microsoftclub.ru Open in urlscan Pro
185.11.247.37 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://microsoftclub.ru/
Submission Tags: @phishunt_io
Submission: On November 19 via api (November 19th 2020, 12:40:35 am UTC) from ES

Summary HTTP 51 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 15 domains to perform 51 HTTP transactions. The main IP is 185.11.247.37, located in Russian Federation and belongs to RUWEB RuWeb LLC, Moscow, Russia, RU. The main domain is microsoftclub.ru.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 18th 2020. Valid for: 3 months.

This is the only time microsoftclub.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	185.11.247.37 185.11.247.37	49189 (RUWEB RuW...) (RUWEB RuWeb LLC)
19	151.236.71.248 151.236.71.248	204720 (CDNETWORKS) (CDNETWORKS)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	185.154.53.214 185.154.53.214	210079 (EUROBYTE ...) (EUROBYTE Eurobyte LLC)
5	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	80.239.201.123 80.239.201.123	1299 (TELIANET ...) (TELIANET Telia Carrier)
1	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
51	13

1 185.11.247.37 (Russian Federation)

ASN49189 (RUWEB RuWeb LLC, Moscow, Russia, RU)
PTR: trader-blogger.com

microsoftclub.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 151.236.71.248 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)

hjplb2qzsf.a.trbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.154.53.214 (Russian Federation)

ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU)
PTR: 185.154.53.214

pushvip.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.239.201.123 (Ascension Island)

ASN1299 (TELIANET Telia Carrier, EU)
PTR: 80-239-201-123.teliacarrier-cust.com

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	trbcdn.net hjplb2qzsf.a.trbcdn.net	94 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	197 KB
5	gstatic.com fonts.gstatic.com	45 KB
4	yandex.ru 1 redirects mc.yandex.ru	2 KB
4	doubleclick.net googleads.g.doubleclick.net
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	34 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	803 B
1	google.de adservice.google.de	803 B
1	googleadservices.com partner.googleadservices.com	645 B
1	webvisor.org mc.webvisor.org	290 B
1	jsdelivr.net cdn.jsdelivr.net	112 KB
1	pushvip.ru pushvip.ru	30 KB
1	microsoftclub.ru microsoftclub.ru	12 KB
0	webmastermaksim.net Failed tizer.webmastermaksim.net Failed
51	15

	Domain	Requested by
19	hjplb2qzsf.a.trbcdn.net	microsoftclub.ru hjplb2qzsf.a.trbcdn.net
5	fonts.gstatic.com	fonts.googleapis.com
5	pagead2.googlesyndication.com	microsoftclub.ru pagead2.googlesyndication.com
4	mc.yandex.ru	1 redirects microsoftclub.ru cdn.jsdelivr.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	mc.webvisor.org	microsoftclub.ru
1	cdn.jsdelivr.net	microsoftclub.ru
1	pushvip.ru	microsoftclub.ru
1	ajax.googleapis.com	microsoftclub.ru
1	fonts.googleapis.com	microsoftclub.ru
1	microsoftclub.ru
0	tizer.webmastermaksim.net Failed	microsoftclub.ru
51	17

This site contains no links.

Subject Issuer	Validity	Valid
microsoftclub.ru Let's Encrypt Authority X3	`2020-11-18` - `2021-02-16`	3 months	crt.sh
a.trbcdn.net Let's Encrypt Authority X3	`2020-11-08` - `2021-02-06`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
pushvip.ru Let's Encrypt Authority X3	`2020-09-17` - `2020-12-16`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
mc.webvisor.com Yandex CA	`2020-09-29` - `2021-03-23`	6 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://microsoftclub.ru/
Frame ID: E157EFA1672A2088B54FBB8BB7C8B7E3
Requests: 55 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html
Frame ID: A9063AE5D683E0DB979ED436292C3800
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-6344911352390183&output=html&h=600&slotname=2982987669&adk=1358713305&adf=278321112&pi=t.ma~as.2982987669&w=200&lmt=1605746418&psa=0&format=200x600&url=https%3A%2F%2Fmicrosoftclub.ru%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605746418558&bpp=17&bdt=577&idt=131&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3953347105475&frm=20&pv=2&ga_vid=1498249375.1605746419&ga_sid=1605746419&ga_hid=173685195&ga_fc=0&iag=0&icsg=547487744&dssz=31&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=848&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=4267035647892622&pem=576&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=V3SFRVexMC&p=https%3A//microsoftclub.ru&dtd=152
Frame ID: 0E48F2A5FCB49F54A9D28FA57C670947
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-6344911352390183&output=html&adk=1812271804&adf=3025194257&lmt=1605746418&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fmicrosoftclub.ru%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605746418607&bpp=1&bdt=626&idt=111&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600&nras=1&correlator=3953347105475&frm=20&pv=1&ga_vid=1498249375.1605746419&ga_sid=1605746419&ga_hid=173685195&ga_fc=0&iag=0&icsg=34907226112&dssz=32&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=4267035647892622&pem=576&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=120
Frame ID: 616282568C3A8D70671F8F7FCE55F520
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html?fsb=1
Frame ID: CF97E384F16EDC228CDE3C95D0153FA6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 332993D71402A8196CF7C62D0B915B22
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

51
Requests

94 %
HTTPS

58 %
IPv6

15
Domains

17
Subdomains

13
IPs

4
Countries

553 kB
Transfer

1487 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://mc.yandex.ru/watch/39507080?wmode=7&page-url=https%3A%2F%2Fmicrosoftclub.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605746415957%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201119014018%3Aet%3A1605746419%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1401358725395%3Arqn%3A1%3Arn%3A773338869%3Ahid%3A790808743%3Ads%3A100%2C148%2C1772%2C1%2C0%2C0%2C0%2C598%2C6%2C%2C%2C%2C2646%3Afp%3A2451%3Awn%3A28267%3Ahl%3A2%3Agdpr%3A14%3Av%3A1979%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605746419%3Au%3A1605746419384665287%3Ahi%3A%3At%3AMicrosoftClub.ru HTTP 302
https://mc.yandex.ru/watch/39507080/1?wmode=7&page-url=https%3A%2F%2Fmicrosoftclub.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605746415957%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201119014018%3Aet%3A1605746419%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1401358725395%3Arqn%3A1%3Arn%3A773338869%3Ahid%3A790808743%3Ads%3A100%2C148%2C1772%2C1%2C0%2C0%2C0%2C598%2C6%2C%2C%2C%2C2646%3Afp%3A2451%3Awn%3A28267%3Ahl%3A2%3Agdpr%3A14%3Av%3A1979%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605746419%3Au%3A1605746419384665287%3Ahi%3A%3At%3AMicrosoftClub.ru

