urlscan.io logo urlscan.io
SecurityTrails logo

www.myshared.ru Open in urlscan Pro
148.251.86.110  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://duckproxy.com/indexa.php?q=aHR0cDovL3d3dy5teXNoYXJlZC5ydS9zbGlkZS85NDcyOTEv
Effective URL: http://www.myshared.ru/indexa.php
Submission: On October 05 via api from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 5 countries across 13 domains to perform 85 HTTP transactions. The main IP is 148.251.86.110, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.myshared.ru. The Cisco Umbrella rank of the primary domain is 761723.
This is the only time www.myshared.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    166.62.10.188 (Singapore, Singapore)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 188.10.62.166.host.secureserver.net
duckproxy.com
11    148.251.86.110 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.110.86.251.148.clients.your-server.de
www.myshared.ru
4    2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
8    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
1    2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:400d:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
9    2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
partner.googleadservices.com
adservice.google.de
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
13    2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
23 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
tpc.googlesyndication.com — Cisco Umbrella Rank: 170
373 KB
11 myshared.ru
www.myshared.ru — Cisco Umbrella Rank: 761723
272 KB
8 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 171
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
88 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
127 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8250
2 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 19
adservice.google.com — Cisco Umbrella Rank: 136
2 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
4 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 3460
adservice.google.de — Cisco Umbrella Rank: 5221
1 KB
3 yandex.ru
an.yandex.ru Failed
mc.yandex.ru — Cisco Umbrella Rank: 2147 Failed
56 KB
3 duckproxy.com
duckproxy.com
51 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 228
88 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94 Failed
17 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1003
409 B
85 13
Domain Requested by
13 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
11 www.myshared.ru duckproxy.com
www.myshared.ru
10 pagead2.googlesyndication.com www.myshared.ru
pagead2.googlesyndication.com
googleads.g.doubleclick.net
duckproxy.com
tpc.googlesyndication.com
www.googletagservices.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
5 mc.yandex.com 2 redirects www.myshared.ru
4 www.gstatic.com googleads.g.doubleclick.net
4 fonts.googleapis.com www.myshared.ru
googleads.g.doubleclick.net
3 www.google.com 2 redirects tpc.googlesyndication.com
3 fonts.gstatic.com fonts.googleapis.com
3 mc.yandex.ru duckproxy.com
www.myshared.ru
3 duckproxy.com duckproxy.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 www.google-analytics.com www.myshared.ru
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google.de www.myshared.ru
1 stats.g.doubleclick.net 1 redirects
0 an.yandex.ru Failed duckproxy.com
85 19

This site contains no links.

Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-05-21 -
2022-10-31		 5 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 12 frames:

Primary Page: http://www.myshared.ru/indexa.php
Frame ID: 1CF7B0E488C14B51EE45E0BC332E26BC
Requests: 49 HTTP requests in this frame

Frame: http://duckproxy.com/indexa.php?q=aHR0cDovL3BsYXllci5teXNoYXJlZC5ydS85Lzk0NzI5MS8%3D&nf=1
Frame ID: 0E88399ECD09C804E29D4EAE589A1F9F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html
Frame ID: 5A3C5FCB3C066FC81B2FCA2279AC8A7D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6133583279631137&output=html&h=280&slotname=2114396402&adk=3882802510&adf=2604163584&pi=t.ma~as.2114396402&w=1130&fwrn=4&fwrnh=100&lmt=1664960398&rafmt=1&psa=0&format=1130x280&url=http%3A%2F%2Fwww.myshared.ru%2Findexa.php&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1664960398444&bpp=3&bdt=189&idt=332&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&correlator=5092645552618&frm=20&pv=2&ga_vid=1575089129.1664960398&ga_sid=1664960398&ga_hid=294166231&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=235&ady=476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44773746&oid=2&pvsid=1655256948392736&tmod=272633324&uas=0&nvt=1&ref=http%3A%2F%2Fduckproxy.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=zyQRCZnWEZ&p=http%3A//www.myshared.ru&dtd=346
Frame ID: B5B60034A5F7EB8A2EDF9F4499153B6F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6133583279631137&output=html&adk=1812271804&adf=3025194257&lmt=1664960398&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.myshared.ru%2Findexa.php&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1664960398457&bpp=1&bdt=202&idt=341&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&prev_fmts=1130x280&nras=1&correlator=5092645552618&frm=20&pv=1&ga_vid=1575089129.1664960398&ga_sid=1664960398&ga_hid=294166231&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44773746&oid=2&pvsid=1655256948392736&tmod=272633324&uas=0&nvt=1&ref=http%3A%2F%2Fduckproxy.com%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=347
Frame ID: 8AD02E65CDC95E726065898993D8A0FF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8AD434CD006A0E76975B7EF3697B2DD9
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js
Frame ID: 0566D5D50F18483CD838CB48DF00BE25
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 804C32FEBA43850D0055D583C3FDA038
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7AC8BA8B43EAA07A54DDD7CCA8369F2F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js
Frame ID: 6E47191DAEE36AD27876C1E1F04640F9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F544C70C6F02DF234425A39B172BBD4D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5AE4A5B83ECC086DFBACD2F80307FDA2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MyShared.ru - хостинг презентаций

Page URL History Show full URLs

  1. http://duckproxy.com/indexa.php?q=aHR0cDovL3d3dy5teXNoYXJlZC5ydS9zbGlkZS85NDcyOTEv Page URL
  2. http://www.myshared.ru/indexa.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <[^>]+class="[^"]*(?:uk-container|uk-section)
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"

Page Statistics

85
Requests

54 %
HTTPS

88 %
IPv6

13
Domains

19
Subdomains

16
IPs

5
Countries

1080 kB
Transfer

2948 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://duckproxy.com/indexa.php?q=aHR0cDovL3d3dy5teXNoYXJlZC5ydS9zbGlkZS85NDcyOTEv Page URL
  2. http://www.myshared.ru/indexa.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 33
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 34
  • http://mc.yandex.ru/metrika/watch.js HTTP 302
  • https://mc.yandex.ru/metrika/watch.js
Request Chain 35
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=555169263&utmhn=www.myshared.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=MyShared.ru%20-%20%D1%85%D0%BE%D1%81%D1%82%D0%B8%D0%BD%D0%B3%20%D0%BF%D1%80%D0%B5%D0%B7%D0%B5%D0%BD%D1%82%D0%B0%D1%86%D0%B8%D0%B9&utmhid=294166231&utmr=http%3A%2F%2Fduckproxy.com%2F&utmp=%2Findexa.php&utmht=1664960398421&utmac=UA-34773609-1&utmcc=__utma%3D138063532.1575089129.1664960398.1664960398.1664960398.1%3B%2B__utmz%3D138063532.1664960398.1.1.utmcsr%3Dduckproxy.com%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2F%3B&aip=1&utmjid=1192060683&utmredir=1&utmu=qBQAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=555169263&utmhn=www.myshared.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=MyShared.ru%20-%20%D1%85%D0%BE%D1%81%D1%82%D0%B8%D0%BD%D0%B3%20%D0%BF%D1%80%D0%B5%D0%B7%D0%B5%D0%BD%D1%82%D0%B0%D1%86%D0%B8%D0%B9&utmhid=294166231&utmr=http%3A%2F%2Fduckproxy.com%2F&utmp=%2Findexa.php&utmht=1664960398421&utmac=UA-34773609-1&utmcc=__utma%3D138063532.1575089129.1664960398.1664960398.1664960398.1%3B%2B__utmz%3D138063532.1664960398.1.1.utmcsr%3Dduckproxy.com%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2F%3B&aip=1&utmjid=1192060683&utmredir=1&utmu=qBQAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-34773609-1&cid=1575089129.1664960398&jid=1192060683&_v=5.7.2&z=555169263 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34773609-1&cid=1575089129.1664960398&jid=1192060683&_v=5.7.2&z=555169263 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34773609-1&cid=1575089129.1664960398&jid=1192060683&_v=5.7.2&z=555169263&slf_rd=1&random=1619182854
Request Chain 43
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9782.JV0NL4PmESF3KoW3cWCNWphWiiTr9g__V9qD1BMjJ1YOs1dd4Kg4Sm8G4VbUT3GX.BBIMGOqVtuusYnjhe012mhXVO5c%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9782.r1l0sGraISzY8QxmjMnTC0MId5KizWwDNNGz_q2g_CiGjiGg_SVVcc3uUfQGBjWuljluBwK-nOnKSUX5KgyP-w%2C%2C.-WOTaon3SFk6fZy1VOymxUS_PAE%2C
Request Chain 45
  • https://mc.yandex.com/watch/16744078?wmode=7&page-url=http%3A%2F%2Fwww.myshared.ru%2Findexa.php&page-ref=http%3A%2F%2Fduckproxy.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3z6p9rs%3Afp%3A112%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A215376859096%3Ahid%3A9762700%3Az%3A0%3Ai%3A20221005085958%3Aet%3A1664960399%3Ac%3A1%3Arn%3A638140126%3Arqn%3A1%3Au%3A1664960399674844317%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C7%2C0%2C3%2C0%2C%2C123%2C0%2C%2C%2C%2C133%3Acpf%3A1%3Antf%3A1%3Ans%3A1664960398242%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1664960399%3At%3AMyShared.ru%20-%20%D1%85%D0%BE%D1%81%D1%82%D0%B8%D0%BD%D0%B3%20%D0%BF%D1%80%D0%B5%D0%B7%D0%B5%D0%BD%D1%82%D0%B0%D1%86%D0%B8%D0%B9&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/16744078/1?wmode=7&page-url=http%3A%2F%2Fwww.myshared.ru%2Findexa.php&page-ref=http%3A%2F%2Fduckproxy.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3z6p9rs%3Afp%3A112%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A215376859096%3Ahid%3A9762700%3Az%3A0%3Ai%3A20221005085958%3Aet%3A1664960399%3Ac%3A1%3Arn%3A638140126%3Arqn%3A1%3Au%3A1664960399674844317%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C7%2C0%2C3%2C0%2C%2C123%2C0%2C%2C%2C%2C133%3Acpf%3A1%3Antf%3A1%3Ans%3A1664960398242%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1664960399%3At%3AMyShared.ru%20-%20%D1%85%D0%BE%D1%81%D1%82%D0%B8%D0%BD%D0%B3%20%D0%BF%D1%80%D0%B5%D0%B7%D0%B5%D0%BD%D1%82%D0%B0%D1%86%D0%B8%D0%B9&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Request Chain 77
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

