crystalspace.ru Open in urlscan Pro
195.161.41.30 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://crystalspace.ru/
Submission: On February 26 via api (February 26th 2023, 9:26:19 pm UTC) from CH — Scanned from DE

Summary HTTP 49 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 12 domains to perform 49 HTTP transactions. The main IP is 195.161.41.30, located in Russian Federation and belongs to RTCOMM-AS, RU. The main domain is crystalspace.ru.

This is the only time crystalspace.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	195.161.41.30 195.161.41.30	8342 (RTCOMM-AS) (RTCOMM-AS)
1	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f1c0:100... 2607:f1c0:100f:f000::2d2	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:808::2003	15169 (GOOGLE) (GOOGLE)
5 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
6	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
49	15

10 195.161.41.30 (Russian Federation)

ASN8342 (RTCOMM-AS, RU)
PTR: srv199-vps-st.jino.ru

crystalspace.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f1c0:100f:f000::2d2 (United States)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

www.crystalspace3d.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	260 KB
10	crystalspace.ru crystalspace.ru	206 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9427	2 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	89 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	35 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3674	58 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	2 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	49 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8947	531 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	606 B
1	crystalspace3d.org www.crystalspace3d.org	4 KB
49	12

	Domain	Requested by
10	crystalspace.ru	crystalspace.ru
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	mc.yandex.com	3 redirects crystalspace.ru
7	pagead2.googlesyndication.com	crystalspace.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	mc.yandex.ru	2 redirects crystalspace.ru
2	fonts.googleapis.com	crystalspace.ru googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.crystalspace3d.org	crystalspace.ru
49	15

This site contains links to these domains. Also see Links.

Domain
www.crystalspace3d.org
www.google-melange.com
plus.google.com
www.youtube.com
sourceforge.net

Subject Issuer	Validity	Valid
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://crystalspace.ru/
Frame ID: 3F359899B3FC92EDE47400ECF7AC333F
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html
Frame ID: 8D50E02F2311FFB325E2CD4DC2899905
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8458705352233127&output=html&h=280&slotname=4600581694&adk=887990387&adf=3025194257&pi=t.ma~as.4600581694&w=1200&fwrn=4&fwrnh=100&lmt=1677446775&rafmt=1&format=1200x280&url=http%3A%2F%2Fcrystalspace.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1677446774834&bpp=3&bdt=358&idt=271&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&correlator=4001151950833&frm=20&pv=2&ga_vid=1791084171.1677446775&ga_sid=1677446775&ga_hid=732690419&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=1741&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44777876%2C31072387&oid=2&pvsid=4031585076433150&tmod=1747386380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F8mMorxXen&p=http%3A//crystalspace.ru&dtd=285
Frame ID: 5F099770C92A8EAF4069D411E0B4EDF2
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8458705352233127&output=html&adk=1812271804&adf=1573534164&lmt=1677446775&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fcrystalspace.ru%2F&ea=0&pra=7&wgl=1&dt=1677446774846&bpp=1&bdt=370&idt=279&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=4001151950833&frm=20&pv=1&ga_vid=1791084171.1677446775&ga_sid=1677446775&ga_hid=732690419&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44777876%2C31072387&oid=2&pvsid=4031585076433150&tmod=1747386380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=285
Frame ID: 4D4EA2406C9DF3418E5F0675E47D57D2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js
Frame ID: 466444E139669519023CE29BE4609908
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4EAF8CAD8EA87ECE1299F5EE41347983
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5E952A391E58510BAEC3DF8A8CA0F4E6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Crystal Space 3D - по русски

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

63 %
HTTPS

93 %
IPv6

12
Domains

15
Subdomains

15
IPs

4
Countries

707 kB
Transfer

1520 kB
Size

15
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://www.crystalspace3d.org/forum/index.php
Title: Форум

Search URL Search Domain Scan URL

URL: http://www.google-melange.com/gsoc/homepage/google/gsoc2014
Title: http://www.google-melange.com/gsoc/homepage/google/gsoc2014

Search URL Search Domain Scan URL

URL: http://www.google-melange.com/gsoc/homepage/google/gsoc2013
Title: http://www.google-melange.com/gsoc/homepage/google/gsoc2013

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/communities/105380152825085158376
Title: https://plus.google.com/u/0/communities/105380152825085158376

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC5bTlQKJOBkpmcVHMn6uYxg

Search URL Search Domain Scan URL

URL: https://sourceforge.net/donate/index.php?group_id=649

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9926.ajMErfRH7K7g0CK0FLXd0u91tKJ4SlF9n9YHRjSi2pvG69MQ18xS20aLvQK5R-Rs.oBOUW8IR_Bul-HAHcbIr7_GsJOY%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9926.DP7CMsaMrzGYRiv-1latMb8NSIgbaoBSbUxTthvg_7k8GFGWcxUgn0SFyw_X_ZmOJYDm87HznljG3us9zFt3WwuzatWMrf3co_bEwMhRrmQ%2C.TR37eefHnwGR3hX82_AgSp5QD3g%2C

