8a6b8487378b6f82f26604b478a566bda9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 13:56:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 284996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13719
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Jun 2023 13:56:16 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AD2A 8 KB
893 B 35ms
35ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7685155712660169&output=html&h=280&adk=1918226732&adf=4092949745&pi=t.aa~a.3170725565~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1656191171&rafmt=1&to=qs&pwprc=4482657134&psa=0&format=1140x280&url=https%3A%2F%2Fxn--80apebxaydq.xn--p1ai%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656191171877&bpp=1&bdt=1079&idt=1&shv=r20220622&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3edaed224a4f05ec-22dda91fbecd0084%3AT%3D1656191171%3ART%3D1656191171%3AS%3DALNI_MYFkzMuQA64KZDFlORzHqXrV6H5Ag&prev_fmts=0x0%2C1140x280%2C1140x280&nras=2&correlator=1566887900717&frm=20&pv=1&ga_vid=781500676.1656191171&ga_sid=1656191171&ga_hid=312661581&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068200%2C42531606&oid=2&pvsid=2636524706717715&tmod=123537081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=b7fPkxvptQ&p=https%3A//xn--80apebxaydq.xn--p1ai&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 25 Jun 2022 20:24:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 25 Jun 2022 21:06:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Jun 2022 21:06:12 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame AD2A 2 KB
902 B 27ms
26ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:04:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Jul 2022 21:04:31 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/ Frame AD2A 21 KB
8 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 20:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Jul 2022 20:57:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame AD2A 3 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 20:55:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 655
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Jul 2022 20:55:17 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AD2A 137 KB
42 KB 102ms
48ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e11546a93f99f4b0b79d7e9a993b8f0a9a239fb1e101810738f3bff890ba549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43180
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655912982481896"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 25 Jun 2022 21:06:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/ Frame AD2A 17 KB
7 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220622/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Jul 2022 21:05:28 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AD2A 0
0 91ms
34ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJjhp6WjCMZkSmt_1gUBp7gX3sJgZqryU0l71j1Rvvx3iTlixzKRou-wGG0_4PP0cnt1-j48wbrUWlo-3pgtDyUeTEDg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7685155712660169&output=html&h=280&adk=1918226732&adf=4092949745&pi=t.aa~a.3170725565~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1656191171&rafmt=1&to=qs&pwprc=4482657134&psa=0&format=1140x280&url=https%3A%2F%2Fxn--80apebxaydq.xn--p1ai%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656191171877&bpp=1&bdt=1079&idt=1&shv=r20220622&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3edaed224a4f05ec-22dda91fbecd0084%3AT%3D1656191171%3ART%3D1656191171%3AS%3DALNI_MYFkzMuQA64KZDFlORzHqXrV6H5Ag&prev_fmts=0x0%2C1140x280%2C1140x280&nras=2&correlator=1566887900717&frm=20&pv=1&ga_vid=781500676.1656191171&ga_sid=1656191171&ga_hid=312661581&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068200%2C42531606&oid=2&pvsid=2636524706717715&tmod=123537081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=b7fPkxvptQ&p=https%3A//xn--80apebxaydq.xn--p1ai&dtd=13
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 21b2dfe42abab24529e209ac1efa07c6.js Show response
www.gstatic.com/mysidia/ Frame AD2A 31 KB
13 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/21b2dfe42abab24529e209ac1efa07c6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 00:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13060
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 00:04:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Sep 2022 00:25:33 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AD2A 0
0 83ms
82ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7B7Aw3i3YrOaON2f7_UP1qqvsAHO7IPCarC_6avvD5HdvI2MGxABIKm0tgNg-wGgAdX9vKAByAEJqQIoVrcsqrWxPqgDAcgDywSqBPUBT9Dx_TSZbasdA-6LhJooaZstimZlgrmgfRHyf5y41-IN1xbPswzKkzeKyA-TCI0kCiAce0oJdYZkZxZb0iEyg8BS0-QPwOWxnGQFUI3olm-FWJc1l__gkL9KHQLVKv4oL-lqoTcH4tr5t03P787waZqv37Lsd5-HjpYgA47yUcm3jM8h75y-n9FeEeb3NGw0xbOPLtvdBlRqpiyNpthQjjQ9raRGW46VoXpZx68e3xwzVxVQPhAwzNIRJX0fgZRgiaeRXENBNtqXxeWm2onxBgTaLaLDOzUjsmTJAXfRbEAyUsP_phqt2s6i_whOCYRdTnND6m3ABOrf6cuEBJIFBAgEGAGSBQQIBRgEoAYugAeTgsPfAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENn9BtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBOIJ9gTCtAVAYAXAbIXHAoaCAASFHB1Yi03Njg1MTU1NzEyNjYwMTY5GAA&sigh=mkVU7okM9wE&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7685155712660169&output=html&h=280&adk=1918226732&adf=4092949745&pi=t.aa~a.3170725565~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1656191171&rafmt=1&to=qs&pwprc=4482657134&psa=0&format=1140x280&url=https%3A%2F%2Fxn--80apebxaydq.xn--p1ai%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656191171877&bpp=1&bdt=1079&idt=1&shv=r20220622&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3edaed224a4f05ec-22dda91fbecd0084%3AT%3D1656191171%3ART%3D1656191171%3AS%3DALNI_MYFkzMuQA64KZDFlORzHqXrV6H5Ag&prev_fmts=0x0%2C1140x280%2C1140x280&nras=2&correlator=1566887900717&frm=20&pv=1&ga_vid=781500676.1656191171&ga_sid=1656191171&ga_hid=312661581&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068200%2C42531606&oid=2&pvsid=2636524706717715&tmod=123537081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=b7fPkxvptQ&p=https%3A//xn--80apebxaydq.xn--p1ai&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 25 Jun 2022 21:06:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 VMIkCRcsBdnHjcKQySyKa4SHN4tvgvJmBLR4pWa9qeA.js Show response
pagead2.googlesyndication.com/bg/ Frame 8CB3 35 KB
13 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VMIkCRcsBdnHjcKQySyKa4SHN4tvgvJmBLR4pWa9qeA.js

