urlscan.io logo urlscan.io
SecurityTrails logo

microsoft-windows8.ru Open in urlscan Pro
172.67.183.11  Public Scan

Go To Rescan Add Verdict Report
URL: https://microsoft-windows8.ru/
Submission Tags: @phishunt_io
Submission: On October 08 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 5 countries across 15 domains to perform 90 HTTP transactions. The main IP is 172.67.183.11, located in United States and belongs to CLOUDFLARENET, US. The main domain is microsoft-windows8.ru.
TLS certificate: Issued by R3 on October 8th 2021. Valid for: 3 months.
This is the only time microsoft-windows8.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
38 172.67.183.11 13335 (CLOUDFLAR...)
1 95.216.65.102 24940 (HETZNER-AS)
9 142.250.186.162 15169 (GOOGLE)
1 142.250.185.170 15169 (GOOGLE)
2 142.250.185.163 15169 (GOOGLE)
1 104.21.14.199 13335 (CLOUDFLAR...)
3 7 77.88.21.119 13238 (YANDEX)
6 142.250.185.66 15169 (GOOGLE)
1 172.217.18.98 15169 (GOOGLE)
2 142.250.186.130 15169 (GOOGLE)
2 159.69.75.12 24940 (HETZNER-AS)
2 136.243.9.77 24940 (HETZNER-AS)
2 104.19.133.78 13335 (CLOUDFLAR...)
1 1 104.19.132.78 13335 (CLOUDFLAR...)
2 142.250.185.162 15169 (GOOGLE)
15 142.250.186.161 15169 (GOOGLE)
1 2 142.250.185.196 15169 (GOOGLE)
90 17
38    172.67.183.11 (United States)

ASN13335 (CLOUDFLARENET, US)
microsoft-windows8.ru
1    95.216.65.102 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: frodo.min.org.ua
rbtwo.bid
9    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
pagead2.googlesyndication.com
1    142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net
fonts.googleapis.com
2    142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net
fonts.gstatic.com
1    104.21.14.199 (None, )

ASN13335 (CLOUDFLARENET, US)
torrent5.net
7    77.88.21.119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
6    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads.g.doubleclick.net
1    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
partner.googleadservices.com
2    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
adservice.google.com
2    159.69.75.12 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.12.75.69.159.clients.your-server.de
microsoft-windows8.pushreal.media
2    136.243.9.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.9.243.136.clients.your-server.de
select2.pstatrbnew.bid
2    104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
1    104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)
c.mgid.com
2    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
www.googletagservices.com
15    142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net
tpc.googlesyndication.com
2    142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net
www.google.com
Domain Requested by
38 microsoft-windows8.ru microsoft-windows8.ru
rbtwo.bid
15 tpc.googlesyndication.com microsoft-windows8.ru
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
9 pagead2.googlesyndication.com microsoft-windows8.ru
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
microsoft-windows8.ru
googleads.g.doubleclick.net
5 mc.yandex.com 2 redirects microsoft-windows8.ru
2 www.google.com 1 redirects tpc.googlesyndication.com
2 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 s-img.mgid.com microsoft-windows8.ru
2 select2.pstatrbnew.bid rbtwo.bid
2 microsoft-windows8.pushreal.media rbtwo.bid
2 adservice.google.com pagead2.googlesyndication.com
2 mc.yandex.ru 1 redirects microsoft-windows8.ru
2 fonts.gstatic.com fonts.googleapis.com
1 c.mgid.com 1 redirects
1 partner.googleadservices.com pagead2.googlesyndication.com
1 torrent5.net microsoft-windows8.ru
1 fonts.googleapis.com microsoft-windows8.ru
1 rbtwo.bid microsoft-windows8.ru
rbtwo.bid
90 18

This site contains no links.

Subject Issuer Validity Valid
*.microsoft-windows8.ru
R3		 2021-10-08 -
2022-01-06		 3 months crt.sh
rbtwo.bid
R3		 2021-08-25 -
2021-11-23		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-14 -
2022-06-13		 a year crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
pushreal.media
R3		 2021-10-07 -
2022-01-05		 3 months crt.sh
pstatrbnew.bid
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 9 frames:

Primary Page: https://microsoft-windows8.ru/
Frame ID: 33937D7976C01EE4F3ED4C7D66F2DC24
Requests: 60 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20190131/zrt_lookup.html
Frame ID: 46B9604571FC90B011FCFA03302E1DE3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3158720937153219&output=html&adk=1812271804&adf=1573534164&lmt=1633714768&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmicrosoft-windows8.ru%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633714768277&bpp=2&bdt=185&idt=80&shv=r20211005&mjsv=m202110040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8493131633267&frm=20&pv=2&ga_vid=2011473909.1633714768&ga_sid=1633714768&ga_hid=1172520583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062949&oid=2&pvsid=2360168798724237&pem=280&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=97
Frame ID: EA57B9000AE04D3542BB222D3FF320BE
Requests: 1 HTTP requests in this frame

Frame: https://s-img.mgid.com/g/4039677/492x277/44x0x754x502/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2QwNzk3MzE5MWIyZTg4ZmE2Yjk1NDM3MzY1YWQ5ODMxLmpwZWc.webp?v=1633714768-XLv0QMWDMpH9zLXfrnh-5KavtWJMEGvleS2f_YBKBAw
Frame ID: C9EBAA4A9F32193D7D80BB1FD52A0CBE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Frame ID: DDE9A71D64B92F9E94F7E688347C062D
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3072651107949777169/grammarly_04_728x90_a_04/index.html
Frame ID: B7B91A3FE3903214B961E347919A2BBE
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B2ADA6B65A2E590D2C709B330CBD70CD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 0EAD96C8EDBD85E64B234AA333B6DF25
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 833A2EA66BA284E126A9EECA6D72AE4D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Программы для Windows 10

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

90
Requests

99 %
HTTPS

0 %
IPv6

15
Domains

18
Subdomains

17
IPs

5
Countries

1356 kB
Transfer

2529 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9420.NEuJ1M6rp0Hz_8G7P0LmVOccmhGftoWWvp6Pqm2q3u5STC6-0YzhC9xWy2ZzMEVL.7ATcQVIK0zl_VGgbJxrO5LPO7Pg%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9420.MWqkHxUEJu5hlT29ackRBptgCJormhqNtjf9A4y60Wx7z0UqEaAzRMT6J1BbwmQSthsy220z0twBFSmx-L8Smg%2C%2C.lxpHnpcKXUtYD-cpAfibG-_WQWs%2C
Request Chain 56
  • https://mc.yandex.com/watch/64984423?wmode=7&page-url=https%3A%2F%2Fmicrosoft-windows8.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A876%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A856312248678%3Ahid%3A931953027%3Az%3A0%3Ai%3A202101008173928%3Aet%3A1633714768%3Ac%3A1%3Arn%3A599874411%3Arqn%3A1%3Au%3A1633714768900938180%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633714767243%3Ads%3A9%2C21%2C814%2C1%2C0%2C0%2C%2C172%2C4%2C%2C%2C%2C1021%3Adsn%3A9%2C21%2C814%2C1%2C%2C0%2C%2C175%2C4%2C%2C%2C%2C1021%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633714769%3At%3A%D0%9F%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D1%8B%20%D0%B4%D0%BB%D1%8F%20Windows%2010 HTTP 302
  • https://mc.yandex.com/watch/64984423/1?wmode=7&page-url=https%3A%2F%2Fmicrosoft-windows8.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A876%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A856312248678%3Ahid%3A931953027%3Az%3A0%3Ai%3A202101008173928%3Aet%3A1633714768%3Ac%3A1%3Arn%3A599874411%3Arqn%3A1%3Au%3A1633714768900938180%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633714767243%3Ads%3A9%2C21%2C814%2C1%2C0%2C0%2C%2C172%2C4%2C%2C%2C%2C1021%3Adsn%3A9%2C21%2C814%2C1%2C%2C0%2C%2C175%2C4%2C%2C%2C%2C1021%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633714769%3At%3A%D0%9F%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D1%8B%20%D0%B4%D0%BB%D1%8F%20Windows%2010
Request Chain 58
  • https://c.mgid.com/c?pv=2&v=0|0|0|wjGz2J78NgdMBlQZ5For07Pow9HUjUUnKPEJSqAXxeNiDhm44YMKRuURp7T2Avwn&cid=1140592&f=1&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=aff7123a-285e-11ec-8246-e4434b374bc6&psid=1009328&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzQwMzk2NzcvMzI4eDMyOC8xNjl4MHg1MDl4NTA5L2FIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TVRrdE1EZ3ZNVEF4T1RJMEwyUXdOemszTXpFNU1XSXlaVGc0Wm1FMllqazFORE0zTXpZMVlXUTVPRE14TG1wd1pXYy53ZWJwP3Y9MTYzMzcxNDc2OC01c1BUSEJHZjhWMFUwb0NzTkFBa2JJSVo1a2JieFI5LUk2TjBwMS1fb05B HTTP 301
  • https://s-img.mgid.com/g/4039677/328x328/169x0x509x509/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2QwNzk3MzE5MWIyZTg4ZmE2Yjk1NDM3MzY1YWQ5ODMxLmpwZWc.webp?v=1633714768-5sPTHBGf8V0U0oCsNAAkbIIZ5kbbxR9-I6N0p1-_oNA
Request Chain 73
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

90 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
microsoft-windows8.ru/ 		56 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23441c48c2ce5e05f3d75b3e93169278e765ca201a2a405c38ee5e608bd2b841

Request headers

:method
GET
:authority
microsoft-windows8.ru
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=seyhP%2FbFOjy3gFP%2BiDsTYdpYhSH6Df37WI4atfqCE%2F%2B0IwoErTwglDRK5gjU%2BtP3e%2FZeMtf4G3zBq2liVxRzjSc565b6Lcry5%2FRSZDToYi0IWZfU5KPwYswMGYmssZhif6oP5fgeqXo%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
69b1260f7efc6933-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
zJ3kw_Sq.js
rbtwo.bid/pjs/ 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rbtwo.bid/pjs/zJ3kw_Sq.js
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
frodo.min.org.ua
Software
cloudflare-nginx /
Resource Hash
6dcf9c8ade5bd59b1248efd23cd86e1e7e3e5f78900fef5f3a3ecac09c8bf7e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
br
last-modified
Fri, 08 Oct 2021 16:48:24 GMT
server
cloudflare-nginx
etag
W/"61607658-b700"
content-type
application/javascript
cache-control
max-age=259200, public, must_revalidate
expires
Mon, 11 Oct 2021 17:39:28 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3158720937153219
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
c7430b9f0492fee35b6fbf510cd0edccb05b1c99e2c7c34f0fd4f753f702ee40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://microsoft-windows8.ru/
Origin
https://microsoft-windows8.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51244
x-xss-protection
0
server
cafe
etag
12574356222316653793
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 08 Oct 2021 17:39:28 GMT
swipebox.min.css
microsoft-windows8.ru/wp-content/plugins/responsive-lightbox/assets/swipebox/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/plugins/responsive-lightbox/assets/swipebox/swipebox.min.css?ver=2.3.2
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8348fe66b515449f719cb7b8278e1c84009bdaa96e18981641bc1e77d9e4cf1a

