microsoftportal.net Open in urlscan Pro
91.218.230.124 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://microsoftportal.net.mcas.ms/
Effective URL:
https://microsoftportal.net/
Submission Tags: @phishunt_io
Submission: On June 18 via api (June 18th 2021, 1:18:07 am UTC) from DE

Summary HTTP 152 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 39 IPs in 6 countries across 47 domains to perform 152 HTTP transactions. The main IP is 91.218.230.124, located in Russian Federation and belongs to EUROBYTE Eurobyte LLC, Moscow, Russia, RU. The main domain is microsoftportal.net.
TLS certificate: Issued by R3 on May 3rd 2021. Valid for: 3 months.

This is the only time microsoftportal.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.156.205.222 52.156.205.222	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a02:26f0:170... 2a02:26f0:1700:d::1737:6e8f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
34	91.218.230.124 91.218.230.124	210079 (EUROBYTE ...) (EUROBYTE Eurobyte LLC)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3 11	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1 5	217.69.133.145 217.69.133.145	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
11	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2 14	195.201.243.72 195.201.243.72	24940 (HETZNER-AS) (HETZNER-AS)
2 3	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
1	81.19.89.18 81.19.89.18	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2 3	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
1 1	157.90.179.219 157.90.179.219	24940 (HETZNER-AS) (HETZNER-AS)
2 2	193.232.148.142 193.232.148.142	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2 2	195.209.108.35 195.209.108.35	52007 (ADRIVER-AS) (ADRIVER-AS)
2	81.222.128.216 81.222.128.216	20597 (ELTEL-AS) (ELTEL-AS)
1	2606:4700:20:... 2606:4700:20::ac43:4975	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	194.190.117.93 194.190.117.93	204600 (REPUBLER-AS) (REPUBLER-AS)
2 4	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	37.18.16.21 37.18.16.21	205675 (HYBRID-AS) (HYBRID-AS)
2 6	185.15.175.158 185.15.175.158	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	116.202.85.93 116.202.85.93	24940 (HETZNER-AS) (HETZNER-AS)
1 1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 1	109.248.237.37 109.248.237.37	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
1	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	95.163.37.253 95.163.37.253	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
3 3	188.34.131.132 188.34.131.132	24940 (HETZNER-AS) (HETZNER-AS)
2 3	88.99.213.228 88.99.213.228	24940 (HETZNER-AS) (HETZNER-AS)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1 1	193.106.93.124 193.106.93.124	48614 (ITSOFT-AS) (ITSOFT-AS)
2 4	89.108.119.43 89.108.119.43	197695 (AS-REG) (AS-REG)
1 1	80.64.106.149 80.64.106.149	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1 1	37.9.245.57 37.9.245.57	16345 (BEE-AS Ru...) (BEE-AS Russia)
1 1	89.108.97.2 89.108.97.2	197695 (AS-REG) (AS-REG)
4 4	217.66.147.167 217.66.147.167	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
2 2	213.87.44.207 213.87.44.207	13174 (MTSNET Mo...) (MTSNET Moscow)
1 4	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
1 1	168.119.9.59 168.119.9.59	24940 (HETZNER-AS) (HETZNER-AS)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	217.65.2.150 217.65.2.150	3175 (CITYTELEC...) (CITYTELECOM-MSK)
1	93.95.102.105 93.95.102.105	48347 (MTW-AS) (MTW-AS)
2	2606:4700:10:... 2606:4700:10::ac43:dab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	81.19.89.17 81.19.89.17	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1 1	23.111.109.244 23.111.109.244	7979 (SERVERS-COM) (SERVERS-COM)
1 2	35.244.223.69 35.244.223.69	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
152	39

1 52.156.205.222 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

microsoftportal.net.mcas.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:1700:d::1737:6e8f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

mcasproxy.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 91.218.230.124 (Russian Federation)

ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU)
PTR: hosted-by.ihc.ru

microsoftportal.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

informer.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 217.69.133.145 (Russian Federation) 1 redirects

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 195.201.243.72 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: regensburg.aucourant.info

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.201.210 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.19.89.18 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

st.top100.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.191.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.90.179.219 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1407627.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.142 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.35 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.216 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad16.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4975 (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.117.93 (Russian Federation) 2 redirects

ASN204600 (REPUBLER-AS, RU)

sync.republer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.172.81.160 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.158 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.21 (Netherlands)

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.15.175.158 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.85.93 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.93.85.202.116.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.37 (Moscow, Russian Federation) 1 redirects

ASN201009 (SUPPORTIT-AS, RU)

stat.adlabs.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.66.35 (Wjelsryp, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

adlmerge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.163.37.253 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: relap.io

relap.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.34.131.132 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)

adx.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.99.213.228 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88-99-213-228.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.106.93.124 (Russian Federation) 1 redirects

ASN48614 (ITSOFT-AS, RU)

prodmp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 89.108.119.43 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.149 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr4.rutarget.ru

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.9.245.57 (Russian Federation) 1 redirects

ASN16345 (BEE-AS Russia, RU)

0100007f3df4cb605a064f5a02914971-sp.ops.beeline.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.108.97.2 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)

ut.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.66.147.167 (St Petersburg, Russian Federation) 4 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.87.44.207 (Moscow, Russian Federation) 2 redirects

ASN13174 (MTSNET Moscow, Russia, RU)

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.9.59 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.95.102.105 (Podolsk, Russian Federation)

ASN48347 (MTW-AS, RU)

fcgi4.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:dab (United States)

ASN13335 (CLOUDFLARENET, US)

s3.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.19.89.17 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.109.244 (Russian Federation) 1 redirects

ASN7979 (SERVERS-COM, US)

api.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.223.69 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

wf.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	microsoftportal.net microsoftportal.net	1 MB
28	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	283 KB
14	acint.net 2 redirects www.acint.net acint.net	14 KB
11	doubleclick.net 1 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	71 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	162 KB
8	yandex.com 2 redirects mc.yandex.com	2 KB
7	yandex.ru 2 redirects informer.yandex.ru mc.yandex.ru an.yandex.ru	72 KB
6	mts.ru 6 redirects sm.rtb.mts.ru tech.rtb.mts.ru	4 KB
6	digitaltarget.ru 2 redirects tag.digitaltarget.ru dmg.digitaltarget.ru	22 KB
6	mail.ru 1 redirects top-fwz1.mail.ru ad.mail.ru	15 KB
4	aidata.io 2 redirects x01.aidata.io	2 KB
4	weborama.fr 3 redirects redirect.frontend.weborama.fr wf.frontend.weborama.fr	1 KB
4	bumlam.com 2 redirects sync.bumlam.com	2 KB
4	adriver.ru 2 redirects ad.adriver.ru ssp.adriver.ru	2 KB
4	googletagservices.com www.googletagservices.com	139 KB
3	googleapis.com fonts.googleapis.com	2 KB
3	advarkads.com 1 redirects s3.advarkads.com api.advarkads.com	8 KB
3	1dmp.io 2 redirects sync.1dmp.io	1 KB
3	com.ru 3 redirects adx.com.ru	1 KB
3	betweendigital.com 2 redirects ads.betweendigital.com	1014 B
3	google.com 1 redirects adservice.google.com www.google.com	790 B
3	yadro.ru 2 redirects counter.yadro.ru	2 KB
3	azureedge.net mcasproxy.azureedge.net	71 KB
2	adsniper.ru 2 redirects sync3.adsniper.ru	1 KB
2	republer.com 2 redirects sync.republer.com	950 B
2	adhigh.net 2 redirects px.adhigh.net	827 B
2	facebook.net connect.facebook.net	75 KB
1	rambler.ru kraken.rambler.ru	1 KB
1	gnezdo.ru fcgi4.gnezdo.ru	190 B
1	new-programmatic.com match.new-programmatic.com	215 B
1	uuidksinc.net 1 redirects s.uuidksinc.net	327 B
1	buzzoola.com 1 redirects exchange.buzzoola.com	176 B
1	rktch.com 1 redirects ut.rktch.com	544 B
1	beeline.ru 1 redirects 0100007f3df4cb605a064f5a02914971-sp.ops.beeline.ru	635 B
1	rutarget.ru 1 redirects sape-sync.rutarget.ru	416 B
1	prodmp.ru 1 redirects prodmp.ru	278 B
1	relap.io relap.io	1 KB
1	adlmerge.com adlmerge.com	115 B
1	adlabs.ru 1 redirects stat.adlabs.ru	108 B
1	otm-r.com sync.dmp.otm-r.com	70 B
1	hybrid.ai dm.hybrid.ai	238 B
1	utraff.com a.utraff.com	751 B
1	sape.ru 1 redirects ssp-rtb.sape.ru	566 B
1	google.de adservice.google.de	165 B
1	googleadservices.com partner.googleadservices.com	662 B
1	top100.ru st.top100.ru	49 KB
1	mcas.ms microsoftportal.net.mcas.ms	837 B
152	47

	Domain	Requested by
34	microsoftportal.net	microsoftportal.net
18	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
11	www.acint.net	2 redirects microsoftportal.net www.acint.net
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	pagead2.googlesyndication.com	microsoftportal.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	mc.yandex.com	2 redirects microsoftportal.net mc.yandex.ru
7	fonts.gstatic.com	fonts.googleapis.com
5	top-fwz1.mail.ru	1 redirects microsoftportal.net top-fwz1.mail.ru
4	dmg.digitaltarget.ru	2 redirects www.acint.net
4	an.yandex.ru	1 redirects www.acint.net
4	sm.rtb.mts.ru	4 redirects
4	x01.aidata.io	2 redirects www.acint.net
4	sync.bumlam.com	2 redirects www.acint.net
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	sync.1dmp.io	2 redirects www.acint.net
3	adx.com.ru	3 redirects
3	acint.net	www.acint.net
3	ads.betweendigital.com	2 redirects www.acint.net
3	counter.yadro.ru	2 redirects microsoftportal.net
3	mcasproxy.azureedge.net	microsoftportal.net.mcas.ms mcasproxy.azureedge.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	wf.frontend.weborama.fr	1 redirects s3.advarkads.com
2	s3.advarkads.com	www.acint.net s3.advarkads.com
2	tech.rtb.mts.ru	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	sync3.adsniper.ru	2 redirects
2	sync.republer.com	2 redirects
2	ssp.adriver.ru	www.acint.net
2	ad.adriver.ru	2 redirects
2	px.adhigh.net	2 redirects
2	mc.yandex.ru	1 redirects microsoftportal.net
2	connect.facebook.net	microsoftportal.net connect.facebook.net
1	api.advarkads.com	1 redirects
1	kraken.rambler.ru	microsoftportal.net
1	fcgi4.gnezdo.ru	www.acint.net
1	match.new-programmatic.com	www.acint.net
1	s.uuidksinc.net	1 redirects
1	exchange.buzzoola.com	1 redirects
1	ut.rktch.com	1 redirects
1	0100007f3df4cb605a064f5a02914971-sp.ops.beeline.ru	1 redirects
1	sape-sync.rutarget.ru	1 redirects
1	prodmp.ru	1 redirects
1	relap.io	www.acint.net
1	adlmerge.com	www.acint.net
1	stat.adlabs.ru	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	sync.dmp.otm-r.com	www.acint.net
1	dm.hybrid.ai	www.acint.net
1	a.utraff.com	www.acint.net
1	ad.mail.ru	www.acint.net
1	ssp-rtb.sape.ru	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	st.top100.ru	microsoftportal.net
1	informer.yandex.ru	microsoftportal.net
1	microsoftportal.net.mcas.ms
152	60

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
metrika.yandex.ru
top100.rambler.ru
top.mail.ru
www.facebook.com
www.odnoklassniki.ru
vk.com
twitter.com
www.youtube.com
steamcommunity.com
plus.google.com

Subject Issuer	Validity	Valid
*.mcas.ms Microsoft Azure TLS Issuing CA 01	`2021-06-17` - `2022-06-12`	a year	crt.sh
*.azureedge.net DigiCert SHA2 Secure Server CA	`2020-11-21` - `2021-11-30`	a year	crt.sh
microsoftportal.net R3	`2021-05-03` - `2021-08-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2020-11-13` - `2021-11-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.acint.net R3	`2021-06-15` - `2021-09-13`	3 months	crt.sh
counter.yadro.ru R3	`2021-05-29` - `2021-08-27`	3 months	crt.sh
*.top100.ru RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-02-15` - `2022-02-14`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-19` - `2021-12-20`	a year	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-19` - `2021-07-19`	a year	crt.sh
*.bumlam.com R3	`2021-04-02` - `2021-07-01`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
tag.digitaltarget.ru R3	`2021-06-07` - `2021-09-05`	3 months	crt.sh
sync.dmp.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-18` - `2022-06-18`	a year	crt.sh
adlmerge.com R3	`2021-04-19` - `2021-07-18`	3 months	crt.sh
relap.io GeoTrust RSA CA 2018	`2020-10-01` - `2021-10-06`	a year	crt.sh
my.aidata.me Sectigo RSA Domain Validation Secure Server CA	`2020-02-25` - `2022-02-25`	2 years	crt.sh
sync.1dmp.io R3	`2021-05-31` - `2021-08-29`	3 months	crt.sh
bs.yandex.ru Yandex CA	`2021-05-31` - `2021-11-29`	6 months	crt.sh
new-programmatic.com R3	`2021-05-20` - `2021-08-18`	3 months	crt.sh
fcgi4.gnezdo.ru R3	`2021-05-11` - `2021-08-09`	3 months	crt.sh
advarkads.com Cloudflare Inc ECC CA-3	`2021-06-08` - `2022-06-07`	a year	crt.sh
*.rambler.ru RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-20` - `2022-05-19`	a year	crt.sh
*.frontend.weborama.fr Go Daddy Secure Certificate Authority - G2	`2021-02-20` - `2022-03-24`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
dmg.digitaltarget.ru R3	`2021-06-07` - `2021-09-05`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://microsoftportal.net/
Frame ID: 3233FE11934DF668E59AA877DDF7E156
Requests: 66 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/0.202.31/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fmicrosoftportal.net%2F
Frame ID: 82F0722E0EA821F265A420F7B9D8E8C0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210616/r20190131/zrt_lookup.html
Frame ID: 98102CBC067ECB8B005BCD89D03A069E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&h=90&slotname=2908634292&adk=3175562939&adf=658274708&pi=t.ma~as.2908634292&w=728&lmt=1623979069&psa=0&format=728x90&url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623979069564&bpp=4&bdt=357&idt=89&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=2494258579871&frm=20&pv=2&ga_vid=1321723591.1623979070&ga_sid=1623979070&ga_hid=360588795&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=250&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060972&oid=3&pvsid=1515440003610419&ref=https%3A%2F%2Fmicrosoftportal.net.mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Z2Vj9DWyPP&p=https%3A//microsoftportal.net&dtd=108
Frame ID: B04AC5BDEBDF21F062BB29E40BB424D0
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&h=600&slotname=2618197074&adk=2460103794&adf=3305433536&pi=t.ma~as.2618197074&w=300&fwrn=4&fwrnh=100&lmt=1623979069&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623979069568&bpp=2&bdt=361&idt=115&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2494258579871&frm=20&pv=1&ga_vid=1321723591.1623979070&ga_sid=1623979070&ga_hid=360588795&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1099&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060972&oid=3&pvsid=1515440003610419&ref=https%3A%2F%2Fmicrosoftportal.net.mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HsxgAOVok5&p=https%3A//microsoftportal.net&dtd=117
Frame ID: 520EC12E1C1BAC79009800A94013670F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&h=280&slotname=7615861873&adk=1353954373&adf=392815488&pi=t.ma~as.7615861873&w=1197&fwrn=4&fwrnh=100&lmt=1623979069&rafmt=1&psa=0&format=1197x280&url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623979069598&bpp=2&bdt=391&idt=91&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x600&correlator=2494258579871&frm=20&pv=1&ga_vid=1321723591.1623979070&ga_sid=1623979070&ga_hid=360588795&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060972&oid=3&pvsid=1515440003610419&ref=https%3A%2F%2Fmicrosoftportal.net.mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=l3lCw0WEYP&p=https%3A//microsoftportal.net&dtd=128
Frame ID: BF4E0C34E124B3E7F93F1483368F3E6D
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&adk=1812271804&adf=3025194257&lmt=1623979069&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623979069617&bpp=1&bdt=410&idt=119&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x600%2C1197x280&nras=1&correlator=2494258579871&frm=20&pv=1&ga_vid=1321723591.1623979070&ga_sid=1623979070&ga_hid=360588795&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060972&oid=3&pvsid=1515440003610419&ref=https%3A%2F%2Fmicrosoftportal.net.mcas.ms%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=130
Frame ID: 951B85E2708B88A80183460E632697DD
Requests: 1 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=10&tc=1
Frame ID: 5952C6A46078F9DC07CD23C2C6A666BB
Requests: 32 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F3DF4CB605A064F5A02914971
Frame ID: 407491F537944C21D563BAD724323A5C
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/r9UBjISocNAIJlYpJ9js6qS1QkxlF8WeLwKBT19OnPk.js
Frame ID: 1C2D5948D6401CDEE328EBD6EFC87894
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/r9UBjISocNAIJlYpJ9js6qS1QkxlF8WeLwKBT19OnPk.js
Frame ID: C5C8A021D4DB7C6643FC3AB5DD3F2786
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A616B1AA67068954C7CE80D89034758C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 3F0EDEAC3AF0B84A03EDB5C73F3D5A43
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 329D6187FCD20F04B95200E98B16021E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://microsoftportal.net.mcas.ms/ Page URL
https://microsoftportal.net/ Page URL