Requested by

Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c22409172c05d9c78dc290c92c8a6b8487378b6f82f26604b478a566bda9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 13:56:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 284996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13719
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Jun 2023 13:56:16 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14136095779802215006/ Frame AD2A 108 KB
108 KB 28ms
28ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14136095779802215006/downsize_200k_v1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31c6a3652be39a504a32f1eea6ba277a71b14e91bf3717898f11f1b6f877b585

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 11:16:27 GMT
x-content-type-options: nosniff
age: 208185
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110226
x-xss-protection: 0
last-modified: Tue, 24 May 2022 09:18:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Jun 2023 11:16:27 GMT

GET
DATA 200
OK truncated
/ Frame AD2A 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame AD2A 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D95D 1 KB
749 B 26ms
26ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 27600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Jun 2022 13:26:12 GMT
etag: 48472445140208031
expires: Sun, 26 Jun 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AD2A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b609e5917c94fe33de020ee1e5484b0bd1f6c8a8f3b7aa96a7c7201e36b37e5f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame AD2A 28 KB
28 KB 27ms
26ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 20:36:54 GMT
x-content-type-options: nosniff
age: 260958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jun 2023 20:36:54 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame D95D 35 B
464 B 89ms
26ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECU5Da9X9DtbWI9K1DShfW4&google_cver=1&google_push=ARnp8GBtR8l2j4HXXwBWo5bybl5T9NLEl1R-vVtMfu2RGmXD3-RQm4U05P6vzJQcUXY2UPpnU-_ecfKCysyl3qtacgIFCUD0CIIM

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Jun 2022 21:06:12 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D95D
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GDAYHKP...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GDAYHKP...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MjUyMTA2MTMwMDAxNTA3MDE4MTA2OQ%3D%3D&google_push=ARnp8GDAYHKPliBKigVEBPVgogcbgszdmMowqy4_hlZC0KzP1sRc_4ZnJyE4g7zV-gj-Aj...

170 B
188 B

38ms
38ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MjUyMTA2MTMwMDAxNTA3MDE4MTA2OQ%3D%3D&google_push=ARnp8GDAYHKPliBKigVEBPVgogcbgszdmMowqy4_hlZC0KzP1sRc_4ZnJyE4g7zV-gj-AjZSpHce5Jx0BYr7kKk0M5ce-MSFE_n0