85 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
indexa.php
duckproxy.com/ 		206 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://duckproxy.com/indexa.php?q=aHR0cDovL3d3dy5teXNoYXJlZC5ydS9zbGlkZS85NDcyOTEv
Protocol
HTTP/1.1
Server
166.62.10.188 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
188.10.62.166.host.secureserver.net
Software
Apache / PHP/5.6.40
Resource Hash
c0c19a6bc41c6ab692846edd94ce5588678d4183d6f960e10cfabe5a11adc50a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Upgrade, Keep-Alive
Content-Disposition
inline; filename=""
Content-Encoding
gzip
Content-Length
24713
Content-Type
text/html; charset=UTF-8
Date
Wed, 05 Oct 2022 08:59:55 GMT
Expires
Wed, 05 Oct 2022 08:59:54 GMT
Keep-Alive
timeout=5
Server
Apache
Upgrade
h2,h2c
Vary
Accept-Encoding,User-Agent
X-Powered-By
PHP/5.6.40
indexa.php
duckproxy.com/ 		130 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://duckproxy.com/indexa.php?q=aHR0cDovL3d3dy5teXNoYXJlZC5ydS9zdGF0aWMvY3NzLzJjY2JhL3RvdGFsLmNzcw%3D%3D
Requested by
Host: duckproxy.com
URL: http://duckproxy.com/indexa.php?q=aHR0cDovL3d3dy5teXNoYXJlZC5ydS9zbGlkZS85NDcyOTEv
Protocol
HTTP/1.1
Server
166.62.10.188 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
188.10.62.166.host.secureserver.net
Software
Apache / PHP/5.6.40
Resource Hash
71ee321ff4bce777cf42174e2906f48b23e95938cb2126a6fd5a0146ec4a1e84

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duckproxy.com/indexa.php?q=aHR0cDovL3d3dy5teXNoYXJlZC5ydS9zbGlkZS85NDcyOTEv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 08:59:56 GMT
Content-Encoding
gzip
Last-Modified
Sat, 24 Sep 2022 11:57:01 GMT
Server
Apache
X-Powered-By
PHP/5.6.40
ETag
"632ef08d-204db-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=86400
Content-Disposition
inline; filename="total.css"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
24873
Expires
Thu, 06 Oct 2022 08:59:57 GMT
indexa.php
duckproxy.com/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://duckproxy.com/indexa.php?q=aHR0cDovL2ZvbnRzLmdvb2dsZWFwaXMuY29tL2Nzcz9mYW1pbHk9T3BlbitTYW5zOjMwMCw0MDAsNjAwJnN1YnNldD1sYXRpbixjeXJpbGxpYw%3D%3D
Requested by
Host: duckproxy.com
URL: http://duckproxy.com/indexa.php?q=aHR0cDovL3d3dy5teXNoYXJlZC5ydS9zbGlkZS85NDcyOTEv
Protocol
HTTP/1.1
Server
166.62.10.188 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
188.10.62.166.host.secureserver.net
Software
Apache / PHP/5.6.40
Resource Hash
b49c320616e32c8ffb9262403a4fddc81209c1eaf5e8ee5563b0c192fb282d01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duckproxy.com/indexa.php?q=aHR0cDovL3d3dy5teXNoYXJlZC5ydS9zbGlkZS85NDcyOTEv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 08:59:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
PHP/5.6.40
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
inline; filename="css"
Connection
Upgrade, Keep-Alive
Content-Length
769
X-XSS-Protection
0
Last-Modified
Wed, 05 Oct 2022 08:46:21 GMT
Server
Apache
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Upgrade
h2,h2c
Access-Control-Allow-Origin
*
Content-Type
text/css; charset=utf-8
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Accept-Ranges
none
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Keep-Alive
timeout=5
Expires
Wed, 05 Oct 2022 08:59:56 GMT
indexa.php
duckproxy.com/ 		0
0
indexa.php
duckproxy.com/ 		0
0
indexa.php
duckproxy.com/ 		0
0
indexa.php
duckproxy.com/ 		0
0
indexa.php
duckproxy.com/ 		0
0
indexa.php
duckproxy.com/ 		0
0
indexa.php
duckproxy.com/ 		0
0
indexa.php
duckproxy.com/ Frame 0E88 		0
0
indexa.php
duckproxy.com/ 		0
0
context.js
an.yandex.ru/system/ 		0
0
es5-shim.js
www.myshared.ru/static/js/ 		80 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.myshared.ru/static/js/es5-shim.js
Requested by
Host: duckproxy.com
URL: http://duckproxy.com/indexa.php?q=aHR0cDovL3d3dy5teXNoYXJlZC5ydS9zbGlkZS85NDcyOTEv
Protocol
HTTP/1.1
Server
148.251.86.110 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.110.86.251.148.clients.your-server.de
Software
nginx /
Resource Hash
5ec30bc469bcda0a48148673e0c86acdb392e7d2d0a0ec9aefed694151b5506b

Request headers

Referer
http://duckproxy.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 05 Oct 2022 08:59:58 GMT
Content-Encoding
gzip
Last-Modified
Sat, 24 Sep 2022 11:56:06 GMT
Server
nginx
ETag
W/"632ef056-14002"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 06 Oct 2022 08:59:58 GMT
indexa.php
duckproxy.com/ 		0
0
jquery.min.js
duckproxy.com/static/new/js/vendor/ 		0
0
total.js
www.myshared.ru/cache/2ccba/static/js/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.myshared.ru/cache/2ccba/static/js/total.js
Requested by
Host: duckproxy.com
URL: http://duckproxy.com/indexa.php?q=aHR0cDovL3d3dy5teXNoYXJlZC5ydS9zbGlkZS85NDcyOTEv
Protocol
HTTP/1.1
Server
148.251.86.110 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.110.86.251.148.clients.your-server.de
Software
nginx /
Resource Hash
e11af5386165151881adbd4a084a62e90fa237e66aa8a01a796476062d320e53