Request headers

:path
/wp-content/plugins/responsive-lightbox/assets/swipebox/swipebox.min.css?ver=2.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 05 Apr 2021 09:21:21 GMT
server
cloudflare
age
4412
etag
W/"1080-5bf3638860640-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8h8TFqaKi%2FOZ1K5lWkVMsb2ktxGI%2BYlujawMb6xcEO%2Ft%2F2Lgq9754mcEeUArSo59caZx8So0TYVR0qr%2F5mTFoJ9P30pUCgpkLi4S2dROSQ5R280fkdIAXHt4zaUjAWRDwDIk3sUcu0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69b12614bc3f6933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pagenavi-css.css
microsoft-windows8.ru/wp-content/plugins/wp-pagenavi/ 		374 B
747 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb

Request headers

:path
/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 05 Apr 2021 09:21:53 GMT
server
cloudflare
age
4412
etag
W/"176-5bf363a6e4e40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qH3okCVzNNmEmwgtLP5rdsCyiVU%2BgEC591KoL6Thkt87yO8q%2BBmbeDlYjNvcttKkSjqpKj3ScAna2HCtKEhY6ev3ohr7EZdoTwuOLWU0d6qpAdfic0at5nsn1NuqNdkeKV5OGcPvq0Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69b12614bc426933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.css
microsoft-windows8.ru/wp-content/themes/blogpost2/ 		78 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/themes/blogpost2/style.css
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c77b50eb5f3e60eff655e7359b31ae8ee2b2119f79b455ba1235fb35ccdf0715

Request headers

:path
/wp-content/themes/blogpost2/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 May 2017 17:45:08 GMT
server
cloudflare
age
4412
etag
W/"13887-54f06cccdf100-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KgCw5IWCUgRUdy05Oumi1xeTgsXUb3j37TOE%2Bn0fr1OqWtQ2dejnzVt9ibasAqD235iuFg6GhpaWlbb3CRaVKFiXBIivMsaIRCk1gZtQ%2Bex%2BA0oUVM38RyqR7VE7%2F6D4XW9UR2tTjJY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69b12614bc446933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
tipsy.css
microsoft-windows8.ru/wp-content/plugins/wp-shortcode/css/ 		2 KB
813 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/plugins/wp-shortcode/css/tipsy.css?ver=5.8.1
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
276099ccc937eee41b9825b807bb92005ad0bdc56db4eb40071ee0d4facc87be

Request headers

:path
/wp-content/plugins/wp-shortcode/css/tipsy.css?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 Feb 2021 12:47:55 GMT
server
cloudflare
age
4412
etag
W/"84c-5ba45c342d4c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bk9A9IsUttuapf2gNVZRtIGDYrx1F7lYGXp6gMl%2FuMZBO6JCd4%2FuWlShefLA8iypjSN38BlUOEe4XZovq7VQgOBgHP9%2Bkc%2BJOKncQPk3Tc%2BLdhsx72z4Up2%2FjiDghYIPpEgBTGCipxo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69b12614bc476933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wp-shortcode.css
microsoft-windows8.ru/wp-content/plugins/wp-shortcode/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/plugins/wp-shortcode/css/wp-shortcode.css?ver=5.8.1
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a2de2f855006048ae5acf3b5c8a00354ee754916ba7086b49c61bf9618653b0

Request headers

:path
/wp-content/plugins/wp-shortcode/css/wp-shortcode.css?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 Feb 2021 12:47:55 GMT
server
cloudflare
age
4412
etag
W/"1675-5ba45c342d4c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lpDisWwCKjwJKtburbfZZfLFeupGsVGfdOuINPabcG9tThf5TRYLdu6YwdrbggYwjkANGzfkjmHazd%2Fgm47N5y3vHe%2FjXkrM%2FKoVKYpD2EPi2cFOhNyOQMzREM4GPuB3y7CmPqjSSao%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69b12614bc486933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.min.js
microsoft-windows8.ru/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 22 Jul 2021 16:36:39 GMT
server
cloudflare
age
4412
etag
W/"15db1-5c7b8e42393c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2UfoK1XhXVYxqPfvFrM9rQqKQe9%2F3XAd0LfHOFxN7gZmzDNamGVKanG5gpdOsPwQCdkbdH6kNo60%2BAFnJA5vyy2YTybX5m1Qt7Rh7oNrZdBkK8AK%2FUVj%2Fxxy3gFUkxe0F18Z5hgztA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69b12614cc4b6933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.swipebox.min.js
microsoft-windows8.ru/wp-content/plugins/responsive-lightbox/assets/swipebox/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js?ver=2.3.2
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926d1ab3abf48cf01377caf6adbed8c8a5e9dd1726e174c945af41137661404d

Request headers

:path
/wp-content/plugins/responsive-lightbox/assets/swipebox/jquery.swipebox.min.js?ver=2.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 05 Apr 2021 09:21:21 GMT
server
cloudflare
age
4412
etag
W/"3275-5bf3638860640-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xVKupuORiCjZr9bjKgMTc28b3aw8T%2F8EiuOdXvJlCtlPt0mtGgjCJmrbwr5dHOaGnrJe37yfHxfMpKr6mGACSIIA7tVJ%2BH2l9RKazqGRr1iMzF7O3hVKKcvlqYijjW4DxqIeFDzVKU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69b12614cc4c6933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
underscore.min.js
microsoft-windows8.ru/wp-includes/js/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-includes/js/underscore.min.js?ver=1.13.1
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Request headers

:path
/wp-includes/js/underscore.min.js?ver=1.13.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 22 Jul 2021 16:36:39 GMT
server
cloudflare
age
4412
etag
W/"4a84-5c7b8e42393c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1sJGQzOAB1lXLpPv6emDogGRKAmGy00l0agzzNSr4raDWy8Ioj%2B5%2F6UlSDlI81aeBfGr49aonuB%2B0B9byFCv%2BHOUPOlx3R45J18ipRM56TYW7B3dsG6gXwpOViYAYRBqyI%2BvTEBbB54%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69b12614cc4d6933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
infinite-scroll.pkgd.min.js
microsoft-windows8.ru/wp-content/plugins/responsive-lightbox/assets/infinitescroll/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=5.8.1
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
378f79bc8e52dc7c86332d048c8b8f57ad672c3c917ca54b08630bb487b99d3f

Request headers

:path
/wp-content/plugins/responsive-lightbox/assets/infinitescroll/infinite-scroll.pkgd.min.js?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 05 Apr 2021 09:21:21 GMT
server
cloudflare
age
4412
etag
W/"64e6-5bf3638860640-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oS7InG0n0kj7w4HJGYnd9Ts0x5otcrdCVDVpc5IJ5HdjHeLsgbtd5KVswvc9M5PdIPdtFpOLrUxEtmA5a1GPLVCTLM8ZXdPmi2ZKt6WdjLjf971UeHL58JbbKZYCn9%2BK7E2HATGAvKI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69b12614cc506933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
front.js
microsoft-windows8.ru/wp-content/plugins/responsive-lightbox/js/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.3.2
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c8ba982e1a7629cb5be1c6e7ac909bb494b895a63affce2f6306e5cd244505a

Request headers

:path
/wp-content/plugins/responsive-lightbox/js/front.js?ver=2.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 05 Apr 2021 09:21:21 GMT
server
cloudflare
age
4412
etag
W/"68e8-5bf3638860640-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8u99q3u0AldfIhM2OpN4xphDQ6KgoPqBwZPYmjKkvqad364UD5kzmB8Mbx75PPqZJUDPCn%2FnM1v7gnQYZaAu6xL1RKjnz6ROToikHT9cIm3O4nfwn8qNVphHGDTrMUASX3t57b9wlOU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69b12614cc536933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.tipsy.js
microsoft-windows8.ru/wp-content/plugins/wp-shortcode/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/plugins/wp-shortcode/js/jquery.tipsy.js?ver=5.8.1
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67b2a3e28c0d6e105b04a4806b84c02cede9775d5ba3be5bd57fb80772724952

Request headers

:path
/wp-content/plugins/wp-shortcode/js/jquery.tipsy.js?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 Feb 2021 12:47:55 GMT
server
cloudflare
age
4412
etag
W/"263b-5ba45c342d4c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oW%2FL7zRHfjQ7YDgC19p8qG54lvgMSdDnAvEKDbdFcrGGFoGN3GsRm9ffgSn%2Frjepl17SM7XC7nHqwjp7dt6m0ZOAwOnvzv1178udGBQaLmzjtLDVPFdslvnCiaN99m0zGOYxY6mGfrI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69b12614cc666933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wp-shortcode.js
microsoft-windows8.ru/wp-content/plugins/wp-shortcode/js/ 		1 KB
800 B 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/plugins/wp-shortcode/js/wp-shortcode.js?ver=5.8.1
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea9ac351394c6e5e4d855f1732dab30f3915f73c9a6cfdf7822d7eb1d6ccaba8

Request headers

:path
/wp-content/plugins/wp-shortcode/js/wp-shortcode.js?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 Feb 2021 12:47:55 GMT
server
cloudflare
age
4412
etag
W/"43d-5ba45c342d4c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRA26jbwvAe%2FYCW%2BVuFgjaf2T3OZV3m73IdGGevODkGndcD4UiF8skY0WNK2c82SK%2B%2FwD%2F2ZJkn%2FWLXaZXkrm4bCtkBuLhL%2FDBZkeQHGPqRBJHorJDGRjyER4SZiP%2B5ZNviYBw5ZynE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69b12614cc6a6933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1576331083_374bc7894317f405f928dd6b6120b44b1-400x250.jpg
microsoft-windows8.ru/wp-content/uploads/2020/01/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-windows8.ru/wp-content/uploads/2020/01/1576331083_374bc7894317f405f928dd6b6120b44b1-400x250.jpg
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9fa69e4ea6a57c3b70aef3d543f5a2faed0df25e4cb45c951115f7fdcde5a5a