Request Chain 19

https://mc.yandex.com/watch/34871840?wmode=7&page-url=http%3A%2F%2Fcrystalspace.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afp%3A451%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1123534045951%3Ahid%3A358668063%3Az%3A0%3Ai%3A20230226212614%3Aet%3A1677446775%3Ac%3A1%3Arn%3A535825217%3Arqn%3A1%3Au%3A1677446775771927363%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A143%2C47%2C59%2C1%2C%2C0%2C%2C182%2C1%2C%2C%2C%2C434%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1677446774222%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1677446775%3At%3ACrystal%20Space%203D%20-%20%D0%BF%D0%BE%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/34871840/1?wmode=7&page-url=http%3A%2F%2Fcrystalspace.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afp%3A451%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1123534045951%3Ahid%3A358668063%3Az%3A0%3Ai%3A20230226212614%3Aet%3A1677446775%3Ac%3A1%3Arn%3A535825217%3Arqn%3A1%3Au%3A1677446775771927363%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A143%2C47%2C59%2C1%2C%2C0%2C%2C182%2C1%2C%2C%2C%2C434%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1677446774222%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1677446775%3At%3ACrystal%20Space%203D%20-%20%D0%BF%D0%BE%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 25

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9926.UX_TSJL8Q7aIK2detca-5qX5vhX-6e_Ipj5pSYiLmKtNmGGqcdOZSstAfEtaMwM9._Ss2GVaQH3G3ECfj8ik2Qsq8qh8%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9926.meRkWxvxziSOz0wn0WTPD3O762zS_kOJHeUEjXDnKNaX5_nUTOoDvqOX9af_iDzFczNgWSpMcGGSj3mZ52qICl_5AgMRJ3gyQKCwep1kvIc%2C.jeq-TFGf1iAEKWq0COGusdfZ9uk%2C

49 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
crystalspace.ru/ 9 KB
3 KB 250ms
59ms Document
text/html 195.161.41.30
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://crystalspace.ru/

Protocol

HTTP/1.1

Server

195.161.41.30 , Russian Federation, ASN8342 (RTCOMM-AS, RU),

Reverse DNS

srv199-vps-st.jino.ru

Software

nginx /

Resource Hash

7326b1a19f194814467be47de91403fc962e7bfb63127644892771ff4042992c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 26 Feb 2023 21:26:14 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block;

GET
H/1.1 200
OK style.css
crystalspace.ru/design/crystal/style/ 7 KB
2 KB 49ms
48ms Stylesheet
text/css 195.161.41.30
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://crystalspace.ru/design/crystal/style/style.css
Requested by: Host: crystalspace.ru
URL: http://crystalspace.ru/
Protocol: HTTP/1.1
Server: 195.161.41.30 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv199-vps-st.jino.ru
Software: nginx /
Resource Hash: 3fd935925386f346d18a2bd3413152fdc93a56e37be5f6209c3295d9ba5185a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://crystalspace.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:26:14 GMT
Content-Encoding: gzip
Last-Modified: Sat, 04 Mar 2017 15:26:03 GMT
Server: nginx
ETag: W/"58badc8b-1a52"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Mon, 26 Feb 2024 21:26:14 GMT

GET
H/1.1 200
OK style.css
crystalspace.ru/core/style/ 4 KB
2 KB 85ms
42ms Stylesheet
text/css 195.161.41.30
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://crystalspace.ru/core/style/style.css?r1
Requested by: Host: crystalspace.ru
URL: http://crystalspace.ru/
Protocol: HTTP/1.1
Server: 195.161.41.30 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv199-vps-st.jino.ru
Software: nginx /
Resource Hash: 218ca9ed26a25bbafe0750a50d0496092e649e984467046e0a7f441d6d45d3bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://crystalspace.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:26:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Oct 2016 11:54:52 GMT
Server: nginx
ETag: W/"58133c8c-1153"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Mon, 26 Feb 2024 21:26:14 GMT

GET
H/1.1 200
OK font-awesome.min.css
crystalspace.ru/core/lib/fontawesome/css/ 30 KB
7 KB 97ms
49ms Stylesheet
text/css 195.161.41.30
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://crystalspace.ru/core/lib/fontawesome/css/font-awesome.min.css?r2
Requested by: Host: crystalspace.ru
URL: http://crystalspace.ru/
Protocol: HTTP/1.1
Server: 195.161.41.30 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv199-vps-st.jino.ru
Software: nginx /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://crystalspace.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:26:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Oct 2016 10:00:00 GMT
Server: nginx
ETag: W/"58171620-7918"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Mon, 26 Feb 2024 21:26:14 GMT