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Jun 2022 21:06:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MjUyMTA2MTMwMDAxNTA3MDE4MTA2OQ%3D%3D&google_push=ARnp8GDAYHKPliBKigVEBPVgogcbgszdmMowqy4_hlZC0KzP1sRc_4ZnJyE4g7zV-gj-AjZSpHce5Jx0BYr7kKk0M5ce-MSFE_n0
pragma: no-cache
date: Sat, 25 Jun 2022 21:06:13 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Sat, 25 Jun 2022 21:06:13 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D95D
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEB8xgzZBKscWUyybuqAdJGY&google_cver=1&google_push=ARnp8GB126XDHc1IAutBn9_q_EsxVF9LdRJm8n4BWhIaNAh4c-miMqN4kBh0B2qNagjKHdbyAtXseTj4_b9KYIK1_DNt6bbNRGVk
https://rtb.openx.net/sync/dds?google_gid=CAESEB8xgzZBKscWUyybuqAdJGY&google_cver=1&google_push=ARnp8GB126XDHc1IAutBn9_q_EsxVF9LdRJm8n4BWhIaNAh4c-miMqN4kBh0B2qNagjKHdbyAtXseTj4_b9KYIK1_DNt6bbNRGVk&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ARnp8GB126XDHc1IAutBn9_q_EsxVF9LdRJm8n4BWhIaNAh4c-miMqN4kBh0B2qNagjKHdbyAtXseTj4_b9KYIK1_DNt6bbNRGVk&google_hm=V2Q3hlNIxDUQ26SNt147gw==

170 B
188 B

88ms
36ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ARnp8GB126XDHc1IAutBn9_q_EsxVF9LdRJm8n4BWhIaNAh4c-miMqN4kBh0B2qNagjKHdbyAtXseTj4_b9KYIK1_DNt6bbNRGVk&google_hm=V2Q3hlNIxDUQ26SNt147gw==

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Jun 2022 21:06:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 25 Jun 2022 21:06:12 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ARnp8GB126XDHc1IAutBn9_q_EsxVF9LdRJm8n4BWhIaNAh4c-miMqN4kBh0B2qNagjKHdbyAtXseTj4_b9KYIK1_DNt6bbNRGVk&google_hm=V2Q3hlNIxDUQ26SNt147gw==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: nf8ujfire83d489s49tneuino9asqhv5

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame D95D 0
166 B 1353ms
22ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENtMWu9CHXiECHOovxUDQKQ&google_cver=1&google_push=ARnp8GAesJ0yWt9Y6G_OMn2PFWBkCfXdat-e6ZtGUnld-pggfvxc3pzCAxOw6DyzEES91w3rbheNoRYEnutSVUh7_k4cBs41zBk9
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7685155712660169&output=html&h=280&adk=1918226732&adf=4092949745&pi=t.aa~a.3170725565~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1656191171&rafmt=1&to=qs&pwprc=4482657134&psa=0&format=1140x280&url=https%3A%2F%2Fxn--80apebxaydq.xn--p1ai%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656191171877&bpp=1&bdt=1079&idt=1&shv=r20220622&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3edaed224a4f05ec-22dda91fbecd0084%3AT%3D1656191171%3ART%3D1656191171%3AS%3DALNI_MYFkzMuQA64KZDFlORzHqXrV6H5Ag&prev_fmts=0x0%2C1140x280%2C1140x280&nras=2&correlator=1566887900717&frm=20&pv=1&ga_vid=781500676.1656191171&ga_sid=1656191171&ga_hid=312661581&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068200%2C42531606&oid=2&pvsid=2636524706717715&tmod=123537081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=b7fPkxvptQ&p=https%3A//xn--80apebxaydq.xn--p1ai&dtd=13
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D95D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEABA29HlQ_aTFsqJBRG8wTs&google_cver=1&google_push=ARnp8GCvHy7AozGLV1x5tYJuwel1XpZEG_0mIFV9rhUf0FZ5p_0VMppDrt025A71f_6Xm-u53ZQ...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRVREdOUU0tMTgtR1dHUg==&google_push=ARnp8GCvHy7AozGLV1x5tYJuwel1XpZEG_0mIFV9rhUf0FZ5p_0VMppDrt025A71f_6Xm-u53ZQA5R8_gbKxDc1zMLUslkxxgJc

170 B
188 B

98ms
44ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRVREdOUU0tMTgtR1dHUg==&google_push=ARnp8GCvHy7AozGLV1x5tYJuwel1XpZEG_0mIFV9rhUf0FZ5p_0VMppDrt025A71f_6Xm-u53ZQA5R8_gbKxDc1zMLUslkxxgJc

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Jun 2022 21:06:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRVREdOUU0tMTgtR1dHUg==&google_push=ARnp8GCvHy7AozGLV1x5tYJuwel1XpZEG_0mIFV9rhUf0FZ5p_0VMppDrt025A71f_6Xm-u53ZQA5R8_gbKxDc1zMLUslkxxgJc
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET

https://ssum-sec.casalemedia.com%2C%20r28.lb.indexww.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGTZBHvluYVSBKtzRTABBx8&google_push=ARnp8GCAVVRadF4b08ksMwNPc0puWGtyDaLliwaBVVX1hwDQd_ffU4TG2VhV-q83Fidmb8ShLqVESnqDpESlXCxGjjGTIMzRiD0&s=184023&C=1
https://ssum-sec.casalemedia.com%2C%20r28.lb.indexww.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGTZBHvluYVSBKtzRTABBx8&google_push=ARnp8GCAVVRadF4b08ksMwNPc0puWGtyDaLliwaBVVX1hwDQd_ffU4TG2VhV-q83Fidmb8ShLqVESnqDpESlXCxGjjGTIMzRiD0&s=184023&C=1 Frame D95D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGTZBHvluYVSBKtzRTABBx8&google_cver=1&googl...
https://ssum-sec.casalemedia.com%2C%20r28.lb.indexww.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGTZBHvluYVSBK...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame D95D 43 B
296 B 203ms
23ms Image
image/gif 2a05:d01c:1d8:8102:8a99:96f8:9749:2848
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEHDU9yWROumnNJAbAOCaf2U&google_cver=1&google_push=ARnp8GA0ylL10ncFjtCt57OofGb8-3VpQNOlkcZDEg3T6hC-9RqVJGsYyHJLUDLQY-MtLQfLsWL0dn7U0XopfvHxYnqlr_vy6cyI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7685155712660169&output=html&h=280&adk=1918226732&adf=4092949745&pi=t.aa~a.3170725565~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1656191171&rafmt=1&to=qs&pwprc=4482657134&psa=0&format=1140x280&url=https%3A%2F%2Fxn--80apebxaydq.xn--p1ai%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656191171877&bpp=1&bdt=1079&idt=1&shv=r20220622&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3edaed224a4f05ec-22dda91fbecd0084%3AT%3D1656191171%3ART%3D1656191171%3AS%3DALNI_MYFkzMuQA64KZDFlORzHqXrV6H5Ag&prev_fmts=0x0%2C1140x280%2C1140x280&nras=2&correlator=1566887900717&frm=20&pv=1&ga_vid=781500676.1656191171&ga_sid=1656191171&ga_hid=312661581&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068200%2C42531606&oid=2&pvsid=2636524706717715&tmod=123537081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=b7fPkxvptQ&p=https%3A//xn--80apebxaydq.xn--p1ai&dtd=13
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:8a99:96f8:9749:2848 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Jun 2022 21:06:12 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D95D 0
223 B 109ms
34ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L9xx09FbRx6Vy1JOzMZpL0HTAfPlb1ZpKItZM7DWyNplKGucQCQpXkyeB8FCtJcdtc5yVp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 100ms
46ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220622&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3575eb0c10176e903a34cdddc0dd23e1f656dffea475df03b4850f5c34c3998a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 25 Jun 2022 21:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10674
x-xss-protection: 0

GET
H2 200 fontawesome-webfont.woff
xn--80apebxaydq.xn--p1ai/wp-content/themes/hustle/includes/fonts// 41 KB
41 KB 62ms
62ms Font
font/woff 81.16.141.103
BITWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80apebxaydq.xn--p1ai/wp-content/themes/hustle/includes/fonts//fontawesome-webfont.woff
Requested by: Host: xn--80apebxaydq.xn--p1ai
URL: https://xn--80apebxaydq.xn--p1ai/wp-content/themes/hustle/style.css?ver=5.9.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.16.141.103 , Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS: vanomak.bitweb.xyz
Software: nginx /
Resource Hash: d45f5fb1fb4e1a101a8ad8722af443272f6c3d409d912e8175e6268d48e0b091

Request headers

Referer: https://xn--80apebxaydq.xn--p1ai/wp-content/themes/hustle/style.css?ver=5.9.3
Origin: https://xn--80apebxaydq.xn--p1ai
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:12 GMT
last-modified: Wed, 22 Mar 2017 05:49:42 GMT
server: nginx
accept-ranges: bytes
etag: "58d21076-a318"
content-length: 41752
content-type: font/woff