Request headers

:path
/wp-content/uploads/2020/01/1576331083_374bc7894317f405f928dd6b6120b44b1-400x250.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
cf-cache-status
MISS
last-modified
Tue, 14 Jan 2020 06:12:36 GMT
server
cloudflare
etag
"7468-59c137a6f9d00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtHmYQ0iCnsaL6qJ02XNkmsAblCxi5eedx0lHWOb%2F1scfX7dyTEZ2uG47Fbth5SaKdTCuujQAHXAVSHlHoOU%2FOlqiwbYI3MOTXoxan7Ajqw%2F5ZEICV8oFs3kEDjwK6E%2F3fr2q0XKk8E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69b12614cc7c6933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
29800
msft0101-400x250.png
microsoft-windows8.ru/wp-content/uploads/2019/12/ 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-windows8.ru/wp-content/uploads/2019/12/msft0101-400x250.png
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb64f3c876ebdc8d48ed378d25e1f9a904d50fb5f806b22ef1b25e294634f6de

Request headers

:path
/wp-content/uploads/2019/12/msft0101-400x250.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 07 Dec 2019 20:22:56 GMT
server
cloudflare
etag
"23012-59922ed7ec800"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHnGj1gwMWGpoH93UX7OtQNNr2bsUzFDV681pEaWGTlIh2%2BiP3OYu7N2Gk4ZNr9jfWCUUSoPAvLOEQaUHnKLpQFplzP2gR3C4kaCi9Aa4Y6h26y8HZDus84wo9qt7uAwfbVGulaIF3Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69b12614cc7e6933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
143378
joytokey-400x250.png
microsoft-windows8.ru/wp-content/uploads/2019/12/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-windows8.ru/wp-content/uploads/2019/12/joytokey-400x250.png
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f52f3ab1c70cee6290110e36e3c3c2c71782f6958b2133b09825fb5086d99f6

Request headers

:path
/wp-content/uploads/2019/12/joytokey-400x250.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
cf-cache-status
MISS
last-modified
Sat, 07 Dec 2019 19:28:16 GMT
server
cloudflare
etag
"d9b0-5992229fdf400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BC%2BPXY0jMzSO3dt6jaycYqz91R42acONgoLU5gDpTZSueykLY%2FoHXaPeKOU%2BP82xelmhgnPDsYLsySOGu41ELBvQhznx9bkoV6q6E76jVsFc%2F%2Bb1frqPNd08HWx7qnlyzNWv4PK%2Fw5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69b12614cc7f6933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
55728
microsoft-publisher-2010-400x250.jpg
microsoft-windows8.ru/wp-content/uploads/2019/12/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-windows8.ru/wp-content/uploads/2019/12/microsoft-publisher-2010-400x250.jpg
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
735ae790ab38dfdf2b6430ee0626c9f0d8b8d6be9a242c758a0ba146275a7492

Request headers

:path
/wp-content/uploads/2019/12/microsoft-publisher-2010-400x250.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
cf-cache-status
MISS
last-modified
Fri, 06 Dec 2019 18:46:29 GMT
server
cloudflare
etag
"2c25-5990d76b8cb40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V756pfn3pdLIwVuTYmpx%2FwpQB9WRH2zcRL%2FKTl3RqAT4%2Bj4AG9fFbPtWmjkqdpSnxq%2FLFSKbEKfhQFTeNMIEpaKbeHZCOEEhxtMQ%2FP3BSAo9NYgagMz32HWUzpym6aWywJWmssdBxjg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69b12614cc806933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11301
unhackme-400x250.jpg
microsoft-windows8.ru/wp-content/uploads/2019/12/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-windows8.ru/wp-content/uploads/2019/12/unhackme-400x250.jpg
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb683965690ef77063c845ebb85c9b7eae4c72fd7d91986bb943607d2511c3e9

Request headers

:path
/wp-content/uploads/2019/12/unhackme-400x250.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
cf-cache-status
MISS
last-modified
Fri, 06 Dec 2019 18:33:13 GMT
server
cloudflare
etag
"4ca8-5990d4746cc40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LgQfHGtg4qWMbZr7WkOeFleLArxQ1CbY4C8bU9gTT7CVhCSUvmEUd%2BE5FVglb45Tt6wQJR4yyQJUfZMKJmkbSBYWD43DnoY7gdWv2i9prH6QlKPsO%2Buc76wC3RkFJf06Tvq%2FmQC9K14%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69b12614cc826933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19624
loaris-trojan-remover-400x250.jpg
microsoft-windows8.ru/wp-content/uploads/2019/12/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-windows8.ru/wp-content/uploads/2019/12/loaris-trojan-remover-400x250.jpg
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
952d30834a64170ec793f2601ad3903b1c3dd245605693890a619f0ab563b0eb

Request headers

:path
/wp-content/uploads/2019/12/loaris-trojan-remover-400x250.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
cf-cache-status
MISS
last-modified
Fri, 06 Dec 2019 16:58:28 GMT
server
cloudflare
etag
"35cb-5990bf46c9500"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fh9Vz%2FN6nuzIflsszt61gfSaZnOSkGq1RB2d1KK4IhlYreDajTzkhRJdOmOibswDF%2BVUW3rFn6BsvfVUQL5Ai6bTlk16fCOotVloPjt4%2B7q6ifLBug1zAsAtaS2TQaYJ7IDBFqibGiw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69b12614cc846933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13771
unturned--400x250.jpg
microsoft-windows8.ru/wp-content/uploads/2019/12/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-windows8.ru/wp-content/uploads/2019/12/unturned--400x250.jpg
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bd743238641442a959392b3eeb007b3d231f75a21d0f06936dd95b1ca9decf1

Request headers

:path
/wp-content/uploads/2019/12/unturned--400x250.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
cf-cache-status
MISS
last-modified
Thu, 05 Dec 2019 15:53:35 GMT
server
cloudflare
etag
"5e25-598f6ee8abdc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Avd7SlV30%2Bm%2FLWF6OBkmC11d%2By4DtCPtYxtBaIKcOtCGo6vr1S%2Fq6pHXcG0amtDV6hKSnsWXCeojuw01A2KjdaR4HkBSICMFOdPi8zkxFufweu1QroemGhvD7gQkrJvR7YhlZkzipC4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69b12614cc856933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24101
ableton-live-suite-10-400x250.png
microsoft-windows8.ru/wp-content/uploads/2019/12/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-windows8.ru/wp-content/uploads/2019/12/ableton-live-suite-10-400x250.png
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db934f720e7effa5be74fca3fce38585fa4c0ae1b057d6cafad55b0d98697983

Request headers

:path
/wp-content/uploads/2019/12/ableton-live-suite-10-400x250.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 05 Dec 2019 15:26:19 GMT
server
cloudflare
etag
"15951-598f68d075cc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EY1NjE3ngAYbVURSQvn54qZttE75IA4R2duQQ%2Bb9N9MuLwMDxDoYXW0Huoq2drDQfjo6j9q5090ewfTv7qJlR2ffHBjAGra2sYjuuge%2Bo7KOKsbYKNEG%2FN%2BD%2BCH6ksrosxOAGgPXPHs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69b12614cc876933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
88401
fl-studio-20-refx-nexus-400x250.png
microsoft-windows8.ru/wp-content/uploads/2019/12/ 		161 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-windows8.ru/wp-content/uploads/2019/12/fl-studio-20-refx-nexus-400x250.png
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f0dfd0285f6b376249f6c72e686e46d8245eb3dae623be41161102e581a048e

Request headers

:path
/wp-content/uploads/2019/12/fl-studio-20-refx-nexus-400x250.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 05 Dec 2019 15:12:30 GMT
server
cloudflare
etag
"285a0-598f65b9dd380"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MunlBS3eW1s0U6fi99vOmtc4CeDFf9BRCfiaPBpBjidmkL0wkTYZFP94kQLE5mIzAt10dwZiZV7RYFK0I2QtGkaMUzu4U4pSZlgxHdTP0e88NU3PcGmOPu51B4MkEUxJN5qzBM1A7g8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69b12614cc896933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
165280
Microsoft-Office-2010-%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%BC%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80-80x80.jpg
microsoft-windows8.ru/wp-content/uploads/2017/01/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-windows8.ru/wp-content/uploads/2017/01/Microsoft-Office-2010-%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%BC%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80-80x80.jpg
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b72df30ea99e0868e0a37299f18150c5e3064c40f06b65e5767f00b51ab1b0d8

Request headers

:path
/wp-content/uploads/2017/01/Microsoft-Office-2010-%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%BC%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80-80x80.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4412
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1833
last-modified
Sun, 17 Jun 2018 19:44:53 GMT
server
cloudflare
etag
"729-56edbaecb3740"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19O3BHqUDdH8Y9a%2BQsDa23zurGEK416t6yfolB8BUaVoFOxmkUuMaIDgJqvkJIMlKJeN4ELmCeArS8BIUemvS2U46TliYS%2FfPTw49IuF5Lm8mWKRbg1k4iM8nzpus0n8f1DBxiD4h2U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
69b12614cc8b6933-FRA
Microsoft-Office-%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%BC%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80-80x80.jpg
microsoft-windows8.ru/wp-content/uploads/2017/02/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-windows8.ru/wp-content/uploads/2017/02/Microsoft-Office-%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%BC%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80-80x80.jpg
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9c708dc07ec7c4ba870971f41d0c3acb222e86a08f10f87540df6c8a396ebd0

Request headers

:path
/wp-content/uploads/2017/02/Microsoft-Office-%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%BC%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80-80x80.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4411
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3532
last-modified
Sun, 17 Jun 2018 19:59:24 GMT
server
cloudflare
etag
"dcc-56edbe2b59f00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2EdwNgUaiwak7W7zm2SWPEWR83ZdrAQnEuISipFDuHhvfprq6P2Y58vodTwZ%2BR3Ow8f52B7OZx%2BJXb9miPkXlqGsLcOy61%2Fz1G%2BgDjecKJ4jLn9DyyNmOMWpqQZZ6tR265xtqdxfWo4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
69b12614cc8f6933-FRA
Google-Chrome-%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C-80x80.jpg
microsoft-windows8.ru/wp-content/uploads/2017/01/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-windows8.ru/wp-content/uploads/2017/01/Google-Chrome-%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C-80x80.jpg
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c0797b26773b2439ec286f0294c4b1f446bf86cc84715d5dbce121c1966428b