51 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
microsoftclub.ru/ 51 KB
12 KB 2020ms
1772ms Document
text/html 185.11.247.37
RUWEB RuWeb LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoftclub.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.11.247.37 , Russian Federation, ASN49189 (RUWEB RuWeb LLC, Moscow, Russia, RU),

Reverse DNS

trader-blogger.com

Software

nginx/1.16.1 /

Resource Hash

6cf9a7183c70b3fb33cc2f4bc1edb7037a282ddc618a41abafa8b999443f3283

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:method: GET
:authority: microsoftclub.ru
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx/1.16.1
date: Thu, 19 Nov 2020 00:40:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000;

GET
H2 200 font-awesome.min-7a8117e9a41a3693b56922a8f1a6d10c.css
hjplb2qzsf.a.trbcdn.net/wp-content/cache/min/1/font-awesome/4.7.0/css/ 31 KB
7 KB 362ms
234ms Stylesheet
text/css 151.236.71.248
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjplb2qzsf.a.trbcdn.net/wp-content/cache/min/1/font-awesome/4.7.0/css/font-awesome.min-7a8117e9a41a3693b56922a8f1a6d10c.css

Requested by

Host: microsoftclub.ru
URL: https://microsoftclub.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),

Reverse DNS

Software

nginx /

Resource Hash

70b6bf5a0c9c29b727bb77c5855835012c808dc3baa04b42050fa2205fc3bc00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:40:18 GMT
content-encoding: gzip
last-modified: Tue, 08 Sep 2020 06:16:34 GMT
server: nginx
etag: W/"5f5721c2-7a5f"
strict-transport-security: max-age=31536000;
content-type: text/css
cache-control: max-age=864000
expires: Fri, 18 Sep 2020 08:02:06 GMT

GET
H2 200 wpel-b4a92e08ae40b6c59f9600651c45cdba.css
hjplb2qzsf.a.trbcdn.net/wp-content/cache/min/1/wp-content/plugins/wp-external-links/public/css/ 3 KB
587 B 323ms
196ms Stylesheet
text/css 151.236.71.248
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjplb2qzsf.a.trbcdn.net/wp-content/cache/min/1/wp-content/plugins/wp-external-links/public/css/wpel-b4a92e08ae40b6c59f9600651c45cdba.css

Requested by

Host: microsoftclub.ru
URL: https://microsoftclub.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),

Reverse DNS

Software

nginx /

Resource Hash

633e58c95a66e4712da5f76ba33d1e1840971da207c26e2ad6a0de575554c5c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:40:18 GMT
content-encoding: gzip
last-modified: Tue, 08 Sep 2020 06:16:34 GMT
server: nginx
etag: W/"5f5721c2-ba3"
strict-transport-security: max-age=31536000;
content-type: text/css
cache-control: max-age=864000
expires: Sat, 26 Sep 2020 11:45:59 GMT

GET
H2 200 postratings-css-9962705b780cbd26ed0b7ef51efb73f9.css
hjplb2qzsf.a.trbcdn.net/wp-content/cache/min/1/wp-content/plugins/wp-postratings/css/ 286 B
387 B 363ms
236ms Stylesheet
text/css 151.236.71.248
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjplb2qzsf.a.trbcdn.net/wp-content/cache/min/1/wp-content/plugins/wp-postratings/css/postratings-css-9962705b780cbd26ed0b7ef51efb73f9.css

Requested by

Host: microsoftclub.ru
URL: https://microsoftclub.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),

Reverse DNS

Software

nginx /

Resource Hash

3d138b2397bc5493f655d6851c415468642419de9f335de648093c8d8a1d407c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:40:18 GMT
content-encoding: gzip
last-modified: Tue, 08 Sep 2020 06:16:34 GMT
server: nginx
etag: W/"5f5721c2-11e"
strict-transport-security: max-age=31536000;
content-type: text/css
cache-control: max-age=864000
expires: Sat, 19 Sep 2020 17:03:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 36ms
16ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans%3Aregular%2Citalic%2C700%2C700italic&subset=latin%2Ccyrillic&display=swap

Requested by

Host: microsoftclub.ru
URL: https://microsoftclub.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1f25bcd90ad3f11569b996f6878119ca2a33d6258a80826c8d340baa0e6554ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 00:40:18 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Thu, 19 Nov 2020 00:40:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 19 Nov 2020 00:40:18 GMT

GET
H2 200 style-4e5a81abb64a28c9d4bcc5ada2f70a86.css
hjplb2qzsf.a.trbcdn.net/wp-content/cache/min/1/wp-content/themes/simplepuzzle/ 54 KB
12 KB 323ms
196ms Stylesheet
text/css 151.236.71.248
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjplb2qzsf.a.trbcdn.net/wp-content/cache/min/1/wp-content/themes/simplepuzzle/style-4e5a81abb64a28c9d4bcc5ada2f70a86.css

Requested by

Host: microsoftclub.ru
URL: https://microsoftclub.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),

Reverse DNS

Software

nginx /

Resource Hash

060d18f21b0bbfe31fb86ac0a81d6df1e41f214aa4f169b0736e10a886cc533e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:40:18 GMT
content-encoding: gzip
last-modified: Tue, 08 Sep 2020 06:16:34 GMT
server: nginx
etag: W/"5f5721c2-d8d8"
strict-transport-security: max-age=31536000;
content-type: text/css
cache-control: max-age=864000
expires: Sun, 27 Sep 2020 17:44:51 GMT

GET
H2 200 amp-9dfe8785668d77f606d2570dc4342354.css
hjplb2qzsf.a.trbcdn.net/wp-content/cache/min/1/wp-content/plugins/spns_wp_plugin/assets/css/ 28 B
259 B 325ms
198ms Stylesheet
text/css 151.236.71.248
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjplb2qzsf.a.trbcdn.net/wp-content/cache/min/1/wp-content/plugins/spns_wp_plugin/assets/css/amp-9dfe8785668d77f606d2570dc4342354.css

Requested by

Host: microsoftclub.ru
URL: https://microsoftclub.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),

Reverse DNS

Software

nginx /

Resource Hash

02aeeefc143ac9975d0e79a1a2b1d5d13f997e50108b9362cdd4dc8ea3c1acfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:40:18 GMT
content-encoding: gzip
last-modified: Tue, 08 Sep 2020 06:16:34 GMT
server: nginx
etag: W/"5f5721c2-1c"
strict-transport-security: max-age=31536000;
content-type: text/css
cache-control: max-age=864000
expires: Mon, 21 Sep 2020 05:15:45 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1/ 94 KB
33 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js