GET
H3 200 VMIkCRcsBdnHjcKQySyKa4SHN4tvgvJmBLR4pWa9qeA.js Show response
pagead2.googlesyndication.com/bg/ Frame 0875 35 KB
13 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VMIkCRcsBdnHjcKQySyKa4SHN4tvgvJmBLR4pWa9qeA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c22409172c05d9c78dc290c92c8a6b8487378b6f82f26604b478a566bda9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 13:56:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 284996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13719
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Jun 2023 13:56:16 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 25 Jun 2022 21:06:12 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1633 13 KB
5 KB 26ms
26ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--80apebxaydq.xn--p1ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 30118
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Jun 2022 12:44:15 GMT
expires: Sun, 25 Jun 2023 12:44:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 55B2 783 B
535 B 41ms
41ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0102236f005104441763639d2c8a7c4c85a5562a539071d571b6f1fca9939f1b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MItyCRPLUE3U1Fe9tj6-Aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xn--80apebxaydq.xn--p1ai/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-MItyCRPLUE3U1Fe9tj6-Aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 25 Jun 2022 21:06:13 GMT
expires: Sat, 25 Jun 2022 21:06:13 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 VMIkCRcsBdnHjcKQySyKa4SHN4tvgvJmBLR4pWa9qeA.js Show response
pagead2.googlesyndication.com/bg/ Frame 1633 35 KB
13 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VMIkCRcsBdnHjcKQySyKa4SHN4tvgvJmBLR4pWa9qeA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c22409172c05d9c78dc290c92c8a6b8487378b6f82f26604b478a566bda9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 13:56:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 284997
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13719
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Jun 2023 13:56:16 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 55B2 0
0 91ms
90ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220622&jk=2636524706717715&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1633 0
9 B 26ms
26ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?v-GCIg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 21:06:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 77C8 42 B
64 B 62ms
61ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssyjGn74TkF_Lo1UGQlb0hHZruqCH1jOnVbKD9PzHAoyHjmKbihYOB87GsTzBDjKcXTuvRirh6H8-xF6n3CxuwYE64Z6oIBySUn4SvaXLVm8yzvaUsskV3mAw_bRHrUG3-9BbefzQ&sai=AMfl-YTKkBPQQzrf9UBWCt0b4ZptamSOZQD0A4laBYsxWYRDxM7IXRmjO0EDIj0vMyng9Ab-MSFEgaqgIDK1&sig=Cg0ArKJSzMOA9K-Ud_PvEAE&id=lidar2&mcvt=1000&p=0,0,280,1140&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220622&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=664760036&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656191171477&rpt=1003&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Jun 2022 21:06:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 95ms
94ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220622&jk=2636524706717715&bg=!VValVhLNAAZlcKWdRXA7ACkAdvg8WjNDCW6fo1uCnQVgTdzzkH_BWq-1kS8_R1AjVJDXtappmMyyFQIAAABOUgAAAAJoAQeZAqUsmW8MWMrat7gq89Tywy3vGSkp4r5g4hWUV_H4jE6EWOH8nkn2SIzh_ocsD7r6pXasBbQ76SODoD0rdIWQrNVltba_Qg6894SVIGdYBw-sLpjNVMehyC4hilI6TLOlkJY1ag2rH-2REOVMIo3zq5JyZbu_TUg12Kp0pi6aKBGNNhdqjt-PPjXelVurZHEvZXmqJTy8yh1OJdJiJEImwFQE_CWZtgxJdfEunSVewVMM4yzqkY3CaKkzTruBIoHijIwCMnJbCZTY_Cto0HMnCr1PsDfapLq2-w_Uw6Ado5Yp0y6loh7dYDvQJ-QTac1gtNrS0cUPlGgsyun9CgClrdHV_ZG35KsawCOIQq_bT1CIiBe2q8-39BK9yq10JJKUg6N-gfs_CH3hk-8BmSlwWrFE5QR5GpQunMaPd6zlf0KcEONnGEUuw7D2cC59_b8q9IK6EiRcZbRJr5bsDNOzXwtlUQUciLvOiXbNeUstUQ4_O2nhmn7-jigjmi5Rh5xlot2bLeLG0k7BbuE-PFS9P7ZoV5azUnIqzJlCeA6ZEjH5yKN_0MO_OEDBydL7Nq3B_2O7CV9NUDqW64k3xSFj6VPuSDDN9iAvJ7RbiUd7_fcjsOs5Tcgo9iUDCHi4PZ5722N97z7gJ4KDNBfxHJQrIIHDjHknXLQ-0u7GR2JkIS64sWJmDdGbNNKDx_morC8PA7hkIHh1ZCe9eg7kYcCjiG6Q7c_BI3JjkzcJJnZU8ViZtcbhxVQp7zj4ERKaJRzKTSPKlEGLDEfpE9z6UfRn-SutqDuO1liAn1rRX08UN84LAqrO4XYo9OirRTSfl_lgvMK4XGWMl6tDk1djL_I2IlzSZC02UrRXvnTo0KkQ87sZnc1Mc90vkArw9jwGCpimuBEO-KLOnQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://xn--80apebxaydq.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com%2C%20r28.lb.indexww.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGTZBHvluYVSBKtzRTABBx8&google_push=ARnp8GCAVVRadF4b08ksMwNPc0puWGtyDaLliwaBVVX1hwDQd_ffU4TG2VhV-q83Fidmb8ShLqVESnqDpESlXCxGjjGTIMzRiD0&s=184023&C=1