Request headers

:path
/wp-content/uploads/2017/01/Google-Chrome-%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C-80x80.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4411
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2966
last-modified
Sun, 17 Jun 2018 19:47:30 GMT
server
cloudflare
etag
"b96-56edbb826d880"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKTiAdalMq9tMap%2FJJ0KG0v%2FHfjVRmc5Q6fnSc44ipazwZ7CAWXbhwqnkgVwABLvWao1Y7qmlzXycZXyppBzr2g1UJwNW7khTWauSX6IsVM%2Bk5O6HSHVhCpfhS4Veo07sxSVUTUS%2Bpk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
69b12614cc936933-FRA
Excle-%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C-%D0%B1%D0%B5%D0%B7-%D1%81%D0%BC%D1%81-80x80.jpg
microsoft-windows8.ru/wp-content/uploads/2017/01/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-windows8.ru/wp-content/uploads/2017/01/Excle-%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C-%D0%B1%D0%B5%D0%B7-%D1%81%D0%BC%D1%81-80x80.jpg
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dcaae05964eed40f64eebaf0fde29ebddf5d3f47d2a309ee24e93118405ddcc

Request headers

:path
/wp-content/uploads/2017/01/Excle-%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C-%D0%B1%D0%B5%D0%B7-%D1%81%D0%BC%D1%81-80x80.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4412
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2592
last-modified
Wed, 13 Jun 2018 19:47:55 GMT
server
cloudflare
etag
"a20-56e8b4246d0c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2BdRSsnG%2FUPk9HzVOCjn8OdLAFi4LvUGxWpp3LM%2FwqShmDq2WaSCPxH6swD%2BvCgm27WDLbaNiaqU1PvEVEHdHwGA%2B9PMTd9UwQfVO3JHkzstF87jGfPBxwV3F4LHyUF%2F5oaNiP5wAIs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
69b12614cc956933-FRA
DX-12-%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C-%D0%B4%D0%BB%D1%8F-%D0%BF%D0%BA-80x80.jpg
microsoft-windows8.ru/wp-content/uploads/2017/01/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-windows8.ru/wp-content/uploads/2017/01/DX-12-%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C-%D0%B4%D0%BB%D1%8F-%D0%BF%D0%BA-80x80.jpg
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d881582a528ae4ded28f41472a2f8ef5aa6882adfc35033f9fa12001d0af530e

Request headers

:path
/wp-content/uploads/2017/01/DX-12-%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C-%D0%B4%D0%BB%D1%8F-%D0%BF%D0%BA-80x80.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4411
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1815
last-modified
Sun, 17 Jun 2018 19:45:42 GMT
server
cloudflare
etag
"717-56edbb1b6e580"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zfGwykAzso3gn%2BTDxgN3jt8hcZnrKrxAEEflH45L%2FCzMcnmI9JZ1yyz0EY1F9FzBZd0f0aNJqfrw0DuQrVezgPigGr2xVQZ8TqbHWPrzGOZ5ZBBWypwc4HVFpsL2EO7GpJVuhXGR32o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
69b12614cc976933-FRA
superfish.js
microsoft-windows8.ru/wp-content/themes/blogpost2/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/themes/blogpost2/scripts/superfish.js?ver=1.4.8.
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b5234de470f20128434aef3e74cc4da80d564f6ffd6dac6bdb2f8810b1ea6bb

Request headers

:path
/wp-content/themes/blogpost2/scripts/superfish.js?ver=1.4.8.
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 May 2017 17:45:08 GMT
server
cloudflare
age
4411
etag
W/"9d4-54f06cccdf100-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0LiJi%2BecVrJqbdUAoA3fjAnyIkiVodMAEmO6KecEaA7O3Od%2FkhjJl%2F%2BZxiKBCa%2FohmuCJEXoLUAd1MT36JBOc2NUFBNiG6aJEd9EVw1SvI1imzOecgd1GJGrtrUiwwclxnF7LZOE2k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69b12614cc6b6933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.flexslider-min.js
microsoft-windows8.ru/wp-content/themes/blogpost2/scripts/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/themes/blogpost2/scripts/jquery.flexslider-min.js?ver=1.2.1
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e56b08590b93eda20511daa2bfa928102159e396f10f55f4ae7e9298f6e5a9d5

Request headers

:path
/wp-content/themes/blogpost2/scripts/jquery.flexslider-min.js?ver=1.2.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 May 2017 17:45:08 GMT
server
cloudflare
age
4411
etag
W/"5747-54f06cccdf100-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U13JrwbK3h%2FqIMvLq3OX7%2BvZnZRKs0n1US9AGX5QnuQKc83P6mHapiB%2FUv9Lb7rm7ngcclCsC%2BqYvaY9rjWZaeRTFVKJVmjmzkZ6Hty8C%2FXWjudXfFz%2BMgftkkl6whLDhA4a6cd7dX4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69b12614cc6e6933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
theia-sticky-sidebar.js
microsoft-windows8.ru/wp-content/themes/blogpost2/scripts/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/themes/blogpost2/scripts/theia-sticky-sidebar.js?ver=1.1.2
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc1e94a90ccb99cd60d29d88322e3f7af0beb126d4b2bc820eda01c8e4aa4ba5

Request headers

:path
/wp-content/themes/blogpost2/scripts/theia-sticky-sidebar.js?ver=1.1.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 May 2017 17:45:08 GMT
server
cloudflare
age
4411
etag
W/"f53-54f06cccdf100-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GO%2F4n5MTaHjsm8Iwk4PRcOx8LPV7yQkmdNYjpkPjOSk9338XLr%2FlDmO4lb43sx42%2B%2F1c5PzEDgrNGjcdSlXK76Zuz3o6DzAhHQWoA4vveCdT2izqBV%2FuXbS4ved4h14qxWI7AC0BzkE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69b12614cc706933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.mmenu.min.js
microsoft-windows8.ru/wp-content/themes/blogpost2/scripts/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/themes/blogpost2/scripts/jquery.mmenu.min.js?ver=5.6.1
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2c89b9482b7bc2992f14befb2484e11559f6af55e666a3cf865a720f6d4d04e

Request headers

:path
/wp-content/themes/blogpost2/scripts/jquery.mmenu.min.js?ver=5.6.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 May 2017 17:45:08 GMT
server
cloudflare
age
4411
etag
W/"3eb6-54f06cccdf100-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXcjzeKYTkN21Q5WkmDsR0mSCYmzjta3fx2NDkq2LTKTpuzG%2FMrrokJn2mWJF89pGdUFmQzaelQa2XRuHo3ecIW8x5Oe%2Fzhh8IjyD8Z9ZQ0q6yrGyuMB%2F4N1mnuB7sm4qXB63gXMWLo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69b12614cc726933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
headhesive.min.js
microsoft-windows8.ru/wp-content/themes/blogpost2/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/themes/blogpost2/scripts/headhesive.min.js?ver=1.2.0
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abb97637f93dce2abbbf13b35e057e9c7657b41f0d3dcce5ced279b56f3687e5

Request headers

:path
/wp-content/themes/blogpost2/scripts/headhesive.min.js?ver=1.2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 May 2017 17:45:08 GMT
server
cloudflare
age
4411
etag
W/"c6e-54f06cccdf100-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BTZXfn0mo2vABpR9%2F9G4470zWGt53X4n%2FwFZ62Brs0j38Hbf%2BxBYPZsATm0bKB2O2tL%2FNx09gx2WcIWhfWLznSBN6XdyjJgjUeC88fLCfIR%2BN%2FXfXO8rfLgQuT0AU4mmmjJLbfD5fT8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69b12614cc756933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
responsiveCarousel.min.js
microsoft-windows8.ru/wp-content/themes/blogpost2/scripts/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/themes/blogpost2/scripts/responsiveCarousel.min.js?ver=1.2.0
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9e1482e4fd2efdbd898b95620e1a67f3825d8c429a14ee9b502af5bfe3b38ce

Request headers

:path
/wp-content/themes/blogpost2/scripts/responsiveCarousel.min.js?ver=1.2.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 May 2017 17:45:08 GMT
server
cloudflare
age
4411
etag
W/"1f51-54f06cccdf100-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=acBEJCRSLwbY5I24CHvjqAbKOq0ET4x6j5ZNJtYw4TjqAR9%2Br8zq1ZumxxSIf%2F5SB%2B2cLfiw4C3hOqRdy2yQHMPKoLSBAIf8E7veLNfQTw0ME5uGZV5CYHb%2Byseq3Yc9wkTxO4H9sQk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69b12614cc766933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
custom.js
microsoft-windows8.ru/wp-content/themes/blogpost2/scripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/themes/blogpost2/scripts/custom.js?ver=1.0
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fee32713a9c2829fd1530ca13167292579e63df8c18f2be0dc69113db8a3539b

Request headers

:path
/wp-content/themes/blogpost2/scripts/custom.js?ver=1.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 May 2017 17:45:08 GMT
server
cloudflare
age
4411
etag
W/"94e-54f06cccdf100-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z7RGHDJ0HHAczOWHQO5bhJbO7wpRNhXk3oknNJyyddMAauEbU%2B5cTpCo5YHEdIyOMROdI8s2asCFrdY3Wz5uUqUS0MWrpDxNyj5xoiUD8WuXROHSkXrn2UQfYJRppTDzRVBR32OhwNw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69b12614cc786933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
q2w3-fixed-widget.min.js
microsoft-windows8.ru/wp-content/plugins/q2w3-fixed-widget/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.3.0
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d

Request headers

:path
/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.3.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 05 Apr 2021 09:21:27 GMT
server
cloudflare
age
4411
etag
W/"1108-5bf3638e193c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VAKzxKsnMd1%2FOMzI1EljQ5%2BezINRadDISmm%2F7kADXSenAPJ%2BQbcVWWqFGQ8ySJfsr6hK2GTuUkL4zfS71TfSts7acdPDHe6tjmoGLrWiSJ1rn0ar1QtgxheYs8xjAnZdQXjcZzkA7Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69b12614cc7a6933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather:400,700&subset=cyrillic
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/wp-content/themes/blogpost2/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
c86a517b26d9399d4ceac51a13d0c6407ef49edb58c7d66db161f4c8fe5ea0ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 17:29:08 GMT
server
ESF
date
Fri, 08 Oct 2021 17:39:28 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Fri, 08 Oct 2021 17:39:28 GMT
00111.png
microsoft-windows8.ru/wp-content/uploads/2020/06/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microsoft-windows8.ru/wp-content/uploads/2020/06/00111.png
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c30f2063292920ab7bceb5729a1e51ab3b7eddad5ece5ea1371db94059f5bf57