GET
H/1.1 200
OK jquery-3.2.1.min.js Show response
crystalspace.ru/core/lib/jquery/ 85 KB
30 KB 105ms
57ms Script
application/javascript 195.161.41.30
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://crystalspace.ru/core/lib/jquery/jquery-3.2.1.min.js?r1
Requested by: Host: crystalspace.ru
URL: http://crystalspace.ru/
Protocol: HTTP/1.1
Server: 195.161.41.30 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv199-vps-st.jino.ru
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://crystalspace.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:26:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Nov 2017 12:49:40 GMT
Server: nginx
ETag: W/"5a157264-15283"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Mon, 26 Feb 2024 21:26:14 GMT

GET
H/1.1 200
OK goldcms.js Show response
crystalspace.ru/core/js/ 1 KB
939 B 106ms
58ms Script
application/javascript 195.161.41.30
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://crystalspace.ru/core/js/goldcms.js
Requested by: Host: crystalspace.ru
URL: http://crystalspace.ru/
Protocol: HTTP/1.1
Server: 195.161.41.30 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv199-vps-st.jino.ru
Software: nginx /
Resource Hash: 133208dafadbab7c3a8900d3933245cbe787a9d55a34e8ecf04c2b4e7fa41a13

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://crystalspace.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:26:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Oct 2016 11:54:52 GMT
Server: nginx
ETag: W/"58133c8c-497"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Mon, 26 Feb 2024 21:26:14 GMT

GET
H/1.1 200
OK crystallogo.png
crystalspace.ru/design/crystal/img/ 78 KB
78 KB 49ms
48ms Image
image/png 195.161.41.30
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://crystalspace.ru/design/crystal/img/crystallogo.png
Requested by: Host: crystalspace.ru
URL: http://crystalspace.ru/
Protocol: HTTP/1.1
Server: 195.161.41.30 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv199-vps-st.jino.ru
Software: nginx /
Resource Hash: 4bcefc21847b7dc0e5d8fa400e8eaad2de2885c3a00d90d6519ace8592d3f9fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://crystalspace.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:26:14 GMT
Last-Modified: Fri, 28 Oct 2016 13:58:39 GMT
Server: nginx
ETag: "5813598f-1368d"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 79501
Expires: Mon, 26 Feb 2024 21:26:14 GMT

GET
H/1.1 200
OK 50px-Cs-compact.png
crystalspace.ru/design/crystal/img/ 3 KB
4 KB 48ms
48ms Image
image/png 195.161.41.30
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://crystalspace.ru/design/crystal/img/50px-Cs-compact.png
Requested by: Host: crystalspace.ru
URL: http://crystalspace.ru/
Protocol: HTTP/1.1
Server: 195.161.41.30 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv199-vps-st.jino.ru
Software: nginx /
Resource Hash: dccb3a52d10a6b6bed82dfe63a09033a229fdd5bae70b111b2c1f73fbb67cbfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://crystalspace.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:26:14 GMT
Last-Modified: Fri, 28 Oct 2016 13:58:38 GMT
Server: nginx
ETag: "5813598e-d9e"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3486
Expires: Mon, 26 Feb 2024 21:26:14 GMT

GET
H/1.1 200
OK 50px-Aresed-logo.png
crystalspace.ru/design/crystal/img/ 4 KB
4 KB 48ms
48ms Image
image/png 195.161.41.30
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://crystalspace.ru/design/crystal/img/50px-Aresed-logo.png
Requested by: Host: crystalspace.ru
URL: http://crystalspace.ru/
Protocol: HTTP/1.1
Server: 195.161.41.30 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv199-vps-st.jino.ru
Software: nginx /
Resource Hash: 9fc38394971caff433bbe1daf5505628cdac6615ce170a6469c597c72433d9c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://crystalspace.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:26:14 GMT
Last-Modified: Fri, 28 Oct 2016 13:58:38 GMT
Server: nginx
ETag: "5813598e-ff8"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4088
Expires: Mon, 26 Feb 2024 21:26:14 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 112ms
84ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: crystalspace.ru
URL: http://crystalspace.ru/

Protocol

HTTP/1.1

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79e1dbf17bc6b19656cf7d41c8a55c659e2f8d4d16b852f46024cd37fdafe63a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://crystalspace.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:26:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 52089
X-XSS-Protection: 0
Server: cafe
ETag: 3201755158419831430
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Sun, 26 Feb 2023 21:26:14 GMT

GET
H/1.1 200
OK project-support.jpg
www.crystalspace3d.org/img/ 4 KB
4 KB 500ms
164ms Image
image/jpeg 2607:f1c0:100f:f000::2d2
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.crystalspace3d.org/img/project-support.jpg
Requested by: Host: crystalspace.ru
URL: http://crystalspace.ru/
Protocol: HTTP/1.1
Server: 2607:f1c0:100f:f000::2d2 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 37ae4813be539afea94d73ee075d5cd17140a042237f93a06a0b23f479862525

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://crystalspace.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:26:15 GMT
Last-Modified: Sun, 18 Feb 2018 23:54:26 GMT
Server: Apache
ETag: "ecc-565854c237080"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 3788

GET
H/1.1 200
OK css
fonts.googleapis.com/ 3 KB
1 KB 44ms
31ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans&subset=cyrillic-ext,latin