Detected technologies

DataLife Engine (CMS) Expand

Overall confidence: 100%
Detected patterns

meta generator /DataLife Engine/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /DataLife Engine/i

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

meta generator /DataLife Engine/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

152
Requests

100 %
HTTPS

32 %
IPv6

47
Domains

60
Subdomains

39
IPs

6
Countries

2424 kB
Transfer

3869 kB
Size

47
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: https://metrika.yandex.ru/stat/?id=10478836&from=informer

Search URL Search Domain Scan URL

URL: https://top100.rambler.ru/home?id=2584737

Search URL Search Domain Scan URL

URL: https://top.mail.ru/jump?from=2124891
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/microsoftportal

Search URL Search Domain Scan URL

URL: http://www.odnoklassniki.ru/group/51631113764995

Search URL Search Domain Scan URL

URL: http://vk.com/microsoftportal

Search URL Search Domain Scan URL

URL: https://twitter.com/microsoftportal

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCiih5R_7C82ChX0YqUAWTtA

Search URL Search Domain Scan URL

URL: http://steamcommunity.com/groups/microsoftportal

Search URL Search Domain Scan URL

URL: https://plus.google.com/+MicrosoftPortalNET/posts

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://microsoftportal.net.mcas.ms/ Page URL
https://microsoftportal.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://top-fwz1.mail.ru/counter?id=2124891;t=433;l=1 HTTP 302
https://top-fwz1.mail.ru/counter2?id=2124891;t=433;l=1

Request Chain 44

https://counter.yadro.ru/hit?t15.1;rhttps%3A//microsoftportal.net.mcas.ms/;s1600*1200*24;uhttps%3A//microsoftportal.net/%3F;hMSPortal;0.5093570810220609 HTTP 302
https://counter.yadro.ru/hit?q;t15.1;rhttps%3A//microsoftportal.net.mcas.ms/;s1600*1200*24;uhttps%3A//microsoftportal.net/%3F;hMSPortal;0.5093570810220609

Request Chain 58

https://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10&tc=1

Request Chain 60

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9307.lcStBDpc_HXpyYxPEwveNyLTliDxwOkYUAq7t9CquKiuOwNuo0FOVkdx9WsuryHc.6mP6cfiHGO6owRPM7Qsp7QzAWek%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9307.q1ei_ljC2J9Zr7Z0yOEpU798XHOk1QWFW8hYvjgmk6mBRtKeAjc7HQYynl8_0H2xNVLdN1YZLmS9mqhgS_wQuQ%2C%2C.DQZg869KB70jwsPkHTyuR_sD93Y%2C

Request Chain 63

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F3DF4CB605A064F5A02914971 HTTP 302
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F3DF4CB605A064F5A02914971&crf=1

Request Chain 64

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=0100007F3DF4CB601300C96B021A200D

Request Chain 65

https://px.adhigh.net/p/cm/sape?u=0100007F3DF4CB605A064F5A02914971 HTTP 302
https://px.adhigh.net/p/cm/sape?u=0100007F3DF4CB605A064F5A02914971&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=u7W7wrWVRQNo.AikABlF6HLISYg

Request Chain 67

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5100389131 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=A3X1omUncjki_99OoOkHt2A&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F3DF4CB605A064F5A02914971

Request Chain 69

https://sync.republer.com/match?dsp=sape HTTP 307
https://sync.republer.com/match?dsp=sape&qset=1 HTTP 307
https://sync.bumlam.com/?src=rp1&uid=89f6c74d-fa6f-45ca-ac8c-2a5bb921c420 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABi-6K-GBlIEioaQK2IkODlmNmM3NGQtZmE2Zi00NWNhLWFjOGMtMmE1YmI5MjFjNDIw HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARi-6K-GBlIEioaQK2IkODlmNmM3NGQtZmE2Zi00NWNhLWFjOGMtMmE1YmI5MjFjNDIwogEQ_5Y--s_SEeug1wAlkORcOA** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQABi-6K-GBmIkODlmNmM3NGQtZmE2Zi00NWNhLWFjOGMtMmE1YmI5MjFjNDIwogEQ_5Y--s_SEeug1wAlkORcOA** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQARi-6K-GBmIkODlmNmM3NGQtZmE2Zi00NWNhLWFjOGMtMmE1YmI5MjFjNDIwogEQ_5Y--s_SEeug1wAlkORcOA**

Request Chain 73

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfz30y2BaBk9aApFJcQ HTTP 302
https://www.acint.net/match?dp=77&euid=

Request Chain 74

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F3DF4CB605A064F5A02914971 HTTP 302
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F3DF4CB605A064F5A02914971

Request Chain 77

https://adx.com.ru/sape-sync?uid=0100007F3DF4CB605A064F5A02914971 HTTP 302
https://adx.com.ru/sync?sspKey=25&sspUserID=0100007F3DF4CB605A064F5A02914971 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=60cbf43ef0e015ac9c210fd8&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru%252Fweborama-sync%253Furl%253Dhttps%25253A%25252F%25252Fprodmp.ru%25252Fyabbi.gif%25253Fuid%25253D60cbf43ef0e015ac9c210fd8%252526r%25253Dhttps%2525253A%2525252F%2525252Fx01.aidata.io%2525252F0.gif%2525253Fpid%2525253D9712851%25252526id%2525253D60cbf43ef0e015ac9c210fd8%25252526dest%2525253D%2526webouid%253D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D60cbf43ef0e015ac9c210fd8%2526r%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253D9712851%252526id%25253D60cbf43ef0e015ac9c210fd8%252526dest%25253D%26webouid%3D{WEBO_CID} HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D60cbf43ef0e015ac9c210fd8%2526r%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253D9712851%252526id%25253D60cbf43ef0e015ac9c210fd8%252526dest%25253D%26webouid%3D%7BWEBO_CID%7D&bounce=1&random=2080770120 HTTP 302
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D60cbf43ef0e015ac9c210fd8%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D60cbf43ef0e015ac9c210fd8%2526dest%253D&webouid=rBlwAxk8GvuFN.iAJFJsPO HTTP 302
https://prodmp.ru/yabbi.gif?uid=60cbf43ef0e015ac9c210fd8&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D60cbf43ef0e015ac9c210fd8%26dest%3D HTTP 302
https://x01.aidata.io/0.gif?pid=9712851&id=60cbf43ef0e015ac9c210fd8&dest=

Request Chain 78

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F3DF4CB605A064F5A02914971 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F3DF4CB605A064F5A02914971&cs=1

Request Chain 79

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=Q02FgC5ilC5B

Request Chain 80

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=107&euid=1e4959c6-f596-52a9-93fc-19e0f337eddd

Request Chain 81

https://0100007f3df4cb605a064f5a02914971-sp.ops.beeline.ru/p?ssp=sp&id=0100007F3DF4CB605A064F5A02914971 HTTP 301
https://www.acint.net/match?dp=111&euid=bd3b1a6d-1e9c-4950-965a-631abd455542

Request Chain 82

https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F3DF4CB605A064F5A02914971 HTTP 302
https://sm.rtb.mts.ru/p?ssp=natimatica&id=f2742c67744114cacbb7e43a0212630ca81c HTTP 301
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D47d2ab11-cdbf-4694-91ab-2cdd1e543d8c&ssp=natimatica&exu=f2742c67744114cacbb7e43a0212630ca81c HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=47d2ab11-cdbf-4694-91ab-2cdd1e543d8c&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FR9KrEc2_RpSRqyzdHlQ9jA%3Flocation%3Dhttps%253A%252F%252Fut.rktch.com%252Fmatchsbm%253Fbi%253D29%2526bui%253D47d2ab11-cdbf-4694-91ab-2cdd1e543d8c%26sign%3D3475350287 HTTP 302
https://an.yandex.ru/setud/mts_banner/R9KrEc2_RpSRqyzdHlQ9jA?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D47d2ab11-cdbf-4694-91ab-2cdd1e543d8c&sign=3475350287

Request Chain 83

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F3DF4CB605A064F5A02914971 HTTP 301
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D47d2ab11-cdbf-4694-91ab-2cdd1e543d8c&ssp=sape&exu=0100007F3DF4CB605A064F5A02914971 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=47d2ab11-cdbf-4694-91ab-2cdd1e543d8c&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FR9KrEc2_RpSRqyzdHlQ9jA%3Flocation%3Dhttps%253A%252F%252Fwww.acint.net%252Fmatch%253Fdp%253D125%2526euid%253D47d2ab11-cdbf-4694-91ab-2cdd1e543d8c%26sign%3D740670348 HTTP 302
https://an.yandex.ru/setud/mts_banner/R9KrEc2_RpSRqyzdHlQ9jA?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D47d2ab11-cdbf-4694-91ab-2cdd1e543d8c&sign=740670348

Request Chain 84

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=12fdb5f9-6266-4ebf-66b8-c0a7a17ca31e

Request Chain 85

https://s.uuidksinc.net/match/396/0100007F3DF4CB605A064F5A02914971 HTTP 302
https://www.acint.net/match?dp=127&euid=UZM9q0gkcWBQ3MDx6P9U

Request Chain 88

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F3DF4CB605A064F5A02914971 HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F3DF4CB605A064F5A02914971&bounce=1 HTTP 302
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
https://x01.aidata.io/0.gif?pid=LIVE&id=79AA9640E3BF89FEDE99&back=STOP

Request Chain 90

https://an.yandex.ru/mapuid/sapeis/0100007F3DF4CB605A064F5A02914971 HTTP 302
https://an.yandex.ru/mapuid/sapeis/0100007F3DF4CB605A064F5A02914971?redir-setuniq=1

Request Chain 93

https://mc.yandex.com/watch/10478836?wmode=7&page-url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&page-ref=https%3A%2F%2Fmicrosoftportal.net.mcas.ms%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A855%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A1%3Adp%3A0%3Als%3A857222893504%3Ahid%3A731781099%3Az%3A120%3Ai%3A20210618031749%3Aet%3A1623979070%3Ac%3A1%3Arn%3A533471275%3Au%3A1623979070926371334%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623979068672%3Ads%3A6%2C136%2C387%2C2%2C1%2C0%2C%2C399%2C5%2C%2C%2C%2C941%3Adsn%3A6%2C136%2C388%2C1%2C0%2C0%2C%2C402%2C5%2C%2C%2C%2C941%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1623979070%3At%3AMSPortal HTTP 302
https://mc.yandex.com/watch/10478836/1?wmode=7&page-url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&page-ref=https%3A%2F%2Fmicrosoftportal.net.mcas.ms%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A855%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A1%3Adp%3A0%3Als%3A857222893504%3Ahid%3A731781099%3Az%3A120%3Ai%3A20210618031749%3Aet%3A1623979070%3Ac%3A1%3Arn%3A533471275%3Au%3A1623979070926371334%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623979068672%3Ads%3A6%2C136%2C387%2C2%2C1%2C0%2C%2C399%2C5%2C%2C%2C%2C941%3Adsn%3A6%2C136%2C388%2C1%2C0%2C0%2C%2C402%2C5%2C%2C%2C%2C941%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1623979070%3At%3AMSPortal

Request Chain 96

https://api.advarkads.com/api/statistic/match?id=8113-1-1&uid=0100007F3DF4CB605A064F5A02914971 HTTP 302
https://wf.frontend.weborama.fr/streampixel/?wamid=8179&Wvar=%7B%22userid%22%3A%22EAIRMj0s30CJjh2I9v5TMg%22%7D&d.r=211342 HTTP 302
https://wf.frontend.weborama.fr/streampixel/?wamid=8179&Wvar=%7B%22userid%22%3A%22EAIRMj0s30CJjh2I9v5TMg%22%7D&d.r=211342&bounce=1&random=4197159976

Request Chain 140

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 141

https://dmg.digitaltarget.ru/1/1093/i/i?i=591352113605647.575655748589937&a=77&e=0100007F3DF4CB605A064F5A02914971&pref=https%3A%2F%2Fmicrosoftportal.net%2F&c=ss:77.up:0100007F3DF4CB605A064F5A02914971.sync:up.xdua:du6BYi57WO6WoYIgWcq6V2eN.xps:xps8TR3C5hFPuxQtuRwLik78c.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=591352113605647.575655748589937&a=77&e=0100007F3DF4CB605A064F5A02914971&pref=https%3A%2F%2Fmicrosoftportal.net%2F&c=ss:77.up:0100007F3DF4CB605A064F5A02914971.sync:up.xdua:du6BYi57WO6WoYIgWcq6V2eN.xps:xps8TR3C5hFPuxQtuRwLik78c.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Request Chain 142

https://dmg.digitaltarget.ru/1/1093/i/i?i=591352113605647.414042769412694&a=77&e=0100007F3DF4CB605A064F5A02914971&pref=https%3A%2F%2Fmicrosoftportal.net%2F&c=ss:77.up:0100007F3DF4CB605A064F5A02914971.sync:up.xdua:du6BYi57WO6WoYIgWcq6V2eN.xps:xps8TR3C5hFPuxQtuRwLik78c.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=591352113605647.414042769412694&a=77&e=0100007F3DF4CB605A064F5A02914971&pref=https%3A%2F%2Fmicrosoftportal.net%2F&c=ss:77.up:0100007F3DF4CB605A064F5A02914971.sync:up.xdua:du6BYi57WO6WoYIgWcq6V2eN.xps:xps8TR3C5hFPuxQtuRwLik78c.dn:acint__net.adcm:hit.tg:adcmjs_noorient

152 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
microsoftportal.net.mcas.ms/ 1020 B
837 B 737ms
34ms Document
text/html 52.156.205.222
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoftportal.net.mcas.ms/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.156.205.222 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

openresty /

Resource Hash

63657066db27c8ce3693cfb94c4783225a6dad8bc96e8be31f89b8891b051bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: microsoftportal.net.mcas.ms
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
server: openresty
date: Fri, 18 Jun 2021 01:17:48 GMT
x-mcas-request-id: 722fe19cc05686b37c41b8bd428f0e4d
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=31536000
expires: Mon, 01-Jan-1990 00:00:00 GMT
x-mcas-upstream-time: n/a
x-mcas-processing-time: 2
content-encoding: gzip
x-mcas-cache-status: MISS

GET
H2 200 session-context-store-helper.min.js Show response
mcasproxy.azureedge.net/proxyweb/0.202.31/js/ 5 KB
5 KB 100ms
7ms Script
application/javascript 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/0.202.31/js/session-context-store-helper.min.js
Requested by: Host: microsoftportal.net.mcas.ms
URL: https://microsoftportal.net.mcas.ms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b3d9a37c3110d0d5edf534a4dd964bb85d8661820e4c39e4c63c96bd2813b726

Request headers

Referer: https://microsoftportal.net.mcas.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 18 Jun 2021 01:17:48 GMT
last-modified: Sun, 06 Jun 2021 10:11:38 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: npsIWjlCWsd9fFNnNdaKMw==
etag: 0x8D928D378D9E6FE
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 315d36c7-401e-009a-0526-60d811000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=6860
x-ms-version: 2009-09-19
content-length: 4994

GET
H2 200 session-context-restore.html Show response
mcasproxy.azureedge.net/proxyweb/0.202.31/html/ Frame 82F0 281 B
727 B 7ms
6ms Document
text/html 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/0.202.31/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fmicrosoftportal.net%2F
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/0.202.31/js/session-context-store-helper.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6

Request headers

:method: GET
:authority: mcasproxy.azureedge.net
:scheme: https
:path: /proxyweb/0.202.31/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fmicrosoftportal.net%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://microsoftportal.net.mcas.ms/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://microsoftportal.net.mcas.ms/

Response headers

content-length: 281
content-type: text/html
content-md5: vDuuGHIdcY/gQtnraxH9qw==
last-modified: Sun, 06 Jun 2021 10:07:47 GMT
etag: 0x8D928D2EFA4E6B1
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 396a02f8-001e-00bf-54d6-5c40a2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: public, max-age=2405
date: Fri, 18 Jun 2021 01:17:48 GMT

GET
H2 200 session-context-restore.min.js Show response
mcasproxy.azureedge.net/proxyweb/0.202.31/js/ Frame 82F0 65 KB
65 KB 7ms
7ms Script
application/javascript 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/0.202.31/js/session-context-restore.min.js
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/0.202.31/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fmicrosoftportal.net%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b2eca33e22a23b0c12aac7e2ad38816163ca0000cf9ce2116d708c58b6b25557

Request headers

Referer: https://mcasproxy.azureedge.net/proxyweb/0.202.31/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fmicrosoftportal.net%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 18 Jun 2021 01:17:48 GMT
last-modified: Sun, 06 Jun 2021 10:11:37 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: rZFM577IGPvHJeu7h26jjw==
etag: 0x8D928D3788F143B
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c601f2fe-901e-007d-2bd6-5cc81c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1906
x-ms-version: 2009-09-19
content-length: 66160

GET
H/1.1 200
OK Primary Request Cookie set / Show response
microsoftportal.net/ 38 KB
11 KB 530ms
388ms Document
text/html 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoftportal.net/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 / PHP/7.2.26

Resource Hash

1ecbeccbda136cf2a50b56b3e840d1b271bacab962ac6469eeed24d1d3628bba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Host: microsoftportal.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://microsoftportal.net.mcas.ms/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://microsoftportal.net.mcas.ms/

Response headers

Server: nginx/1.16.1
Date: Fri, 18 Jun 2021 01:17:49 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.26
Set-Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986; path=/; secure; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;

GET
H/1.1 200
OK index.php Show response
microsoftportal.net/engine/classes/min/ 84 KB
30 KB 81ms
80ms Script
application/x-javascript 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoftportal.net/engine/classes/min/index.php?g=general&v=27