Request headers

:path
/wp-content/uploads/2020/06/00111.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4397
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3778
last-modified
Fri, 19 Jun 2020 08:26:37 GMT
server
cloudflare
etag
"ec2-5a86ba6cd6940"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQruH7gSCGPe%2FbUDtrJkxSg0uiY8EQTzzkqRPzR9upGz7YdsgC7AcJRSemplTI6tiz%2BbNYix%2FXImRu3lD%2BwtfOyopWu5YNnhEIlM81zyXbsIRgkPNRGreVQMmQE%2FWHOu0B%2BjXyEz5qs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
69b126155ed24e07-FRA
u-4n0qyriQwlOrhSvowK_l52xwNZXMf6lvg.woff2
fonts.gstatic.com/s/merriweather/v25/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v25/u-4n0qyriQwlOrhSvowK_l52xwNZXMf6lvg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
3abda7fa1ac5c9bf5a0354237e403ce6c46723fffeeacf01d452d05f2b1c2bd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://microsoft-windows8.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 20:42:53 GMT
x-content-type-options
nosniff
age
420995
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:22:31 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 03 Oct 2022 20:42:53 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v25/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v25/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
1ecaf445d3f1e63f15b6e423e287813a5675461cc9454184d0b49123b286cea4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://microsoft-windows8.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 04:04:01 GMT
x-content-type-options
nosniff
age
308127
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19696
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:22:18 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Oct 2022 04:04:01 GMT
fontawesome-webfont.woff2
microsoft-windows8.ru/wp-content/themes/blogpost2/css/font-awesome-4.6.3/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/wp-content/themes/blogpost2/css/font-awesome-4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/wp-content/themes/blogpost2/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

:path
/wp-content/themes/blogpost2/css/font-awesome-4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3
pragma
no-cache
origin
https://microsoft-windows8.ru
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/wp-content/themes/blogpost2/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://microsoft-windows8.ru/wp-content/themes/blogpost2/style.css
Origin
https://microsoft-windows8.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
cf-cache-status
HIT
last-modified
Mon, 08 May 2017 17:45:08 GMT
server
cloudflare
age
3520
etag
"118d8-54f06cccdf100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j4P5B6yn5TjuXNFNeascHAQnsxlNIWqxoRRbDk6xolh9Nv%2B086U2rzjj7gBu0xhpYMWKwc5FbFEi8FoQffqfdBLgIp2%2FTl%2BwO5a1tWEPwclNulZ1RChWEvPVIQWPCKrKqhVEVKpQOO4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
69b126156edd4e07-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
71896
appUbarButton.js
torrent5.net/templates/t5net/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://torrent5.net/templates/t5net/js/appUbarButton.js
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.14.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67da30575287997b2e411ebbe5b748a37ad3a2fd057d64fd1e9594ba4bd5fbf2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
267
cf-polished
origSize=10065
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 25 Sep 2020 03:40:48 GMT
server
cloudflare
etag
W/"5f6d66c0-2751"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rY6Jra0LeztPtzQ5hqEzu9unncKOFH%2F%2FvVHjI6xq0%2FMgaLMhmZ8DOfLYCgc%2B9IWYhApAkS51r%2Bj7pjo2qyYE9FKbhJrPkqEbMSt4dbd%2FOekbr2N5zRBMDXY%2F3yb6ty4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
69b12615df226901-FRA
cf-bgj
minify
tag.js
mc.yandex.ru/metrika/ 		191 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
br
last-modified
Fri, 08 Oct 2021 08:33:42 GMT
etag
"615fd836-1031a"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
66330
expires
Fri, 08 Oct 2021 18:39:28 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/ 		257 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3158720937153219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
0a2e7c6fbae2dd40db31fb5a6c2fb72402f3588edf0dab86810ca504c753bd6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97103
x-xss-protection
0
server
cafe
etag
10511210310341696325
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 08 Oct 2021 17:39:28 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211005/r20190131/ Frame 46B9 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211005/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3158720937153219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211005/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://microsoft-windows8.ru/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 07 Oct 2021 20:10:53 GMT
expires
Thu, 21 Oct 2021 20:10:53 GMT
content-type
text/html; charset=UTF-8
etag
10398570473303663775
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4601
x-xss-protection
0
age
77315
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		211 B
665 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=microsoft-windows8.ru&callback=_gfp_s_&client=ca-pub-3158720937153219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
37e8cdd0ad98bfe8eec5aed829b4e45c1c06d3fb5b9364a09375bf1cbf7494a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
199
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=microsoft-windows8.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame EA57 		143 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3158720937153219&output=html&adk=1812271804&adf=1573534164&lmt=1633714768&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmicrosoft-windows8.ru%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633714768277&bpp=2&bdt=185&idt=80&shv=r20211005&mjsv=m202110040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8493131633267&frm=20&pv=2&ga_vid=2011473909.1633714768&ga_sid=1633714768&ga_hid=1172520583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062949&oid=2&pvsid=2360168798724237&pem=280&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=97
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e6e5578f2a6d39d6c79028b2b6e1865850e67c59562d0c82cd74ad5db82fc0c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3158720937153219&output=html&adk=1812271804&adf=1573534164&lmt=1633714768&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmicrosoft-windows8.ru%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633714768277&bpp=2&bdt=185&idt=80&shv=r20211005&mjsv=m202110040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8493131633267&frm=20&pv=2&ga_vid=2011473909.1633714768&ga_sid=1633714768&ga_hid=1172520583&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062949&oid=2&pvsid=2360168798724237&pem=280&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=97
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://microsoft-windows8.ru/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 08 Oct 2021 17:39:29 GMT
server
cafe
content-length
43233
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 08-Oct-2021 17:54:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 08 Oct 2021 17:39:29 GMT
cache-control
private
nat-set
microsoft-windows8.pushreal.media/ 		123 B
313 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.pushreal.media/nat-set
Requested by
Host: rbtwo.bid
URL: https://rbtwo.bid/pjs/zJ3kw_Sq.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.69.75.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.75.69.159.clients.your-server.de
Software
cloudflare-nginx /
Resource Hash
30d7c385909e8efb69ac92282afc1f1d23baef0e736473c69527112c3ce715b7

Request headers

Referer
https://microsoft-windows8.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
gzip
server
cloudflare-nginx
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
*
content-length
110
nat-set
microsoft-windows8.pushreal.media/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.pushreal.media/nat-set
Protocol
H2
Server
159.69.75.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.75.69.159.clients.your-server.de
Software
cloudflare-nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://microsoft-windows8.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
cloudflare-nginx
date
Fri, 08 Oct 2021 17:39:28 GMT
content-type
text/html; charset=UTF-8
content-length
2
access-control-allow-origin
*
access-control-allow-headers
*
access-control-allow-methods
POST, GET, OPTIONS
szJ3kw_Sq.js
microsoft-windows8.ru/ 		47 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://microsoft-windows8.ru/szJ3kw_Sq.js
Requested by
Host: rbtwo.bid
URL: https://rbtwo.bid/pjs/zJ3kw_Sq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fc3d8b13e636e71989bd43eb36488221756c222c735f22ab2ba03f55312745f