Requested by

Host: crystalspace.ru
URL: http://crystalspace.ru/design/crystal/style/style.css

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

65d2a78602c1dfed06fef415e07caf67bdc2fb5682638fb5c2189dbd5e6131a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://crystalspace.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:26:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Sun, 26 Feb 2023 21:26:14 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 26 Feb 2023 21:26:14 GMT

GET
H/1.1 200
OK memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2
fonts.gstatic.com/s/opensans/v34/ 10 KB
11 KB 56ms
28ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans&subset=cyrillic-ext,latin

Protocol

HTTP/1.1

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

624b713241704e0993f7d2147c1f1408a8a0df1be297a490bfe8e2b89387ce93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://crystalspace.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 23 Feb 2023 12:45:21 GMT
X-Content-Type-Options: nosniff
Age: 290453
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 10652
X-XSS-Protection: 0
Last-Modified: Mon, 15 Aug 2022 18:11:22 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 23 Feb 2024 12:45:21 GMT

GET
H/1.1 200
OK memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 16 KB
17 KB 57ms
29ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans&subset=cyrillic-ext,latin

Protocol

HTTP/1.1

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://crystalspace.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 21 Feb 2023 20:19:13 GMT
X-Content-Type-Options: nosniff
Age: 436021
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 16740
X-XSS-Protection: 0
Last-Modified: Mon, 15 Aug 2022 18:14:44 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 21 Feb 2024 20:19:13 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 162 KB
57 KB 192ms
94ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: crystalspace.ru
URL: http://crystalspace.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

cf0e934daa92ef101fcdf4f64d318324f197533bc3a8ad60630a947cef5d7073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://crystalspace.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:26:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 21 Feb 2023 11:11:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63f47caa-e3bd"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 58301
expires: Sun, 26 Feb 2023 22:26:14 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
crystalspace.ru/core/lib/fontawesome/fonts/ 75 KB
76 KB 42ms
42ms Font
font/woff2 195.161.41.30
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://crystalspace.ru/core/lib/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: crystalspace.ru
URL: http://crystalspace.ru/core/lib/fontawesome/css/font-awesome.min.css?r2

Protocol

HTTP/1.1

Server

195.161.41.30 , Russian Federation, ASN8342 (RTCOMM-AS, RU),

Reverse DNS

srv199-vps-st.jino.ru

Software

nginx /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block;

Request headers

Referer: http://crystalspace.ru/core/lib/fontawesome/css/font-awesome.min.css?r2
Origin: http://crystalspace.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:26:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 31 Oct 2016 10:00:00 GMT
Server: nginx
ETag: "58171620-12d68"
X-Frame-Options: DENY
Content-Type: font/woff2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77160
X-XSS-Protection: 1; mode=block;

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ 366 KB
121 KB 172ms
92ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8458705352233127&plah=crystalspace.ru

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37bf2b27b35f3a2a6b986cbb44df7aca74987349d456c6946b5488ee9b260ae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://crystalspace.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:26:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122958
x-xss-protection: 0
server: cafe
etag: 3325097699759277518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 21:26:14 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/ Frame 8D50 10 KB
5 KB 110ms
29ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://crystalspace.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 37532
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 11:00:42 GMT
etag: 10353107486223812946
expires: Sun, 12 Mar 2023 11:00:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9926.ajMErfRH7K7g0CK0FLXd0u91tKJ4SlF9n9YHRjSi2pvG69MQ18xS20aLvQK5R-Rs.oBOUW8IR_Bul-HAHcbIr7_GsJOY%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9926.DP7CMsaMrzGYRiv-1latMb8NSIgbaoBSbUxTthvg_7k8GFGWcxUgn0SFyw_X_ZmOJYDm87HznljG3us9zFt3WwuzatWMrf3co_bEwMhRrmQ%2C.TR37eefHnwGR3hX82_AgSp5QD3g%2C

43 B
67 B

54ms
54ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9926.DP7CMsaMrzGYRiv-1latMb8NSIgbaoBSbUxTthvg_7k8GFGWcxUgn0SFyw_X_ZmOJYDm87HznljG3us9zFt3WwuzatWMrf3co_bEwMhRrmQ%2C.TR37eefHnwGR3hX82_AgSp5QD3g%2C

Requested by

Host: crystalspace.ru
URL: http://crystalspace.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://crystalspace.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:26:15 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9926.DP7CMsaMrzGYRiv-1latMb8NSIgbaoBSbUxTthvg_7k8GFGWcxUgn0SFyw_X_ZmOJYDm87HznljG3us9zFt3WwuzatWMrf3co_bEwMhRrmQ%2C.TR37eefHnwGR3hX82_AgSp5QD3g%2C
date: Sun, 26 Feb 2023 21:26:15 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
113 B 54ms
54ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: crystalspace.ru
URL: http://crystalspace.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://crystalspace.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:26:14 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 21 Feb 2023 11:11:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63f47caa-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 26 Feb 2023 22:26:14 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/34871840/
Redirect Chain

https://mc.yandex.com/watch/34871840?wmode=7&page-url=http%3A%2F%2Fcrystalspace.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afp%3A451%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3A...
https://mc.yandex.com/watch/34871840/1?wmode=7&page-url=http%3A%2F%2Fcrystalspace.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afp%3A451%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%...