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 / PHP/7.2.26

Resource Hash

b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://microsoftportal.net/?
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986
Connection: keep-alive
Referer: https://microsoftportal.net/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Content-Encoding: gzip
Last-Modified: Sat, 28 Dec 2019 11:45:54 GMT
Server: nginx/1.16.1
X-Powered-By: PHP/7.2.26
ETag: "pub1577533554;gz"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: max-age=31536000
Strict-Transport-Security: max-age=31536000;
Content-Length: 29779
Expires: Sat, 18 Jun 2022 01:17:49 GMT

GET
H/1.1 200
OK index.php Show response
microsoftportal.net/engine/classes/min/ 128 KB
34 KB 321ms
124ms Script
application/x-javascript 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoftportal.net/engine/classes/min/index.php?f=engine/classes/js/jqueryui.js,engine/classes/js/dle_js.js&v=27

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 / PHP/7.2.26

Resource Hash

f60527825f5eb56b1f7bf9f6ab37c9c865bb6ef2ace55674b4f1cccd4209b670

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://microsoftportal.net/?
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986
Connection: keep-alive
Referer: https://microsoftportal.net/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Content-Encoding: gzip
Last-Modified: Sat, 28 Dec 2019 11:45:54 GMT
Server: nginx/1.16.1
X-Powered-By: PHP/7.2.26
ETag: "pub1577533554;gz"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: max-age=31536000
Strict-Transport-Security: max-age=31536000;
Content-Length: 34007
Expires: Sat, 18 Jun 2022 01:17:49 GMT

GET
H/1.1 200
OK engine.css
microsoftportal.net/templates/MSPortal/style/ 61 KB
61 KB 230ms
107ms Stylesheet
text/css 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoftportal.net/templates/MSPortal/style/engine.css

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

572e2f25267f2879b7d5c14151314133fc8c67293837ce4bb184153664694160

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://microsoftportal.net/?
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986
Connection: keep-alive
Referer: https://microsoftportal.net/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:29 GMT
Server: nginx/1.16.1
ETag: "5a6e5e41-f36f"
Strict-Transport-Security: max-age=31536000;
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 62319

GET
H/1.1 200
OK styles.css
microsoftportal.net/templates/MSPortal/style/ 27 KB
27 KB 243ms
114ms Stylesheet
text/css 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoftportal.net/templates/MSPortal/style/styles.css

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

f0c9f90c27c6cbac55ffd616c55711f9693d0a52ae63c6948d23e3f62ae4385b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://microsoftportal.net/?
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986
Connection: keep-alive
Referer: https://microsoftportal.net/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Fri, 28 May 2021 19:36:55 GMT
Server: nginx/1.16.1
ETag: "60b14657-6c27"
Strict-Transport-Security: max-age=31536000;
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27687

GET
H/1.1 200
OK libs.js Show response
microsoftportal.net/templates/MSPortal/js/ 1 KB
2 KB 195ms
65ms Script
application/javascript 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoftportal.net/templates/MSPortal/js/libs.js

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

a61eeea560e1f947cd3e50db09d52da15eebe911865e29f5398bb44cb0d9252e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://microsoftportal.net/?
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986
Connection: keep-alive
Referer: https://microsoftportal.net/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:32 GMT
Server: nginx/1.16.1
ETag: "5a6e5e44-500"
Strict-Transport-Security: max-age=31536000;
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1280

GET
H/1.1 200
OK style.css
microsoftportal.net/templates/MSPortal/icomm/ 838 B
1 KB 196ms
67ms Stylesheet
text/css 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoftportal.net/templates/MSPortal/icomm/style.css

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

18f0f623763901aeeb156407ed6a37d5c0716ff174ba9a6ce09fbb5ed9d45d4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://microsoftportal.net/?
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986
Connection: keep-alive
Referer: https://microsoftportal.net/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:31 GMT
Server: nginx/1.16.1
ETag: "5a6e5e43-346"
Strict-Transport-Security: max-age=31536000;
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 838

GET
H/1.1 200
OK tipsy.css
microsoftportal.net/templates/MSPortal/js/ 607 B
890 B 194ms
64ms Stylesheet
text/css 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoftportal.net/templates/MSPortal/js/tipsy.css

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

65b45154530acccb3435ac25e0f1bc131589c2388bfd67481526cbe2ed521eca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://microsoftportal.net/?
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986
Connection: keep-alive
Referer: https://microsoftportal.net/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:32 GMT
Server: nginx/1.16.1
ETag: "5a6e5e44-25f"
Strict-Transport-Security: max-age=31536000;
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 607

GET
H/1.1 200
OK jquery.tipsy.js Show response
microsoftportal.net/templates/MSPortal/js/ 2 KB
2 KB 200ms
66ms Script
application/javascript 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoftportal.net/templates/MSPortal/js/jquery.tipsy.js

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

449ef4a890525256bc3bc16dea519e857a7a694c5048820cc7271e713766652b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://microsoftportal.net/?
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986
Connection: keep-alive
Referer: https://microsoftportal.net/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:32 GMT
Server: nginx/1.16.1
ETag: "5a6e5e44-86b"
Strict-Transport-Security: max-age=31536000;
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2155

GET
H/1.1 200
OK noavatar.png
microsoftportal.net/templates/MSPortal/dleimages/ 1 KB
1 KB 67ms
64ms Image
image/png 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoftportal.net/templates/MSPortal/dleimages/noavatar.png

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

479b699a76b4f1c5d74bf82e7351685c455b79547d10b6891680fbfa590e68ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://microsoftportal.net/?
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986
Connection: keep-alive
Referer: https://microsoftportal.net/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:28 GMT
Server: nginx/1.16.1
ETag: "5a6e5e40-4c7"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1223

GET
H/1.1 200
OK logo.png
microsoftportal.net/templates/MSPortal/images/ 22 KB
22 KB 122ms
119ms Image
image/png 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoftportal.net/templates/MSPortal/images/logo.png

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

2ac0b867fa66324ed79b248a5fa546bde07c503e90754be44773cfa368d3217e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://microsoftportal.net/?
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986
Connection: keep-alive
Referer: https://microsoftportal.net/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:31 GMT
Server: nginx/1.16.1
ETag: "5a6e5e43-56f0"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22256

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3796cf12ca9b6f5f93255046f5bf7d70a82c6b389698ed6c007903940c17c5ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48867
x-xss-protection: 0
server: cafe
etag: 2918852401321146490
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 01:17:49 GMT

GET
H/1.1 200
OK 1623962780_microsoft-windows-developer-event.jpg
microsoftportal.net/uploads/posts/2021-06/thumbs/ 27 KB
28 KB 74ms
72ms Image
image/jpeg 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoftportal.net/uploads/posts/2021-06/thumbs/1623962780_microsoft-windows-developer-event.jpg

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

9e018935eebac438d9cc1329be07bf7d4a08d034eefa786c20928c45f4c167bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://microsoftportal.net/?
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986
Connection: keep-alive
Referer: https://microsoftportal.net/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Thu, 17 Jun 2021 20:45:03 GMT
Server: nginx/1.16.1
ETag: "60cbb44f-6df6"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28150

GET
H/1.1 200
OK 1623961250_visual-studio.png
microsoftportal.net/uploads/posts/2021-06/thumbs/ 124 KB
125 KB 118ms
115ms Image
image/png 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoftportal.net/uploads/posts/2021-06/thumbs/1623961250_visual-studio.png

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

b91f9feae4212deb2d3243b37c49b6d1d71e9a9511d4f4110d9c1e30c97e1f65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://microsoftportal.net/?
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986
Connection: keep-alive
Referer: https://microsoftportal.net/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Thu, 17 Jun 2021 20:19:46 GMT
Server: nginx/1.16.1
ETag: "60cbae62-1f1b7"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 127415

GET
H/1.1 200
OK 1623958674_microsoft-teams-viva-insights-headspace.jpg
microsoftportal.net/uploads/posts/2021-06/thumbs/ 32 KB
33 KB 146ms
65ms Image
image/jpeg 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoftportal.net/uploads/posts/2021-06/thumbs/1623958674_microsoft-teams-viva-insights-headspace.jpg

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

15eb5bd635ec9808b47f89ee196155c39d8e2db3bb317f1fe49182ccc98115db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://microsoftportal.net/?
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986
Connection: keep-alive
Referer: https://microsoftportal.net/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Thu, 17 Jun 2021 19:36:32 GMT
Server: nginx/1.16.1
ETag: "60cba440-8114"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33044

GET
H/1.1 200
OK 1623946768_3_image_mtr-front-row.png
microsoftportal.net/uploads/posts/2021-06/thumbs/ 352 KB
353 KB 173ms
69ms Image
image/png 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoftportal.net/uploads/posts/2021-06/thumbs/1623946768_3_image_mtr-front-row.png

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

a7094e07dda6a9c6dd1497043e83be8f04e84f5da84becab84d044a9bc6e6be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://microsoftportal.net/?
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986
Connection: keep-alive
Referer: https://microsoftportal.net/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Thu, 17 Jun 2021 16:17:52 GMT
Server: nginx/1.16.1
ETag: "60cb75b0-58194"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 360852

GET
H/1.1 200
OK 1623944331_2_gif_coauthored-message.gif
microsoftportal.net/uploads/posts/2021-06/thumbs/ 60 KB
60 KB 151ms
70ms Image
image/gif 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoftportal.net/uploads/posts/2021-06/thumbs/1623944331_2_gif_coauthored-message.gif

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

2d71c3596d208b2b7c50692ebcd1e3278dddc12ae65ca95b1bf2244f73d50369

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://microsoftportal.net/?
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986
Connection: keep-alive
Referer: https://microsoftportal.net/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Thu, 17 Jun 2021 15:38:41 GMT
Server: nginx/1.16.1
ETag: "60cb6c81-f017"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61463

GET
H/1.1 200
OK 1623942707_1506348305_img_2674_story.jpg
microsoftportal.net/uploads/posts/2021-06/thumbs/ 37 KB
37 KB 69ms
69ms Image
image/jpeg 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoftportal.net/uploads/posts/2021-06/thumbs/1623942707_1506348305_img_2674_story.jpg

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

1341fc0005dbe71c32e421f13c283429aaeb74a0b151a6b9f83205b5ee516d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://microsoftportal.net/?
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986
Connection: keep-alive
Referer: https://microsoftportal.net/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Thu, 17 Jun 2021 15:10:49 GMT
Server: nginx/1.16.1
ETag: "60cb65f9-93e1"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37857

GET
H/1.1 200
OK 1623884502_1544615596_windows_10_wallpaper_by_archi_techi-da25m0q.png
microsoftportal.net/uploads/posts/2021-06/thumbs/ 66 KB
67 KB 64ms
64ms Image
image/png 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoftportal.net/uploads/posts/2021-06/thumbs/1623884502_1544615596_windows_10_wallpaper_by_archi_techi-da25m0q.png

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

8ba9595c642523b828dee1741119b88d2d022ba8be8a8f0966600ce11dddd7e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://microsoftportal.net/?
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986; fid=aabb4d12-0dac-42cd-b60c-54976a27a32b
Connection: keep-alive
Referer: https://microsoftportal.net/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Wed, 16 Jun 2021 23:00:33 GMT
Server: nginx/1.16.1
ETag: "60ca8291-108e6"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 67814

GET
H/1.1 200
OK 1623867961_1pmhwyc.png
microsoftportal.net/uploads/posts/2021-06/thumbs/ 135 KB
135 KB 69ms
68ms Image
image/png 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoftportal.net/uploads/posts/2021-06/thumbs/1623867961_1pmhwyc.png

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

b6790cf785e814bb1152eb00cabb27cafb3593393ca3aec19ebe5dbc5dfbe8b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://microsoftportal.net/?
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986; fid=aabb4d12-0dac-42cd-b60c-54976a27a32b
Connection: keep-alive
Referer: https://microsoftportal.net/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Wed, 16 Jun 2021 18:25:56 GMT
Server: nginx/1.16.1
ETag: "60ca4234-21ccf"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 138447

GET
H/1.1 200
OK 1623863742_rlxr1vb.png
microsoftportal.net/uploads/posts/2021-06/thumbs/ 198 KB
198 KB 66ms
66ms Image
image/png 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoftportal.net/uploads/posts/2021-06/thumbs/1623863742_rlxr1vb.png

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

42d9aedcbe73adba235a1302073902183b440cac6b8e81e6560a0644d049875e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://microsoftportal.net/?
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986; fid=aabb4d12-0dac-42cd-b60c-54976a27a32b
Connection: keep-alive
Referer: https://microsoftportal.net/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Wed, 16 Jun 2021 17:15:13 GMT
Server: nginx/1.16.1
ETag: "60ca31a1-3169d"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 202397

GET
H/1.1 200
OK 1623863454_original.jpg
microsoftportal.net/uploads/posts/2021-06/thumbs/ 98 KB
98 KB 68ms
67ms Image
image/jpeg 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoftportal.net/uploads/posts/2021-06/thumbs/1623863454_original.jpg

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

b641fcc6977163e5c0f29d3f2f9216bb20c9a8b6be3b8bb7029393421e8cfdb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://microsoftportal.net/?
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986; fid=aabb4d12-0dac-42cd-b60c-54976a27a32b; _ym_uid=1623979070926371334; _ym_d=1623979070
Connection: keep-alive
Referer: https://microsoftportal.net/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Wed, 16 Jun 2021 17:09:49 GMT
Server: nginx/1.16.1
ETag: "60ca305d-187df"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 100319

GET
H/1.1 200
OK default.js Show response
microsoftportal.net/engine/skins/ 11 KB
11 KB 64ms
63ms Script
application/javascript 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoftportal.net/engine/skins/default.js

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

b912455480572174b87986b8f195eae651c900ef3b6fb85d72310b6aad0c878c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://microsoftportal.net/?
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986
Connection: keep-alive
Referer: https://microsoftportal.net/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Sat, 28 Dec 2019 11:44:05 GMT
Server: nginx/1.16.1
ETag: "5e074005-2ae5"
Strict-Transport-Security: max-age=31536000;
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10981

GET
H2 200 3_0_FFFFFFFF_EFEFEFFF_0_pageviews
informer.yandex.ru/informer/10478836/ 1 KB
1 KB 53ms
50ms Image
image/png 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://informer.yandex.ru/informer/10478836/3_0_FFFFFFFF_EFEFEFFF_0_pageviews

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8404058893315916b0e194ce6bb84b14cf232fcef49aa931ec753e03aab69d61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
last-modified: Fri, 18-Jun-2021 01:17:49 GMT
content-type: image/png
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1262
x-xss-protection: 1; mode=block
expires: Fri, 18-Jun-2021 01:17:49 GMT

GET
H2

200

counter2
top-fwz1.mail.ru/
Redirect Chain

https://top-fwz1.mail.ru/counter?id=2124891;t=433;l=1
https://top-fwz1.mail.ru/counter2?id=2124891;t=433;l=1

1 KB
2 KB

72ms
72ms

Image
image/gif

217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=2124891;t=433;l=1

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

2025b5a293b4a9e28a43e16a83442c2686f4d7ed3bb79b45b3be42c6936526f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:49 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 1391
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Fri, 18 Jun 2021 01:17:49 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
location: https://top-fwz1.mail.ru/counter2?id=2124891;t=433;l=1
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 all.js Show response
connect.facebook.net/ru_RU/ 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/all.js

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d1f29eead89372377d1c3148a548282e9e41a9a0eee6e346a9848b78ce209a60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: rb6UIFNWcz30kvnXYs944g==
cross-origin-resource-policy: cross-origin
expires: Fri, 18 Jun 2021 01:19:00 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1778
x-fb-rlafr: 0
x-fb-debug: wl7xWpAGX16v6I3Mz6gbhw6c2UyczioDeefrf1wOnL44f29XR36i1NbpfQROZ3fPR5KoTOx2urTZfsw4wovpFA==
x-fb-trip-id: 686109401
x-fb-content-md5: 3349c8e958da361c427cb3d94e74e52e
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 18 Jun 2021 01:17:49 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "e0ac239ff6c7cc719b94313d6ccde23d"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK img9.jpg
microsoftportal.net/templates/MSPortal/images/ 59 KB
60 KB 88ms
69ms Image
image/jpeg 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoftportal.net/templates/MSPortal/images/img9.jpg

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/templates/MSPortal/style/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

edea62b6792791e90490e04ecbdb167677f4c84c09fe19efba4dbdc6494efb10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986
Connection: keep-alive
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:32 GMT
Server: nginx/1.16.1
ETag: "5a6e5e44-edfb"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 60923

GET
H/1.1 200
OK login_ic.png
microsoftportal.net/templates/MSPortal/images/ 4 KB
4 KB 108ms
64ms Image
image/png 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoftportal.net/templates/MSPortal/images/login_ic.png

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/templates/MSPortal/style/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

a8cf59007153a1d366dd69c66f54edbbcfec46a32330626a714f1b22934ec468

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986
Connection: keep-alive
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:32 GMT
Server: nginx/1.16.1
ETag: "5a6e5e44-edb"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3803

GET
H/1.1 200
OK search_bg.png
microsoftportal.net/templates/MSPortal/images/ 3 KB
3 KB 99ms
61ms Image
image/png 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoftportal.net/templates/MSPortal/images/search_bg.png

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/templates/MSPortal/style/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

3b9e8d070eb3d3a740240f79b731159e34f993842e3d80dd07a2114c69ed8075

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986
Connection: keep-alive
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:32 GMT
Server: nginx/1.16.1
ETag: "5a6e5e44-ae6"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2790