Requested by

Host: microsoftclub.ru
URL: https://microsoftclub.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 11:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134716
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Nov 2021 11:15:02 GMT

GET
H2 200 acp_script-fc921ef603f340e9a70e13f878b94dba.js Show response
hjplb2qzsf.a.trbcdn.net/wp-content/cache/min/1/wp-content/plugins/anticopypaste/js/ 1 KB
753 B 213ms
213ms Script
application/javascript 151.236.71.248
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjplb2qzsf.a.trbcdn.net/wp-content/cache/min/1/wp-content/plugins/anticopypaste/js/acp_script-fc921ef603f340e9a70e13f878b94dba.js

Requested by

Host: microsoftclub.ru
URL: https://microsoftclub.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),

Reverse DNS

Software

nginx /

Resource Hash

5bf26f5c16e35e6c2114a0594f8c5a7079d8bd58779ba47276d5c2e5f052c1f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:40:18 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 17:39:58 GMT
server: nginx
etag: W/"5ea0816e-41c"
strict-transport-security: max-age=31536000;
content-type: application/javascript
cache-control: max-age=864000
expires: Sat, 02 May 2020 17:39:59 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 130 KB
45 KB 45ms
24ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: microsoftclub.ru
URL: https://microsoftclub.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86b34decfab5ee3b8db9b14455db492beaf07692e705eb17ae164185c22dcbad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:40:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45471
x-xss-protection: 0
server: cafe
etag: 1457983499044672765
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 19 Nov 2020 00:40:18 GMT

GET
H2 200 postratings-js-2cf728ac67deb387ad2be4dc8274ee62.js Show response
hjplb2qzsf.a.trbcdn.net/wp-content/cache/min/1/wp-content/plugins/wp-postratings/js/ 3 KB
950 B 221ms
219ms Script
application/javascript 151.236.71.248
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjplb2qzsf.a.trbcdn.net/wp-content/cache/min/1/wp-content/plugins/wp-postratings/js/postratings-js-2cf728ac67deb387ad2be4dc8274ee62.js

Requested by

Host: microsoftclub.ru
URL: https://microsoftclub.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),

Reverse DNS

Software

nginx /

Resource Hash

b26a9f4046a38435e4089392215a7e5a0b897cae8d7a7fde0e91c28f39f77c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:40:18 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 17:39:58 GMT
server: nginx
etag: W/"5ea0816e-cf5"
strict-transport-security: max-age=31536000;
content-type: application/javascript
cache-control: max-age=864000
expires: Sat, 02 May 2020 17:39:59 GMT

GET
H2 200 jquery.bxslider.min.js Show response
hjplb2qzsf.a.trbcdn.net/wp-content/themes/simplepuzzle/js/ 19 KB
5 KB 195ms
193ms Script
application/javascript 151.236.71.248
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjplb2qzsf.a.trbcdn.net/wp-content/themes/simplepuzzle/js/jquery.bxslider.min.js

Requested by

Host: microsoftclub.ru
URL: https://microsoftclub.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),

Reverse DNS

Software

nginx /

Resource Hash

bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:40:18 GMT
content-encoding: gzip
last-modified: Thu, 22 Feb 2018 12:51:38 GMT
server: nginx
etag: W/"5a8ebcda-4b9f"
strict-transport-security: max-age=31536000;
content-type: application/javascript
cache-control: max-age=864000
expires: Fri, 31 May 2019 11:58:31 GMT

GET
H2 200 svg4everybody.min.js Show response
hjplb2qzsf.a.trbcdn.net/wp-content/themes/simplepuzzle/js/ 2 KB
1 KB 214ms
212ms Script
application/javascript 151.236.71.248
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjplb2qzsf.a.trbcdn.net/wp-content/themes/simplepuzzle/js/svg4everybody.min.js

Requested by

Host: microsoftclub.ru
URL: https://microsoftclub.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),

Reverse DNS

Software

nginx /

Resource Hash

02a05aeb2639151982c9862961388e634f26c863681771a16761abb2c5fec12f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:40:18 GMT
content-encoding: gzip
last-modified: Thu, 22 Feb 2018 12:51:38 GMT
server: nginx
etag: W/"5a8ebcda-64b"
strict-transport-security: max-age=31536000;
content-type: application/javascript
cache-control: max-age=864000
expires: Fri, 31 May 2019 11:59:25 GMT

GET
H2 200 functions-82a8b5edbb4dd015ef47fba1e7544a64.js Show response
hjplb2qzsf.a.trbcdn.net/wp-content/cache/min/1/wp-content/themes/simplepuzzle/js/ 3 KB
1 KB 228ms
226ms Script
application/javascript 151.236.71.248
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjplb2qzsf.a.trbcdn.net/wp-content/cache/min/1/wp-content/themes/simplepuzzle/js/functions-82a8b5edbb4dd015ef47fba1e7544a64.js

Requested by

Host: microsoftclub.ru
URL: https://microsoftclub.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),

Reverse DNS

Software

nginx /

Resource Hash

b5fd8d626e7aeb5bc812fb3625eaf5e2000f98dc68d9032fee106d6fe5cca9a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:40:18 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 17:39:58 GMT
server: nginx
etag: W/"5ea0816e-a78"
strict-transport-security: max-age=31536000;
content-type: application/javascript
cache-control: max-age=864000
expires: Sat, 02 May 2020 17:49:47 GMT

GET
H2 200 q2w3-fixed-widget.min.js Show response
hjplb2qzsf.a.trbcdn.net/wp-content/plugins/q2w3-fixed-widget/js/ 4 KB
2 KB 232ms
231ms Script
application/javascript 151.236.71.248
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjplb2qzsf.a.trbcdn.net/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js

Requested by

Host: microsoftclub.ru
URL: https://microsoftclub.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),

Reverse DNS

Software

nginx /

Resource Hash

9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:40:18 GMT
content-encoding: gzip
last-modified: Sat, 25 May 2019 04:59:11 GMT
server: nginx
etag: W/"5ce8cb9f-1108"
strict-transport-security: max-age=31536000;
content-type: application/javascript
cache-control: max-age=864000
expires: Mon, 10 Jun 2019 12:55:50 GMT