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://duckproxy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 08:59:58 GMT
Content-Encoding
gzip
Last-Modified
Sat, 24 Sep 2022 11:57:04 GMT
Server
nginx
ETag
W/"632ef090-157de"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 06 Oct 2022 08:59:58 GMT
pixel.gif
www.myshared.ru/cache/0.9218215315713982/report/ 		0
0
Primary Request indexa.php
www.myshared.ru/ 		34 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.myshared.ru/indexa.php
Requested by
Host: duckproxy.com
URL: http://duckproxy.com/indexa.php?q=aHR0cDovL3d3dy5teXNoYXJlZC5ydS9zbGlkZS85NDcyOTEv
Protocol
HTTP/1.1
Server
148.251.86.110 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.110.86.251.148.clients.your-server.de
Software
nginx /
Resource Hash
a76a8ee1b5102900287051ac64514672076ac0917b12ad0e49fe67686f388794

Request headers

Referer
http://duckproxy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 05 Oct 2022 08:59:58 GMT
Server
nginx
Transfer-Encoding
chunked
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
0
0
watch.js
mc.yandex.ru/metrika/ 		0
0
indexa.php
duckproxy.com/ 		0
0
total.css
www.myshared.ru/static/css/2ccba/ 		129 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.myshared.ru/static/css/2ccba/total.css
Requested by
Host: www.myshared.ru
URL: http://www.myshared.ru/indexa.php
Protocol
HTTP/1.1
Server
148.251.86.110 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.110.86.251.148.clients.your-server.de
Software
nginx /
Resource Hash
a38923922c3e7f2ad0f96eacf2c43afdf821fbe91e3f1616230ee65dbb99053c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.myshared.ru/indexa.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 08:59:58 GMT
Content-Encoding
gzip
Last-Modified
Sat, 24 Sep 2022 11:57:01 GMT
Server
nginx
ETag
W/"632ef08d-204db"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 06 Oct 2022 08:59:58 GMT
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Open+Sans:300,400,600&subset=latin,cyrillic
Requested by
Host: www.myshared.ru
URL: http://www.myshared.ru/indexa.php
Protocol
HTTP/1.1
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5ff307b299a06a7fdc041485997a097cbda94349f27b4b16a642fba1f57cf05b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.myshared.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 08:59:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Wed, 05 Oct 2022 08:59:58 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Wed, 05 Oct 2022 08:59:58 GMT
logo_myshared.png
www.myshared.ru/static/new/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.myshared.ru/static/new/img/logo_myshared.png
Requested by
Host: www.myshared.ru
URL: http://www.myshared.ru/indexa.php
Protocol
HTTP/1.1
Server
148.251.86.110 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.110.86.251.148.clients.your-server.de
Software
nginx /
Resource Hash
ef6c49919ca0529bf7635691f757cca429c47564789d3c1415b112b3dddd802a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.myshared.ru/indexa.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 08:59:58 GMT
Last-Modified
Sat, 24 Sep 2022 11:56:06 GMT
Server
nginx
ETag
"632ef056-1140"
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4416
Expires
Thu, 06 Oct 2022 08:59:58 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		161 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.myshared.ru
URL: http://www.myshared.ru/indexa.php
Protocol
HTTP/1.1
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f2e9e940aa2294e1dc1f4d24631970127182541f9ce23c2fcd0dd3051baf92b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.myshared.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 08:59:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
15475249290277207505
Vary
Accept-Encoding, Origin
Content-Type
text/javascript; charset=UTF-8
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
57841
X-XSS-Protection
0
Expires
Wed, 05 Oct 2022 08:59:58 GMT
prefetch2.gif
www.myshared.ru/static/new/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.myshared.ru/static/new/img/prefetch2.gif
Requested by
Host: www.myshared.ru
URL: http://www.myshared.ru/indexa.php
Protocol
HTTP/1.1
Server
148.251.86.110 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.110.86.251.148.clients.your-server.de
Software
nginx /
Resource Hash
c4354b3b23a0cf384314f4fe0e9517874293f9414733508517066063f5d0b129

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.myshared.ru/indexa.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 08:59:58 GMT
Last-Modified
Sat, 24 Sep 2022 11:56:06 GMT
Server
nginx
ETag
"632ef056-15b1"
Content-Type
image/gif
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5553
Expires
Thu, 06 Oct 2022 08:59:58 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:300,400,600&subset=latin,cyrillic
Protocol
HTTP/1.1
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://www.myshared.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 23:05:59 GMT
X-Content-Type-Options
nosniff
Age
122039
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
44856
X-XSS-Protection
0
Last-Modified
Mon, 15 Aug 2022 18:20:18 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Tue, 03 Oct 2023 23:05:59 GMT
fontawesome-webfont.woff
www.myshared.ru/static/new/css/fontawesome/ 		79 KB
80 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://www.myshared.ru/static/new/css/fontawesome/fontawesome-webfont.woff
Requested by
Host: www.myshared.ru
URL: http://www.myshared.ru/static/css/2ccba/total.css
Protocol
HTTP/1.1
Server
148.251.86.110 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.110.86.251.148.clients.your-server.de
Software
nginx /
Resource Hash
a7c7e4930090e038a280fd61d88f0dc03dad4aeaedbd8c9be3dd9aa4c3b6f8d1

Request headers

Referer
http://www.myshared.ru/static/css/2ccba/total.css
Origin
http://www.myshared.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 08:59:58 GMT
Last-Modified
Sat, 24 Sep 2022 11:56:06 GMT
Server
nginx
ETag
"632ef056-13d84"
Content-Type
application/font-woff
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
81284
Expires
Thu, 06 Oct 2022 08:59:58 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:300,400,600&subset=latin,cyrillic
Protocol
HTTP/1.1
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://www.myshared.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 23:23:07 GMT
X-Content-Type-Options
nosniff
Age
121011
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
26240
X-XSS-Protection
0
Last-Modified
Mon, 15 Aug 2022 18:14:37 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Tue, 03 Oct 2023 23:23:07 GMT
es5-shim.js
www.myshared.ru/static/js/ 		80 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.myshared.ru/static/js/es5-shim.js
Requested by
Host: www.myshared.ru
URL: http://www.myshared.ru/indexa.php
Protocol
HTTP/1.1
Server
148.251.86.110 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.110.86.251.148.clients.your-server.de
Software
nginx /
Resource Hash
5ec30bc469bcda0a48148673e0c86acdb392e7d2d0a0ec9aefed694151b5506b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.myshared.ru/indexa.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 08:59:58 GMT
Content-Encoding
gzip
Last-Modified
Sat, 24 Sep 2022 11:56:06 GMT
Server
nginx
ETag
W/"632ef056-14002"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 06 Oct 2022 08:59:58 GMT
jquery.min.js
www.myshared.ru/static/new/js/vendor/ 		94 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.myshared.ru/static/new/js/vendor/jquery.min.js
Requested by
Host: www.myshared.ru
URL: http://www.myshared.ru/indexa.php
Protocol
HTTP/1.1
Server
148.251.86.110 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.110.86.251.148.clients.your-server.de
Software
nginx /
Resource Hash
446ab1879f7ccffc46eb699ab327840b39cdc54027ea8026f0f4cf034b8eb40b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.myshared.ru/indexa.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 08:59:58 GMT
Content-Encoding
gzip
Last-Modified
Sat, 24 Sep 2022 11:56:06 GMT
Server
nginx
ETag
W/"632ef056-176dd"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 06 Oct 2022 08:59:58 GMT
total.js
www.myshared.ru/cache/2ccba/static/js/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.myshared.ru/cache/2ccba/static/js/total.js
Requested by
Host: www.myshared.ru
URL: http://www.myshared.ru/indexa.php
Protocol
HTTP/1.1
Server
148.251.86.110 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.110.86.251.148.clients.your-server.de
Software
nginx /
Resource Hash
e11af5386165151881adbd4a084a62e90fa237e66aa8a01a796476062d320e53