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.travelpayouts.com/widgets	1970-01-31 03:02:42	Name: promo_id Value: 4238
www.travelpayouts.com/widgets	1970-01-31 03:02:42	Name: shmarker Value: 13235
www.travelpayouts.com/widgets	1970-01-31 03:02:42	Name: user_id Value: 4c482964-13fa-4cab-9e06-cfdb7e9a986f
www.travelpayouts.com/widgets	1970-01-31 03:02:42	Name: trace_id Value: Zz45592453a5da446cb5a50cef-13235
xn--80apebxaydq.xn--p1ai/	1969-12-31 23:59:59	Name: quads_browser_width Value: 1600
.yandex.ru/	1970-01-20 12:48:47	Name: yandexuid Value: 9440382131656191171
.yandex.ru/	1970-01-20 12:48:47	Name: yuidss Value: 9440382131656191171
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 35484351656191171
.yandex.ru/	1970-01-23 19:39:11	Name: i Value: 6aWiZuZsl/LKt2HpYryF1opYpYY77JVAkfMGgkU5J80uk5nUpSfQiHmmXJLBdzZyAttQMkEOnz2ixZ4MBC2oTzCoJy8=
.yandex.ru/	1970-01-20 12:48:47	Name: ymex Value: 1687727171.yrts.1656191171#1687727171.yrtsi.1656191171
.avsplow.com/	1970-01-20 12:48:47	Name: nuid Value: 8d92e1c9-94e2-4100-ae6a-f60b304e9e3f
.xn--80apebxaydq.xn--p1ai/	1970-01-20 12:48:47	Name: _ym_uid Value: 1656191171449602941
.xn--80apebxaydq.xn--p1ai/	1970-01-20 12:48:47	Name: _ym_d Value: 1656191171
.xn--80apebxaydq.xn--p1ai/	1970-01-20 04:04:23	Name: _ym_isad Value: 2
.xn--80apebxaydq.xn--p1ai/	1970-01-20 13:24:47	Name: __gads Value: ID=3edaed224a4f05ec-22dda91fbecd0084:T=1656191171:RT=1656191171:S=ALNI_MYFkzMuQA64KZDFlORzHqXrV6H5Ag
.xn--80apebxaydq.xn--p1ai/	1970-01-20 04:03:12	Name: _ym_visorc Value: w
.doubleclick.net/	1970-01-20 04:03:14	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 13:24:47	Name: IDE Value: AHWqTUmACSAl6JM_HObF3EkoPQKOX4P83Hrfy50Z-Iq4C5ofeo93iK_QvqYVdlbyLyI
.quantserve.com/	1970-01-20 06:12:47	Name: d Value: EAUBCQG7JoEA
.quantserve.com/	1970-01-20 13:33:25	Name: mc Value: 62b778c4-d49f4-059fb-6dfba
.openx.net/	1970-01-20 12:48:47	Name: i Value: 5b9e82e3-5349-42ec-ac79-20d2006032c4\|1656191172
.casalemedia.com/	1970-01-20 12:48:47	Name: CMID Value: Yrd4xOlzNEGxK3zlQj6UvAAA
.casalemedia.com/	1970-01-20 06:12:47	Name: CMPS Value: 1148
.innovid.com/	1970-01-20 06:12:47	Name: uuid Value: 8da3584d-bdae-4498-aa56-366109317118-20220625 17:06:12
.e.dlx.addthis.com/	1970-01-20 13:33:25	Name: na_tc Value: Y
.addthis.com/	1970-01-20 13:33:25	Name: na_id Value: 2022062521061300015070181069
.addthis.com/	1970-01-20 13:33:25	Name: na_tc Value: Y
.addthis.com/	1970-01-20 13:33:25	Name: uid Value: 62b778c5416c7a4e
.addthis.com/	1970-01-20 13:33:25	Name: ouid Value: 62b778c5000147cdd65b3a626559b28767b5f3ba5a5071be989c
.dlx.addthis.com/	1970-01-20 04:46:23	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 04:46:23	Name: na_sr Value: 20220625
.dlx.addthis.com/	1970-01-20 04:03:11	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 04:46:23	Name: na_sc_e Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ssum-sec.casalemedia.com%2C%20r28.lb.indexww.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGTZBHvluYVSBKtzRTABBx8&google_push=ARnp8GCAVVRadF4b08ksMwNPc0puWGtyDaLliwaBVVX1hwDQd_ffU4TG2VhV-q83Fidmb8ShLqVESnqDpESlXCxGjjGTIMzRiD0&s=184023&C=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.fr
ag.innovid.com
avsplow.com
cm.g.doubleclick.net
cms.quantserve.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
rtb.openx.net
ssum-sec.casalemedia.com
st.avsplow.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.travelpayouts.com
xn--80apebxaydq.xn--p1ai
ssum-sec.casalemedia.com
104.89.42.102