GET
H2 200 frontend-9d9943f02220bccdfef4632f90561ba5.js Show response
hjplb2qzsf.a.trbcdn.net/wp-content/cache/min/1/wp-content/plugins/spns_wp_plugin/assets/js/ 1 KB
764 B 195ms
194ms Script
application/javascript 151.236.71.248
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjplb2qzsf.a.trbcdn.net/wp-content/cache/min/1/wp-content/plugins/spns_wp_plugin/assets/js/frontend-9d9943f02220bccdfef4632f90561ba5.js

Requested by

Host: microsoftclub.ru
URL: https://microsoftclub.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),

Reverse DNS

Software

nginx /

Resource Hash

58db6dd92b4f0713185dc390d8fe9f16f85741bf312b3ac3de0535489e73bade

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:40:18 GMT
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 17:39:58 GMT
server: nginx
etag: W/"5ea0816e-42a"
strict-transport-security: max-age=31536000;
content-type: application/javascript
cache-control: max-age=864000
expires: Sat, 02 May 2020 17:39:59 GMT

GET
H/1.1 200
OK 105982536 Show response
pushvip.ru/integration/build/ 126 KB
30 KB 491ms
156ms Script
application/javascript 185.154.53.214
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://pushvip.ru/integration/build/105982536
Requested by: Host: microsoftclub.ru
URL: https://microsoftclub.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.154.53.214 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS: 185.154.53.214
Software: nginx / PHP/7.2.34
Resource Hash: 43e68e65a20d4562f9b1105e0c99fb17903fb36e5bf52ed31cefcb0412925157

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 19 Nov 2020 00:40:18 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.2.34
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=180
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 lazyload.min.js Show response
hjplb2qzsf.a.trbcdn.net/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 229ms
228ms Script
application/javascript 151.236.71.248
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjplb2qzsf.a.trbcdn.net/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js

Requested by

Host: microsoftclub.ru
URL: https://microsoftclub.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),

Reverse DNS

Software

nginx /

Resource Hash

6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:40:18 GMT
content-encoding: gzip
last-modified: Fri, 06 Nov 2020 14:55:33 GMT
server: nginx
etag: W/"5fa563e5-1ed2"
strict-transport-security: max-age=31536000;
content-type: application/javascript
cache-control: max-age=864000
expires: Tue, 17 Nov 2020 16:38:49 GMT

GET social.svg
hjplb2qzsf.a.trbcdn.net/wp-content/themes/simplepuzzle/svg/ 0
0

GET
H2 200 chapka.jpeg
hjplb2qzsf.a.trbcdn.net/wp-content/uploads/2017/02/ 8 KB
8 KB 211ms
211ms Image
image/jpeg 151.236.71.248
CDNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hjplb2qzsf.a.trbcdn.net/wp-content/uploads/2017/02/chapka.jpeg

Requested by

Host: microsoftclub.ru
URL: https://microsoftclub.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),

Reverse DNS

Software

nginx /

Resource Hash

12b41e0733ba0d4a50185c5f654ef390f288d57792475c1718099f36123eff7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:40:18 GMT
last-modified: Thu, 23 Feb 2017 14:35:44 GMT
server: nginx
etag: "58aef340-20f0"
strict-transport-security: max-age=31536000;
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 8432
expires: Sun, 02 Jun 2019 07:49:58 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
fonts.gstatic.com/s/ptsans/v12/ 11 KB
11 KB 26ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%3Aregular%2Citalic%2C700%2C700italic&subset=latin%2Ccyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb74816a9aaed49f7b58ffbfead623f50686271a551d77a3ed95a56a56e40dbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://microsoftclub.ru
Referer: https://fonts.googleapis.com/css?family=PT+Sans%3Aregular%2Citalic%2C700%2C700italic&subset=latin%2Ccyrillic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 09:05:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:37 GMT
server: sffe
age: 142490
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11504
x-xss-protection: 0
expires: Wed, 17 Nov 2021 09:05:28 GMT

GET
H2 200 jizaRExUiTo99u79D0aExcOPIDUg-g.woff2
fonts.gstatic.com/s/ptsans/v12/ 7 KB
7 KB 25ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0aExcOPIDUg-g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%3Aregular%2Citalic%2C700%2C700italic&subset=latin%2Ccyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

001c2984ebf5eb5558b1039695d020c76566d2c272a49cc10d24c5a3fe4596d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://microsoftclub.ru
Referer: https://fonts.googleapis.com/css?family=PT+Sans%3Aregular%2Citalic%2C700%2C700italic&subset=latin%2Ccyrillic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 09:05:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:01 GMT
server: sffe
age: 142476
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7124
x-xss-protection: 0
expires: Wed, 17 Nov 2021 09:05:42 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0OqtLR8a8zILig.woff2
fonts.gstatic.com/s/ptsans/v12/ 7 KB
7 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0OqtLR8a8zILig.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%3Aregular%2Citalic%2C700%2C700italic&subset=latin%2Ccyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bdf385cb758b680074163b0975f9f85425125f332deaae55ecb83d910895286

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://microsoftclub.ru
Referer: https://fonts.googleapis.com/css?family=PT+Sans%3Aregular%2Citalic%2C700%2C700italic&subset=latin%2Ccyrillic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 10:03:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:11 GMT
server: sffe
age: 398214
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7152
x-xss-protection: 0
expires: Sun, 14 Nov 2021 10:03:24 GMT

GET
H3-Q050 200 jizaRExUiTo99u79D0KExcOPIDU.woff2
fonts.gstatic.com/s/ptsans/v12/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExcOPIDU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%3Aregular%2Citalic%2C700%2C700italic&subset=latin%2Ccyrillic&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://microsoftclub.ru
Referer: https://fonts.googleapis.com/css?family=PT+Sans%3Aregular%2Citalic%2C700%2C700italic&subset=latin%2Ccyrillic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 09:05:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:11 GMT
server: sffe
age: 142476
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11380
x-xss-protection: 0
expires: Wed, 17 Nov 2021 09:05:42 GMT

GET 46
tizer.webmastermaksim.net/output/index/ 0
0

GET social.svg
hjplb2qzsf.a.trbcdn.net/wp-content/themes/simplepuzzle/svg/ 0
0

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0cb06b1532461eb2cd2ba5b6aa101d4d67ccd998de80b5dcac8945f3e20e893a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27886cd5841021a465dcc615c7095807160e1838f9563e5b9a8357849c9aae1f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3efd2d81165c1b47f4ea64c85d88cd8ff5580be660ceab4d4dd5afabbb267ff4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a00262dbb6a62363aaf483520f75ef5e6364b6eef606a66b2860d2d240d5b3f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4805496b7492b3ad994fdb6ed5596988af463761c0e77fa9a5030c4e2f253f2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ae8524ebd9cbe008b72ccf2116d2d822b244f0ac234265ae0c592f61d78f89f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 327f25b8807e82a8479a0eb23d082e335a8f8023b7e209dfec0688db9a34ab97