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.myshared.ru/indexa.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 08:59:58 GMT
Content-Encoding
gzip
Last-Modified
Sat, 24 Sep 2022 11:57:04 GMT
Server
nginx
ETag
W/"632ef090-157de"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 06 Oct 2022 08:59:58 GMT
pixel.gif
www.myshared.ru/cache/0.8959051944644605/report/ 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.myshared.ru/cache/0.8959051944644605/report/pixel.gif?type=pageview&domain_id=20&page_id=0&design_id=1&l=en-US&p=Win32&req_id=5526068368636731&url=http%3A%2F%2Fwww.myshared.ru%2Findexa.php
Requested by
Host: www.myshared.ru
URL: http://www.myshared.ru/indexa.php
Protocol
HTTP/1.1
Server
148.251.86.110 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.110.86.251.148.clients.your-server.de
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.myshared.ru/indexa.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 05 Oct 2022 08:59:58 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Wed, 05 Oct 2022 08:59:57 GMT
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: www.myshared.ru
URL: http://www.myshared.ru/indexa.php
Protocol
H2
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.myshared.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 05 Oct 2022 07:19:58 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6000
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Wed, 05 Oct 2022 09:19:58 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
watch.js
mc.yandex.ru/metrika/
Redirect Chain
  • http://mc.yandex.ru/metrika/watch.js
  • https://mc.yandex.ru/metrika/watch.js
159 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: www.myshared.ru
URL: http://www.myshared.ru/indexa.php
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
1b3dfcfe97d043475a764d9c2f2072aa76cb46141e59eea505f16dd5bc8ab28e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.myshared.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 08:59:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Tue, 04 Oct 2022 10:25:54 GMT
etag
"633be002-df26"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
57126
expires
Wed, 05 Oct 2022 09:59:58 GMT