142.250.185.226
172.217.16.130
185.106.81.236
188.42.198.252
198.47.127.19
2606:4700:20::681a:777
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2002
2a00:1450:4001:813::2001
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:830::2003
2a02:6b8::1:119
2a05:d01c:1d8:8102:8a99:96f8:9749:2848
35.186.253.211
69.173.144.138
81.16.141.103
0102236f005104441763639d2c8a7c4c85a5562a539071d571b6f1fca9939f1b
012bb7853079db95a8f44671bc867eec7d09ff13c92794d75ba81003747bfbe7
02945ad76bf5b9714cb7f85e79a7699bff1e357e951be9246675d677887ce84c
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
068a90b88efbf99bd6a06e7d9eb40cd02fdcf505a7058c3e207802190d9eca2b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10de1c6ddc729b8498990df7445b2628bfd9c04185105517869910147b0ac16e
13d490516dc5cff874922cd12280b651452dad5224a45107d947e38854eff405
15041be8f1a1c84b842536e0d1f935e01352a8f66bea824574326ed69a4878a6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18cddfd5541eaf0c67ed1e41728882440734ae3c2154b840440a9b66cac0d048
2230398f87d352705d47c785d3d5bb37371117dbb6e43fda5e037ab119eac90a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2706c58660adc4357fe8c2d82569566d6c1a1a50fdf97cb624d77642538aacf3
28add160ac626b83c6f7ce827f0c0cb8bf6f7914b140c0bd242f59d545ba3d77
295468f44476d461bfd3c778c8426fe74edb1a384dfcbf45e36f327b2dce7d70
2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b
31c6a3652be39a504a32f1eea6ba277a71b14e91bf3717898f11f1b6f877b585
3575eb0c10176e903a34cdddc0dd23e1f656dffea475df03b4850f5c34c3998a
36ed85dd058e4c2843e06146946e0ff1f9ace65760c22af5eb4f1b22319dddb5
39e686953cf5eed8e4444daca9ba86fe9e1d9d75c31d9d3e65869d56c3ddc108
3c28fdc364821fe193dfb741140edec6a6342a4b5604e8eed9b6b7eb99881f74
417e156e282af4b7d146d16b8fc9505255de2d8d085d40e37afe5089b8fe9b77
44708c35a066caf33aecaec74ee4c954a3cecfd02e34dc172c731891a6253d9a
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
46dc41a1755bcd9adb8b9109853ad45777599ce6cb79fbb1d77b5c8b35de8f1c
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c22409172c05d9c78dc290c92c8a6b8487378b6f82f26604b478a566bda9e0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a0fd0a83fd3c9cc1880c25deb6b8b7a9a812a5ad85c9334692698d0a5e39b22
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e11546a93f99f4b0b79d7e9a993b8f0a9a239fb1e101810738f3bff890ba549
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62e3c7fb4c31253b993eebc8a6cab30dcc210da10121d2b66ae70f9389980e9d
66fef10c3f4447a1e487fcdccd60f78b88093ffd366a7564acb61381eb53f584
67ebde870dcdaddbf5a85cc36a5a5055d115fbe56c67fe70f9fa35d6668c7f52
688db1eb0c3386303b7de856d183ffb806aa93688699c23748114a420fca2246
6a444f75e21c8b900953619df3cbc2ecf9e2227416e07d774709adf722bcb415
6f0008ab048bf107abaeb1f41f34ae29a3908cbe9398054eac3d0f9f3b489a09
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
7aba1186b73911d9422fbdef504b34963dc896c16c53daacb94c06d304b3653c
7fdc80afb5adfa8f768c4f799c828fb1f676c3a9c658ebc8d0c91c854be112bb
822927c3e79deba86d4dfb8716ab68632013e44f06563d1ba139b8b0841fa492
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
852d4471b05d47644e7fb854e656e1f1d2474b86eb0b4936e0f9f7c5a8cd7b1e
874392d9620c4b2c973cf5a7adfd7006426141de26f9e3dcdb2cc4c010491240
88359a32870996dc91d7900efa183d15da08435206d70d78a2edeaf46ed1ed2a
8845b72e3144d8e567ead02adb9f90797faa87b7601a201ef81481400f3f7ea1
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d416c0b440852674aa765c408d399982b74afc85057276921b90f09863809ee
8df4a44d549c31065f603f4fbf9be2d839f7c07fd095bc6f01d9087d43a54f94