435 B
518 B

55ms
54ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/34871840/1?wmode=7&page-url=http%3A%2F%2Fcrystalspace.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afp%3A451%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1123534045951%3Ahid%3A358668063%3Az%3A0%3Ai%3A20230226212614%3Aet%3A1677446775%3Ac%3A1%3Arn%3A535825217%3Arqn%3A1%3Au%3A1677446775771927363%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A143%2C47%2C59%2C1%2C%2C0%2C%2C182%2C1%2C%2C%2C%2C434%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1677446774222%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1677446775%3At%3ACrystal%20Space%203D%20-%20%D0%BF%D0%BE%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: crystalspace.ru
URL: http://crystalspace.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

6a00813cbea1b760439d3eac13b33b7851cd4204f6a9f860c347b7e28d8faf22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://crystalspace.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 21:26:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 26-Feb-2023 21:26:15 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://crystalspace.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Sun, 26-Feb-2023 21:26:15 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Feb 2023 21:26:15 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 26-Feb-2023 21:26:15 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/34871840/1?wmode=7&page-url=http%3A%2F%2Fcrystalspace.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afp%3A451%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1123534045951%3Ahid%3A358668063%3Az%3A0%3Ai%3A20230226212614%3Aet%3A1677446775%3Ac%3A1%3Arn%3A535825217%3Arqn%3A1%3Au%3A1677446775771927363%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A143%2C47%2C59%2C1%2C%2C0%2C%2C182%2C1%2C%2C%2C%2C434%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1677446774222%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1677446775%3At%3ACrystal%20Space%203D%20-%20%D0%BF%D0%BE%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: http://crystalspace.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 26-Feb-2023 21:26:15 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
606 B 156ms
49ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=crystalspace.ru&callback=_gfp_s_&client=ca-pub-8458705352233127

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8458705352233127&plah=crystalspace.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fdafaec8497da36500bc76382937d1fd1548d1809bc1105af34bea41409f939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://crystalspace.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 57ms
21ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=crystalspace.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://crystalspace.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 82ms
23ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=crystalspace.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://crystalspace.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5F09 84 KB
30 KB 338ms
338ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8458705352233127&output=html&h=280&slotname=4600581694&adk=887990387&adf=3025194257&pi=t.ma~as.4600581694&w=1200&fwrn=4&fwrnh=100&lmt=1677446775&rafmt=1&format=1200x280&url=http%3A%2F%2Fcrystalspace.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1677446774834&bpp=3&bdt=358&idt=271&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&correlator=4001151950833&frm=20&pv=2&ga_vid=1791084171.1677446775&ga_sid=1677446775&ga_hid=732690419&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=1741&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44777876%2C31072387&oid=2&pvsid=4031585076433150&tmod=1747386380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F8mMorxXen&p=http%3A//crystalspace.ru&dtd=285

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5030b9b78d5e8e4768627db0bac2c5fa92cb17b9fce29f8b44ed6b7259f4afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://crystalspace.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30651
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 21:26:15 GMT
expires: Sun, 26 Feb 2023 21:26:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4D4E 0
180 B 53ms
52ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8458705352233127&output=html&adk=1812271804&adf=1573534164&lmt=1677446775&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fcrystalspace.ru%2F&ea=0&pra=7&wgl=1&dt=1677446774846&bpp=1&bdt=370&idt=279&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=4001151950833&frm=20&pv=1&ga_vid=1791084171.1677446775&ga_sid=1677446775&ga_hid=732690419&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44777876%2C31072387&oid=2&pvsid=4031585076433150&tmod=1747386380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=285

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://crystalspace.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 21:26:15 GMT
expires: Sun, 26 Feb 2023 21:26:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9926.UX_TSJL8Q7aIK2detca-5qX5vhX-6e_Ipj5pSYiLmKtNmGGqcdOZSstAfEtaMwM9._Ss2GVaQH3G3ECfj8ik2Qsq8qh8%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9926.meRkWxvxziSOz0wn0WTPD3O762zS_kOJHeUEjXDnKNaX5_nUTOoDvqOX9af_iDzFczNgWSpMcGGSj3mZ52qICl_5AgMRJ3gyQKCwep1kvIc%2C.jeq-TFGf1iAEKWq0CO...