GET
H/1.1 200
OK search_ic.png
microsoftportal.net/templates/MSPortal/images/ 3 KB
3 KB 122ms
67ms Image
image/png 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoftportal.net/templates/MSPortal/images/search_ic.png

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/templates/MSPortal/style/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

8f281ebc45c293d64b39f0a23399a3cccbd542c3a1245019dd33e2139d45ed3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986
Connection: keep-alive
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:31 GMT
Server: nginx/1.16.1
ETag: "5a6e5e43-c7e"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3198

GET
H/1.1 200
OK bt_ic.png
microsoftportal.net/templates/MSPortal/images/ 3 KB
3 KB 183ms
65ms Image
image/png 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoftportal.net/templates/MSPortal/images/bt_ic.png

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/templates/MSPortal/style/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

c2a53a2ff6fe4b87169761f63876c4239639b5710db7c5e2861dd24e8e347180

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986
Connection: keep-alive
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:31 GMT
Server: nginx/1.16.1
ETag: "5a6e5e43-c84"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3204

GET
H/1.1 200
OK auth_line.png
microsoftportal.net/templates/MSPortal/images/ 3 KB
3 KB 155ms
65ms Image
image/png 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoftportal.net/templates/MSPortal/images/auth_line.png

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/templates/MSPortal/style/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

f32de53959fd8081d100f1e31199a913a86804e58d7cd8498124dded214f74d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986
Connection: keep-alive
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:32 GMT
Server: nginx/1.16.1
ETag: "5a6e5e44-aec"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2796

GET
H/1.1 200
OK short_ic.png
microsoftportal.net/templates/MSPortal/images/ 3 KB
4 KB 214ms
61ms Image
image/png 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoftportal.net/templates/MSPortal/images/short_ic.png

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/templates/MSPortal/style/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

c654e1b1768e9ee4ef211ea90736e7e99679d7af202faa4f2782db9447bdf548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986
Connection: keep-alive
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:31 GMT
Server: nginx/1.16.1
ETag: "5a6e5e43-d12"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3346

GET
H/1.1 200
OK page_nav.png
microsoftportal.net/templates/MSPortal/images/ 3 KB
3 KB 67ms
67ms Image
image/png 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoftportal.net/templates/MSPortal/images/page_nav.png

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/templates/MSPortal/style/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

77affbd2fb12370b0c53ff6b46dfa66c313f0d29f4e4148913a42d5789ac6451

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986; fid=aabb4d12-0dac-42cd-b60c-54976a27a32b; _ym_uid=1623979070926371334; _ym_d=1623979070; __gads=ID=a667700f7581ceaf-225e796463c800e3:T=1623979069:RT=1623979069:S=ALNI_MbHPdF6C7JyJFidaR-RIrj1fFLlhw; tmr_lvid=513b54495b9c30327916b7b30ba1e1a2; tmr_lvidTS=1623979069806; tmr_reqNum=1
Connection: keep-alive
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:31 GMT
Server: nginx/1.16.1
ETag: "5a6e5e43-bf1"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3057

GET
H3-29 200 all.js Show response
connect.facebook.net/ru_RU/ 247 KB
73 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/all.js?hash=07d88eb108960db6eb7ebe4e738b3da5&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/all.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b95214dac0b2f1843bb487d97ed047870b55f73c0981f1fc9ea0e90eebced9f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://microsoftportal.net
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 8hJrC5Fn3pXoC+uLFSAhwg==
cross-origin-resource-policy: cross-origin
expires: Fri, 17 Jun 2022 23:45:36 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74511
x-fb-rlafr: 0
x-fb-debug: mT8iiAIZuCdIT7LagMI1n+UaXiyfBP3NbxvJbmXuL+X1MbUyJI3cazSS15Nj6yxlU9KnkaaNnqZHXRswXL0wTw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 2a4a5fac5448e547ede3fdcc600444c9
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Jun 2021 01:17:49 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "fc5c2a29d45e796768e57d293d59b951"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK b_title_ic.png
microsoftportal.net/templates/MSPortal/images/ 7 KB
7 KB 213ms
65ms Image
image/png 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoftportal.net/templates/MSPortal/images/b_title_ic.png

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/templates/MSPortal/style/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

91cfab827f1f7c9aca0933e30f433ed72d44546deef812d3ef4e6f0745ba3f4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986
Connection: keep-alive
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:32 GMT
Server: nginx/1.16.1
ETag: "5a6e5e44-1a44"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6724

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/ 233 KB
86 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8396851324217908&plah=microsoftportal.net&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ea901577fd64178b72730a9f203acbda8801a66f7caf920b59257b13876eae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88106
x-xss-protection: 0
server: cafe
etag: 14514754445097133811
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 18 Jun 2021 01:17:49 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210616/r20190131/ Frame 9810 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210616/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210616/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://microsoftportal.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://microsoftportal.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 17 Jun 2021 19:18:49 GMT
expires: Thu, 01 Jul 2021 19:18:49 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 21540
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aci.js Show response
www.acint.net/ 21 KB
7 KB 85ms
28ms Script
application/x-javascript 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: 8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:49 GMT
content-encoding: gzip
last-modified: Sat, 02 Jan 2021 18:29:13 GMT
server: openresty
etag: "5ff0bb79-1baf"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 7087
expires: Fri, 18 Jun 2021 13:17:49 GMT

GET
H/1.1 200
OK bar-bg.png
microsoftportal.net/templates/MSPortal/images/ 313 B
597 B 185ms
65ms Image
image/png 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoftportal.net/templates/MSPortal/images/bar-bg.png

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

c5c44afc84eb882c171355b664f14b251d5c34db9023b719ba29dac938b6554e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://microsoftportal.net/?
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986
Connection: keep-alive
Referer: https://microsoftportal.net/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:32 GMT
Server: nginx/1.16.1
ETag: "5a6e5e44-139"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 313

GET
H/1.1 200
OK bar-blue.png
microsoftportal.net/templates/MSPortal/images/ 253 B
536 B 189ms
64ms Image
image/png 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoftportal.net/templates/MSPortal/images/bar-blue.png

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

694b3d44092af2be786c584ad80546df912fb0bf621e760a9bfd8d0c8f986be9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://microsoftportal.net/?
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986
Connection: keep-alive
Referer: https://microsoftportal.net/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:31 GMT
Server: nginx/1.16.1
ETag: "5a6e5e43-fd"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 253

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t15.1;rhttps%3A//microsoftportal.net.mcas.ms/;s1600*1200*24;uhttps%3A//microsoftportal.net/%3F;hMSPortal;0.5093570810220609
https://counter.yadro.ru/hit?q;t15.1;rhttps%3A//microsoftportal.net.mcas.ms/;s1600*1200*24;uhttps%3A//microsoftportal.net/%3F;hMSPortal;0.5093570810220609

238 B
724 B

62ms
61ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t15.1;rhttps%3A//microsoftportal.net.mcas.ms/;s1600*1200*24;uhttps%3A//microsoftportal.net/%3F;hMSPortal;0.5093570810220609

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

0ad7e686edc29cd35a71db3bf881976eb6d27545524410b0595e423dbda5a706

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 01:17:49 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 238
Expires: Wed, 17 Jun 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 01:17:49 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t15.1;rhttps%3A//microsoftportal.net.mcas.ms/;s1600*1200*24;uhttps%3A//microsoftportal.net/%3F;hMSPortal;0.5093570810220609
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Wed, 17 Jun 2020 21:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 218 KB
69 KB 45ms
44ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

c6754c3241a18169afee078352f5e11c9c8eec97b9e2fb173f541ce2d07dd210

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:49 GMT
content-encoding: br
last-modified: Thu, 17 Jun 2021 09:26:05 GMT
etag: "60bf3bc8-114ef"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 70895
expires: Fri, 18 Jun 2021 02:17:49 GMT

GET
H2 200 top100.js Show response
st.top100.ru/top100/ 139 KB
49 KB 185ms
60ms Script
application/javascript 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/top100.js
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.89.18 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: be44428e9433183b9c2bd006073440dcb939976988ea245a9a8b98984d0400f3

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:49 GMT
content-encoding: gzip
last-modified: Thu, 17 Jun 2021 12:49:53 GMT
server: nginx/1.19.4
etag: W/"60cb44f1-22b21"
vary: Accept-Encoding
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: max-age=3600
content-type: application/javascript
expires: Fri, 18 Jun 2021 02:17:49 GMT

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 24 KB
10 KB 168ms
129ms Script
application/javascript 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

71a0c6830d978bf08f7540a19d77b7f0802d31e16156fd7f944063f0f96c61b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Tue, 08 Jun 2021 17:06:07 GMT
server: nginx
etag: W/"60bfa37f-6083"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory
timing-allow-origin: *
access-control-allow-headers: *
expires: Fri, 18 Jun 2021 02:17:49 GMT

GET
H/1.1 200
OK soc.png
microsoftportal.net/templates/MSPortal/images/ 7 KB
8 KB 67ms
67ms Image
image/png 91.218.230.124
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoftportal.net/templates/MSPortal/images/soc.png

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/templates/MSPortal/style/styles.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.218.230.124 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),

Reverse DNS

hosted-by.ihc.ru

Software

nginx/1.16.1 /

Resource Hash

27a9105727943397b059ee354ee7f2f665f3d5a7a6fb0df68aad37b7f43b7cac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: microsoftportal.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
Cookie: PHPSESSID=e964f5064cc63f69f9cd9050a1b75986; fid=aabb4d12-0dac-42cd-b60c-54976a27a32b; _ym_uid=1623979070926371334; _ym_d=1623979070; __gads=ID=a667700f7581ceaf-225e796463c800e3:T=1623979069:RT=1623979069:S=ALNI_MbHPdF6C7JyJFidaR-RIrj1fFLlhw; tmr_lvid=513b54495b9c30327916b7b30ba1e1a2; tmr_lvidTS=1623979069806; tmr_reqNum=1
Connection: keep-alive
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:31 GMT
Server: nginx/1.16.1
ETag: "5a6e5e43-1dbf"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7615

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 209 B
662 B 88ms
31ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=microsoftportal.net&callback=_gfp_s_&client=ca-pub-8396851324217908

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8396851324217908&plah=microsoftportal.net&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

090b89f314615b596c9c226110b587f34936721cbf6fe113e2850d120a2f63cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 14ms
13ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=microsoftportal.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Jun 2021 01:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=microsoftportal.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Jun 2021 01:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B04A 73 KB
25 KB 432ms
431ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&h=90&slotname=2908634292&adk=3175562939&adf=658274708&pi=t.ma~as.2908634292&w=728&lmt=1623979069&psa=0&format=728x90&url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623979069564&bpp=4&bdt=357&idt=89&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=2494258579871&frm=20&pv=2&ga_vid=1321723591.1623979070&ga_sid=1623979070&ga_hid=360588795&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=250&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060972&oid=3&pvsid=1515440003610419&ref=https%3A%2F%2Fmicrosoftportal.net.mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Z2Vj9DWyPP&p=https%3A//microsoftportal.net&dtd=108

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

796af38d0aca23e927658d1c8a2e0f3846db2798c92d11a667184c4f72101e5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8396851324217908&output=html&h=90&slotname=2908634292&adk=3175562939&adf=658274708&pi=t.ma~as.2908634292&w=728&lmt=1623979069&psa=0&format=728x90&url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623979069564&bpp=4&bdt=357&idt=89&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=2494258579871&frm=20&pv=2&ga_vid=1321723591.1623979070&ga_sid=1623979070&ga_hid=360588795&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=250&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060972&oid=3&pvsid=1515440003610419&ref=https%3A%2F%2Fmicrosoftportal.net.mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Z2Vj9DWyPP&p=https%3A//microsoftportal.net&dtd=108
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://microsoftportal.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://microsoftportal.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 18 Jun 2021 01:17:50 GMT
server: cafe
content-length: 25265
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 18-Jun-2021 01:32:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 18 Jun 2021 01:17:50 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:49 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842926269324"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28241
x-xss-protection: 0
expires: Fri, 18 Jun 2021 01:17:49 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-8396851324217908&c=11&e=2570847921467975139&n=0&t=0&w=434&x=2

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 01:17:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 520E 74 KB
25 KB 436ms
436ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&h=600&slotname=2618197074&adk=2460103794&adf=3305433536&pi=t.ma~as.2618197074&w=300&fwrn=4&fwrnh=100&lmt=1623979069&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623979069568&bpp=2&bdt=361&idt=115&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2494258579871&frm=20&pv=1&ga_vid=1321723591.1623979070&ga_sid=1623979070&ga_hid=360588795&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1099&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060972&oid=3&pvsid=1515440003610419&ref=https%3A%2F%2Fmicrosoftportal.net.mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HsxgAOVok5&p=https%3A//microsoftportal.net&dtd=117

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13879d744768ce75b1b0d8af552afcb320fd1b77d5a554f27b9cff33d9a9e0bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8396851324217908&output=html&h=600&slotname=2618197074&adk=2460103794&adf=3305433536&pi=t.ma~as.2618197074&w=300&fwrn=4&fwrnh=100&lmt=1623979069&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623979069568&bpp=2&bdt=361&idt=115&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2494258579871&frm=20&pv=1&ga_vid=1321723591.1623979070&ga_sid=1623979070&ga_hid=360588795&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1099&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060972&oid=3&pvsid=1515440003610419&ref=https%3A%2F%2Fmicrosoftportal.net.mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HsxgAOVok5&p=https%3A//microsoftportal.net&dtd=117
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://microsoftportal.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://microsoftportal.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 18 Jun 2021 01:17:50 GMT
server: cafe
content-length: 25184
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 18-Jun-2021 01:32:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 18 Jun 2021 01:17:50 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BF4E 57 KB
16 KB 598ms
598ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&h=280&slotname=7615861873&adk=1353954373&adf=392815488&pi=t.ma~as.7615861873&w=1197&fwrn=4&fwrnh=100&lmt=1623979069&rafmt=1&psa=0&format=1197x280&url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623979069598&bpp=2&bdt=391&idt=91&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x600&correlator=2494258579871&frm=20&pv=1&ga_vid=1321723591.1623979070&ga_sid=1623979070&ga_hid=360588795&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060972&oid=3&pvsid=1515440003610419&ref=https%3A%2F%2Fmicrosoftportal.net.mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=l3lCw0WEYP&p=https%3A//microsoftportal.net&dtd=128

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

786aed2ce2962a042668163a7b262dde1be87f1cc362dd605c3ae3b367fd1d2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8396851324217908&output=html&h=280&slotname=7615861873&adk=1353954373&adf=392815488&pi=t.ma~as.7615861873&w=1197&fwrn=4&fwrnh=100&lmt=1623979069&rafmt=1&psa=0&format=1197x280&url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623979069598&bpp=2&bdt=391&idt=91&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x600&correlator=2494258579871&frm=20&pv=1&ga_vid=1321723591.1623979070&ga_sid=1623979070&ga_hid=360588795&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060972&oid=3&pvsid=1515440003610419&ref=https%3A%2F%2Fmicrosoftportal.net.mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=l3lCw0WEYP&p=https%3A//microsoftportal.net&dtd=128
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://microsoftportal.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://microsoftportal.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 18 Jun 2021 01:17:50 GMT
server: cafe
content-length: 16459
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 18-Jun-2021 01:32:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 18 Jun 2021 01:17:50 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 951B 0
19 B 33ms
32ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&adk=1812271804&adf=3025194257&lmt=1623979069&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623979069617&bpp=1&bdt=410&idt=119&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x600%2C1197x280&nras=1&correlator=2494258579871&frm=20&pv=1&ga_vid=1321723591.1623979070&ga_sid=1623979070&ga_hid=360588795&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060972&oid=3&pvsid=1515440003610419&ref=https%3A%2F%2Fmicrosoftportal.net.mcas.ms%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=130

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8396851324217908&output=html&adk=1812271804&adf=3025194257&lmt=1623979069&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623979069617&bpp=1&bdt=410&idt=119&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x600%2C1197x280&nras=1&correlator=2494258579871&frm=20&pv=1&ga_vid=1321723591.1623979070&ga_sid=1623979070&ga_hid=360588795&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060972&oid=3&pvsid=1515440003610419&ref=https%3A%2F%2Fmicrosoftportal.net.mcas.ms%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=130
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://microsoftportal.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://microsoftportal.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 18 Jun 2021 01:17:49 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 18-Jun-2021 01:32:49 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 18 Jun 2021 01:17:49 GMT
cache-control: private

GET
H2

200

/ Show response
www.acint.net/mc/ Frame 5952
Redirect Chain

https://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10&tc=1

3 KB
4 KB

29ms
28ms

Document
text/html

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=10&tc=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: 4ef38e739d00295538724e9c3907a642f98e499be5156c51b17acc937f163c53

Request headers

:method: GET
:authority: www.acint.net
:scheme: https
:path: /mc/?dp=10&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://microsoftportal.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission; aid=fwAAAWDL9D1aTwZacUmRAgwB2rxkpCcXAsXAuVh9PeV2FOBq
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://microsoftportal.net/