Redirect headers

Location
https://mc.yandex.ru/metrika/watch.js
Content-Length
0
ga-audiences
www.google.de/ads/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=555169263&utmhn=www.myshared.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=MyShar...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=555169263&utmhn=www.myshared.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=MySha...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-34773609-1&cid=1575089129.1664960398&jid=1192060683&_v=5.7.2&z=555169263
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34773609-1&cid=1575089129.1664960398&jid=1192060683&_v=5.7.2&z=555169263
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34773609-1&cid=1575089129.1664960398&jid=1192060683&_v=5.7.2&z=555169263&slf_rd=1&random=1619182854
42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34773609-1&cid=1575089129.1664960398&jid=1192060683&_v=5.7.2&z=555169263&slf_rd=1&random=1619182854
Requested by
Host: www.myshared.ru
URL: http://www.myshared.ru/indexa.php
Protocol
H2
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.myshared.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 08:59:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 08:59:58 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34773609-1&cid=1575089129.1664960398&jid=1192060683&_v=5.7.2&z=555169263&slf_rd=1&random=1619182854
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/ 		349 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6133583279631137&plah=www.myshared.ru
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
22f8dbc6723ceb57c93d0698eb5e52871ed3d0ccd382330f38e547ddd782b7eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.myshared.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 08:59:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117211
x-xss-protection
0
server
cafe
etag
17127914723688843944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 05 Oct 2022 08:59:58 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/ Frame 5A3C 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.myshared.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
38364
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 22:20:34 GMT
etag
9671129459699598864
expires
Tue, 18 Oct 2022 22:20:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		215 B
409 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.myshared.ru&callback=_gfp_s_&client=ca-pub-6133583279631137
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6133583279631137&plah=www.myshared.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a907bf00f2d303f643c737c412cf3c242b9b80ff902cf82bbf6e0308846e612c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.myshared.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 08:59:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.myshared.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6133583279631137&plah=www.myshared.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.myshared.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 08:59:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.myshared.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6133583279631137&plah=www.myshared.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.myshared.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 08:59:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B5B6 		98 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6133583279631137&output=html&h=280&slotname=2114396402&adk=3882802510&adf=2604163584&pi=t.ma~as.2114396402&w=1130&fwrn=4&fwrnh=100&lmt=1664960398&rafmt=1&psa=0&format=1130x280&url=http%3A%2F%2Fwww.myshared.ru%2Findexa.php&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1664960398444&bpp=3&bdt=189&idt=332&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&correlator=5092645552618&frm=20&pv=2&ga_vid=1575089129.1664960398&ga_sid=1664960398&ga_hid=294166231&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=235&ady=476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44773746&oid=2&pvsid=1655256948392736&tmod=272633324&uas=0&nvt=1&ref=http%3A%2F%2Fduckproxy.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=zyQRCZnWEZ&p=http%3A//www.myshared.ru&dtd=346
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6133583279631137&plah=www.myshared.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f522807c23c0c4b4893292fae1ec1c8e330045862eb6c0d4abb9de117923dad9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.myshared.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
33781
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 08:59:59 GMT
expires
Wed, 05 Oct 2022 08:59:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8AD0 		175 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6133583279631137&output=html&adk=1812271804&adf=3025194257&lmt=1664960398&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.myshared.ru%2Findexa.php&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1664960398457&bpp=1&bdt=202&idt=341&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&prev_fmts=1130x280&nras=1&correlator=5092645552618&frm=20&pv=1&ga_vid=1575089129.1664960398&ga_sid=1664960398&ga_hid=294166231&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44773746&oid=2&pvsid=1655256948392736&tmod=272633324&uas=0&nvt=1&ref=http%3A%2F%2Fduckproxy.com%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=347
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6133583279631137&plah=www.myshared.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332f4b46e83d1c96f9e22e12ed588b666300f84687321b42f9c31994456cfabc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.myshared.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46524
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 08:59:59 GMT
expires
Wed, 05 Oct 2022 08:59:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9782.JV0NL4PmESF3KoW3cWCNWphWiiTr9g__V9qD1BMjJ1YOs1dd4Kg4Sm8G4VbUT3GX.BBIMGOqVtuusYnjhe012mhXVO5c%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9782.r1l0sGraISzY8QxmjMnTC0MId5KizWwDNNGz_q2g_CiGjiGg_SVVcc3uUfQGBjWuljluBwK-nOnKSUX5KgyP-w%2C%2C.-WOTaon3SFk6fZy1VOymxUS_PAE%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9782.r1l0sGraISzY8QxmjMnTC0MId5KizWwDNNGz_q2g_CiGjiGg_SVVcc3uUfQGBjWuljluBwK-nOnKSUX5KgyP-w%2C%2C.-WOTaon3SFk6fZy1VOymxUS_PAE%2C
Requested by
Host: www.myshared.ru
URL: http://www.myshared.ru/indexa.php
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.myshared.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 08:59:58 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9782.r1l0sGraISzY8QxmjMnTC0MId5KizWwDNNGz_q2g_CiGjiGg_SVVcc3uUfQGBjWuljluBwK-nOnKSUX5KgyP-w%2C%2C.-WOTaon3SFk6fZy1VOymxUS_PAE%2C
date
Wed, 05 Oct 2022 08:59:58 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: www.myshared.ru
URL: http://www.myshared.ru/indexa.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.myshared.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 08:59:58 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 04 Oct 2022 10:25:54 GMT
etag
"633be002-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Wed, 05 Oct 2022 09:59:58 GMT
1
mc.yandex.com/watch/16744078/
Redirect Chain
  • https://mc.yandex.com/watch/16744078?wmode=7&page-url=http%3A%2F%2Fwww.myshared.ru%2Findexa.php&page-ref=http%3A%2F%2Fduckproxy.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlp...
  • https://mc.yandex.com/watch/16744078/1?wmode=7&page-url=http%3A%2F%2Fwww.myshared.ru%2Findexa.php&page-ref=http%3A%2F%2Fduckproxy.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylct...
420 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/16744078/1?wmode=7&page-url=http%3A%2F%2Fwww.myshared.ru%2Findexa.php&page-ref=http%3A%2F%2Fduckproxy.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3z6p9rs%3Afp%3A112%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A215376859096%3Ahid%3A9762700%3Az%3A0%3Ai%3A20221005085958%3Aet%3A1664960399%3Ac%3A1%3Arn%3A638140126%3Arqn%3A1%3Au%3A1664960399674844317%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C7%2C0%2C3%2C0%2C%2C123%2C0%2C%2C%2C%2C133%3Acpf%3A1%3Antf%3A1%3Ans%3A1664960398242%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1664960399%3At%3AMyShared.ru%20-%20%D1%85%D0%BE%D1%81%D1%82%D0%B8%D0%BD%D0%B3%20%D0%BF%D1%80%D0%B5%D0%B7%D0%B5%D0%BD%D1%82%D0%B0%D1%86%D0%B8%D0%B9&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Requested by
Host: www.myshared.ru
URL: http://www.myshared.ru/indexa.php
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
6262a222d27b3f82c8de7a4df461696c48306a97e21f05475597d36cdfae60e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.myshared.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 08:59:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 05-Oct-2022 08:59:59 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.myshared.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
420
x-xss-protection
1; mode=block
expires
Wed, 05-Oct-2022 08:59:59 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Oct 2022 08:59:59 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 05-Oct-2022 08:59:59 GMT
location
/watch/16744078/1?wmode=7&page-url=http%3A%2F%2Fwww.myshared.ru%2Findexa.php&page-ref=http%3A%2F%2Fduckproxy.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3z6p9rs%3Afp%3A112%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A215376859096%3Ahid%3A9762700%3Az%3A0%3Ai%3A20221005085958%3Aet%3A1664960399%3Ac%3A1%3Arn%3A638140126%3Arqn%3A1%3Au%3A1664960399674844317%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C7%2C0%2C3%2C0%2C%2C123%2C0%2C%2C%2C%2C133%3Acpf%3A1%3Antf%3A1%3Ans%3A1664960398242%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1664960399%3At%3AMyShared.ru%20-%20%D1%85%D0%BE%D1%81%D1%82%D0%B8%D0%BD%D0%B3%20%D0%BF%D1%80%D0%B5%D0%B7%D0%B5%D0%BD%D1%82%D0%B0%D1%86%D0%B8%D0%B9&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
access-control-allow-origin
http://www.myshared.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 05-Oct-2022 08:59:59 GMT
css
fonts.googleapis.com/ Frame B5B6 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6133583279631137&output=html&h=280&slotname=2114396402&adk=3882802510&adf=2604163584&pi=t.ma~as.2114396402&w=1130&fwrn=4&fwrnh=100&lmt=1664960398&rafmt=1&psa=0&format=1130x280&url=http%3A%2F%2Fwww.myshared.ru%2Findexa.php&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1664960398444&bpp=3&bdt=189&idt=332&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&correlator=5092645552618&frm=20&pv=2&ga_vid=1575089129.1664960398&ga_sid=1664960398&ga_hid=294166231&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=235&ady=476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44773746&oid=2&pvsid=1655256948392736&tmod=272633324&uas=0&nvt=1&ref=http%3A%2F%2Fduckproxy.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=zyQRCZnWEZ&p=http%3A//www.myshared.ru&dtd=346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Oct 2022 08:59:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 08:17:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Oct 2022 08:59:59 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame B5B6 		2 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6133583279631137&output=html&h=280&slotname=2114396402&adk=3882802510&adf=2604163584&pi=t.ma~as.2114396402&w=1130&fwrn=4&fwrnh=100&lmt=1664960398&rafmt=1&psa=0&format=1130x280&url=http%3A%2F%2Fwww.myshared.ru%2Findexa.php&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1664960398444&bpp=3&bdt=189&idt=332&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&correlator=5092645552618&frm=20&pv=2&ga_vid=1575089129.1664960398&ga_sid=1664960398&ga_hid=294166231&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=235&ady=476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44773746&oid=2&pvsid=1655256948392736&tmod=272633324&uas=0&nvt=1&ref=http%3A%2F%2Fduckproxy.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=zyQRCZnWEZ&p=http%3A//www.myshared.ru&dtd=346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 08:43:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1012
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 08:43:07 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame B5B6 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6133583279631137&output=html&h=280&slotname=2114396402&adk=3882802510&adf=2604163584&pi=t.ma~as.2114396402&w=1130&fwrn=4&fwrnh=100&lmt=1664960398&rafmt=1&psa=0&format=1130x280&url=http%3A%2F%2Fwww.myshared.ru%2Findexa.php&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1664960398444&bpp=3&bdt=189&idt=332&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&correlator=5092645552618&frm=20&pv=2&ga_vid=1575089129.1664960398&ga_sid=1664960398&ga_hid=294166231&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=235&ady=476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44773746&oid=2&pvsid=1655256948392736&tmod=272633324&uas=0&nvt=1&ref=http%3A%2F%2Fduckproxy.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=zyQRCZnWEZ&p=http%3A//www.myshared.ru&dtd=346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 08:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
953
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9561
x-xss-protection
0
server
cafe
etag
483224313611802536
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 08:44:06 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame B5B6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6133583279631137&output=html&h=280&slotname=2114396402&adk=3882802510&adf=2604163584&pi=t.ma~as.2114396402&w=1130&fwrn=4&fwrnh=100&lmt=1664960398&rafmt=1&psa=0&format=1130x280&url=http%3A%2F%2Fwww.myshared.ru%2Findexa.php&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1664960398444&bpp=3&bdt=189&idt=332&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&correlator=5092645552618&frm=20&pv=2&ga_vid=1575089129.1664960398&ga_sid=1664960398&ga_hid=294166231&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=235&ady=476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44773746&oid=2&pvsid=1655256948392736&tmod=272633324&uas=0&nvt=1&ref=http%3A%2F%2Fduckproxy.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=zyQRCZnWEZ&p=http%3A//www.myshared.ru&dtd=346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 08:31:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1699
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 08:31:40 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame B5B6 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6133583279631137&output=html&h=280&slotname=2114396402&adk=3882802510&adf=2604163584&pi=t.ma~as.2114396402&w=1130&fwrn=4&fwrnh=100&lmt=1664960398&rafmt=1&psa=0&format=1130x280&url=http%3A%2F%2Fwww.myshared.ru%2Findexa.php&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1664960398444&bpp=3&bdt=189&idt=332&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&correlator=5092645552618&frm=20&pv=2&ga_vid=1575089129.1664960398&ga_sid=1664960398&ga_hid=294166231&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=235&ady=476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44773746&oid=2&pvsid=1655256948392736&tmod=272633324&uas=0&nvt=1&ref=http%3A%2F%2Fduckproxy.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=zyQRCZnWEZ&p=http%3A//www.myshared.ru&dtd=346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 08:23:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2186
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7559
x-xss-protection
0
server
cafe
etag
15289875785628835784
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 08:23:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B5B6 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6133583279631137&output=html&h=280&slotname=2114396402&adk=3882802510&adf=2604163584&pi=t.ma~as.2114396402&w=1130&fwrn=4&fwrnh=100&lmt=1664960398&rafmt=1&psa=0&format=1130x280&url=http%3A%2F%2Fwww.myshared.ru%2Findexa.php&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1664960398444&bpp=3&bdt=189&idt=332&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&correlator=5092645552618&frm=20&pv=2&ga_vid=1575089129.1664960398&ga_sid=1664960398&ga_hid=294166231&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=235&ady=476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44773746&oid=2&pvsid=1655256948392736&tmod=272633324&uas=0&nvt=1&ref=http%3A%2F%2Fduckproxy.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=zyQRCZnWEZ&p=http%3A//www.myshared.ru&dtd=346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 08:59:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44883
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664796838458510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Oct 2022 08:59:59 GMT
270cb447f650f22be90b4349b85576c2.js
www.gstatic.com/mysidia/ Frame B5B6 		32 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6133583279631137&output=html&h=280&slotname=2114396402&adk=3882802510&adf=2604163584&pi=t.ma~as.2114396402&w=1130&fwrn=4&fwrnh=100&lmt=1664960398&rafmt=1&psa=0&format=1130x280&url=http%3A%2F%2Fwww.myshared.ru%2Findexa.php&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1664960398444&bpp=3&bdt=189&idt=332&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&correlator=5092645552618&frm=20&pv=2&ga_vid=1575089129.1664960398&ga_sid=1664960398&ga_hid=294166231&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=235&ady=476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44773746&oid=2&pvsid=1655256948392736&tmod=272633324&uas=0&nvt=1&ref=http%3A%2F%2Fduckproxy.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=zyQRCZnWEZ&p=http%3A//www.myshared.ru&dtd=346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:54:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162347
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13677