43 B
98 B

50ms
49ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9926.meRkWxvxziSOz0wn0WTPD3O762zS_kOJHeUEjXDnKNaX5_nUTOoDvqOX9af_iDzFczNgWSpMcGGSj3mZ52qICl_5AgMRJ3gyQKCwep1kvIc%2C.jeq-TFGf1iAEKWq0COGusdfZ9uk%2C

Requested by

Host: crystalspace.ru
URL: http://crystalspace.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://crystalspace.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:26:15 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9926.meRkWxvxziSOz0wn0WTPD3O762zS_kOJHeUEjXDnKNaX5_nUTOoDvqOX9af_iDzFczNgWSpMcGGSj3mZ52qICl_5AgMRJ3gyQKCwep1kvIc%2C.jeq-TFGf1iAEKWq0COGusdfZ9uk%2C
date: Sun, 26 Feb 2023 21:26:15 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ Frame 5F09 6 KB
1 KB 73ms
27ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8458705352233127&output=html&h=280&slotname=4600581694&adk=887990387&adf=3025194257&pi=t.ma~as.4600581694&w=1200&fwrn=4&fwrnh=100&lmt=1677446775&rafmt=1&format=1200x280&url=http%3A%2F%2Fcrystalspace.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1677446774834&bpp=3&bdt=358&idt=271&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&correlator=4001151950833&frm=20&pv=2&ga_vid=1791084171.1677446775&ga_sid=1677446775&ga_hid=732690419&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=1741&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44777876%2C31072387&oid=2&pvsid=4031585076433150&tmod=1747386380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F8mMorxXen&p=http%3A//crystalspace.ru&dtd=285

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Feb 2023 21:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 26 Feb 2023 20:37:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Feb 2023 21:26:15 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 5F09 2 KB
818 B 57ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 18:59:03 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5F09 0
0 73ms
73ms Fetch
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQinud877Y_-RCvKR1fAPmNaomAKjlNuab_bUuNiOEcvLrZfeGhABIOzlpx1glYKAgLQHoAHKgtGLKcgBCakCw_wrOVGysT6oAwHIA8sEqgTCAU_Q409c4EUtrcGZ_p3FbrVFyUhnN7R1md1WCf68EyUy-bZO9A83q5agwvyAtVa2Y40bsar2Vreiyvvvk9JFqG0Cd6EQtjD7Vo7WJVDOYGX0vGNe_M2bKhbo1ArXbBINf4OXGwz_x_-k2oxwrrgZ82m0T1m3yCt4R6e39FvtWwDwRACUpG14lUI3gSt2isk3SG-y3YB3e83bX5ju0G8k_Y7Y8Oz_-utrnk5sfAy_9mqkd7hfQuaXLq47UNLScYoBeMn5wAS7str9ogSSBQQIBBgBkgUECAUYBKAGLoAHyrqh6wOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDx2BHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItODQ1ODcwNTM1MjIzMzEyNxgA&sigh=xGPOvyLIVFs&uach_m=[UACH]&cid=CAQSGwDUE5ymMaVQCEe9M6tpJ-bGq0V4yju2avWmOBgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8458705352233127&output=html&h=280&slotname=4600581694&adk=887990387&adf=3025194257&pi=t.ma~as.4600581694&w=1200&fwrn=4&fwrnh=100&lmt=1677446775&rafmt=1&format=1200x280&url=http%3A%2F%2Fcrystalspace.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1677446774834&bpp=3&bdt=358&idt=271&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&correlator=4001151950833&frm=20&pv=2&ga_vid=1791084171.1677446775&ga_sid=1677446775&ga_hid=732690419&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=0&ady=1741&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C44777876%2C31072387&oid=2&pvsid=4031585076433150&tmod=1747386380&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F8mMorxXen&p=http%3A//crystalspace.ru&dtd=285
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 26 Feb 2023 21:26:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 26 Feb 2023 21:26:15 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 5F09 22 KB
9 KB 53ms
17ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 18:59:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 5F09 3 KB
1 KB 62ms
27ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 19:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 19:05:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 5F09 20 KB
8 KB 52ms
18ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 18:59:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5F09 158 KB
49 KB 93ms
27ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 26 Feb 2023 21:26:15 GMT

GET
H2 200 ed8ae2896763956dad3710d8730c1299.js Show response
www.gstatic.com/mysidia/ Frame 5F09 33 KB
14 KB 116ms
28ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ed8ae2896763956dad3710d8730c1299.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 11:08:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14007
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 01:49:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 27 May 2023 11:08:19 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/168204076856041371/ Frame 5F09 13 KB
13 KB 61ms
28ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/168204076856041371/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

792f62ea15dd6caf5816765b70c793320de966889b313a3f67a50cb765ac528f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 21:05:16 GMT
x-content-type-options: nosniff
age: 260459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13290
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 14:38:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Feb 2024 21:05:16 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/11192654984172894403/ Frame 5F09 5 KB
5 KB 63ms
31ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11192654984172894403/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

149ef28f9e8ae35bb1f78d834f8e54423407fd058b3582ab628710e6e0e16580

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 22:14:36 GMT
x-content-type-options: nosniff
age: 256299
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4928
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 14:38:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Feb 2024 22:14:36 GMT

GET
DATA 200
OK truncated
/ Frame 5F09 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a590bf77f376e2c46948b6eb626dcf53a1abdbedf629b0ec27f8d57c942a0568