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02aefef309b1df5a8cea2d4e2b74f33561bc1a7be398a2898bed3265d86e5db7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50f6549744c5b8521c09ca920d1baeb816ab8b35ac22b8ff4475fff99e88d335

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 sprite.svg
hjplb2qzsf.a.trbcdn.net/wp-content/themes/simplepuzzle/svg/ 12 KB
5 KB 241ms
240ms Image
image/svg+xml 151.236.71.248
CDNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hjplb2qzsf.a.trbcdn.net/wp-content/themes/simplepuzzle/svg/sprite.svg

Requested by

Host: hjplb2qzsf.a.trbcdn.net
URL: https://hjplb2qzsf.a.trbcdn.net/wp-content/cache/min/1/wp-content/themes/simplepuzzle/style-4e5a81abb64a28c9d4bcc5ada2f70a86.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),

Reverse DNS

Software

nginx /

Resource Hash

815ee8689919badb3b5e68fbb49e4bad0cb6a5c708b30bda6212beb1c5c13ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://hjplb2qzsf.a.trbcdn.net/wp-content/cache/min/1/wp-content/themes/simplepuzzle/style-4e5a81abb64a28c9d4bcc5ada2f70a86.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:40:18 GMT
content-encoding: gzip
last-modified: Thu, 22 Feb 2018 12:51:38 GMT
server: nginx
etag: W/"5a8ebcda-2f93"
strict-transport-security: max-age=31536000;
content-type: image/svg+xml
cache-control: max-age=864000
expires: Fri, 31 May 2019 11:23:48 GMT

GET
H2 200 readmore.svg
hjplb2qzsf.a.trbcdn.net/wp-content/themes/simplepuzzle/svg/ 1 KB
833 B 217ms
216ms Image
image/svg+xml 151.236.71.248
CDNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hjplb2qzsf.a.trbcdn.net/wp-content/themes/simplepuzzle/svg/readmore.svg

Requested by

Host: hjplb2qzsf.a.trbcdn.net
URL: https://hjplb2qzsf.a.trbcdn.net/wp-content/cache/min/1/wp-content/themes/simplepuzzle/style-4e5a81abb64a28c9d4bcc5ada2f70a86.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),

Reverse DNS

Software

nginx /

Resource Hash

f8cad2fad9103c31e0736211ed9a7aa883cd42c4b751948373ff5dcc7df69d99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://hjplb2qzsf.a.trbcdn.net/wp-content/cache/min/1/wp-content/themes/simplepuzzle/style-4e5a81abb64a28c9d4bcc5ada2f70a86.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:40:18 GMT
content-encoding: gzip
last-modified: Thu, 22 Feb 2018 12:51:38 GMT
server: nginx
etag: W/"5a8ebcda-489"
strict-transport-security: max-age=31536000;
content-type: image/svg+xml
cache-control: max-age=864000
expires: Sun, 02 Jun 2019 15:06:29 GMT

GET
H3-Q050 200 jizYRExUiTo99u79D0e0w8mIAjcQ-woy.woff2
fonts.gstatic.com/s/ptsans/v12/ 8 KB
8 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizYRExUiTo99u79D0e0w8mIAjcQ-woy.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%3Aregular%2Citalic%2C700%2C700italic&subset=latin%2Ccyrillic&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1452e0607616a52a651603b1d2958d55f51cea6ce317a273a0f1f86daced1711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://microsoftclub.ru
Referer: https://fonts.googleapis.com/css?family=PT+Sans%3Aregular%2Citalic%2C700%2C700italic&subset=latin%2Ccyrillic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 22:42:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:31 GMT
server: sffe
age: 525492
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8004
x-xss-protection: 0
expires: Fri, 12 Nov 2021 22:42:06 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/ 231 KB
87 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:40:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88601
x-xss-protection: 0
server: cafe
etag: 4353532171737760018
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Nov 2020 00:40:18 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/ Frame A906 0
0 8ms
5ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201112/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://microsoftclub.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://microsoftclub.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 18 Nov 2020 01:33:36 GMT
expires: Wed, 02 Dec 2020 01:33:36 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 83202
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 tag.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 370 KB
112 KB 21ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Requested by

Host: microsoftclub.ru
URL: https://microsoftclub.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cdb9545c62aaf4e17b458cc191b78118e72b34a06ff9af756772aa05761d2e50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 15487
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 113922
etag: W/"5c826-SrYt86E0q0LOJZfToZp/I3BFPdU"
x-served-by: cache-fra19147-FRA, cache-hhn4037-HHN
date: Thu, 19 Nov 2020 00:40:18 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 rating_over.gif
hjplb2qzsf.a.trbcdn.net/wp-content/plugins/wp-postratings/images/stars_crystal/ 1009 B
1 KB 217ms
216ms Image
image/gif 151.236.71.248
CDNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hjplb2qzsf.a.trbcdn.net/wp-content/plugins/wp-postratings/images/stars_crystal/rating_over.gif

Requested by

Host: microsoftclub.ru
URL: https://microsoftclub.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),

Reverse DNS

Software

nginx /

Resource Hash

d4cc3dfa1061aedf2533cf134f9d584568bc41a25090fb7ce77c5cdbec6c37e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:40:18 GMT
last-modified: Thu, 13 Aug 2020 08:26:17 GMT
server: nginx
etag: "5f34f929-3f1"
strict-transport-security: max-age=31536000;
content-type: image/gif
cache-control: max-age=864000
accept-ranges: bytes
content-length: 1009
expires: Mon, 24 Aug 2020 07:09:40 GMT

GET
H2 200 1695833755.jpg
hjplb2qzsf.a.trbcdn.net/wp-content/uploads/2019/06/ 19 KB
19 KB 203ms
202ms Image
image/jpeg 151.236.71.248
CDNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hjplb2qzsf.a.trbcdn.net/wp-content/uploads/2019/06/1695833755.jpg

Requested by

Host: microsoftclub.ru
URL: https://microsoftclub.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),

Reverse DNS

Software

nginx /

Resource Hash

7ca32ff7f77b92ef1795607960f9515e140e3580e87018d4fe4e0acde2dee9b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:40:18 GMT
last-modified: Sun, 16 Jun 2019 17:19:21 GMT
server: nginx
etag: "5d067a19-4b17"
strict-transport-security: max-age=31536000;
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 19223
expires: Thu, 27 Jun 2019 02:35:39 GMT