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 00:52:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 01 Jan 2023 11:54:12 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B5B6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=ChWLsjkc9Y_GpNdGeywXVr6D4B8PUoOtp1IOwlKMP2dkeEAEg-dvsRmCV2oiCmAegAf_en5QByAEJqQIaRdybVbqwPqgDAcgDywSqBOoBT9CAbDfbOhl7hIif2fEr3ybfGJNbeQqqWZgd4eskvPLLiwoVoSYYTxJ7Ts0jyapNA3oUDGz2pfPKauutR_09dnvSj8sP2TUqcNwPspEAAXYQL9cgUkFCC3kNP2b4q97mwAEpI9yfHfa0GxhGaHSl5txkol7AVWLBsdAYQUAodb_BNTGmn1D33C6PheBg_TUQddWKMOnTRX-F3IqBoN1FvMWKMI7b0HFt6SIZFvOaMqYgAgOva8HzF1fTCfqYgzXV4l3Krpun6sXURr1lrdJgh1Uv_i1yOMkfU02FxlqLCaEW7BPstjekEl5xwAS4seeqggSSBQQIBBgBkgUECAUYBKAGLoAH6aDg6wKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDAtyHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi02MTMzNTgzMjc5NjMxMTM3GAA&sigh=Ss8ywySPLt8&uach_m=[UACH]&cid=CAQSGwCsnQUx8FSjAlCQVeESDu2tDCXowiUey9Me0RgBIA4&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6133583279631137&output=html&h=280&slotname=2114396402&adk=3882802510&adf=2604163584&pi=t.ma~as.2114396402&w=1130&fwrn=4&fwrnh=100&lmt=1664960398&rafmt=1&psa=0&format=1130x280&url=http%3A%2F%2Fwww.myshared.ru%2Findexa.php&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1664960398444&bpp=3&bdt=189&idt=332&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&correlator=5092645552618&frm=20&pv=2&ga_vid=1575089129.1664960398&ga_sid=1664960398&ga_hid=294166231&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=235&ady=476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44773746&oid=2&pvsid=1655256948392736&tmod=272633324&uas=0&nvt=1&ref=http%3A%2F%2Fduckproxy.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=zyQRCZnWEZ&p=http%3A//www.myshared.ru&dtd=346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6133583279631137&output=html&h=280&slotname=2114396402&adk=3882802510&adf=2604163584&pi=t.ma~as.2114396402&w=1130&fwrn=4&fwrnh=100&lmt=1664960398&rafmt=1&psa=0&format=1130x280&url=http%3A%2F%2Fwww.myshared.ru%2Findexa.php&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1664960398444&bpp=3&bdt=189&idt=332&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&correlator=5092645552618&frm=20&pv=2&ga_vid=1575089129.1664960398&ga_sid=1664960398&ga_hid=294166231&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=235&ady=476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44773746&oid=2&pvsid=1655256948392736&tmod=272633324&uas=0&nvt=1&ref=http%3A%2F%2Fduckproxy.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=zyQRCZnWEZ&p=http%3A//www.myshared.ru&dtd=346
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 05 Oct 2022 08:59:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 05 Oct 2022 08:59:59 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/2015091806121108926/ Frame B5B6 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2015091806121108926/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6133583279631137&output=html&h=280&slotname=2114396402&adk=3882802510&adf=2604163584&pi=t.ma~as.2114396402&w=1130&fwrn=4&fwrnh=100&lmt=1664960398&rafmt=1&psa=0&format=1130x280&url=http%3A%2F%2Fwww.myshared.ru%2Findexa.php&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1664960398444&bpp=3&bdt=189&idt=332&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&correlator=5092645552618&frm=20&pv=2&ga_vid=1575089129.1664960398&ga_sid=1664960398&ga_hid=294166231&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=235&ady=476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44773746&oid=2&pvsid=1655256948392736&tmod=272633324&uas=0&nvt=1&ref=http%3A%2F%2Fduckproxy.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=zyQRCZnWEZ&p=http%3A//www.myshared.ru&dtd=346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d726593d839a806106e604c9bbf02a7b425de7521aa069c176275cf47ac5bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 12:26:22 GMT
x-content-type-options
nosniff
age
419617
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31557
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 14:12:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 30 Sep 2023 12:26:22 GMT
truncated
/ Frame B5B6 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B5B6 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/ 		151 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6133583279631137&plah=www.myshared.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04bd40f9bc5d301f1c44628bd55fb217fa87aca7661a9443d0addc187b51b41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.myshared.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 08:59:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
cafe
etag
18168106399742698602
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 05 Oct 2022 08:59:59 GMT
truncated
/ Frame B5B6 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
426a54ec1575b76fdaeac92564e1f5a798edd01855e14f744f21d97b090066fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame B5B6 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 08:44:44 GMT
x-content-type-options
nosniff
age
915
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Oct 2023 08:44:44 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.myshared.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6133583279631137&plah=www.myshared.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.myshared.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 08:59:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.myshared.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6133583279631137&plah=www.myshared.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.myshared.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 08:59:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/ Frame 8AD4 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6133583279631137&plah=www.myshared.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.myshared.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
32541
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 23:57:38 GMT
etag
9671129459699598864
expires
Tue, 18 Oct 2022 23:57:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js
pagead2.googlesyndication.com/bg/ Frame 0566 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6133583279631137&output=html&h=280&slotname=2114396402&adk=3882802510&adf=2604163584&pi=t.ma~as.2114396402&w=1130&fwrn=4&fwrnh=100&lmt=1664960398&rafmt=1&psa=0&format=1130x280&url=http%3A%2F%2Fwww.myshared.ru%2Findexa.php&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1664960398444&bpp=3&bdt=189&idt=332&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&correlator=5092645552618&frm=20&pv=2&ga_vid=1575089129.1664960398&ga_sid=1664960398&ga_hid=294166231&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=235&ady=476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44767668%2C42531705%2C44773746&oid=2&pvsid=1655256948392736&tmod=272633324&uas=0&nvt=1&ref=http%3A%2F%2Fduckproxy.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=zyQRCZnWEZ&p=http%3A//www.myshared.ru&dtd=346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 18:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
570462
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15966
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 18:32:17 GMT
css2
fonts.googleapis.com/ Frame 8AD4 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Oct 2022 08:59:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 08:16:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Oct 2022 08:59:59 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8AD4 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 08:23:28 GMT
x-content-type-options
nosniff
age
2191
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 05 Oct 2023 08:23:28 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8AD4 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 06:05:24 GMT
x-content-type-options
nosniff
age
10475
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 05 Oct 2023 06:05:24 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame 8AD4 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6efff8ce63d77eba89e9cc15af6dbccc657068130e89225fc662a0c580cea9b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 08:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1538
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8224
x-xss-protection
0
server
cafe
etag
17584738254627026664
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 08:34:21 GMT
css
fonts.googleapis.com/ Frame 804C 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Oct 2022 08:59:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 08:16:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Oct 2022 08:59:59 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 804C 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 08:40:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1174
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 08:40:25 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame 804C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 08:42:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1049
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9561
x-xss-protection
0
server
cafe
etag
483224313611802536
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 08:42:30 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 804C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 08:31:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1699
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 08:31:40 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 804C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 08:11:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2931
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7559
x-xss-protection
0
server
cafe
etag
15289875785628835784
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 08:11:08 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 804C 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 08:59:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44883
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664796838458510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Oct 2022 08:59:59 GMT
ff28bd887d5918000d85a256eb9567a4.js
www.gstatic.com/mysidia/ Frame 804C 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ff28bd887d5918000d85a256eb9567a4.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a61fe6e2743a18f977ac18a2f805735e8dccf115b16dbbbd2e3864ae98d4c33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 12:08:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
161503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13740
x-xss-protection
0
last-modified
Fri, 30 Sep 2022 21:54:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 01 Jan 2023 12:08:16 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 7AC8 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1379
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 08:37:00 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220928&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6133583279631137&plah=www.myshared.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d2c1a2541e58d4e46cf76ecea2149d03583e093b57585241ff75a88ff39197b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.myshared.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 08:59:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11242
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7AC8
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 08:59:59 GMT
expires
Wed, 05 Oct 2022 08:59:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 08:59:59 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js
pagead2.googlesyndication.com/bg/ Frame 6E47 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js
Requested by
Host: duckproxy.com
URL: http://duckproxy.com/indexa.php?q=aHR0cDovL3d3dy5teXNoYXJlZC5ydS9zbGlkZS85NDcyOTEv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 18:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
570462
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15966
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 18:32:17 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6133583279631137&plah=www.myshared.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.myshared.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 08:59:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 05 Oct 2022 08:59:59 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F544 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.myshared.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
163398
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 03 Oct 2022 11:36:42 GMT
expires
Tue, 03 Oct 2023 11:36:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5AE4 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f0a71f4817d640c25c4372849db07dbed25140d90b7ed38df42f103486f0c600
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SkSM0Qze9JS2en4xVxM99Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.myshared.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-SkSM0Qze9JS2en4xVxM99Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 05 Oct 2022 09:00:00 GMT
expires
Wed, 05 Oct 2022 09:00:00 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js
pagead2.googlesyndication.com/bg/ Frame F544 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 18:32:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
570463
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15966
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 18:32:17 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5AE4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220928&jk=1655256948392736&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame F544 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?WCV6hQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 09:00:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame B5B6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6KRiqv7oAD6SHONvE0e-OD3gTfy2m-BHdcgyd28520IvqWW7SF329AjauZErzkZU8UzCWfiisL3MRbSdWxKOzUZNyQFHZ6xUPIVoIaRZPK9kCcy0T-zTzZMiNCgwOzwBR1MLSxA&sai=AMfl-YQB2sT1NuYCPCcSaohOJVnwltOG8whu329MddkXsbBRbgFD0xi3aFgkf_5qpzPhVcRk9AqN-N81mCsM608&sig=Cg0ArKJSzCE30lx448jLEAE&cid=CAQSGwCsnQUx8FSjAlCQVeESDu2tDCXowiUey9Me0RgBIA4&id=lidar2&mcvt=1000&p=0,0,280,1130&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221003&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3882802510&rs=2&la=1&cr=0&vs=4&r=v&rst=1664960398791&rpt=860&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Oct 2022 09:00:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220928&jk=1655256948392736&bg=!GRqlGl7NAAYQgTJdMIE7ACkAdvg8Wu3pKGvJEi-r7IE96zSOkB6GmyucrjDwNbggi_HOsE81Bj_ETQIAAABVUgAAAAFoAQeZAqN2FR0MTd-QT7lyfkPprR8hDywLIY6a-G8OW9xDIJr4hMhAskDmHpPVhmPhZ0xofLiZ3dlLT-p6HnImHKIg6dlfBLwuebEmBvnNb4LklRLNTzqsn5V7spNlC8pSjhu_VCFeLOBPayW8_7kiG_uH5saZ8BWoAHZ-RMsihpPqTeAvCj1f5RBOBB-_NTQw2bfnKfLr8foXmyrpNrZ8PfIPnlpHVbnaSC-mId6mwOePcxa5jisLkLCvPCV4_ZH_X6sl0S55ZA30trVn93bY2mkKP925HLSLylhsPliKrB4pwdM1u04t_5uBWwMmyxUknO3JAJKquDemaX0WH9vHWHaVxsgr3FkG-dqej5nVD4O54mrXq6jTfggHmLbC7U_Y4E1vP3Wym_BYPEmmnIj8AdAVn-aNZHukRDSwbL8qBSjQIIlFnbCHcHhpF0hwIOGITRbF2zr5F5aHBxeXniOBnhA7jxU4QrY5O7dC7GM2FnSEjoGLqky9oWCMhw-Dol11ofcTk7wCiAjVWwnxsLbVV2K7FcusmbHmSUY889XvcfgEdNyHlguoCyU6LCklWFOYtzdvvRfn7BUHu1h4VKZmTuuorpA8IRckRn4k0XnaA_ygM1D92onkqstZJ2KXqT5FIFqYBO-3Hd5X5pzSbNvvhJ3tWybUmx_w2j-Tojx3LnJm_2vCabHMQV6b3c-WmsL5_zE2UoCmiyMbwwb-reHH3JrO5aeczhpVb6GzIOekToOoTJ0TnGAYxPaV-rJPZ2TPZ06y1wiYaVFRznHwo671CcAGyqYI5fNHWWae4Tlz3xRhk0EaGil6agM6fEPXSZxObSXhAAG7H0FJjy-_mU62zMWb0gl-tW2-GsECq6RJjSl5JoUDTkqxuVLs1vMaJtFGxKBuUevHIAg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.myshared.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
duckproxy.com
URL
http://duckproxy.com/indexa.php?q=aHR0cHM6Ly95YW5kZXgucnUvYWRzL3N5c3RlbS9jb250ZXh0Lmpz
Domain
duckproxy.com
URL
http://duckproxy.com/indexa.php?q=aHR0cDovL3d3dy5teXNoYXJlZC5ydS9zdGF0aWMvbmV3L2ltZy9sb2dvX215c2hhcmVkLnBuZw%3D%3D
Domain
duckproxy.com
URL
http://duckproxy.com/indexa.php?q=aHR0cDovL3d3dy5teXNoYXJlZC5ydS9zdGF0aWMvbmV3L2ltZy9zbGlkZS1sb2FkZXI0LmdpZg%3D%3D
Domain
duckproxy.com
URL
http://duckproxy.com/indexa.php?q=aHR0cDovL3d3dy5teXNoYXJlZC5ydS9zdGF0aWMvbmV3L2ltZy9wcmVmZXRjaDIuZ2lm
Domain
duckproxy.com
URL
http://duckproxy.com/indexa.php?q=aHR0cDovL2ZvbnRzLmdzdGF0aWMuY29tL3Mvb3BlbnNhbnMvdjM0L21lbXZZYUdzMTI2TWlacEJBLVV2V2JYMnZWblhCYk9iajJPVlRTLW11dy53b2ZmMg%3D%3D
Domain
duckproxy.com
URL
http://duckproxy.com/indexa.php?q=aHR0cDovL3d3dy5teXNoYXJlZC5ydS9zdGF0aWMvbmV3L2Nzcy9mb250YXdlc29tZS9mb250YXdlc29tZS13ZWJmb250LndvZmY%3D
Domain
duckproxy.com
URL
http://duckproxy.com/indexa.php?q=aHR0cDovL2ZvbnRzLmdzdGF0aWMuY29tL3Mvb3BlbnNhbnMvdjM0L21lbXZZYUdzMTI2TWlacEJBLVV2V2JYMnZWblhCYk9iajJPVlRTdW11MWFCLndvZmYy
Domain
duckproxy.com
URL
http://duckproxy.com/indexa.php?q=aHR0cDovL3BsYXllci5teXNoYXJlZC5ydS85Lzk0NzI5MS8%3D&nf=1
Domain
duckproxy.com
URL
http://duckproxy.com/indexa.php?q=aHR0cDovL3d3dy5teXNoYXJlZC5ydS9zdGF0aWMvbmV3L2ltZy9iZ190aGVtZV8wMS5qcGc%3D
Domain
an.yandex.ru
URL
http://an.yandex.ru/system/context.js
Domain
duckproxy.com
URL
http://duckproxy.com/indexa.php?q=aHR0cDovL3d3dy5teXNoYXJlZC5ydS9zbGlkZS85NDcyOTEv
Domain
duckproxy.com
URL
http://duckproxy.com/static/new/js/vendor/jquery.min.js
Domain
www.myshared.ru
URL
http://www.myshared.ru/cache/0.9218215315713982/report/pixel.gif?type=pageview&domain_id=20&page_id=1&design_id=1&l=en-US&p=Win32&req_id=405629111482836&url=http%3A%2F%2Fduckproxy.com%2Findexa.php%3Fq%3DaHR0cDovL3d3dy5teXNoYXJlZC5ydS9zbGlkZS85NDcyOTEv
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/ga.js
Domain
mc.yandex.ru
URL
http://mc.yandex.ru/metrika/watch.js
Domain
duckproxy.com
URL
http://duckproxy.com/indexa.php?q=aHR0cDovL3d3dy5teXNoYXJlZC5ydS9zdGF0aWMvbmV3L2Nzcy9mb250YXdlc29tZS9mb250YXdlc29tZS13ZWJmb250LnR0Zg%3D%3D