8e01b68fd61928b6bbb32da52da0acbb8f6239aab3b37e478365dd657c2f197e
8f20d19aa08a9da29acbfba03857818802858197a2f7b3181180e148eec4c78b
8f90ca8086e3a8827af8a77f407a2a9533d6c507b22c369f8741b6b83133db66
92e5cbb97cb64daf6c803d11d0b4cb99b8adf4f07cda3323f4b34347558bffaa
953af01affd97621869fdb141a98da9fd0e2a1417ae0e3f27c0c3cd49032f5af
9648446cf73c35ef331ed5fc53fb53b06f5cdb11af3d7b64f5d54ae24758b449
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9934bd8afaf853d29692c606044ad59da6b60f4e35f4cf5427b5768dfc57a845
9a449f2f8dd3d38397c218e2c911b615b5c85a319a626f629ffe2f3eef44519b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b87ba9f38a8905c569f57b2e7f262a904383984fb76af355216f2cd31e856a7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
abe1eec47a616f2e9fd61201cd10086578e1817cf94fed785b3b8d33c01fd7f2
ade2c404d6637245552ede27f6806c16efa157a06a767c52fdd836b3628883ae
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
b17f4e676017f9891961d824f461bc9e854b9f0c14dcc81fed15747f3158c1cc
b50cf8689d55984d157206873f71332bf9f3cc29e5c874b3126a6d980d9cb008
b609e5917c94fe33de020ee1e5484b0bd1f6c8a8f3b7aa96a7c7201e36b37e5f
b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c22b83b631a5293a1acd2dd2e6e8d19f254d46990b5e2115d572fc24a6a2c461
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c79ee6f56eb60a49ad942562d32b8f16051b264e822eb783d93922fcb958c9c2
c86b048324556f57c3fe7b17544b290a8ba1bf3d4d25d1b3921d4ec38176d181
ca3d013acfa9a0ceba28ba8e58b5cadcb761e812a82c3b2689dc5cebce755746
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd67ee7ca8d8e8492d61c34033243e78d6f478551aaba5ee30367cc47c53f4e0
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
ce414532ea8f46299416d195d80cc9d52dbd134e8493b0f006ce1025bebd45ab
d197d86dd0257b43f6ec34f257b68f1ba315caa3e01874e5176d4028bb1ae4bf
d45f5fb1fb4e1a101a8ad8722af443272f6c3d409d912e8175e6268d48e0b091
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7edc4f0a8e7bd4756ead78916047257bc8482bd557c97af0c8044c2314f70ee
d93d31dca5739606a0c40253b3ce1813755d293feec3030f6ee95dba903f542a
dab94947ea894fbceb10d3a82eed9073de6481d3a267e0b1d4ad01f3055ad799
dad49f85bc1059e2153eb4f44f8b16ea58d96f043a22f0a4b8f1791681bf58db
dbc610a4cb06642b2751a3d34ef51380d8232eda6bacff9638fbb3408c2d1f50
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6bb914a60890b63e904defe37b2cf8f3e589de0812d1398a03895b406f6a97c
ecf943a2cf5766e5670b13704019b465da46918e6a40823072a275193bac0574
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16e1cb28067e3d13d953e07794d6b724aa73a2965e68ea7373259c1b8ec5dbf
f2339d35e2c484c5cf98fff4ceffde2beb0b6ebe796d5ae02771f3fb047e2691
f570d3cfc5df9a889452f6a2e8ea3ea6c3e6691824d54106d8928efc3abf8600
fc26ff26c1a190035ec393a1d049a1451022349d7f1885ca7051b55f6d2b876e
fd338f829b37a85daaccdfd14453413263221708c477ff625bd998a16c7482f8

xn--80apebxaydq.xn--p1ai Open in urlscan Pro Puny китайфото.рф IDN 81.16.141.103 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

133 Requests

95 %HTTPS

59 %IPv6

19 Domains

24 Subdomains

20 IPs

7 Countries

1971 kBTransfer

4384 kBSize

33 Cookies

3 Outgoing links

Redirected requests

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

xn--80apebxaydq.xn--p1ai Open in urlscan Pro Puny
китайфото.рф IDN
81.16.141.103 Public Scan

Screenshot
Live screenshot

Full Image

133
Requests

95 %
HTTPS

59 %
IPv6

19
Domains

24
Subdomains

20
IPs

7
Countries

1971 kB
Transfer

4384 kB
Size

33
Cookies

133 HTTP transactions
16 data transactions