GET
H2 200 sony-vegas-pro.jpg
hjplb2qzsf.a.trbcdn.net/wp-content/uploads/2019/06/ 24 KB
24 KB 237ms
237ms Image
image/jpeg 151.236.71.248
CDNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hjplb2qzsf.a.trbcdn.net/wp-content/uploads/2019/06/sony-vegas-pro.jpg

Requested by

Host: microsoftclub.ru
URL: https://microsoftclub.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),

Reverse DNS

Software

nginx /

Resource Hash

197c42ffb4ac24735050d503729009d57f4b72616340f905ec65ed682a0a35d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:40:18 GMT
last-modified: Sun, 16 Jun 2019 17:11:58 GMT
server: nginx
etag: "5d06785e-5f83"
strict-transport-security: max-age=31536000;
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 24451
expires: Sat, 10 Aug 2019 14:21:37 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/39507080/
Redirect Chain

https://mc.yandex.ru/watch/39507080?wmode=7&page-url=https%3A%2F%2Fmicrosoftclub.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605746415957%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A21661362...
https://mc.yandex.ru/watch/39507080/1?wmode=7&page-url=https%3A%2F%2Fmicrosoftclub.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605746415957%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613...

186 B
277 B

45ms
44ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/39507080/1?wmode=7&page-url=https%3A%2F%2Fmicrosoftclub.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605746415957%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201119014018%3Aet%3A1605746419%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1401358725395%3Arqn%3A1%3Arn%3A773338869%3Ahid%3A790808743%3Ads%3A100%2C148%2C1772%2C1%2C0%2C0%2C0%2C598%2C6%2C%2C%2C%2C2646%3Afp%3A2451%3Awn%3A28267%3Ahl%3A2%3Agdpr%3A14%3Av%3A1979%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605746419%3Au%3A1605746419384665287%3Ahi%3A%3At%3AMicrosoftClub.ru

Requested by

Host: microsoftclub.ru
URL: https://microsoftclub.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

9e1c623e5205017d5c6e7b7e745fc11d27bdda7925053eee0889fde0f5908d31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 00:40:18 GMT
x-content-type-options: nosniff
last-modified: Thu, 19-Nov-2020 00:40:18 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://microsoftclub.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 186
x-xss-protection: 1; mode=block
expires: Thu, 19-Nov-2020 00:40:18 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Nov 2020 00:40:18 GMT
last-modified: Thu, 19-Nov-2020 00:40:18 GMT
location: /watch/39507080/1?wmode=7&page-url=https%3A%2F%2Fmicrosoftclub.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605746415957%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201119014018%3Aet%3A1605746419%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1401358725395%3Arqn%3A1%3Arn%3A773338869%3Ahid%3A790808743%3Ads%3A100%2C148%2C1772%2C1%2C0%2C0%2C0%2C598%2C6%2C%2C%2C%2C2646%3Afp%3A2451%3Awn%3A28267%3Ahl%3A2%3Agdpr%3A14%3Av%3A1979%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605746419%3Au%3A1605746419384665287%3Ahi%3A%3At%3AMicrosoftClub.ru
strict-transport-security: max-age=31536000
access-control-allow-origin: https://microsoftclub.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 19-Nov-2020 00:40:18 GMT

GET
H2 200 advert.gif
mc.webvisor.org/metrika/ 43 B
290 B 173ms
56ms Image
image/gif 80.239.201.123
TELIANET Telia Ca...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/metrika/advert.gif

Requested by

Host: microsoftclub.ru
URL: https://microsoftclub.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

80.239.201.123 , Ascension Island, ASN1299 (TELIANET Telia Carrier, EU),

Reverse DNS

80-239-201-123.teliacarrier-cust.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:40:18 GMT
last-modified: Wed, 18 Nov 2020 17:55:22 GMT
etag: "5fb5208c-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 19 Nov 2020 01:40:18 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
645 B 114ms
40ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=microsoftclub.ru&callback=_gfp_s_&client=ca-pub-6344911352390183

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

3e20328e462db6abf9014bfc85103ca581716ccf4cffe53b3c3777d25c72af39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:40:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 35ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=microsoftclub.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 00:40:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 36ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=microsoftclub.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 00:40:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0E48 0
0 287ms
287ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-6344911352390183&output=html&h=600&slotname=2982987669&adk=1358713305&adf=278321112&pi=t.ma~as.2982987669&w=200&lmt=1605746418&psa=0&format=200x600&url=https%3A%2F%2Fmicrosoftclub.ru%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605746418558&bpp=17&bdt=577&idt=131&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3953347105475&frm=20&pv=2&ga_vid=1498249375.1605746419&ga_sid=1605746419&ga_hid=173685195&ga_fc=0&iag=0&icsg=547487744&dssz=31&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=848&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=4267035647892622&pem=576&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=V3SFRVexMC&p=https%3A//microsoftclub.ru&dtd=152

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-6344911352390183&output=html&h=600&slotname=2982987669&adk=1358713305&adf=278321112&pi=t.ma~as.2982987669&w=200&lmt=1605746418&psa=0&format=200x600&url=https%3A%2F%2Fmicrosoftclub.ru%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605746418558&bpp=17&bdt=577&idt=131&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3953347105475&frm=20&pv=2&ga_vid=1498249375.1605746419&ga_sid=1605746419&ga_hid=173685195&ga_fc=0&iag=0&icsg=547487744&dssz=31&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1140&ady=848&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=4267035647892622&pem=576&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=V3SFRVexMC&p=https%3A//microsoftclub.ru&dtd=152
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://microsoftclub.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://microsoftclub.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 19 Nov 2020 00:40:18 GMT
server: cafe
content-length: 7023
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 19-Nov-2020 00:55:18 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 19 Nov 2020 00:40:18 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:40:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Thu, 19 Nov 2020 00:40:18 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 6162 0
0 314ms
314ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-6344911352390183&output=html&adk=1812271804&adf=3025194257&lmt=1605746418&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fmicrosoftclub.ru%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605746418607&bpp=1&bdt=626&idt=111&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600&nras=1&correlator=3953347105475&frm=20&pv=1&ga_vid=1498249375.1605746419&ga_sid=1605746419&ga_hid=173685195&ga_fc=0&iag=0&icsg=34907226112&dssz=32&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=4267035647892622&pem=576&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=120