Response headers

server: openresty
date: Fri, 18 Jun 2021 01:17:49 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1623979069; expires=Sun, 18-Jul-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp14v3=1623979069; expires=Sun, 18-Jul-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp17=1623979069; expires=Sun, 18-Jul-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp32=1623979069; expires=Sun, 18-Jul-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp45v3=1623979069; expires=Sat, 19-Jun-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp53=1623979069; expires=Sun, 18-Jul-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp54v2=1623979069; expires=Sun, 18-Jul-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp62=1623979069; expires=Sun, 18-Jul-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp67v2=1623979069; expires=Sun, 18-Jul-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp68=1623979069; expires=Sun, 18-Jul-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp77=1623979069; expires=Fri, 02-Jul-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp84=1623979069; expires=Sun, 18-Jul-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp85=1623979069; expires=Sun, 18-Jul-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp88=1623979069; expires=Sun, 18-Jul-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp95v2=1623979069; expires=Sun, 18-Jul-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp101=1623979069; expires=Sun, 18-Jul-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp104v2=1623979069; expires=Fri, 02-Jul-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp107=1623979069; expires=Sun, 18-Jul-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp111v2=1623979069; expires=Fri, 02-Jul-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp112v2=1623979069; expires=Sun, 18-Jul-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp125=1623979069; expires=Sun, 18-Jul-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp126=1623979069; expires=Sun, 18-Jul-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp127=1623979069; expires=Sun, 18-Jul-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp136=1623979069; expires=Sun, 18-Jul-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp138=1623979069; expires=Sun, 18-Jul-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp144=1623979069; expires=Sun, 18-Jul-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp146=1623979069; expires=Sun, 18-Jul-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp149=1623979069; expires=Sun, 18-Jul-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp151=1623979069; expires=Sun, 18-Jul-21 01:17:49 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip

Redirect headers

server: openresty
date: Fri, 18 Jun 2021 01:17:49 GMT
content-type: text/html
content-length: 154
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Fri, 18-Jun-21 01:27:49 GMT aid=fwAAAWDL9D1aTwZacUmRAgwB2rxkpCcXAsXAuVh9PeV2FOBq; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
location: /mc/?dp=10&tc=1

GET
H2 200 /
www.acint.net/hit/ 43 B
339 B 27ms
27ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.3.0&uid=38cf7633-02cb-4d2d-aa0d-6b062e6b8e80&dp=10&tz=%2B02%3A00&nc=41234266&u=https%3A%2F%2Fmicrosoftportal.net%2F%3F&r=https%3A%2F%2Fmicrosoftportal.net.mcas.ms%2F&rs=1600x1200&t=MSPortal&oE=1&oP=1&dT=2021-06-18T03%3A17%3A49.751&fu=aabb4d12-0dac-42cd-b60c-54976a27a32b
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:49 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9307.lcStBDpc_HXpyYxPEwveNyLTliDxwOkYUAq7t9CquKiuOwNuo0FOVkdx9WsuryHc.6mP6cfiHGO6owRPM7Qsp7QzAWek%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9307.q1ei_ljC2J9Zr7Z0yOEpU798XHOk1QWFW8hYvjgmk6mBRtKeAjc7HQYynl8_0H2xNVLdN1YZLmS9mqhgS_wQuQ%2C%2C.DQZg869KB70jwsPkHTyuR_sD93Y%2C

75 B
75 B

44ms
44ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9307.q1ei_ljC2J9Zr7Z0yOEpU798XHOk1QWFW8hYvjgmk6mBRtKeAjc7HQYynl8_0H2xNVLdN1YZLmS9mqhgS_wQuQ%2C%2C.DQZg869KB70jwsPkHTyuR_sD93Y%2C

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:49 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9307.q1ei_ljC2J9Zr7Z0yOEpU798XHOk1QWFW8hYvjgmk6mBRtKeAjc7HQYynl8_0H2xNVLdN1YZLmS9mqhgS_wQuQ%2C%2C.DQZg869KB70jwsPkHTyuR_sD93Y%2C
date: Fri, 18 Jun 2021 01:17:49 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
109 B 44ms
44ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:49 GMT
last-modified: Thu, 17 Jun 2021 09:26:05 GMT
etag: "60bf3bc8-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 18 Jun 2021 02:17:49 GMT

POST
H2 200 counter
top-fwz1.mail.ru/ 43 B
810 B 72ms
72ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=2124891;u=https%3A//microsoftportal.net/%3F;r=https%3A//microsoftportal.net.mcas.ms/;st=1623979069606;title=MSPortal;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=80f93783f636ba7f;ver=60.3.0;tz=-120%2FEurope%2FBerlin;ni=10//4g/0/0/;lvid=1623979069806%3A1623979069816%3A1%3A513b54495b9c30327916b7b30ba1e1a2;_=0.5110749729825819

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 18 Jun 2021 01:17:49 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://microsoftportal.net
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://microsoftportal.net
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory
timing-allow-origin: https://microsoftportal.net
access-control-allow-headers: *

GET
H2

200

match
ads.betweendigital.com/ Frame 5952
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F3DF4CB605A064F5A02914971
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F3DF4CB605A064F5A02914971&crf=1

68 B
159 B

34ms
33ms

Image
image/png

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F3DF4CB605A064F5A02914971&crf=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=73&external_user_id=0100007F3DF4CB605A064F5A02914971&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 5952
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=0100007F3DF4CB601300C96B021A200D

43 B
269 B

29ms
27ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=0100007F3DF4CB601300C96B021A200D
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:50 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Fri, 18 Jun 2021 01:17:49 GMT
Server: openresty
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Location: https://acint.net/match?dp=14&euid=0100007F3DF4CB601300C96B021A200D
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: text/html
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame 5952
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=0100007F3DF4CB605A064F5A02914971
https://px.adhigh.net/p/cm/sape?u=0100007F3DF4CB605A064F5A02914971&bounced=1
https://acint.net/match?dp=17&euid=u7W7wrWVRQNo.AikABlF6HLISYg

43 B
269 B

28ms
28ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=u7W7wrWVRQNo.AikABlF6HLISYg
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:50 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 01:17:49 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f3-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://acint.net/match?dp=17&euid=u7W7wrWVRQNo.AikABlF6HLISYg
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame 5952 43 B
323 B 157ms
45ms Image
image/gif 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=0100007F3DF4CB605A064F5A02914971
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:50 GMT
Last-Modified: Fri, 18 Jun 2021 01:17:50 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=21600
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Fri, 18 Jun 2021 07:17:50 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 5952
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5100389131
https://www.acint.net/rmatch?dp=45&euid=A3X1omUncjki_99OoOkHt2A&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F3DF4CB605A064F5A02914971

42 B
201 B

112ms
73ms

Image
image/gif

81.222.128.216
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F3DF4CB605A064F5A02914971
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad16.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:50 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Fri, 18 Jun 2021 01:17:50 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F3DF4CB605A064F5A02914971
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 sync
a.utraff.com/ Frame 5952 0
751 B 129ms
17ms Image
text/plain 2606:4700:20::ac43:4975
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=sape
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4975 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:49 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4lL%2B6OJ0sMmwjV%2FCD%2FwAIrcH78GJqsyTirzW6u%2F8xzV01d1kiwc74RSyO8EubhznbfsRyp8fwRW%2BhLR58BI4D0Ofr%2BlPFk2KtM2AiQsgPzbizfNguJoDc9Kcl9Y8ReqZ%2Bi5v3eQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 6610ae235b5d0625-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cf-request-id: 0abe4b2a1a00000625cf38b000000001

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame 5952
Redirect Chain

https://sync.republer.com/match?dsp=sape
https://sync.republer.com/match?dsp=sape&qset=1
https://sync.bumlam.com/?src=rp1&uid=89f6c74d-fa6f-45ca-ac8c-2a5bb921c420
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABi-6K-GBlIEioaQK2IkODlmNmM3NGQtZmE2Zi00NWNhLWFjOGMtMmE1YmI5MjFjNDIw
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARi-6K-GBlIEioaQK2IkODlmNmM3NGQtZmE2Zi00NWNhLWFjOGMtMmE1YmI5MjFjNDIwogEQ_5Y--s_SEeug1wAlkORcOA**
https://sync.bumlam.com/?src=rp1&s_data=CAIQABi-6K-GBmIkODlmNmM3NGQtZmE2Zi00NWNhLWFjOGMtMmE1YmI5MjFjNDIwogEQ_5Y--s_SEeug1wAlkORcOA**
https://sync.bumlam.com/?src=rp1&s_data=CAIQARi-6K-GBmIkODlmNmM3NGQtZmE2Zi00NWNhLWFjOGMtMmE1YmI5MjFjNDIwogEQ_5Y--s_SEeug1wAlkORcOA**

43 B
552 B

24ms
24ms

Image
image/gif

31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=rp1&s_data=CAIQARi-6K-GBmIkODlmNmM3NGQtZmE2Zi00NWNhLWFjOGMtMmE1YmI5MjFjNDIwogEQ_5Y--s_SEeug1wAlkORcOA**
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:50 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Fri, 18 Jun 2021 01:17:50 GMT
Server: nginx
ETag: ff963efa-cfd2-11eb-a0d7-002590e45c38
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=rp1&s_data=CAIQARi-6K-GBmIkODlmNmM3NGQtZmE2Zi00NWNhLWFjOGMtMmE1YmI5MjFjNDIwogEQ_5Y--s_SEeug1wAlkORcOA**
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2 204 match
dm.hybrid.ai/ Frame 5952 0
238 B 226ms
73ms Image
text/plain 37.18.16.21
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=106&vid=0100007F3DF4CB605A064F5A02914971

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.21 , Netherlands, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 01:17:50 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 110
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame 5952 3 KB
3 KB 191ms
60ms Script
application/javascript 185.15.175.158
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.158 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7c078e5032ba5da0fdf4e333ac30ad283aaa9de5d935e716c6fd7e1b5d4e9d2e

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:50 GMT
Last-Modified: Thu, 13 May 2021 10:40:41 GMT
Server: nginx
ETag: "609d0229-c11"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3089

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame 5952 0
70 B 143ms
33ms Image
text/plain 116.202.85.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=0100007F3DF4CB605A064F5A02914971
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.202.85.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.85.202.116.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 18 Jun 2021 01:17:49 GMT
server: nginx/1.17.10

GET
H2

200

match
www.acint.net/ Frame 5952
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfz30y2BaBk9aApFJcQ
https://www.acint.net/match?dp=77&euid=

43 B
269 B

28ms
28ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=77&euid=
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:50 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 01:17:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.acint.net/match?dp=77&euid=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
adlmerge.com/merge_gpsid/ Frame 5952
Redirect Chain

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F3DF4CB605A064F5A02914971
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F3DF4CB605A064F5A02914971

43 B
115 B

86ms
27ms

Image
image/gif

95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F3DF4CB605A064F5A02914971
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 Wjelsryp, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

iseu: eu
server: nginx/1.16.0
date: Fri, 18 Jun 2021 01:17:50 GMT
content-type: image/gif

Redirect headers

location: //adlmerge.com/merge_gpsid/?sid=50&id=0100007F3DF4CB605A064F5A02914971
date: Fri, 18 Jun 2021 01:17:50 GMT
server: nginx
content-length: 0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 5952 42 B
201 B 296ms
73ms Image
image/gif 81.222.128.216
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F3DF4CB605A064F5A02914971
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad16.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:50 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK sprcs
relap.io/partners/ Frame 5952 43 B
1 KB 227ms
77ms Image
image/gif 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/partners/sprcs?uid=0100007F3DF4CB605A064F5A02914971

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Jun 2021 01:17:50 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=5184000; includeSubdomains;
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H2

204

0.gif
x01.aidata.io/ Frame 5952
Redirect Chain

https://adx.com.ru/sape-sync?uid=0100007F3DF4CB605A064F5A02914971
https://adx.com.ru/sync?sspKey=25&sspUserID=0100007F3DF4CB605A064F5A02914971
https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=60cbf43ef0e015ac9c210fd8&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru...
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D60cbf43ef0e015ac9c210fd8%2526r%253Dhttps%25253A...
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D60cbf43ef0e015ac9c210fd8%2526r%253Dhttps%25253A...
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D60cbf43ef0e015ac9c210fd8%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D60cbf43ef0...
https://prodmp.ru/yabbi.gif?uid=60cbf43ef0e015ac9c210fd8&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D60cbf43ef0e015ac9c210fd8%26dest%3D
https://x01.aidata.io/0.gif?pid=9712851&id=60cbf43ef0e015ac9c210fd8&dest=

0
402 B

61ms
60ms

Image
text/plain

89.108.119.43
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=9712851&id=60cbf43ef0e015ac9c210fd8&dest=
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51370.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 01:17:50 GMT
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Fri, 18 Jun 2021 01:17:49 GMT
last-modified: Fri, 18 Jun 2021 01:17:49 GMT
server: nginx
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'

Redirect headers

location: https://x01.aidata.io/0.gif?pid=9712851&id=60cbf43ef0e015ac9c210fd8&dest=
date: Fri, 18 Jun 2021 01:17:50 GMT
access-control-allow-credentials: true
server: nginx
content-type: image/gif
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 5952
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F3DF4CB605A064F5A02914971
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F3DF4CB605A064F5A02914971&cs=1

35 B
376 B

32ms
32ms

Image
image/gif

88.99.213.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F3DF4CB605A064F5A02914971&cs=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.99.213.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-213-228.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:50 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F3DF4CB605A064F5A02914971&cs=1
date: Fri, 18 Jun 2021 01:17:50 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2

200

match
www.acint.net/ Frame 5952
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=Q02FgC5ilC5B

43 B
269 B

28ms
27ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=Q02FgC5ilC5B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:50 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=Q02FgC5ilC5B
Date: Fri, 18 Jun 2021 01:17:50 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame 5952
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=107&euid=1e4959c6-f596-52a9-93fc-19e0f337eddd

43 B
269 B

28ms
27ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=1e4959c6-f596-52a9-93fc-19e0f337eddd
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:50 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=1e4959c6-f596-52a9-93fc-19e0f337eddd
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 5952
Redirect Chain

https://0100007f3df4cb605a064f5a02914971-sp.ops.beeline.ru/p?ssp=sp&id=0100007F3DF4CB605A064F5A02914971
https://www.acint.net/match?dp=111&euid=bd3b1a6d-1e9c-4950-965a-631abd455542

43 B
269 B

28ms
27ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=111&euid=bd3b1a6d-1e9c-4950-965a-631abd455542
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:50 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Fri, 18 Jun 2021 01:17:50 GMT
x-route: http://upstream_cookiesync
server: nginx
location: https://www.acint.net/match?dp=111&euid=bd3b1a6d-1e9c-4950-965a-631abd455542
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true, true
x-host: 192.168.152.38
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

404

R9KrEc2_RpSRqyzdHlQ9jA
an.yandex.ru/setud/mts_banner/ Frame 5952
Redirect Chain

https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F3DF4CB605A064F5A02914971
https://sm.rtb.mts.ru/p?ssp=natimatica&id=f2742c67744114cacbb7e43a0212630ca81c
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D47d2ab11-cdbf-4694-91ab-2cdd1e543d8c&ssp=natimatica&exu=f2742c67744114cacbb7e43a0212630ca81c
https://tech.rtb.mts.ru/?dsp_uid=47d2ab11-cdbf-4694-91ab-2cdd1e543d8c&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FR9KrEc2_RpSRqyzdHlQ9jA%3Flocation%3Dhttps%253A%252F%252Fut.rktch.c...
https://an.yandex.ru/setud/mts_banner/R9KrEc2_RpSRqyzdHlQ9jA?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D47d2ab11-cdbf-4694-91ab-2cdd1e543d8c&sign=3475350287

43 B
80 B

53ms
53ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/mts_banner/R9KrEc2_RpSRqyzdHlQ9jA?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D47d2ab11-cdbf-4694-91ab-2cdd1e543d8c&sign=3475350287

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 01:17:50 GMT
content-encoding: gzip
last-modified: Fri, 18 Jun 2021 01:17:50 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 18 Jun 2021 01:17:50 GMT

Redirect headers

Date: Fri, 18 Jun 2021 01:17:50 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/R9KrEc2_RpSRqyzdHlQ9jA?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3D47d2ab11-cdbf-4694-91ab-2cdd1e543d8c&sign=3475350287
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

404

R9KrEc2_RpSRqyzdHlQ9jA
an.yandex.ru/setud/mts_banner/ Frame 5952
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F3DF4CB605A064F5A02914971
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D47d2ab11-cdbf-4694-91ab-2cdd1e543d8c&ssp=sape&exu=0100007F3DF4CB605A064F5A02914971
https://tech.rtb.mts.ru/?dsp_uid=47d2ab11-cdbf-4694-91ab-2cdd1e543d8c&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FR9KrEc2_RpSRqyzdHlQ9jA%3Flocation%3Dhttps%253A%252F%252Fwww.acint....
https://an.yandex.ru/setud/mts_banner/R9KrEc2_RpSRqyzdHlQ9jA?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D47d2ab11-cdbf-4694-91ab-2cdd1e543d8c&sign=740670348

43 B
103 B

58ms
58ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/mts_banner/R9KrEc2_RpSRqyzdHlQ9jA?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D47d2ab11-cdbf-4694-91ab-2cdd1e543d8c&sign=740670348

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 01:17:50 GMT
content-encoding: gzip
last-modified: Fri, 18 Jun 2021 01:17:50 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 18 Jun 2021 01:17:50 GMT

Redirect headers

Date: Fri, 18 Jun 2021 01:17:50 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/R9KrEc2_RpSRqyzdHlQ9jA?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D47d2ab11-cdbf-4694-91ab-2cdd1e543d8c&sign=740670348
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

match
www.acint.net/ Frame 5952
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=12fdb5f9-6266-4ebf-66b8-c0a7a17ca31e

43 B
269 B

28ms
28ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=12fdb5f9-6266-4ebf-66b8-c0a7a17ca31e
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:50 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=12fdb5f9-6266-4ebf-66b8-c0a7a17ca31e
date: Fri, 18 Jun 2021 01:17:50 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame 5952
Redirect Chain

https://s.uuidksinc.net/match/396/0100007F3DF4CB605A064F5A02914971
https://www.acint.net/match?dp=127&euid=UZM9q0gkcWBQ3MDx6P9U