Request headers

:path
/szJ3kw_Sq.js
pragma
no-cache
cookie
flat_r_mb=%2F%2F%2F%3Adirect; __gads=ID=7dfa74436accb427-22f0c3a5e9ca009d:T=1633714768:RT=1633714768:S=ALNI_MY6bF76pTKAwmPcLX1d0tECseqDqw
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
microsoft-windows8.ru
referer
https://microsoft-windows8.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1595
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
47
last-modified
Sat, 07 Nov 2020 13:53:32 GMT
server
cloudflare
etag
"2f-5b384a7926f00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6VTawDvmy8Zag6AyofFBkdYD4MGgUc7RaCFt2W1dcoWqWfYDs7vALvCJK5xgUOSk1G35ExZqJfV49YAFuQvvmCNWcB5lJo3OpoaGShfMjlTMac%2FXdjCOzDkNK9a0RLU2gQZsBsjiPE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
69b12616a9574e07-FRA
cookie
rbtwo.bid/ 		0
0
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9420.NEuJ1M6rp0Hz_8G7P0LmVOccmhGftoWWvp6Pqm2q3u5STC6-0YzhC9xWy2ZzMEVL.7ATcQVIK0zl_VGgbJxrO5LPO7Pg%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9420.MWqkHxUEJu5hlT29ackRBptgCJormhqNtjf9A4y60Wx7z0UqEaAzRMT6J1BbwmQSthsy220z0twBFSmx-L8Smg%2C%2C.lxpHnpcKXUtYD-cpAfibG-_WQWs%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9420.MWqkHxUEJu5hlT29ackRBptgCJormhqNtjf9A4y60Wx7z0UqEaAzRMT6J1BbwmQSthsy220z0twBFSmx-L8Smg%2C%2C.lxpHnpcKXUtYD-cpAfibG-_WQWs%2C
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9420.MWqkHxUEJu5hlT29ackRBptgCJormhqNtjf9A4y60Wx7z0UqEaAzRMT6J1BbwmQSthsy220z0twBFSmx-L8Smg%2C%2C.lxpHnpcKXUtYD-cpAfibG-_WQWs%2C
date
Fri, 08 Oct 2021 17:39:28 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
last-modified
Fri, 08 Oct 2021 08:33:42 GMT
etag
"615fd836-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 08 Oct 2021 18:39:28 GMT
push-get
select2.pstatrbnew.bid/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://select2.pstatrbnew.bid/push-get
Requested by
Host: rbtwo.bid
URL: https://rbtwo.bid/pjs/zJ3kw_Sq.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.9.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.77.9.243.136.clients.your-server.de
Software
nginx /
Resource Hash
33e03101c981a861075d05655490c988473979a688ebe46d30441ab0ab43c03a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://microsoft-windows8.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
content-encoding
br
server
nginx
strict-transport-security
max-age=63072000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
*
push-get
select2.pstatrbnew.bid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://select2.pstatrbnew.bid/push-get
Protocol
H2
Server
136.243.9.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.77.9.243.136.clients.your-server.de
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://microsoft-windows8.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 08 Oct 2021 17:39:28 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-max-age
1728000
content-type
text/plain; charset=utf-8
content-length
0
1
mc.yandex.com/watch/64984423/
Redirect Chain
  • https://mc.yandex.com/watch/64984423?wmode=7&page-url=https%3A%2F%2Fmicrosoft-windows8.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A876%3Afu%3A0%3Aen%3Autf-8...
  • https://mc.yandex.com/watch/64984423/1?wmode=7&page-url=https%3A%2F%2Fmicrosoft-windows8.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A876%3Afu%3A0%3Aen%3Autf...
350 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/64984423/1?wmode=7&page-url=https%3A%2F%2Fmicrosoft-windows8.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A876%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A856312248678%3Ahid%3A931953027%3Az%3A0%3Ai%3A202101008173928%3Aet%3A1633714768%3Ac%3A1%3Arn%3A599874411%3Arqn%3A1%3Au%3A1633714768900938180%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633714767243%3Ads%3A9%2C21%2C814%2C1%2C0%2C0%2C%2C172%2C4%2C%2C%2C%2C1021%3Adsn%3A9%2C21%2C814%2C1%2C%2C0%2C%2C175%2C4%2C%2C%2C%2C1021%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633714769%3At%3A%D0%9F%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D1%8B%20%D0%B4%D0%BB%D1%8F%20Windows%2010
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
183f07e15e174161187a93ece6ca0628f343b3fb5b75e3b498c1cfa216a35db3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Oct 2021 17:39:28 GMT
x-content-type-options
nosniff
last-modified
Fri, 08-Oct-2021 17:39:28 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://microsoft-windows8.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Fri, 08-Oct-2021 17:39:28 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Oct 2021 17:39:28 GMT
last-modified
Fri, 08-Oct-2021 17:39:28 GMT
location
/watch/64984423/1?wmode=7&page-url=https%3A%2F%2Fmicrosoft-windows8.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A876%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A856312248678%3Ahid%3A931953027%3Az%3A0%3Ai%3A202101008173928%3Aet%3A1633714768%3Ac%3A1%3Arn%3A599874411%3Arqn%3A1%3Au%3A1633714768900938180%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633714767243%3Ads%3A9%2C21%2C814%2C1%2C0%2C0%2C%2C172%2C4%2C%2C%2C%2C1021%3Adsn%3A9%2C21%2C814%2C1%2C%2C0%2C%2C175%2C4%2C%2C%2C%2C1021%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633714769%3At%3A%D0%9F%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D1%8B%20%D0%B4%D0%BB%D1%8F%20Windows%2010
strict-transport-security
max-age=31536000
access-control-allow-origin
https://microsoft-windows8.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 08-Oct-2021 17:39:28 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2QwNzk3MzE5MWIyZTg4ZmE2Yjk1NDM3MzY1YWQ5ODMxLmpwZWc.webp
s-img.mgid.com/g/4039677/492x277/44x0x754x502/ Frame C9EB 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4039677/492x277/44x0x754x502/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2QwNzk3MzE5MWIyZTg4ZmE2Yjk1NDM3MzY1YWQ5ODMxLmpwZWc.webp?v=1633714768-XLv0QMWDMpH9zLXfrnh-5KavtWJMEGvleS2f_YBKBAw
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33f943dc3df41e80866f86b25a6651f5c06ceee88b10d00f3ffdb1bbe10961cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:28 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:23 GMT
x-mg-request-uuid
47adc310-acf6-40d1-8c84-10cfa3a4ca42
age
616560
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69b12619ec3d6916-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16450
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2QwNzk3MzE5MWIyZTg4ZmE2Yjk1NDM3MzY1YWQ5ODMxLmpwZWc.webp
s-img.mgid.com/g/4039677/328x328/169x0x509x509/ Frame C9EB
Redirect Chain
  • https://c.mgid.com/c?pv=2&v=0|0|0|wjGz2J78NgdMBlQZ5For07Pow9HUjUUnKPEJSqAXxeNiDhm44YMKRuURp7T2Avwn&cid=1140592&f=1&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=aff7123a-285e-11ec-8246-e4434b...
  • https://s-img.mgid.com/g/4039677/328x328/169x0x509x509/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2QwNzk3MzE5MWIyZTg4ZmE2Yjk1NDM3MzY1YWQ5ODMxLmpwZWc.webp?v=1633714768-5sPTHBGf8V0U0oCsNAAkbIIZ...
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4039677/328x328/169x0x509x509/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2QwNzk3MzE5MWIyZTg4ZmE2Yjk1NDM3MzY1YWQ5ODMxLmpwZWc.webp?v=1633714768-5sPTHBGf8V0U0oCsNAAkbIIZ5kbbxR9-I6N0p1-_oNA
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29c48e855950207ad98a31be133e640790e3b7407302ed26f3964cf5c0d43833

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:29 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:28 GMT
x-mg-request-uuid
ca619e7a-43a6-4670-812f-26c595d41652
age
616561
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69b1261a5bcd6922-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16434
server
cloudflare