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5F09 15 KB
16 KB 108ms
29ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 13:40:31 GMT
x-content-type-options: nosniff
age: 287144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 13:40:31 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5F09 15 KB
16 KB 114ms
36ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 12:23:05 GMT
x-content-type-options: nosniff
age: 291790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 12:23:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5F09 15 KB
15 KB 137ms
59ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 13:13:56 GMT
x-content-type-options: nosniff
age: 288739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 13:13:56 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 133ms
73ms XHR
application/json 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230222&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

317178f7d5b20e3b19ee836733c141e362dcd76291a1777f93292b5562ea7ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://crystalspace.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:26:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11218
x-xss-protection: 0

GET
H2 200 ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js Show response
pagead2.googlesyndication.com/bg/ Frame 4664 36 KB
14 KB 29ms
28ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:54:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 225092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14306
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 06:54:43 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://crystalspace.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 26 Feb 2023 21:26:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4EAF 13 KB
5 KB 13ms
13ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://crystalspace.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3064
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 20:35:11 GMT
expires: Mon, 26 Feb 2024 20:35:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5E95 783 B
1 KB 63ms
24ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

65a6b3900d213716e257f7ae1c6149b3f8ddae03398e8c10780bf216267f696e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-b4hncDZpbP6KUMtldOklKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://crystalspace.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-b4hncDZpbP6KUMtldOklKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 21:26:16 GMT
expires: Sun, 26 Feb 2023 21:26:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js Show response
pagead2.googlesyndication.com/bg/ Frame 4EAF 36 KB
14 KB 28ms
28ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:54:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 225093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14306
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 06:54:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5E95 0
0 60ms
59ms Image
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230222&jk=4031585076433150&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4EAF 0
10 B 13ms
12ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fcDf3g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:26:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 63ms
62ms Image
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230222&jk=4031585076433150&bg=!SkmlSR3NAAZYlHKzeJQ7ADkAdvg8Wn-OZves05DvgsZWz_mfVe1vONfnEFUDZfJf6v_JXx24K3p36tziSVh_9X1EffTKR0n18eYCAAAAS1IAAAADaAEHmQKWF1Yy04YOerejH4rXDF1JkBd22fXyEntDkFrLHpXmTc9lRosFYDO9bIMsqhIyrQkQZlh6k-TvEOr9YN_op6A3KiLHxbsgSKwm4RbnXgS5SpCK3mS85KxtunGA7nNT7Pyr_TgLTWRwpdqzF73NxKFfR8Th74jBkfta9VYJydNOl-I5Ty9WavSRM-CxWVgwXiQyn47MURpGVjEhkcEX3ndzYfrDPKDJWfUaoJEgaHmEoQSQa4U7eDT5dWC6FMX4BSsRC5xCHo0Achg6BIcA7CoFuoMHsRN_eDa6nhfVM4bUrCjXbscPYqaur5EzH4RkSItkHKn1q0gsnyCWBdAc8asxQXM5sCf3eZMYh5TPOqBw4Ipv5vhBwzwB4nmm9cfhcvPJPCEG4_WzvevhdJd4EMFNXO7D7JPAYYR-lp6FZXFC48WjMj0tKnKxZigc9ZuDjDkipp7R0QV1xyPnnt8pNUPbwh0td5jOo6L4fj33qSEYATA2mE8SZXVzQRi9XMgoU4KX_AXQI0ocsq5HssNQECLYp4OLRFcAhdY7NA8AILUfCMbaMS_cSbC_urqTT3NHlu19SzyPWMKALm2gzsrcpKtD9EaSXRnMGCpVIHR2OMoeq-C-MMw85XghYS3ZW8jVsrSFCPgi--pQvKoIrZmCb4ak-B0o_eTz3_DE3w-J2ePgiwD-YIyfY86xBCRLe_JVwssGDQiAaj2W99AnkdqKrRO69Md-A5xG_fpFtme8nDHOEKtIjy73zOROHSUqB03ObyjufZyVVFAIKmvGQTraerqnTYimX0tXcdG8RxjYcJ42TWP-FXdGGWxznk8kPl3wZd6JPaRBMf3XWYC9XvpwI7oReqKBSVGF2X_1X11byTRz-MCQbMizniU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://crystalspace.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