43 B
269 B

30ms
27ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=UZM9q0gkcWBQ3MDx6P9U
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:50 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Fri, 18 Jun 2021 01:17:50 GMT
server: nginx/1.19.0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
location: https://www.acint.net/match?dp=127&euid=UZM9q0gkcWBQ3MDx6P9U
access-control-allow-headers: Content-Type
content-length: 0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame 5952 0
215 B 213ms
69ms Image
text/plain 217.65.2.150
CITYTELECOM-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=0100007F3DF4CB605A064F5A02914971
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 18 Jun 2021 01:17:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 204 0100007F3DF4CB605A064F5A02914971
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame 5952 0
190 B 217ms
70ms Image
text/plain 93.95.102.105
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F3DF4CB605A064F5A02914971
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.95.102.105 Podolsk, Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:50 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H2

204

0.gif
x01.aidata.io/ Frame 5952
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F3DF4CB605A064F5A02914971
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F3DF4CB605A064F5A02914971&bounce=1
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
https://x01.aidata.io/0.gif?pid=LIVE&id=79AA9640E3BF89FEDE99&back=STOP

0
402 B

61ms
60ms

Image
text/plain

89.108.119.43
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LIVE&id=79AA9640E3BF89FEDE99&back=STOP
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51370.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 01:17:50 GMT
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Fri, 18 Jun 2021 01:17:49 GMT
last-modified: Fri, 18 Jun 2021 01:17:49 GMT
server: nginx
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'

Redirect headers

Location: https://x01.aidata.io/0.gif?pid=LIVE&id=79AA9640E3BF89FEDE99&back=STOP
Date: Fri, 18 Jun 2021 01:17:50 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 344
Strict-Transport-Security: max-age=86400
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK /
sync.bumlam.com/ Frame 5952 0
523 B 24ms
24ms Image
text/html 31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=sap1&uid=0100007F3DF4CB605A064F5A02914971
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:50 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

200

0100007F3DF4CB605A064F5A02914971
an.yandex.ru/mapuid/sapeis/ Frame 5952
Redirect Chain

https://an.yandex.ru/mapuid/sapeis/0100007F3DF4CB605A064F5A02914971
https://an.yandex.ru/mapuid/sapeis/0100007F3DF4CB605A064F5A02914971?redir-setuniq=1

43 B
108 B

52ms
52ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0100007F3DF4CB605A064F5A02914971?redir-setuniq=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 01:17:50 GMT
content-encoding: gzip
last-modified: Fri, 18 Jun 2021 01:17:50 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 18 Jun 2021 01:17:50 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 01:17:50 GMT
content-encoding: gzip
last-modified: Fri, 18 Jun 2021 01:17:50 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/sapeis/0100007F3DF4CB605A064F5A02914971?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 18 Jun 2021 01:17:50 GMT

GET
H2 200 frame.html Show response
s3.advarkads.com/modules/match/ Frame 4074 187 B
438 B 186ms
79ms Document
text/html 2606:4700:10::ac43:dab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F3DF4CB605A064F5A02914971
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:dab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106

Request headers

:method: GET
:authority: s3.advarkads.com
:scheme: https
:path: /modules/match/frame.html?id=8113-1-1&uid=0100007F3DF4CB605A064F5A02914971
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.acint.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.acint.net/

Response headers

date: Fri, 18 Jun 2021 01:17:50 GMT
content-type: text/html
cache-control: max-age=60
last-modified: Sat, 25 Apr 2020 07:44:34 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-request-id: 0abe4b2a1b00002b9511bc1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6610ae23584a2b95-FRA
content-encoding: gzip

GET
H2 200 /
kraken.rambler.ru/cnt/ 595 B
1 KB 194ms
63ms Image
image/gif 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/?et=pv&pid=2584737&rid=1623979069.895-1864146566&tid=t1.2584737.1182980848.1623979069895&v=1.18.11&exp=exp_bot%2Csplit_a%2Cexp_ab3%2Cb&rn=280942136&bs=1600x1200&ce=1&rf=https%3A%2F%2Fmicrosoftportal.net.mcas.ms%2F&en=UTF-8&pt=MSPortal&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=-120&fv&sv&lv&le=0&url=https%3A%2F%2Fmicrosoftportal.net%2F%3F
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.17 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: fd4b37401b665299f555320c5f46a1421d791bcbba1b23cba58dba9f01fc6f9a

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:50 GMT
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
server: nginx/1.19.4
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
access-control-allow-headers: content-type
content-length: 595

GET
H2

200

1 Show response
mc.yandex.com/watch/10478836/
Redirect Chain

https://mc.yandex.com/watch/10478836?wmode=7&page-url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&page-ref=https%3A%2F%2Fmicrosoftportal.net.mcas.ms%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Av...
https://mc.yandex.com/watch/10478836/1?wmode=7&page-url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&page-ref=https%3A%2F%2Fmicrosoftportal.net.mcas.ms%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3...

184 B
369 B

47ms
47ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/10478836/1?wmode=7&page-url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&page-ref=https%3A%2F%2Fmicrosoftportal.net.mcas.ms%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A855%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A1%3Adp%3A0%3Als%3A857222893504%3Ahid%3A731781099%3Az%3A120%3Ai%3A20210618031749%3Aet%3A1623979070%3Ac%3A1%3Arn%3A533471275%3Au%3A1623979070926371334%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623979068672%3Ads%3A6%2C136%2C387%2C2%2C1%2C0%2C%2C399%2C5%2C%2C%2C%2C941%3Adsn%3A6%2C136%2C388%2C1%2C0%2C0%2C%2C402%2C5%2C%2C%2C%2C941%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1623979070%3At%3AMSPortal

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

230def4495a1533451a5b5154ebef45630011bc7e0399f3b43ec6e41d378faac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 01:17:50 GMT
x-content-type-options: nosniff
last-modified: Fri, 18-Jun-2021 01:17:50 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://microsoftportal.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 184
x-xss-protection: 1; mode=block
expires: Fri, 18-Jun-2021 01:17:50 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 01:17:49 GMT
last-modified: Fri, 18-Jun-2021 01:17:49 GMT
location: /watch/10478836/1?wmode=7&page-url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&page-ref=https%3A%2F%2Fmicrosoftportal.net.mcas.ms%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Alvg2sn1re62lx62l%3Afp%3A855%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A562%3Acn%3A1%3Adp%3A0%3Als%3A857222893504%3Ahid%3A731781099%3Az%3A120%3Ai%3A20210618031749%3Aet%3A1623979070%3Ac%3A1%3Arn%3A533471275%3Au%3A1623979070926371334%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1623979068672%3Ads%3A6%2C136%2C387%2C2%2C1%2C0%2C%2C399%2C5%2C%2C%2C%2C941%3Adsn%3A6%2C136%2C388%2C1%2C0%2C0%2C%2C402%2C5%2C%2C%2C%2C941%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1623979070%3At%3AMSPortal
strict-transport-security: max-age=31536000
access-control-allow-origin: https://microsoftportal.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 18-Jun-2021 01:17:49 GMT

GET
H2 200 frame.js Show response
s3.advarkads.com/modules/match/ Frame 4074 20 KB
7 KB 18ms
17ms Script
application/javascript 2606:4700:10::ac43:dab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/match/frame.js
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F3DF4CB605A064F5A02914971
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:dab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fa34cb36e7f351ad5936818f0720f0eb56d1da511631cef4055976078260046

Request headers

Referer: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F3DF4CB605A064F5A02914971
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:50 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 33
content-length: 6671
cf-request-id: 0abe4b2a6f00002b9511130000000001
last-modified: Thu, 10 Jun 2021 13:17:22 GMT
server: cloudflare
etag: "05d5bf2fa5dd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
cf-ray: 6610ae23e8c82b95-FRA

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame 5952 15 KB
16 KB 103ms
103ms Script
application/javascript 185.15.175.158
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=682580752054470
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.158 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5a0da3f86d0505c67db1fb2287ce92548014d4ba7969eb76b7f716a5d5009e8f

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:50 GMT
Last-Modified: Thu, 13 May 2021 10:40:42 GMT
Server: nginx
ETag: "609d022a-3da5"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15781

GET
H2

200

/
wf.frontend.weborama.fr/streampixel/ Frame 4074
Redirect Chain

https://api.advarkads.com/api/statistic/match?id=8113-1-1&uid=0100007F3DF4CB605A064F5A02914971
https://wf.frontend.weborama.fr/streampixel/?wamid=8179&Wvar=%7B%22userid%22%3A%22EAIRMj0s30CJjh2I9v5TMg%22%7D&d.r=211342
https://wf.frontend.weborama.fr/streampixel/?wamid=8179&Wvar=%7B%22userid%22%3A%22EAIRMj0s30CJjh2I9v5TMg%22%7D&d.r=211342&bounce=1&random=4197159976

67 B
142 B

21ms
20ms

Image
image/gif

35.244.223.69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wf.frontend.weborama.fr/streampixel/?wamid=8179&Wvar=%7B%22userid%22%3A%22EAIRMj0s30CJjh2I9v5TMg%22%7D&d.r=211342&bounce=1&random=4197159976
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F3DF4CB605A064F5A02914971
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.223.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: 09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b

Request headers

Referer: https://s3.advarkads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 01:17:50 GMT
via: 1.1 google
last-modified: Fri, 18 Jun 2021 01:17:50 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-type: image/gif
alt-svc: clear
content-length: 67
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Jun 2021 01:17:50 GMT
via: 1.1 google
last-modified: Fri, 18 Jun 2021 01:17:50 GMT
server: nginx/1.12.0
location: https://wf.frontend.weborama.fr/streampixel/?wamid=8179&Wvar=%7B%22userid%22%3A%22EAIRMj0s30CJjh2I9v5TMg%22%7D&d.r=211342&bounce=1&random=4197159976
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B04A 6 KB
765 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&h=90&slotname=2908634292&adk=3175562939&adf=658274708&pi=t.ma~as.2908634292&w=728&lmt=1623979069&psa=0&format=728x90&url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623979069564&bpp=4&bdt=357&idt=89&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=2494258579871&frm=20&pv=2&ga_vid=1321723591.1623979070&ga_sid=1623979070&ga_hid=360588795&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=250&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060972&oid=3&pvsid=1515440003610419&ref=https%3A%2F%2Fmicrosoftportal.net.mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Z2Vj9DWyPP&p=https%3A//microsoftportal.net&dtd=108

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Jun 2021 23:36:25 GMT
server: ESF
date: Fri, 18 Jun 2021 01:17:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Jun 2021 01:17:50 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame B04A 1 KB
990 B 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 22:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9655
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jul 2021 22:36:55 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/ Frame B04A 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b886992795015ddf192ba7c46ea89376cef0fec304d850d735da268c332226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 00:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1072
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7072
x-xss-protection: 0
server: cafe
etag: 14457676323939599074
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Jul 2021 00:59:58 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame B04A 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 00:25:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Jul 2021 00:25:17 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B04A 122 KB
37 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:50 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Fri, 18 Jun 2021 01:17:50 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame B04A 13 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 720
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 10674426802404029766
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Jul 2021 01:05:50 GMT

GET
H2 200 37c44ba5c7c2e56e86b2dceff03da5e6.js Show response
www.gstatic.com/mysidia/ Frame B04A 25 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/37c44ba5c7c2e56e86b2dceff03da5e6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

754e4f25470d9263afc25125dce868bae633ea3d59f1b7dc8a0e740292fa68a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:56:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10651
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 06:35:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Sep 2021 14:56:04 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame B04A 0
0 26ms
23ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsthDPfTLYIHeKpjk-gbss6fYBsPr-Kpj-4Lf1NQNqcrf-5EOEAEgkvDDMGCVAqAB3puwzAPIAQmpAvxtDBIE_bM-qAMByAPLBKoEtgFP0HP5-9niM4VGNquS-dyF30-FRo46GhbJlGLVVNnIg1qFYVTZLCsqiG4ZUNJT9CoM7AzipaCa-AJz6PGVB2rG6tR7eQrzLk-juQsify1EXcyFxYPwXeMc7UrMFP3W6NQIxG-UdZBVt6LPrrtGLWdU5qRN6gFYMk0T0RfYhmhDNSQfHKCZky1tWiDrU1TZ01pN7SWEHAHpYY-1CwRrDQYqi7jQgy2yT8grVti0MQ1lNEeEsabB8sAErKaHj9cDkgUECAQYAZIFBAgFGASgBi6AB4rkzzOoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ6OoX0ggJCIDhgBAQARgfgAoByAsB2BMNiBQC0BUBgBcBshcaChgIABIUcHViLTgzOTY4NTEzMjQyMTc5MDg&sigh=m4opQq25i0o&template_id=484

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&h=90&slotname=2908634292&adk=3175562939&adf=658274708&pi=t.ma~as.2908634292&w=728&lmt=1623979069&psa=0&format=728x90&url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623979069564&bpp=4&bdt=357&idt=89&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=2494258579871&frm=20&pv=2&ga_vid=1321723591.1623979070&ga_sid=1623979070&ga_hid=360588795&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=250&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060972&oid=3&pvsid=1515440003610419&ref=https%3A%2F%2Fmicrosoftportal.net.mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Z2Vj9DWyPP&p=https%3A//microsoftportal.net&dtd=108
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 18 Jun 2021 01:17:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 6592766407814317453
tpc.googlesyndication.com/simgad/10569272733526279813/ Frame B04A 51 KB
51 KB 16ms
13ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10569272733526279813/6592766407814317453

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c41b05cb25f8b99c118a753075348a681907586a29efc4593d41e02f7f57134

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 14:40:37 GMT
x-content-type-options: nosniff
age: 470233
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52025
x-xss-protection: 0
last-modified: Thu, 07 May 2020 14:29:59 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 14:40:37 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/787870325249556182/ Frame B04A 2 KB
2 KB 15ms
12ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/787870325249556182/downsize_200k_v1?w=100&h=100

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

665b15a006d19c650621642b3e47fe94bb267322b1c75ae00c0c148071c33ec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 04:33:02 GMT
x-content-type-options: nosniff
age: 506688
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1755
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 23:47:15 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 04:33:02 GMT

GET
DATA 200
OK truncated
/ Frame B04A 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 css
fonts.googleapis.com/ Frame 520E 3 KB
578 B 25ms
25ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&h=600&slotname=2618197074&adk=2460103794&adf=3305433536&pi=t.ma~as.2618197074&w=300&fwrn=4&fwrnh=100&lmt=1623979069&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623979069568&bpp=2&bdt=361&idt=115&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2494258579871&frm=20&pv=1&ga_vid=1321723591.1623979070&ga_sid=1623979070&ga_hid=360588795&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1099&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060972&oid=3&pvsid=1515440003610419&ref=https%3A%2F%2Fmicrosoftportal.net.mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HsxgAOVok5&p=https%3A//microsoftportal.net&dtd=117

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Jun 2021 23:26:52 GMT
server: ESF
date: Fri, 18 Jun 2021 01:17:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Jun 2021 01:17:50 GMT

GET
DATA 200
OK truncated
/ Frame B04A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3927402bcbe4ca747ea8d78d2bf3bb319e9dbc946a50f9a8366ba03c1b70848a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame B04A 15 KB
16 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 15:02:11 GMT
x-content-type-options: nosniff
age: 468939
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 15:02:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame B04A 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 05:12:17 GMT
x-content-type-options: nosniff
age: 504333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 05:12:17 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame B04A 15 KB
15 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 17:35:42 GMT
x-content-type-options: nosniff
age: 459728
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 17:35:42 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame 520E 1 KB
909 B 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 22:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9655
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jul 2021 22:36:55 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/ Frame 520E 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b886992795015ddf192ba7c46ea89376cef0fec304d850d735da268c332226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 00:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1072
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7072
x-xss-protection: 0
server: cafe
etag: 14457676323939599074
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Jul 2021 00:59:58 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame 520E 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 00:25:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Jul 2021 00:25:17 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 520E 122 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:50 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Fri, 18 Jun 2021 01:17:50 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame 520E 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 720
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 10674426802404029766
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Jul 2021 01:05:50 GMT

GET
H3-29 200 37c44ba5c7c2e56e86b2dceff03da5e6.js Show response
www.gstatic.com/mysidia/ Frame 520E 25 KB
10 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/37c44ba5c7c2e56e86b2dceff03da5e6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

754e4f25470d9263afc25125dce868bae633ea3d59f1b7dc8a0e740292fa68a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:56:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10651
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 06:35:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Sep 2021 14:56:04 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 520E 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CF-_iPfTLYPudK-Wvx_APoJydyATRxPG_YqixwOiMDouNyKKbJBABIJLwwzBglQKgAfeHiNEDyAEJqQKMAU63JPizPqgDAcgDywSqBLcBT9CgAMZvG4ZQOgZYmvriDzvo9XVlrIeTCvQNxh9rJ5rxY0AiGOLQ-emt_s3Z5E7SI8hp396wkZpR_w7ZtOPzuMx82AV0DZYZa7eFma-CnxV3Ei-ubfIdrZMrA5HBABHJwYzrdISJ3smBXWaSiOzgpMAws3YzWzLg7IO5p132I7vKz0RaMEFoRnQR4Az3oF84m5uuq5ReaDn_n5Wzg6bySaywMFI2cf6ASiRM4ujsMU30kubx5U1mwATx7PaLzwOSBQQIBBgBkgUECAUYBKAGLoAH8ff3LqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDXtT7SCAkIgOGAEBABGB-ACgHICwG4E4gn2BMN0BUBgBcBshcaChgIABIUcHViLTgzOTY4NTEzMjQyMTc5MDg&sigh=xKlVPP7EH74&template_id=5000