Redirect headers

pragma
no-cache
date
Fri, 08 Oct 2021 17:39:28 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
ab2570ab-1acc-479c-8843-d5d44f86380f
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://s-img.mgid.com/g/4039677/328x328/169x0x509x509/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2QwNzk3MzE5MWIyZTg4ZmE2Yjk1NDM3MzY1YWQ5ODMxLmpwZWc.webp?v=1633714768-5sPTHBGf8V0U0oCsNAAkbIIZ5kbbxR9-I6N0p1-_oNA
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
69b12619ec524ac3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/ 		142 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ea3502eeaea257caacb3fa879c861a124e075f31f654561f09c51d2bf46eda85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52346
x-xss-protection
0
server
cafe
etag
6402864086455598803
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 08 Oct 2021 17:39:29 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=microsoft-windows8.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 08 Oct 2021 17:39:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/ Frame DDE9 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://microsoft-windows8.ru/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 07 Oct 2021 20:48:36 GMT
expires
Thu, 21 Oct 2021 20:48:36 GMT
content-type
text/html; charset=UTF-8
etag
10398570473303663775
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4601
x-xss-protection
0
age
75053
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
c18552b95b71e872a75b7ff7db3b56912d6e976379cb98578d37222c81f70748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27537
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1633547232125660"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 08 Oct 2021 17:39:29 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3072651107949777169/grammarly_04_728x90_a_04/ Frame B7B9 		74 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3072651107949777169/grammarly_04_728x90_a_04/index.html
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
876807c41a146393662e3bc1594223e2f7de878dd84e9c63eeae699ac1e2fd9c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/3072651107949777169/grammarly_04_728x90_a_04/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Mon, 04 Oct 2021 07:17:51 GMT
expires
Tue, 04 Oct 2022 07:17:51 GMT
last-modified
Tue, 20 Apr 2021 21:53:57 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
17534
age
382898
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame DDE9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C3itrUIJgYaPVGc-T7_UP6PGjoAXSoJ_yZLL3ldOJDdinha66GxABIJLflh9gyQagAf_bisgDyAEJqAMByANIqgT2AU_Q8E5aTkbWLQXAa99GMxzYE0CmMutzPFS_cFjcFl_Li5Pun_p5Hc5mLdA4MXYceoMpXoIEqa60QQKVyS-LCiCJgsahiCyU96-IyyTz5H0I9ntDEFIcdoHgwfB-r-ImJK6QJ8ylqER4bTD00CoyGyAPgpY44Q8lKgyZHn9V1JE0dI3R7AZkWP4_CEuVd9ybTL_GaQBh97FgHHueBrMbfZzeXzQVSx8HaL_AAZi5KLU5DuHzEShljRb39Wqv5PfhxDjnGD9ECVgmeW8hGhuFTfgJONUvAEIqCTYKGbyWj4tljKbensxxCFX3LH2VpmLeHbxtIe_-BsAE94qs5JADkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB97SgEGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcA8gcFENyoqQLSCAcIgGEQARhfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTMxNTg3MjA5MzcxNTMyMTkYAA&sigh=3yhOjDh7CKg&uach_m=[UACH]&template_id=419
Requested by
Host: microsoft-windows8.ru
URL: https://microsoft-windows8.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 08 Oct 2021 17:39:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 08 Oct 2021 17:39:29 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211005/r20110914/ Frame DDE9 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211005/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 10:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27371
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7605
x-xss-protection
0
server
cafe
etag
4152153861754824712
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Oct 2021 10:03:18 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/ Frame DDE9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 14:07:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12712
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1344
x-xss-protection
0
server
cafe
etag
10107448882299530629
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Oct 2021 14:07:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DDE9 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37898
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1633547226118934"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 08 Oct 2021 17:39:29 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/ Frame DDE9 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 11:05:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23644
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6206
x-xss-protection
0
server
cafe
etag
15755272758842173338
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Oct 2021 11:05:25 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame B2AD 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm31metZKv8Xrdqka2qdj7rVsgvRVc-TUMbLWjbNBpMFNYP_Pd-KZe3q3pnZFM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 08 Oct 2021 17:35:58 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
211
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame DDE9 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fefc6a4192a7cd2323a7f90a7aa454915a125e7a3c9ac75658f11b87964b3fa3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B7B9 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3072651107949777169/grammarly_04_728x90_a_04/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 03:54:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49479
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 09 Oct 2021 03:54:50 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B7B9 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3072651107949777169/grammarly_04_728x90_a_04/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 23:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65339
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 08 Oct 2021 23:30:30 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame B2AD
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm31metZKv8Xrdqka2qdj7rVsgvRVc-TUMbLWjbNBpMFNYP_Pd-KZe3q3pnZFM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 08 Oct 2021 17:39:29 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Fri, 08-Oct-2021 18:39:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 08 Oct 2021 17:39:29 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 08 Oct 2021 17:39:29 GMT
server
safe
content-length
257
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js
pagead2.googlesyndication.com/bg/ Frame B7B9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
9bfef52d4ef4cc6f06efcc7a8584987f607710b73b0464606ec66890f8605c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 15:56:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
6170
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13358
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 08 Oct 2022 15:56:39 GMT
pointer-min.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3072651107949777169/grammarly_04_728x90_a_04/ Frame B7B9 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3072651107949777169/grammarly_04_728x90_a_04/pointer-min.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
6d3cc82ca8a344a89151b68c3b7432fd2a54209bbe93757c942e52c258b8adc9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
203989
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1237
x-xss-protection
0
last-modified
Tue, 20 Apr 2021 21:53:57 GMT
server
sffe
date
Wed, 06 Oct 2021 08:59:40 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 06 Oct 2022 08:59:40 GMT
528-728X90-D_overlay-min.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3072651107949777169/grammarly_04_728x90_a_04/ Frame B7B9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3072651107949777169/grammarly_04_728x90_a_04/528-728X90-D_overlay-min.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
9490a51a88190d18d97f8402b748c7ab790cc7e3d0d5eb4c80ff7a5adf461d07
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
203696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1826
x-xss-protection
0
last-modified
Tue, 20 Apr 2021 21:53:57 GMT
server
sffe
date
Wed, 06 Oct 2021 09:04:33 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 06 Oct 2022 09:04:33 GMT
528-728X90-D_text_03-min.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3072651107949777169/grammarly_04_728x90_a_04/ Frame B7B9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3072651107949777169/grammarly_04_728x90_a_04/528-728X90-D_text_03-min.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
2ba726f38590a6dddac2872f3c46305305a0274d95e3875fb2f26f176c7b536e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
314442
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3024
x-xss-protection
0
last-modified
Tue, 20 Apr 2021 21:53:57 GMT
server
sffe
date
Tue, 05 Oct 2021 02:18:47 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Oct 2022 02:18:47 GMT
528-728X90-D_text_02-min.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3072651107949777169/grammarly_04_728x90_a_04/ Frame B7B9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3072651107949777169/grammarly_04_728x90_a_04/528-728X90-D_text_02-min.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
0fc0f0285a0f1ff451bd8309bc08dbad754b7ce203164fa1372577a0efd87462
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
442642
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2993
x-xss-protection
0
last-modified
Tue, 20 Apr 2021 21:53:57 GMT
server
sffe
date
Sun, 03 Oct 2021 14:42:07 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 03 Oct 2022 14:42:07 GMT
528-728X90-D_highlight-min.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3072651107949777169/grammarly_04_728x90_a_04/ Frame B7B9 		283 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3072651107949777169/grammarly_04_728x90_a_04/528-728X90-D_highlight-min.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
3aed48f6d440a0dec4ea8c0b58e6cb9bae71b43046d6c610f62ef8e617f26a9f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
382218
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
283
x-xss-protection
0
last-modified
Tue, 20 Apr 2021 21:53:57 GMT
server
sffe
date
Mon, 04 Oct 2021 07:29:11 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Oct 2022 07:29:11 GMT
528-728X90-D_text_01-min.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3072651107949777169/grammarly_04_728x90_a_04/ Frame B7B9 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3072651107949777169/grammarly_04_728x90_a_04/528-728X90-D_text_01-min.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
a1a534a543c23ea7f2256c0cadbbf1c05108ce69a1fb137c78fe0beb8926b34b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
124608
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4234
x-xss-protection
0
last-modified
Tue, 20 Apr 2021 21:53:57 GMT
server
sffe
date
Thu, 07 Oct 2021 07:02:41 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 07 Oct 2022 07:02:41 GMT
528-728X90-D_background-min.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3072651107949777169/grammarly_04_728x90_a_04/ Frame B7B9 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3072651107949777169/grammarly_04_728x90_a_04/528-728X90-D_background-min.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
ca10e81cd9a529b34c713579b5d6702c6762198ae42224256ce00d8bc8c4d05b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
451645
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27953
x-xss-protection
0
last-modified
Tue, 20 Apr 2021 21:53:57 GMT
server
sffe
date
Sun, 03 Oct 2021 12:12:04 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 03 Oct 2022 12:12:04 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211005&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
cbb6673b7bdba851e09c56f99b7edb4dbc5173db0394ee30afa970384c09eade
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 08 Oct 2021 17:39:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8510
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 17:39:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 08 Oct 2021 17:39:29 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0EAD 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://microsoft-windows8.ru/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Fri, 08 Oct 2021 16:11:54 GMT
expires
Sat, 08 Oct 2022 16:11:54 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
5255
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 833A 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
GSE /
Resource Hash
1f9eb2d4736019d682729c5c764ea5decdb7caa73b2aa097e2c4f0432cb4e950
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tJh35rTVljZW15BLHJccsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://microsoft-windows8.ru/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 08 Oct 2021 17:39:29 GMT
date
Fri, 08 Oct 2021 17:39:29 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-tJh35rTVljZW15BLHJccsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
6hT0VtOiLu9-LOvcCmXY2zCEL5ayT6jMkvIn30Y9geQ.js
pagead2.googlesyndication.com/bg/ Frame 0EAD 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6hT0VtOiLu9-LOvcCmXY2zCEL5ayT6jMkvIn30Y9geQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
ea14f456d3a22eef7e2cebdc0a65d8db30842f96b24fa8cc92f227df463d81e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 10:02:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
27402
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13445
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 08 Oct 2022 10:02:47 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 833A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211005&jk=2360168798724237&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211005&jk=2360168798724237&bg=!YGOlYyfNAAYiB-bNIgc7ACkAdvg8WhM2VIGwwBeJEqlhpNjL1Vgg0Jblemg9ysgviJuXmhbW3CvlWAIAAABzUgAAAAloAQcKAIAPIRl_r2RER4QwPdthV52Gd9PqOw9k46rpcMqfEvjz-MpqpPKz9DdlEcBCDEH53-KfK6HOiat41W0PmHi36rMf0E7bqD8Sln8i2Fhzhitc40ekod2Qy6ty5m-53HCUlVfDbCQ3sfeDiDz5LxHsUuexbsqpjPWWK482Zca_EHuT6JkCw4uSCuijWUIRQkjsiNGg_MEdN8tZfKsr3GeSYp_xtFv9NfvZi55jievclAkx0OX-ESz0ka9t5e70KN35hPdbyrm4lUK3V7KFZTVIN90qQdx-CSWFu3VMKYSGIDj5SB9hF6DU2bBuTCc2N7FPnqpwvK5Ec0bE904lmjeXBq2ZKiicwCXwQg_Jx2aKBHeb8y9jhV3DVKJw6s582UIchTBxyVTsBOakMz1hTLQ2wGVhhdMZ-NFOkbDke8sEyypgMfJ-2eS4BRc4CjizaB_1rltJO6Ein6tp-KI-J2pkj1L4pLzKDy4ATkPw8oqCKPyAi7RgkWkf3S6CoXL9a1cktkAJzPoRcoVx9vhDYUVR5uARnIVYS962dnumCFf9osIfbw8OWIlnGTKtVhpi2qHhZ54Kdj7TlWHwbekINbGPj9esntAEz_xUjLxFzlHm4n_pjRkiRkIuV_CaUSTQ1JbPzVgA41tlp6GtZ8kihP7rSLhYLupzKbQajqPFaO63Ecdw2C7_9LhrDSWHyPECebFU9Ddnau8oVA2qWy9vcjDuAKxZ2PnqIelCg4lULQlwIXevmfuC58rtWVRT9PZcX0BDPgToBoHV8F5jl8dg84lAmcto3DqtEXPU6tXhxPFuIXI1vId4PjooXrMABP8HtHkZk14IY5kQJGLB4jxTc18JM_xuYDhQ_LpG7hc-u9xIoquvRVLOU8ziFjYs9Bx1ftKupiuim_SVzNs-sso6uMjG1s-ChmLkclSeQe3asSTSbxDIG1XPsJr2WB1u9eliwFbWpAY3YEtL0DS8L5hAVhD1TNtywi-WPfux5mZOlqHfnk3ksjKR4c-6Ls6fp2vJfQHoNnWD7yYdO6Zq0RoKZoIxEy8WauZS6__LrpdsBeeNoUppUNje48bYoYMUYo6p7eHuLqJw6gOWRy1dUHmX_2z_IwD-jHQGViBd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://microsoft-windows8.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Oct 2021 17:39:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DDE9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstFFIa0NQYNEdLoiAJfWkN3I-afoODnOLgM1i-ZScsEl_CNqC90oxBtBP7pky7ff3lCanI7YLLpcChZ8-Oe8QGjar568tCasSMUWyewGAz2BrDwq4Y&sai=AMfl-YRlWHas6nmQMj-SV_JF-0dVAZ7mKzTXnjCYsVA9L_fUZ4PTBYV8ViqDZSTg1lap1cNn1olOPUvgJI2H&sig=Cg0ArKJSzEePzJLiyAWPEAE&id=lidar2&mcvt=1000&p=1106,299,1231,1304&mtos=0,767,1000,1096,1274&tos=0,767,233,96,178&v=20211006&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633714769085&rpt=126&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Oct 2021 17:39:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
rbtwo.bid
URL
https://rbtwo.bid/cookie?sub_u=1

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect boolean| originAgentCluster undefined| $ function| jQuery function| _ function| jQueryBridget function| EvEmitter function| matchesSelector object| fizzyUIUtils function| InfiniteScroll function| imagesLoaded object| rlArgs string| ajaxUrlFlatPM string| untilscrollFlatPM object| sbmt object| npt object| d function| __ksinit object| pseudo_links function| gotoal function| Headhesive object| q2w3_sidebar_options function| q2w3_sidebar_init function| q2w3_exclude_mutations_array function| q2w3_sidebar boolean| duplicateMode string| untilscroll function| ff object| flat_body object| flat_stack_scripts object| flat_pm_then object| flat_date string| flat_titles number| flat_dateYear number| flat_dateMonth string| flat_dateDay number| flat_dateHours number| flat_dateMinutes boolean| flat_adbDetect object| flat_userVars function| parseHTML function| flatPM_sticky function| flatPM_addDays function| flatPM_adbDetect function| flatPM_setCookie function| flatPM_getCookie function| flatPM_testCookie function| flatPM_grep function| flatPM_randomString function| flatPM_random function| flatPM_getAllUrlParams function| flatPM_ajax function| flatPM_then function| flatPM_persentWrapper function| flatPM_setWrap function| flatPM_next function| flatPM_start function| flatPM_ping function| flatPM_setSCRIPT function| flatPM_setHTML function| flatPM_video object| flat_pm_arr function| jQueryLoaded_flatpm_123 function| jQueryLoading_flatpm_123 number| uBarFlowId object| ubar_button_callback function| ym object| widget_obj boolean| q2w3Refresh object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map function| rl_view_image function| rl_hide_image string| google_user_agent_client_hint object| appUbarButton function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| __google_ad_urls number| zJ3kw_SqrhXbfrCiva2QVB2310NJnZ number| rb_nat_ps_st_fr object| Ya object| yaCounter64984423 object| google_llp number| google_lpabyc number| __google_ad_urls_id boolean| google_osd_loaded boolean| google_onload_fired object| googletag function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