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| addthis_config object| adsbygoogle function| loadScript string| u object| page_data object| js_loader undefined| returnExports string| top_host undefined| x object| _gaq function| loadAsyncScript function| loadCss function| decodeURIComponentX function| getCookie function| setCookie function| deleteCookie function| isCookieEnabled function| get_current_slide_id function| get_embed function| load_lib_lazyload function| setDayCookie object| vast_ads function| set_download_page_player_ad function| resize_frame function| viewport_detect function| load_social_likes function| handle_iframe_resize function| set_navbar_username function| resizer_similar function| get_slide_views_count function| show_social_likes function| copy_embed function| load_more_similars function| move_similars function| setAuthModalRecap function| setLoginRecap function| setRestoreRecap function| setNewMsgRecap function| setDownloadRecap function| show_restore_recap function| enable_download_button function| resize_thumbs function| search_page_resize_thumbs function| resize_download_similars function| main_page_resize_thumbs function| window_reload function| waitForFinalEvent function| on_set_layout function| resend_button_activate function| auth_modal_control function| search_view_mode_control function| show_social_shares function| search_form_control function| google_search_control function| user_feedback_control function| support_abuse_control function| dropzone_control function| profile_popup_modal_control function| auth_tabs_control function| user_auth_control function| user_profile_settings_control function| show_notification function| user_slides_control function| set_download_timer function| load_all_download_similars function| set_download_similars function| user_social_net_control function| resize_search_thumbs function| load_social_likes_scripts function| on_load_odnoklassniki function| on_load_vk function| view_mode_control function| common_functions function| enable_register_button function| validate_download_recaptcha function| load_lib_modals function| load_lib_dropzone function| on_ready function| on_load function| on_resize function| on_scroll function| set_onload_events function| set_libs_and_run function| on_load_jquery function| $ function| jQuery object| jQuery111306468509276405936 object| _gat object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| Ya object| yaCounter16744078 object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