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&h=600&slotname=2618197074&adk=2460103794&adf=3305433536&pi=t.ma~as.2618197074&w=300&fwrn=4&fwrnh=100&lmt=1623979069&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623979069568&bpp=2&bdt=361&idt=115&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2494258579871&frm=20&pv=1&ga_vid=1321723591.1623979070&ga_sid=1623979070&ga_hid=360588795&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1099&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060972&oid=3&pvsid=1515440003610419&ref=https%3A%2F%2Fmicrosoftportal.net.mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HsxgAOVok5&p=https%3A//microsoftportal.net&dtd=117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 18 Jun 2021 01:17:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3628818974182831758/ Frame 520E 12 KB
12 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3628818974182831758/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f09546c9f3e0e315e95ad0a7ec7730ffd178aad9545d3191c26577374753b9bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 06:34:45 GMT
x-content-type-options: nosniff
age: 499385
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12727
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 14:30:11 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 06:34:45 GMT

GET
DATA 200
OK truncated
/ Frame 520E 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 r9UBjISocNAIJlYpJ9js6qS1QkxlF8WeLwKBT19OnPk.js Show response
pagead2.googlesyndication.com/bg/ Frame 1C2D 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/r9UBjISocNAIJlYpJ9js6qS1QkxlF8WeLwKBT19OnPk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afd5018c84a870d00826562927d8eceaa4b5424c6517c59e2f02814f5f4e9cf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 18:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 197977
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5758
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jun 2022 18:18:13 GMT

GET
DATA 200
OK truncated
/ Frame 520E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe8b4c199d37f7cd410e13aba6c71b8456b94b3c95b2c158aa2074d261249f99

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 css
fonts.googleapis.com/ Frame BF4E 3 KB
578 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&h=280&slotname=7615861873&adk=1353954373&adf=392815488&pi=t.ma~as.7615861873&w=1197&fwrn=4&fwrnh=100&lmt=1623979069&rafmt=1&psa=0&format=1197x280&url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623979069598&bpp=2&bdt=391&idt=91&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x600&correlator=2494258579871&frm=20&pv=1&ga_vid=1321723591.1623979070&ga_sid=1623979070&ga_hid=360588795&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060972&oid=3&pvsid=1515440003610419&ref=https%3A%2F%2Fmicrosoftportal.net.mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=l3lCw0WEYP&p=https%3A//microsoftportal.net&dtd=128

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Jun 2021 23:32:15 GMT
server: ESF
date: Fri, 18 Jun 2021 01:17:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Jun 2021 01:17:50 GMT

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 520E 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 05:38:27 GMT
x-content-type-options: nosniff
age: 502763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 05:38:27 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 520E 21 KB
21 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:42:26 GMT
x-content-type-options: nosniff
age: 488124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 09:42:26 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame BF4E 1 KB
909 B 11ms
5ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 22:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9655
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jul 2021 22:36:55 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/ Frame BF4E 17 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b886992795015ddf192ba7c46ea89376cef0fec304d850d735da268c332226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 00:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1072
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7072
x-xss-protection: 0
server: cafe
etag: 14457676323939599074
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Jul 2021 00:59:58 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame BF4E 3 KB
1 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 00:25:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Jul 2021 00:25:17 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF4E 122 KB
37 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:50 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Fri, 18 Jun 2021 01:17:50 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame BF4E 13 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 720
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 10674426802404029766
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Jul 2021 01:05:50 GMT

GET
H3-29 200 37c44ba5c7c2e56e86b2dceff03da5e6.js Show response
www.gstatic.com/mysidia/ Frame BF4E 25 KB
10 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/37c44ba5c7c2e56e86b2dceff03da5e6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

754e4f25470d9263afc25125dce868bae633ea3d59f1b7dc8a0e740292fa68a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:56:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10651
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 06:35:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Sep 2021 14:56:04 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10821392584666589115/ Frame BF4E 3 KB
3 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10821392584666589115/downsize_200k_v1?w=100&h=100

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e68a2c9d1fe7d6309da6cd320a5caa728d2e3e6476518bf2ee25e55a3c165a48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 06:09:45 GMT
x-content-type-options: nosniff
age: 500885
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2994
x-xss-protection: 0
last-modified: Wed, 16 Sep 2020 11:33:53 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 06:09:45 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame BF4E 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CiKMdPfTLYMrLLYeH7gOUrLWoB8XUm8xiz_q1uZUKkKizuKEPEAEgkvDDMGCVAqAByLGpzQPIAQGoAwGqBMUBT9C1kq4y8xeZ31JIp-PvAq5KQZiRkYP3ZoSOXAn5u-1ZIikh3neIXrddnatj1ihhKQQuYxy-GkN8ZtAeI4Wn8fm8exL9tgNY_AlBh0FNUbehKWlwtMIxbNaA2E5wkjBmaqAZ5cZ9Am8Lm3BTgt0tgRa8DKe1m5lWdZAlwRLlUZtLGy72vtjQKpmnHIZFw0CY_4HmCFHINX-I0D0AgICOmJDvYm-QTkJr4vAsMVpaV47NW0Wqo5Wu91SMhY1GTyHs9_3dbOHABJD7m7HnAZIFBAgEGAGSBQQIBRgEgAfk6uI1qAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEKy1FNIICQiA4YAQEAEYH4AKAcgLAdgTDIgUDNAVAYAXAbIXGgoYCAASFHB1Yi04Mzk2ODUxMzI0MjE3OTA4&sigh=vOPZ04p6FBc&template_id=5001

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&h=280&slotname=7615861873&adk=1353954373&adf=392815488&pi=t.ma~as.7615861873&w=1197&fwrn=4&fwrnh=100&lmt=1623979069&rafmt=1&psa=0&format=1197x280&url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623979069598&bpp=2&bdt=391&idt=91&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x600&correlator=2494258579871&frm=20&pv=1&ga_vid=1321723591.1623979070&ga_sid=1623979070&ga_hid=360588795&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060972&oid=3&pvsid=1515440003610419&ref=https%3A%2F%2Fmicrosoftportal.net.mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=l3lCw0WEYP&p=https%3A//microsoftportal.net&dtd=128
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 18 Jun 2021 01:17:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 r9UBjISocNAIJlYpJ9js6qS1QkxlF8WeLwKBT19OnPk.js Show response
pagead2.googlesyndication.com/bg/ Frame C5C8 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/r9UBjISocNAIJlYpJ9js6qS1QkxlF8WeLwKBT19OnPk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afd5018c84a870d00826562927d8eceaa4b5424c6517c59e2f02814f5f4e9cf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 18:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 197977
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5758
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jun 2022 18:18:13 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A616 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&h=280&slotname=7615861873&adk=1353954373&adf=392815488&pi=t.ma~as.7615861873&w=1197&fwrn=4&fwrnh=100&lmt=1623979069&rafmt=1&psa=0&format=1197x280&url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623979069598&bpp=2&bdt=391&idt=91&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x600&correlator=2494258579871&frm=20&pv=1&ga_vid=1321723591.1623979070&ga_sid=1623979070&ga_hid=360588795&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060972&oid=3&pvsid=1515440003610419&ref=https%3A%2F%2Fmicrosoftportal.net.mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=l3lCw0WEYP&p=https%3A//microsoftportal.net&dtd=128
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnqojstuUNWPP9vKEH__lMlToGbVAcRioPuMurd-_VEp3zgGGSbncub5lu8Cp8; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&h=280&slotname=7615861873&adk=1353954373&adf=392815488&pi=t.ma~as.7615861873&w=1197&fwrn=4&fwrnh=100&lmt=1623979069&rafmt=1&psa=0&format=1197x280&url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623979069598&bpp=2&bdt=391&idt=91&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x600&correlator=2494258579871&frm=20&pv=1&ga_vid=1321723591.1623979070&ga_sid=1623979070&ga_hid=360588795&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=202&ady=2232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956%2C31060972&oid=3&pvsid=1515440003610419&ref=https%3A%2F%2Fmicrosoftportal.net.mcas.ms%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=l3lCw0WEYP&p=https%3A//microsoftportal.net&dtd=128

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 18 Jun 2021 00:47:15 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1835
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame BF4E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5032f01885c5044fd602d49d8cc053cd1b1057713e66c13b5e9a25aa6f7e14d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame BF4E 21 KB
21 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 05:38:27 GMT
x-content-type-options: nosniff
age: 502763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 05:38:27 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame BF4E 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:42:26 GMT
x-content-type-options: nosniff
age: 488124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 09:42:26 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A616
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnqojstuUNWPP9vKEH__lMlToGbVAcRioPuMurd-_VEp3zgGGSbncub5lu8Cp8; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 18 Jun 2021 01:17:50 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 18-Jun-2021 02:17:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 18 Jun 2021 01:17:50 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 18 Jun 2021 01:17:50 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 5952
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=591352113605647.575655748589937&a=77&e=0100007F3DF4CB605A064F5A02914971&pref=https%3A%2F%2Fmicrosoftportal.net%2F&c=ss:77.up:0100007F3DF4CB605A064F5A029149...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=591352113605647.575655748589937&a=77&e=0100007F3DF4CB605A064F5A02914971&pref=https%3A%2F%2Fmicrosoftportal.net%2F&c=ss:77.up:01000...

49 B
603 B

78ms
78ms

Image
image/gif

185.15.175.158
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=591352113605647.575655748589937&a=77&e=0100007F3DF4CB605A064F5A02914971&pref=https%3A%2F%2Fmicrosoftportal.net%2F&c=ss:77.up:0100007F3DF4CB605A064F5A02914971.sync:up.xdua:du6BYi57WO6WoYIgWcq6V2eN.xps:xps8TR3C5hFPuxQtuRwLik78c.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.15.175.158 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 18
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Fri, 18 Jun 2021 01:17:50 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=591352113605647.575655748589937&a=77&e=0100007F3DF4CB605A064F5A02914971&pref=https%3A%2F%2Fmicrosoftportal.net%2F&c=ss:77.up:0100007F3DF4CB605A064F5A02914971.sync:up.xdua:du6BYi57WO6WoYIgWcq6V2eN.xps:xps8TR3C5hFPuxQtuRwLik78c.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 5952
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=591352113605647.414042769412694&a=77&e=0100007F3DF4CB605A064F5A02914971&pref=https%3A%2F%2Fmicrosoftportal.net%2F&c=ss:77.up:0100007F3DF4CB605A064F5A029149...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=591352113605647.414042769412694&a=77&e=0100007F3DF4CB605A064F5A02914971&pref=https%3A%2F%2Fmicrosoftportal.net%2F&c=ss:77.up:01000...

49 B
602 B

68ms
67ms

Image
image/gif

185.15.175.158
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=591352113605647.414042769412694&a=77&e=0100007F3DF4CB605A064F5A02914971&pref=https%3A%2F%2Fmicrosoftportal.net%2F&c=ss:77.up:0100007F3DF4CB605A064F5A02914971.sync:up.xdua:du6BYi57WO6WoYIgWcq6V2eN.xps:xps8TR3C5hFPuxQtuRwLik78c.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.15.175.158 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 01:17:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 6
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Fri, 18 Jun 2021 01:17:50 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=591352113605647.414042769412694&a=77&e=0100007F3DF4CB605A064F5A02914971&pref=https%3A%2F%2Fmicrosoftportal.net%2F&c=ss:77.up:0100007F3DF4CB605A064F5A02914971.sync:up.xdua:du6BYi57WO6WoYIgWcq6V2eN.xps:xps8TR3C5hFPuxQtuRwLik78c.dn:acint__net.adcm:hit.tg:adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 26ms
24ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210616&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e24280c5ecc0a7427b6ed50b7127c37e8a656e4561e43940d80765214da7195

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Jun 2021 01:17:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8392
x-xss-protection: 0

POST
H2 200 tracker
top-fwz1.mail.ru/ 43 B
811 B 72ms
72ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=2124891;u=https%3A//microsoftportal.net/%3F;r=https%3A//microsoftportal.net.mcas.ms/;st=1623979069606;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=80f93783f636ba7f;ver=60.3.0;tz=-120%2FEurope%2FBerlin;nt=0/0/1623979068672/////1/2/8/8/144/22/144/531/533/535/934/941/946/2189/2189/;ni=10//4g/0/0/;lvid=1623979069806%3A1623979070867%3A2%3A513b54495b9c30327916b7b30ba1e1a2;_=0.14964457322291547;e=RT/load;et=1623979070866

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 18 Jun 2021 01:17:50 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://microsoftportal.net
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://microsoftportal.net
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory
timing-allow-origin: https://microsoftportal.net
access-control-allow-headers: *

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 18 Jun 2021 01:17:50 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 3F0E 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://microsoftportal.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://microsoftportal.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 17 Jun 2021 21:43:36 GMT
expires: Fri, 17 Jun 2022 21:43:36 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 12854
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 329D 783 B
529 B 26ms
25ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f9d7509d063d96fba475e2a45245c1893e16cced9a5c0737f33825bbc8f8b920

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nUgkkt8i0mdBEWe+snsEeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://microsoftportal.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://microsoftportal.net/

Response headers

expires: Fri, 18 Jun 2021 01:17:50 GMT
date: Fri, 18 Jun 2021 01:17:50 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-nUgkkt8i0mdBEWe+snsEeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 r9UBjISocNAIJlYpJ9js6qS1QkxlF8WeLwKBT19OnPk.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F0E 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/r9UBjISocNAIJlYpJ9js6qS1QkxlF8WeLwKBT19OnPk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afd5018c84a870d00826562927d8eceaa4b5424c6517c59e2f02814f5f4e9cf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 18:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 197977
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5758
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jun 2022 18:18:13 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 16ms
15ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gda_r20210616&jk=1515440003610419&bg=!sbKlsvbNAAZktE7iZLQ7ACkAdvg8WtPntsrTLUc_i2_Zfl6--spmriopDnLrTMb6DtUU8_kTh35QKAIAAABKUgAAAA1oAQeZAn3b0rT21ewPKZKmyv_SfnbXLi83rDmZ540xsbhyk45S93Aa56FAb1IDqXYULfhJ2EbQWfF1ntFb-vPVeb4LhWBBPShDnH_X5Ct4vtZ_IKo1JCX6D2jbrlexm3fJNlfW9nLnnfIvgAXB-a8yEguiwq8e1GOz94c-bWcBXUtOQna2YByAYXYxFwOVqZvA4AbOeBdItMaLBwk0PbnS5mDstQ2fb30mXIdLHqSPxlj5udUl_IBvE98qjYl09XlC87CnIh6HjQSHLDLZi1s2KkacLoHtTgwT1FQUrjyr3bJmK4RUnDapkknTVtCJyNYNvWGO8nQFoRdS29Jr6eAS-8zcPeiTcDRhMFcWQ4sbOKqZs1e5QtC10E1iwgbLUlKGHNWRAWzG6-yaaRXQnl-agnT1MExwlk_d6nK8CVtrCPabHtZTSW1T7YCqkXV9xxU3V3QVqda91l-LyPMg7FmjxBXQdWW_h5pTLlQLTkSXrOp4q-7pytA5e4aHC88dza1oxkBFa3CP_7UBJRF8x5nQajB2qgMTZ4JTQAxsgEyJXICiClYspW6X53hVc4EWtSEoYhJ3Sa2uaI6EDuNMkVdFX19Qe6HpIPF4KWcq84hdR5XYD_uSvCBYx1iov0bcGOKAJUEq-KhMGSXCOW6sIoK8vQiQ9e9wyyiqs3HqnPDYvI8Eda4raXPX1eFSxEQlfOrZ-rdlc20fY2CAqPLpuAwYK1AKaAmNj50bvCqiUIi46z0MFE5qX4R-DiO2yoTcN-ckKTsak-5mWPOIALrxFLfrNIZAfYRsFXL7Yx5UlCx7tOQ4a6zTHbFfBxnVpSjZzl2rzFBM7c7C5yFxUaNK-Pm5qA54

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 01:17:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B04A 42 B
64 B 16ms
16ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZqJW9axa7BkP9dmzI9oevn4XCctdYvs25G9bUZTRBgQLPBEnhvnUDhauCeKN2NYP8ti-GEQvSjfUFN60eJX3EA6cRs0qcRsTvv72UJ3EP0Pb5ppZPO8tecXqB1w&sai=AMfl-YQbRfIdwZAuLmo1Fs1hBzDEPCTx7yMIC5aMJCQhnEdqMDwWdH9PvOMMZbfcFyMKA3TBm517TgjCIEtg&sig=Cg0ArKJSzFAoct61nKcTEAE&id=lidar2&mcvt=1000&p=250,202,340,930&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210616&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3175562939&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1623979069674&dlt=436&rpt=98&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 01:17:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 520E 42 B
64 B 15ms
15ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssiSrLSk2pJPk9KZ7GknyseuBhzP2XwF2jFuN0YkKxC98eNoSn07Nrzn2YAM05VqtD_NS2efgtGwjA95_3NINv-qAwj4iOgI7F8cgfC13jUXHY8SPU3TrS4sZPcWg&sai=AMfl-YQEo4JOmZcvSh4nZG82o5Da-TBv8iy0r9jNol6JHbt4bEKIQvN_kZXpDjZDBa1eCjzIzA1HFIR8b0sj&sig=Cg0ArKJSzJIgSUIpnqrQEAE&id=lidar2&mcvt=1000&p=365,1099,965,1399&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210616&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2460103794&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1623979069686&dlt=465&rpt=80&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 01:17:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 10478836 Show response
mc.yandex.com/webvisor/ 43 B
73 B 181ms
93ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/10478836?wmode=0&wv-part=1&wv-hit=731781099&page-url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&rn=330043629&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1623979072%3Aw%3A1600x1200%3Av%3A562%3Az%3A120%3Ai%3A20210618031752%3Au%3A1623979070926371334%3Avf%3Alvg2sn1re62lx62l%3Awe%3A1%3Ati%3A2%3Ast%3A1623979072