16 Cookies

Domain/Path Name / Value
microsoft-windows8.ru/ Name: flat_r_mb
Value: %2F%2F%2F%3Adirect
.microsoft-windows8.ru/ Name: __gads
Value: ID=7dfa74436accb427-22f0c3a5e9ca009d:T=1633714768:RT=1633714768:S=ALNI_MY6bF76pTKAwmPcLX1d0tECseqDqw
.microsoft-windows8.ru/ Name: _ym_uid
Value: 1633714768900938180
.microsoft-windows8.ru/ Name: _ym_d
Value: 1633714768
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2021520457fake
.microsoft-windows8.ru/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1848162692fake
.yandex.com/ Name: yandexuid
Value: 8161388071633714768
.yandex.com/ Name: yuidss
Value: 8161388071633714768
mc.yandex.com/ Name: yabs-sid
Value: 2012551001633714768
.yandex.com/ Name: i
Value: b/YnYPfYJIdZbRsuk+9XBG8Qb4uBh3GbDZBjk8hHN96YptTNj2ift7d4g0EbqrytibyWGq/zXrSV57t0C70m/lvKmaU=
.yandex.com/ Name: ymex
Value: 1665250768.yrts.1633714768#1665250768.yrtsi.1633714768
.mgid.com/ Name: muidn
Value: l98s5s3ehDDa
.mgid.com/ Name: __cf_bm
Value: wiZEa6x1hJwqp94sMJR82f.G.4nTXDXexCVmSugC5r0-1633714768-0-Aauz5HO19xSMCNDSmNYy1sK0J2G6V1SQfG4C4lE+ocXDvBxWK3Vg1BJO1VtqT7jXEuLTobHRe0BNnScSoVwkTnI=
.doubleclick.net/ Name: IDE
Value: AHWqTUm31metZKv8Xrdqka2qdj7rVsgvRVc-TUMbLWjbNBpMFNYP_Pd-KZe3q3pnZFM
.doubleclick.net/ Name: DSID
Value: NO_DATA

4 Console Messages

Source Level URL
Text
javascript error URL: https://microsoft-windows8.ru/
Message:
Access to XMLHttpRequest at 'https://rbtwo.bid/cookie?sub_u=1' from origin 'https://microsoft-windows8.ru' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://rbtwo.bid/cookie?sub_u=1
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9420.MWqkHxUEJu5hlT29ackRBptgCJormhqNtjf9A4y60Wx7z0UqEaAzRMT6J1BbwmQSthsy220z0twBFSmx-L8Smg%2C%2C.lxpHnpcKXUtYD-cpAfibG-_WQWs%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20110914/zrt_lookup.html?fsb=1(Line 21)
Message:
The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3072651107949777169/grammarly_04_728x90_a_04/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3072651107949777169/grammarly_04_728x90_a_04/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
c.mgid.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
microsoft-windows8.pushreal.media
microsoft-windows8.ru
pagead2.googlesyndication.com
partner.googleadservices.com
rbtwo.bid
s-img.mgid.com
select2.pstatrbnew.bid
torrent5.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
rbtwo.bid
104.19.132.78
104.19.133.78
104.21.14.199
136.243.9.77
142.250.185.162
142.250.185.163
142.250.185.170
142.250.185.196
142.250.185.66
142.250.186.130
142.250.186.161
142.250.186.162
159.69.75.12
172.217.18.98
172.67.183.11
77.88.21.119
95.216.65.102
0a2de2f855006048ae5acf3b5c8a00354ee754916ba7086b49c61bf9618653b0
0a2e7c6fbae2dd40db31fb5a6c2fb72402f3588edf0dab86810ca504c753bd6d
0fc0f0285a0f1ff451bd8309bc08dbad754b7ce203164fa1372577a0efd87462
0fc3d8b13e636e71989bd43eb36488221756c222c735f22ab2ba03f55312745f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183f07e15e174161187a93ece6ca0628f343b3fb5b75e3b498c1cfa216a35db3
1b5234de470f20128434aef3e74cc4da80d564f6ffd6dac6bdb2f8810b1ea6bb
1ecaf445d3f1e63f15b6e423e287813a5675461cc9454184d0b49123b286cea4
1f9eb2d4736019d682729c5c764ea5decdb7caa73b2aa097e2c4f0432cb4e950
23441c48c2ce5e05f3d75b3e93169278e765ca201a2a405c38ee5e608bd2b841
276099ccc937eee41b9825b807bb92005ad0bdc56db4eb40071ee0d4facc87be
29c48e855950207ad98a31be133e640790e3b7407302ed26f3964cf5c0d43833
2ba726f38590a6dddac2872f3c46305305a0274d95e3875fb2f26f176c7b536e
2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31
30d7c385909e8efb69ac92282afc1f1d23baef0e736473c69527112c3ce715b7
33e03101c981a861075d05655490c988473979a688ebe46d30441ab0ab43c03a
33f943dc3df41e80866f86b25a6651f5c06ceee88b10d00f3ffdb1bbe10961cf
378f79bc8e52dc7c86332d048c8b8f57ad672c3c917ca54b08630bb487b99d3f
37e8cdd0ad98bfe8eec5aed829b4e45c1c06d3fb5b9364a09375bf1cbf7494a9
3abda7fa1ac5c9bf5a0354237e403ce6c46723fffeeacf01d452d05f2b1c2bd3
3aed48f6d440a0dec4ea8c0b58e6cb9bae71b43046d6c610f62ef8e617f26a9f
3bd743238641442a959392b3eeb007b3d231f75a21d0f06936dd95b1ca9decf1
3c8ba982e1a7629cb5be1c6e7ac909bb494b895a63affce2f6306e5cd244505a
3f0dfd0285f6b376249f6c72e686e46d8245eb3dae623be41161102e581a048e
4dcaae05964eed40f64eebaf0fde29ebddf5d3f47d2a309ee24e93118405ddcc
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
67b2a3e28c0d6e105b04a4806b84c02cede9775d5ba3be5bd57fb80772724952
67da30575287997b2e411ebbe5b748a37ad3a2fd057d64fd1e9594ba4bd5fbf2
6d3cc82ca8a344a89151b68c3b7432fd2a54209bbe93757c942e52c258b8adc9
6dcf9c8ade5bd59b1248efd23cd86e1e7e3e5f78900fef5f3a3ecac09c8bf7e3
735ae790ab38dfdf2b6430ee0626c9f0d8b8d6be9a242c758a0ba146275a7492
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8348fe66b515449f719cb7b8278e1c84009bdaa96e18981641bc1e77d9e4cf1a
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace
876807c41a146393662e3bc1594223e2f7de878dd84e9c63eeae699ac1e2fd9c
8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c
926d1ab3abf48cf01377caf6adbed8c8a5e9dd1726e174c945af41137661404d
9490a51a88190d18d97f8402b748c7ab790cc7e3d0d5eb4c80ff7a5adf461d07
952d30834a64170ec793f2601ad3903b1c3dd245605693890a619f0ab563b0eb
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d
9bfef52d4ef4cc6f06efcc7a8584987f607710b73b0464606ec66890f8605c06
9c0797b26773b2439ec286f0294c4b1f446bf86cc84715d5dbce121c1966428b
9f52f3ab1c70cee6290110e36e3c3c2c71782f6958b2133b09825fb5086d99f6
a1a534a543c23ea7f2256c0cadbbf1c05108ce69a1fb137c78fe0beb8926b34b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a9e1482e4fd2efdbd898b95620e1a67f3825d8c429a14ee9b502af5bfe3b38ce
abb97637f93dce2abbbf13b35e057e9c7657b41f0d3dcce5ced279b56f3687e5
b72df30ea99e0868e0a37299f18150c5e3064c40f06b65e5767f00b51ab1b0d8
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c18552b95b71e872a75b7ff7db3b56912d6e976379cb98578d37222c81f70748
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb
c30f2063292920ab7bceb5729a1e51ab3b7eddad5ece5ea1371db94059f5bf57
c7430b9f0492fee35b6fbf510cd0edccb05b1c99e2c7c34f0fd4f753f702ee40
c77b50eb5f3e60eff655e7359b31ae8ee2b2119f79b455ba1235fb35ccdf0715
c86a517b26d9399d4ceac51a13d0c6407ef49edb58c7d66db161f4c8fe5ea0ad
c9c708dc07ec7c4ba870971f41d0c3acb222e86a08f10f87540df6c8a396ebd0
ca10e81cd9a529b34c713579b5d6702c6762198ae42224256ce00d8bc8c4d05b
cb683965690ef77063c845ebb85c9b7eae4c72fd7d91986bb943607d2511c3e9
cbb6673b7bdba851e09c56f99b7edb4dbc5173db0394ee30afa970384c09eade
d2c89b9482b7bc2992f14befb2484e11559f6af55e666a3cf865a720f6d4d04e
d881582a528ae4ded28f41472a2f8ef5aa6882adfc35033f9fa12001d0af530e
db934f720e7effa5be74fca3fce38585fa4c0ae1b057d6cafad55b0d98697983
dc1e94a90ccb99cd60d29d88322e3f7af0beb126d4b2bc820eda01c8e4aa4ba5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56b08590b93eda20511daa2bfa928102159e396f10f55f4ae7e9298f6e5a9d5
e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac
e6e5578f2a6d39d6c79028b2b6e1865850e67c59562d0c82cd74ad5db82fc0c1
e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47
ea14f456d3a22eef7e2cebdc0a65d8db30842f96b24fa8cc92f227df463d81e4
ea3502eeaea257caacb3fa879c861a124e075f31f654561f09c51d2bf46eda85
ea9ac351394c6e5e4d855f1732dab30f3915f73c9a6cfdf7822d7eb1d6ccaba8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9fa69e4ea6a57c3b70aef3d543f5a2faed0df25e4cb45c951115f7fdcde5a5a
fb64f3c876ebdc8d48ed378d25e1f9a904d50fb5f806b22ef1b25e294634f6de
fee32713a9c2829fd1530ca13167292579e63df8c18f2be0dc69113db8a3539b
fefc6a4192a7cd2323a7f90a7aa454915a125e7a3c9ac75658f11b87964b3fa3