crystalspace.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: ncn8rmutnej49lvd6obss8d6i9
.crystalspace.ru/	1970-01-20 18:43:02	Name: _ym_uid Value: 1677446775771927363
.crystalspace.ru/	1970-01-20 18:43:02	Name: _ym_d Value: 1677446775
.mc.yandex.com/	1970-01-20 09:57:27	Name: sync_cookie_csrf Value: 2917145090fake
.crystalspace.ru/	1970-01-20 09:58:38	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 09:57:27	Name: sync_cookie_csrf Value: 3751453361fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 603587701677446775
.yandex.com/	1970-01-20 19:33:26	Name: i Value: GjWheX4t+aqzKYnmqdX4zPCa5d1+C5R6LQHwbQblZZiwA50gk8ZXSYBmnioNtF8xwApU0Tq0aiY89tJx3/SbibwmFNA=
.yandex.com/	1970-01-20 18:43:02	Name: yandexuid Value: 2596576901677446775
.yandex.com/	1970-01-20 18:43:02	Name: yuidss Value: 2596576901677446775
.yandex.com/	1970-01-20 18:43:02	Name: ymex Value: 1708982775.yc.1677446775#1708982775.yrts.1677446775#1708982775.yrtsi.1677446775
.crystalspace.ru/	1970-01-20 19:19:02	Name: __gads Value: ID=be3fa32809a6b792-2227f5c222dd00df:T=1677446775:RT=1677446775:S=ALNI_MYjbyLyefcqyvqGTXrS7ffB3JNaEA
.crystalspace.ru/	1970-01-20 19:19:02	Name: __gpi Value: UID=00000bbc56d3e54e:T=1677446775:RT=1677446775:S=ALNI_MamQhbFbAJil-8WwomgSWHyf0QHVA
.crystalspace.ru/	1970-01-20 09:57:28	Name: _ym_visorc Value: w
.doubleclick.net/	1970-01-20 19:19:02	Name: IDE Value: AHWqTUnxAIaM1uVQaugv0RTA-9D_qdUtEgc-zzNwwYmCi9MdkvNhLPBYT_5XAoOs2tQ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
crystalspace.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.crystalspace3d.org
www.google.com
www.googletagservices.com
www.gstatic.com
195.161.41.30
2607:f1c0:100f:f000::2d2
2a00:1450:4001:800::2002
2a00:1450:4001:802::2001
2a00:1450:4001:813::200a
2a00:1450:4001:828::2004
2a00:1450:4001:830::2002
2a00:1450:400d:806::2003
2a00:1450:400d:807::2002
2a00:1450:400d:808::2002
2a00:1450:400d:808::2003
2a00:1450:400d:80c::2002
2a00:1450:400d:80e::2002
2a02:6b8::1:119
0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f
10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10
133208dafadbab7c3a8900d3933245cbe787a9d55a34e8ecf04c2b4e7fa41a13
149ef28f9e8ae35bb1f78d834f8e54423407fd058b3582ab628710e6e0e16580
218ca9ed26a25bbafe0750a50d0496092e649e984467046e0a7f441d6d45d3bd
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
317178f7d5b20e3b19ee836733c141e362dcd76291a1777f93292b5562ea7ab6
37ae4813be539afea94d73ee075d5cd17140a042237f93a06a0b23f479862525
37bf2b27b35f3a2a6b986cbb44df7aca74987349d456c6946b5488ee9b260ae4
3fd935925386f346d18a2bd3413152fdc93a56e37be5f6209c3295d9ba5185a6
4bcefc21847b7dc0e5d8fa400e8eaad2de2885c3a00d90d6519ace8592d3f9fc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624b713241704e0993f7d2147c1f1408a8a0df1be297a490bfe8e2b89387ce93
65a6b3900d213716e257f7ae1c6149b3f8ddae03398e8c10780bf216267f696e
65d2a78602c1dfed06fef415e07caf67bdc2fb5682638fb5c2189dbd5e6131a0
6a00813cbea1b760439d3eac13b33b7851cd4204f6a9f860c347b7e28d8faf22
6fdafaec8497da36500bc76382937d1fd1548d1809bc1105af34bea41409f939
7326b1a19f194814467be47de91403fc962e7bfb63127644892771ff4042992c
792f62ea15dd6caf5816765b70c793320de966889b313a3f67a50cb765ac528f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79e1dbf17bc6b19656cf7d41c8a55c659e2f8d4d16b852f46024cd37fdafe63a
82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
9282b885825f1f265eb093acf11379fc90dd4e156588a02790c1515822e79858
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9fc38394971caff433bbe1daf5505628cdac6615ce170a6469c597c72433d9c7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5030b9b78d5e8e4768627db0bac2c5fa92cb17b9fce29f8b44ed6b7259f4afb
a590bf77f376e2c46948b6eb626dcf53a1abdbedf629b0ec27f8d57c942a0568
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
cf0e934daa92ef101fcdf4f64d318324f197533bc3a8ad60630a947cef5d7073
dccb3a52d10a6b6bed82dfe63a09033a229fdd5bae70b111b2c1f73fbb67cbfb
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

crystalspace.ru Open in urlscan Pro 195.161.41.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

49 Requests

63 %HTTPS

93 %IPv6

12 Domains

15 Subdomains

15 IPs

4 Countries

707 kBTransfer

1520 kBSize

15 Cookies

6 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

crystalspace.ru Open in urlscan Pro
195.161.41.30 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

63 %
HTTPS

93 %
IPv6

12
Domains

15
Subdomains

15
IPs

4
Countries

707 kB
Transfer

1520 kB
Size

15
Cookies

49 HTTP transactions
1 data transactions