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 01:17:52 GMT
last-modified: Fri, 18-Jun-2021 01:17:52 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://microsoftportal.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 18-Jun-2021 01:17:52 GMT

POST
H2 200 10478836 Show response
mc.yandex.com/webvisor/ 43 B
148 B 137ms
51ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/10478836?wmode=0&wv-part=1&wv-hit=731781099&page-url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&rn=671133872&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1623979072%3Aw%3A1600x1200%3Av%3A562%3Az%3A120%3Ai%3A20210618031752%3Au%3A1623979070926371334%3Avf%3Alvg2sn1re62lx62l%3Awe%3A1%3Ati%3A2%3Ast%3A1623979072

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 01:17:52 GMT
last-modified: Fri, 18-Jun-2021 01:17:52 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://microsoftportal.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 18-Jun-2021 01:17:52 GMT

GET
H2 200 /
www.acint.net/ping/ 43 B
224 B 28ms
28ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.3.0&uid=38cf7633-02cb-4d2d-aa0d-6b062e6b8e80&dp=10&tz=%2B02%3A00&nc=57125264&dT=2021-06-18T03%3A17%3A52.754
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 01:17:52 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 10478836 Show response
mc.yandex.com/webvisor/ 43 B
145 B 47ms
46ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/10478836?wmode=0&wv-part=2&wv-hit=731781099&page-url=https%3A%2F%2Fmicrosoftportal.net%2F%3F&rn=520613799&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1623979074%3Aw%3A1600x1200%3Av%3A562%3Az%3A120%3Ai%3A20210618031754%3Au%3A1623979070926371334%3Avf%3Alvg2sn1re62lx62l%3Awe%3A1%3Ati%3A2%3Ast%3A1623979074

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 01:17:54 GMT
last-modified: Fri, 18-Jun-2021 01:17:54 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://microsoftportal.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 18-Jun-2021 01:17:54 GMT

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.advarkads.com/	1970-01-20 12:37:31	Name: u Value: EAIRMj0s30CJjh2I9v5TMg
.acint.net/	1970-01-19 19:49:31	Name: cSyncDp146 Value: 1623979069
.acint.net/	1970-01-19 19:49:31	Name: cSyncDp144 Value: 1623979069
.acint.net/	1970-01-19 19:49:31	Name: cSyncDp136 Value: 1623979069
.acint.net/	1970-01-19 19:49:31	Name: cSyncDp138 Value: 1623979069
.acint.net/	1970-01-19 19:49:31	Name: cSyncDp127 Value: 1623979069
.acint.net/	1970-01-19 19:49:31	Name: cSyncDp126 Value: 1623979069
.acint.net/	1970-01-19 19:49:31	Name: cSyncDp125 Value: 1623979069
.acint.net/	1970-01-19 19:49:31	Name: cSyncDp107 Value: 1623979069
.acint.net/	1970-01-19 19:49:31	Name: cSyncDp149 Value: 1623979069
.acint.net/	1970-01-19 19:26:28	Name: cSyncDp104v2 Value: 1623979069
.acint.net/	1970-01-19 19:49:31	Name: cSyncDp95v2 Value: 1623979069
.acint.net/	1970-01-19 19:49:31	Name: cSyncDp88 Value: 1623979069
.acint.net/	1970-01-19 19:49:31	Name: cSyncDp84 Value: 1623979069
.acint.net/	1970-01-19 19:26:28	Name: cSyncDp111v2 Value: 1623979069
.acint.net/	1970-01-19 19:26:28	Name: cSyncDp77 Value: 1623979069
.acint.net/	1970-01-19 19:49:31	Name: cSyncDp67v2 Value: 1623979069
.acint.net/	1970-01-19 19:49:31	Name: cSyncDp54v2 Value: 1623979069
.microsoftportal.net/	1970-01-19 19:07:31	Name: _ym_isad Value: 2
.acint.net/	1970-01-19 19:07:45	Name: cSyncDp45v3 Value: 1623979069
.acint.net/	1970-01-19 19:49:31	Name: cSyncDp32 Value: 1623979069
.acint.net/	1970-01-19 19:49:31	Name: cSyncDp17 Value: 1623979069
.acint.net/	1970-01-19 19:49:31	Name: cSyncDp7v2 Value: 1623979069
.acint.net/	1970-01-19 19:49:31	Name: cSyncDp112v2 Value: 1623979069
.microsoftportal.net/	1970-01-20 19:06:19	Name: last_visit Value: 1623971869897::1623979069897
.acint.net/	1970-01-25 20:05:16	Name: aid Value: fwAAAWDL9D1aTwZacUmRAgwB2rxkpCcXAsXAuVh9PeV2FOBq
.doubleclick.net/	1970-01-19 19:06:22	Name: DSID Value: NO_DATA
.acint.net/	1970-01-19 19:49:31	Name: cSyncDp85 Value: 1623979069
.doubleclick.net/	1970-01-20 04:27:55	Name: IDE Value: AHWqTUnqojstuUNWPP9vKEH__lMlToGbVAcRioPuMurd-_VEp3zgGGSbncub5lu8Cp8
.microsoftportal.net/	1970-01-20 03:05:50	Name: tmr_reqNum Value: 2
.doubleclick.net/	1970-01-19 19:06:19	Name: test_cookie Value: CheckForPermission
.microsoftportal.net/	1970-01-19 19:06:20	Name: _ym_visorc Value: w
.acint.net/	1970-01-19 19:49:31	Name: cSyncDp14v3 Value: 1623979069
.acint.net/	1970-01-19 19:06:19	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-19 19:49:31	Name: cSyncDp53 Value: 1623979069
.microsoftportal.net/	1970-01-20 03:51:55	Name: _ym_d Value: 1623979070
.microsoftportal.net/	1970-01-20 19:06:19	Name: top100_id Value: t1.2584737.1182980848.1623979069895
.microsoftportal.net/	1970-01-20 03:05:50	Name: tmr_lvidTS Value: 1623979069806
.acint.net/	1970-01-19 19:49:31	Name: cSyncDp151 Value: 1623979069
.microsoftportal.net/	1970-01-20 03:51:55	Name: _ym_uid Value: 1623979070926371334
.acint.net/	1970-01-19 19:49:31	Name: cSyncDp62 Value: 1623979069
.microsoftportal.net/	1970-01-20 04:27:55	Name: __gads Value: ID=a667700f7581ceaf-225e796463c800e3:T=1623979069:RT=1623979069:S=ALNI_MbHPdF6C7JyJFidaR-RIrj1fFLlhw
.microsoftportal.net/	1970-01-20 03:05:50	Name: tmr_lvid Value: 513b54495b9c30327916b7b30ba1e1a2
.acint.net/	1970-01-19 19:49:31	Name: cSyncDp101 Value: 1623979069
.acint.net/	1970-01-19 19:49:31	Name: cSyncDp68 Value: 1623979069
microsoftportal.net/	1978-01-11 21:31:40	Name: fid Value: aabb4d12-0dac-42cd-b60c-54976a27a32b
microsoftportal.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: e964f5064cc63f69f9cd9050a1b75986

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0100007f3df4cb605a064f5a02914971-sp.ops.beeline.ru
a.utraff.com
acint.net
ad.adriver.ru
ad.mail.ru
adlmerge.com
ads.betweendigital.com
adservice.google.com
adservice.google.de
adx.com.ru
an.yandex.ru
api.advarkads.com
cm.g.doubleclick.net
connect.facebook.net
counter.yadro.ru
dm.hybrid.ai
dmg.digitaltarget.ru
exchange.buzzoola.com
fcgi4.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
informer.yandex.ru
kraken.rambler.ru
match.new-programmatic.com
mc.yandex.com
mc.yandex.ru
mcasproxy.azureedge.net
microsoftportal.net
microsoftportal.net.mcas.ms
pagead2.googlesyndication.com
partner.googleadservices.com
prodmp.ru
px.adhigh.net
redirect.frontend.weborama.fr
relap.io
s.uuidksinc.net
s3.advarkads.com
sape-sync.rutarget.ru
sm.rtb.mts.ru
ssp-rtb.sape.ru
ssp.adriver.ru
st.top100.ru
stat.adlabs.ru
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.republer.com
sync3.adsniper.ru
tag.digitaltarget.ru
tech.rtb.mts.ru
top-fwz1.mail.ru
tpc.googlesyndication.com
ut.rktch.com
wf.frontend.weborama.fr
www.acint.net
www.google.com
www.googletagservices.com
www.gstatic.com
x01.aidata.io
109.248.237.37
116.202.85.93
142.250.185.98
142.250.186.162
157.90.179.219
168.119.9.59
185.15.175.158
188.34.131.132
188.42.191.196
193.106.93.124
193.232.148.142
194.190.117.93
195.201.243.72
195.209.108.35
213.87.44.207
217.65.2.150
217.66.147.167
217.69.133.145
23.111.109.244
2606:4700:10::ac43:dab
2606:4700:20::ac43:4975
2a00:1148:db00::17
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:801::2004
2a00:1450:4001:802::200a
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a02:26f0:1700:d::1737:6e8f
2a02:6b8::1:119
2a02:6b8::90
2a03:2880:f01c:8012:face:b00c:0:3
31.172.81.158
31.172.81.160
31.220.27.134
35.190.16.14
35.244.223.69
37.18.16.21
37.9.245.57
52.156.205.222
80.64.106.149
81.19.89.17
81.19.89.18
81.222.128.216
88.212.201.210
88.99.213.228
89.108.119.43
89.108.97.2
91.218.230.124
93.95.102.105
95.163.37.253
95.211.66.35
090b89f314615b596c9c226110b587f34936721cbf6fe113e2850d120a2f63cf
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
0ad7e686edc29cd35a71db3bf881976eb6d27545524410b0595e423dbda5a706
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1341fc0005dbe71c32e421f13c283429aaeb74a0b151a6b9f83205b5ee516d3d
13879d744768ce75b1b0d8af552afcb320fd1b77d5a554f27b9cff33d9a9e0bb
15b886992795015ddf192ba7c46ea89376cef0fec304d850d735da268c332226
15eb5bd635ec9808b47f89ee196155c39d8e2db3bb317f1fe49182ccc98115db
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18f0f623763901aeeb156407ed6a37d5c0716ff174ba9a6ce09fbb5ed9d45d4f
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1ea901577fd64178b72730a9f203acbda8801a66f7caf920b59257b13876eae2
1ecbeccbda136cf2a50b56b3e840d1b271bacab962ac6469eeed24d1d3628bba
2025b5a293b4a9e28a43e16a83442c2686f4d7ed3bb79b45b3be42c6936526f1
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
230def4495a1533451a5b5154ebef45630011bc7e0399f3b43ec6e41d378faac
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
27a9105727943397b059ee354ee7f2f665f3d5a7a6fb0df68aad37b7f43b7cac
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ac0b867fa66324ed79b248a5fa546bde07c503e90754be44773cfa368d3217e
2d71c3596d208b2b7c50692ebcd1e3278dddc12ae65ca95b1bf2244f73d50369
2fa34cb36e7f351ad5936818f0720f0eb56d1da511631cef4055976078260046
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3796cf12ca9b6f5f93255046f5bf7d70a82c6b389698ed6c007903940c17c5ad
3927402bcbe4ca747ea8d78d2bf3bb319e9dbc946a50f9a8366ba03c1b70848a
3b9e8d070eb3d3a740240f79b731159e34f993842e3d80dd07a2114c69ed8075
42d9aedcbe73adba235a1302073902183b440cac6b8e81e6560a0644d049875e
449ef4a890525256bc3bc16dea519e857a7a694c5048820cc7271e713766652b
479b699a76b4f1c5d74bf82e7351685c455b79547d10b6891680fbfa590e68ae
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4ef38e739d00295538724e9c3907a642f98e499be5156c51b17acc937f163c53
53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
572e2f25267f2879b7d5c14151314133fc8c67293837ce4bb184153664694160
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5a0da3f86d0505c67db1fb2287ce92548014d4ba7969eb76b7f716a5d5009e8f
5e24280c5ecc0a7427b6ed50b7127c37e8a656e4561e43940d80765214da7195
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
63657066db27c8ce3693cfb94c4783225a6dad8bc96e8be31f89b8891b051bda
65b45154530acccb3435ac25e0f1bc131589c2388bfd67481526cbe2ed521eca
665b15a006d19c650621642b3e47fe94bb267322b1c75ae00c0c148071c33ec5
694b3d44092af2be786c584ad80546df912fb0bf621e760a9bfd8d0c8f986be9
71a0c6830d978bf08f7540a19d77b7f0802d31e16156fd7f944063f0f96c61b4
754e4f25470d9263afc25125dce868bae633ea3d59f1b7dc8a0e740292fa68a5
77affbd2fb12370b0c53ff6b46dfa66c313f0d29f4e4148913a42d5789ac6451
786aed2ce2962a042668163a7b262dde1be87f1cc362dd605c3ae3b367fd1d2f
796af38d0aca23e927658d1c8a2e0f3846db2798c92d11a667184c4f72101e5d
7c078e5032ba5da0fdf4e333ac30ad283aaa9de5d935e716c6fd7e1b5d4e9d2e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8404058893315916b0e194ce6bb84b14cf232fcef49aa931ec753e03aab69d61
8ba9595c642523b828dee1741119b88d2d022ba8be8a8f0966600ce11dddd7e7
8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b
8f281ebc45c293d64b39f0a23399a3cccbd542c3a1245019dd33e2139d45ed3f
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
91cfab827f1f7c9aca0933e30f433ed72d44546deef812d3ef4e6f0745ba3f4a
9c41b05cb25f8b99c118a753075348a681907586a29efc4593d41e02f7f57134
9e018935eebac438d9cc1329be07bf7d4a08d034eefa786c20928c45f4c167bb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a61eeea560e1f947cd3e50db09d52da15eebe911865e29f5398bb44cb0d9252e
a7094e07dda6a9c6dd1497043e83be8f04e84f5da84becab84d044a9bc6e6be5
a8cf59007153a1d366dd69c66f54edbbcfec46a32330626a714f1b22934ec468
afd5018c84a870d00826562927d8eceaa4b5424c6517c59e2f02814f5f4e9cf9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2eca33e22a23b0c12aac7e2ad38816163ca0000cf9ce2116d708c58b6b25557
b3d9a37c3110d0d5edf534a4dd964bb85d8661820e4c39e4c63c96bd2813b726
b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365
b641fcc6977163e5c0f29d3f2f9216bb20c9a8b6be3b8bb7029393421e8cfdb8
b6790cf785e814bb1152eb00cabb27cafb3593393ca3aec19ebe5dbc5dfbe8b3
b912455480572174b87986b8f195eae651c900ef3b6fb85d72310b6aad0c878c
b91f9feae4212deb2d3243b37c49b6d1d71e9a9511d4f4110d9c1e30c97e1f65
b95214dac0b2f1843bb487d97ed047870b55f73c0981f1fc9ea0e90eebced9f9
be44428e9433183b9c2bd006073440dcb939976988ea245a9a8b98984d0400f3
c2a53a2ff6fe4b87169761f63876c4239639b5710db7c5e2861dd24e8e347180
c5032f01885c5044fd602d49d8cc053cd1b1057713e66c13b5e9a25aa6f7e14d
c5c44afc84eb882c171355b664f14b251d5c34db9023b719ba29dac938b6554e
c654e1b1768e9ee4ef211ea90736e7e99679d7af202faa4f2782db9447bdf548
c6754c3241a18169afee078352f5e11c9c8eec97b9e2fb173f541ce2d07dd210
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d1f29eead89372377d1c3148a548282e9e41a9a0eee6e346a9848b78ce209a60
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e68a2c9d1fe7d6309da6cd320a5caa728d2e3e6476518bf2ee25e55a3c165a48
edea62b6792791e90490e04ecbdb167677f4c84c09fe19efba4dbdc6494efb10
eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09546c9f3e0e315e95ad0a7ec7730ffd178aad9545d3191c26577374753b9bc
f0c9f90c27c6cbac55ffd616c55711f9693d0a52ae63c6948d23e3f62ae4385b
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f32de53959fd8081d100f1e31199a913a86804e58d7cd8498124dded214f74d5
f60527825f5eb56b1f7bf9f6ab37c9c865bb6ef2ace55674b4f1cccd4209b670
f9d7509d063d96fba475e2a45245c1893e16cced9a5c0737f33825bbc8f8b920
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fd4b37401b665299f555320c5f46a1421d791bcbba1b23cba58dba9f01fc6f9a
fe8b4c199d37f7cd410e13aba6c71b8456b94b3c95b2c158aa2074d261249f99

microsoftportal.net Open in urlscan Pro 91.218.230.124 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

152 Requests

100 %HTTPS

32 %IPv6

47 Domains

60 Subdomains

39 IPs

6 Countries

2424 kBTransfer

3869 kBSize

47 Cookies

11 Outgoing links

Page URL History

Redirected requests

152 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

microsoftportal.net Open in urlscan Pro
91.218.230.124 Public Scan

Screenshot
Live screenshot

Full Image

152
Requests

100 %
HTTPS

32 %
IPv6

47
Domains

60
Subdomains

39
IPs

6
Countries

2424 kB
Transfer

3869 kB
Size

47
Cookies

152 HTTP transactions
5 data transactions