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-6344911352390183&output=html&adk=1812271804&adf=3025194257&lmt=1605746418&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fmicrosoftclub.ru%2F&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605746418607&bpp=1&bdt=626&idt=111&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600&nras=1&correlator=3953347105475&frm=20&pv=1&ga_vid=1498249375.1605746419&ga_sid=1605746419&ga_hid=173685195&ga_fc=0&iag=0&icsg=34907226112&dssz=32&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=4267035647892622&pem=576&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=120
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://microsoftclub.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://microsoftclub.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 19 Nov 2020 00:40:19 GMT
server: cafe
content-length: 38726
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 19-Nov-2020 00:55:18 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 19 Nov 2020 00:40:19 GMT
cache-control: private

GET
H3-Q050 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/ 144 KB
52 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b9e96b28f4cd7f5e834ccd74f701c8b42d9fba63f52d18ea2903749ab2b6f03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 52977
x-xss-protection: 0
server: cafe
etag: 5435475976641876327
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Nov 2020 00:40:19 GMT

GET
H3-Q050 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/ Frame CF97 0
0 6ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201112/r20190131/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://microsoftclub.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmSoZhX1m44kOiVFLQUFPi3xYx-CJvrdd4zb_ROW4VB-3Q0YEaOvzz8Lxmd
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://microsoftclub.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 18 Nov 2020 02:27:59 GMT
expires: Wed, 02 Dec 2020 02:27:59 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 79940
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 44ms
31ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201112&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47c82884aadbe93f585bfe5b7bcb8741c2b6776a9b5902c2bc1d1666f289fcb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Nov 2020 00:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6444
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 19 Nov 2020 00:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Thu, 19 Nov 2020 00:40:19 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 3329 0
0 6ms
6ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://microsoftclub.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://microsoftclub.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Wed, 18 Nov 2020 23:08:51 GMT
expires: Thu, 18 Nov 2021 23:08:51 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5488
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 16ms
15ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201112&jk=4267035647892622&bg=!19Sl1PTNAAVGySeIRliOIe0ggP324gIAAAA1UgAAAApoAQcKAavM7yWn0PAfME2OFI_Kcu7Rbb-pXFa9hYPd-ASHMTGTAQPI1NtUswlOeVM1gbFM40VNK0pkKwd9Y0AJ2p0g3Ld6Pu6OXd7ofl003Mbb6WBJJJD22C3UBFHY6Omqui4kARAD1e1N8EbdCgWFQXWQvl8rnK3Q3kvWG69d0qzjmk8Ho3uWVVwZWWaymWB1I2ZEiY3FtLOJLvKEYpNuKq7oOKTDldpYXZLelc_b5zaD1dvNSuYvKMTjS85_LlqdoupYbe03RLo1d5WV46F0qRfLu9gctaDy9dhrbR7VKd8LSXnHiTd3Dwj6ps_VHnU0A5z7Txf4psApiughdZRZTtOcjeIFz8IBY7RzfnW2_oY2zER1EM38APeck1LQuEPWXaUkWez0wxjasy-H5mFaQMN3rS2J9dkGjcGpmwsXGE1ETkQWAH0ZG8BIl4v0U3P8lHBrj7bo97VN1LM0RCIXqaoZlUlaQPZj9miVfIFffYV4HWL7po8qSV3PDOUMufVRYlcg-Il72QTVKO8YWic9xNTL5-iX6pvo4tmKrbxrIBcpqMfK7jRhdhiWd8bEaHtFmQG5Apy754J_XdQLjACRnD8HGF3Gz7aqbOTy0qqgPR1x_FCpgUbpW4xSmSTRcH-OiIRYHZXsg_25hPv57qGJ2oW6e1B65w_T8j6terq94485m53Xq5jH9Bz8qhUkExIL6Zb8lOhQa6x0Th1MLT-eRp5oH67hjkU3WzP24MO1aFx0rJnbpbePGZghoysgslo9ux5FDojDeQ8iImitabQ36dOZNc2wAYr6IRUkoK8f2H2c6A8_NACPywDBOW5YxGdH66G6lU8veIxZYaLLRxF_ssmtYlvJGyoTgNPUZ49rB0Xtz0ZB0MMEZX1yTWo_h8IBR80lPaeStxfq9AvCPfNfvMlEFk4dhbC_OTSgdxM7y8aRy-kzlEF1sz0uSc6M1GULiIEs6DD24t3dNGEcOi5rp4N8IN8peXkrocEo2Wgj5536hFJEfcsOANRzqxrmkoNP0c58N8-gplyQZhhCHvC9NwlgIh2UTSbTQ89RJkt0zyCzoJrc_QyDFK6ZJu9t30vO4gPM5lg3DcvdSrZDb3_mA6ddYqoKrXLRRyuVAUDaEn-_8iwz2YJDU1SIokl3gUpqD3eaomjDg7AAL145

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 00:40:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 39507080 Show response
mc.yandex.ru/webvisor/ 43 B
73 B 227ms
51ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/39507080?wmode=0&rn=1038954505&page-url=https%3A%2F%2Fmicrosoftclub.ru%2F&wv-type=3&wv-hit=790808743&wv-part=1&browser-info=ti%3A8%3Aet%3A1605746419%3Aw%3A1600x1200%3Av%3A1979%3Az%3A60%3Ai%3A20201119014018%3Abt%3A1%3Ast%3A1605746421%3Au%3A1605746419384665287%3Ahi%3A

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 00:40:21 GMT
last-modified: Thu, 19-Nov-2020 00:40:21 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://microsoftclub.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 19-Nov-2020 00:40:21 GMT

POST
H2 200 39507080 Show response
mc.yandex.ru/webvisor/ 43 B
157 B 95ms
94ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/39507080?wmode=0&rn=358897920&page-url=https%3A%2F%2Fmicrosoftclub.ru%2F&wv-type=3&wv-hit=790808743&wv-part=1&browser-info=ti%3A8%3Aet%3A1605746419%3Aw%3A1600x1200%3Av%3A1979%3Az%3A60%3Ai%3A20201119014018%3Ast%3A1605746421%3Au%3A1605746419384665287%3Ahi%3A

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://microsoftclub.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Nov 2020 00:40:21 GMT
last-modified: Thu, 19-Nov-2020 00:40:21 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://microsoftclub.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 19-Nov-2020 00:40:21 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hjplb2qzsf.a.trbcdn.net
URL: https://hjplb2qzsf.a.trbcdn.net/wp-content/themes/simplepuzzle/svg/social.svg

Domain: tizer.webmastermaksim.net
URL: https://tizer.webmastermaksim.net/output/index/46?ref=

Domain: hjplb2qzsf.a.trbcdn.net
URL: https://hjplb2qzsf.a.trbcdn.net/wp-content/themes/simplepuzzle/svg/social.svg