26 Cookies

Domain/Path Name / Value
.duckproxy.com/indexa.php Name: plz_return
Value: /static/way/00042/20_12_1_1_b.js
.duckproxy.com/ Name: fvd
Value: 1664960398
.duckproxy.com/ Name: pv
Value: 1
.myshared.ru/ Name: uid
Value: lPtWbmM9R44sQzN6BvnUAg==
.myshared.ru/ Name: country
Value: DE
.myshared.ru/ Name: fvd
Value: 1664960398
.myshared.ru/ Name: pv
Value: 1
.myshared.ru/ Name: __utma
Value: 138063532.1575089129.1664960398.1664960398.1664960398.1
.myshared.ru/ Name: __utmc
Value: 138063532
.myshared.ru/ Name: __utmz
Value: 138063532.1664960398.1.1.utmcsr=duckproxy.com|utmccn=(referral)|utmcmd=referral|utmcct=/
.myshared.ru/ Name: __utmt
Value: 1
.myshared.ru/ Name: __utmb
Value: 138063532.1.10.1664960398
.myshared.ru/ Name: _ym_uid
Value: 1664960399674844317
.myshared.ru/ Name: _ym_d
Value: 1664960399
.myshared.ru/ Name: __gads
Value: ID=d8998c95cd95069d-225f957c3bce0028:T=1664960398:RT=1664960398:S=ALNI_MYPOc3RjbHLOQauQCxnDr4HTLWXjw
.myshared.ru/ Name: _ym_isad
Value: 2
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2411706319fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3895950259fake
.yandex.com/ Name: yandexuid
Value: 2560398331664960399
.yandex.com/ Name: yuidss
Value: 2560398331664960399
mc.yandex.com/ Name: yabs-sid
Value: 1941784421664960399
.yandex.com/ Name: i
Value: LgAB3sRjBKbPKZQtyZiHAG8JaoTdnHPhvpX+FmsCUOQHHizykUm+hP/Tysn5beyn2XpuwKxG9bPy/JS3607krpGC+rE=
.yandex.com/ Name: ymex
Value: 1696496399.yrts.1664960399#1696496399.yrtsi.1664960399
.myshared.ru/ Name: _ym_visorc
Value: b
.doubleclick.net/ Name: IDE
Value: AHWqTUmHJiqzlbRczTY7XFBK5eU0GLX6NNXv8nx5rUG4Uw-qghTaFFkDCtX5s6559B4
.doubleclick.net/ Name: DSID
Value: NO_DATA

4 Console Messages

Source Level URL
Text
javascript warning URL: http://duckproxy.com/indexa.php?q=aHR0cDovL3d3dy5teXNoYXJlZC5ydS9zbGlkZS85NDcyOTEv(Line 1815)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.myshared.ru/static/js/es5-shim.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://duckproxy.com/indexa.php?q=aHR0cDovL3d3dy5teXNoYXJlZC5ydS9zbGlkZS85NDcyOTEv(Line 1815)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.myshared.ru/static/js/es5-shim.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: http://www.myshared.ru/indexa.php
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9782.r1l0sGraISzY8QxmjMnTC0MId5KizWwDNNGz_q2g_CiGjiGg_SVVcc3uUfQGBjWuljluBwK-nOnKSUX5KgyP-w%2C%2C.-WOTaon3SFk6fZy1VOymxUS_PAE%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
an.yandex.ru
duckproxy.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.myshared.ru
an.yandex.ru
duckproxy.com
mc.yandex.ru
www.google-analytics.com
www.myshared.ru
148.251.86.110
166.62.10.188
2a00:1450:4001:800::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:828::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c1b::9d
2a00:1450:400d:805::2002
2a00:1450:400d:806::2001
2a00:1450:400d:806::200e
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2004
2a00:1450:400d:80c::200a
2a00:1450:400d:80e::2003
2a02:6b8::1:119
04bd40f9bc5d301f1c44628bd55fb217fa87aca7661a9443d0addc187b51b41c
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b3dfcfe97d043475a764d9c2f2072aa76cb46141e59eea505f16dd5bc8ab28e
1f2e9e940aa2294e1dc1f4d24631970127182541f9ce23c2fcd0dd3051baf92b
22f8dbc6723ceb57c93d0698eb5e52871ed3d0ccd382330f38e547ddd782b7eb
332f4b46e83d1c96f9e22e12ed588b666300f84687321b42f9c31994456cfabc
426a54ec1575b76fdaeac92564e1f5a798edd01855e14f744f21d97b090066fc
446ab1879f7ccffc46eb699ab327840b39cdc54027ea8026f0f4cf034b8eb40b
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4d2c1a2541e58d4e46cf76ecea2149d03583e093b57585241ff75a88ff39197b
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d726593d839a806106e604c9bbf02a7b425de7521aa069c176275cf47ac5bb9
5ec30bc469bcda0a48148673e0c86acdb392e7d2d0a0ec9aefed694151b5506b
5ff307b299a06a7fdc041485997a097cbda94349f27b4b16a642fba1f57cf05b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6262a222d27b3f82c8de7a4df461696c48306a97e21f05475597d36cdfae60e2
6efff8ce63d77eba89e9cc15af6dbccc657068130e89225fc662a0c580cea9b7
6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808
71ee321ff4bce777cf42174e2906f48b23e95938cb2126a6fd5a0146ec4a1e84
7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a61fe6e2743a18f977ac18a2f805735e8dccf115b16dbbbd2e3864ae98d4c33
a38923922c3e7f2ad0f96eacf2c43afdf821fbe91e3f1616230ee65dbb99053c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a76a8ee1b5102900287051ac64514672076ac0917b12ad0e49fe67686f388794
a7c7e4930090e038a280fd61d88f0dc03dad4aeaedbd8c9be3dd9aa4c3b6f8d1
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a907bf00f2d303f643c737c412cf3c242b9b80ff902cf82bbf6e0308846e612c
b49c320616e32c8ffb9262403a4fddc81209c1eaf5e8ee5563b0c192fb282d01
c0c19a6bc41c6ab692846edd94ce5588678d4183d6f960e10cfabe5a11adc50a
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c4354b3b23a0cf384314f4fe0e9517874293f9414733508517066063f5d0b129
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407
e11af5386165151881adbd4a084a62e90fa237e66aa8a01a796476062d320e53
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6c49919ca0529bf7635691f757cca429c47564789d3c1415b112b3dddd802a
f0a71f4817d640c25c4372849db07dbed25140d90b7ed38df42f103486f0c600
f522807c23c0c4b4893292fae1ec1c8e330045862eb6c0d4abb9de117923dad9
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a