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.microsoftclub.ru/	1970-01-19 14:03:38	Name: _ym_isad Value: 2
.microsoftclub.ru/	1970-01-19 14:02:28	Name: _ym_visorc_39507080 Value: w
.doubleclick.net/	1970-01-19 23:24:02	Name: IDE Value: AHWqTUmSoZhX1m44kOiVFLQUFPi3xYx-CJvrdd4zb_ROW4VB-3Q0YEaOvzz8Lxmd
.microsoftclub.ru/	1970-01-19 23:24:02	Name: __gads Value: ID=3ac76c798b94e7d4-22dd978571a600a1:T=1605746418:RT=1605746418:S=ALNI_Mb5Xm_SNMR5pZxYWvqkOMkmBept6Q
.microsoftclub.ru/	1970-01-19 22:48:02	Name: _ym_d Value: 1605746419
.microsoftclub.ru/	1970-01-19 22:48:02	Name: _ym_uid Value: 1605746419384665287

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://pushvip.ru/integration/build/105982536(Line 1) Message: Browser not support push notification
console-api	log	URL: https://pushvip.ru/integration/build/105982536(Line 1) Message: Browser not support push notification

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hjplb2qzsf.a.trbcdn.net
mc.webvisor.org
mc.yandex.ru
microsoftclub.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pushvip.ru
tizer.webmastermaksim.net
tpc.googlesyndication.com
www.googletagservices.com
hjplb2qzsf.a.trbcdn.net
tizer.webmastermaksim.net
151.236.71.248
172.217.18.162
185.11.247.37
185.154.53.214
2a00:1450:4001:809::2002
2a00:1450:4001:819::2003
2a00:1450:4001:820::2001
2a00:1450:4001:820::200a
2a00:1450:4001:825::200a
2a02:6b8::1:119
2a04:4e42:1b::621
80.239.201.123
001c2984ebf5eb5558b1039695d020c76566d2c272a49cc10d24c5a3fe4596d2
02a05aeb2639151982c9862961388e634f26c863681771a16761abb2c5fec12f
02aeeefc143ac9975d0e79a1a2b1d5d13f997e50108b9362cdd4dc8ea3c1acfd
02aefef309b1df5a8cea2d4e2b74f33561bc1a7be398a2898bed3265d86e5db7
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
060d18f21b0bbfe31fb86ac0a81d6df1e41f214aa4f169b0736e10a886cc533e
0bdf385cb758b680074163b0975f9f85425125f332deaae55ecb83d910895286
0cb06b1532461eb2cd2ba5b6aa101d4d67ccd998de80b5dcac8945f3e20e893a
12b41e0733ba0d4a50185c5f654ef390f288d57792475c1718099f36123eff7e
1452e0607616a52a651603b1d2958d55f51cea6ce317a273a0f1f86daced1711
197c42ffb4ac24735050d503729009d57f4b72616340f905ec65ed682a0a35d1
1ae8524ebd9cbe008b72ccf2116d2d822b244f0ac234265ae0c592f61d78f89f
1f25bcd90ad3f11569b996f6878119ca2a33d6258a80826c8d340baa0e6554ef
27886cd5841021a465dcc615c7095807160e1838f9563e5b9a8357849c9aae1f
327f25b8807e82a8479a0eb23d082e335a8f8023b7e209dfec0688db9a34ab97
3d138b2397bc5493f655d6851c415468642419de9f335de648093c8d8a1d407c
3e20328e462db6abf9014bfc85103ca581716ccf4cffe53b3c3777d25c72af39
3efd2d81165c1b47f4ea64c85d88cd8ff5580be660ceab4d4dd5afabbb267ff4
43e68e65a20d4562f9b1105e0c99fb17903fb36e5bf52ed31cefcb0412925157
47c82884aadbe93f585bfe5b7bcb8741c2b6776a9b5902c2bc1d1666f289fcb1
4b9e96b28f4cd7f5e834ccd74f701c8b42d9fba63f52d18ea2903749ab2b6f03
50f6549744c5b8521c09ca920d1baeb816ab8b35ac22b8ff4475fff99e88d335
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58db6dd92b4f0713185dc390d8fe9f16f85741bf312b3ac3de0535489e73bade
5a00262dbb6a62363aaf483520f75ef5e6364b6eef606a66b2860d2d240d5b3f
5bf26f5c16e35e6c2114a0594f8c5a7079d8bd58779ba47276d5c2e5f052c1f4
633e58c95a66e4712da5f76ba33d1e1840971da207c26e2ad6a0de575554c5c3
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6cf9a7183c70b3fb33cc2f4bc1edb7037a282ddc618a41abafa8b999443f3283
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
70b6bf5a0c9c29b727bb77c5855835012c808dc3baa04b42050fa2205fc3bc00
7ca32ff7f77b92ef1795607960f9515e140e3580e87018d4fe4e0acde2dee9b5
815ee8689919badb3b5e68fbb49e4bad0cb6a5c708b30bda6212beb1c5c13ad0
86b34decfab5ee3b8db9b14455db492beaf07692e705eb17ae164185c22dcbad
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d
9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f
9e1c623e5205017d5c6e7b7e745fc11d27bdda7925053eee0889fde0f5908d31
ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48
b26a9f4046a38435e4089392215a7e5a0b897cae8d7a7fde0e91c28f39f77c5c
b5fd8d626e7aeb5bc812fb3625eaf5e2000f98dc68d9032fee106d6fe5cca9a6
bb74816a9aaed49f7b58ffbfead623f50686271a551d77a3ed95a56a56e40dbf
bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e
c4805496b7492b3ad994fdb6ed5596988af463761c0e77fa9a5030c4e2f253f2
cdb9545c62aaf4e17b458cc191b78118e72b34a06ff9af756772aa05761d2e50
d4cc3dfa1061aedf2533cf134f9d584568bc41a25090fb7ce77c5cdbec6c37e6
d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f8cad2fad9103c31e0736211ed9a7aa883cd42c4b751948373ff5dcc7df69d99

microsoftclub.ru Open in urlscan Pro 185.11.247.37 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

51 Requests

94 %HTTPS

58 %IPv6

15 Domains

17 Subdomains

13 IPs

4 Countries

553 kBTransfer

1487 kBSize

6 Cookies

0 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

microsoftclub.ru Open in urlscan Pro
185.11.247.37 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

94 %
HTTPS

58 %
IPv6

15
Domains

17
Subdomains

13
IPs

4
Countries

553 kB
Transfer

1487 kB
Size

6
Cookies

51 HTTP transactions
9 data transactions