vindavoz.ru Open in urlscan Pro
2a03:c980:5fb7:f6b:95:183:15:107 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://vindavoz.ru/
Submission Tags: analytics-framework
Submission: On April 25 via api (April 25th 2023, 4:34:04 pm UTC) from US — Scanned from DE

Summary HTTP 121 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 18 domains to perform 121 HTTP transactions. The main IP is 2a03:c980:5fb7:f6b:95:183:15:107, located in Russian Federation and belongs to EUROBYTE Eurobyte LLC, RU. The main domain is vindavoz.ru.
TLS certificate: Issued by R3 on March 19th 2023. Valid for: 3 months.

This is the only time vindavoz.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	2a03:c980:5fb... 2a03:c980:5fb7:f6b:95:183:15:107	210079 (EUROBYTE ...) (EUROBYTE Eurobyte LLC)
3	95.163.43.46 95.163.43.46	47764 (VK-AS) (VK-AS)
16	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
3	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
5 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
121	19

23 2a03:c980:5fb7:f6b:95:183:15:107 (Russian Federation)

ASN210079 (EUROBYTE Eurobyte LLC, RU)

vindavoz.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.163.43.46 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: relap.io

relap.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	493 KB
23	vindavoz.ru vindavoz.ru	354 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	160 KB
11	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67	159 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 7652	3 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119 Failed	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	195 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91 region1.google-analytics.com — Cisco Umbrella Rank: 1718	21 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 2437	74 KB
3	mail.ru top-fwz1.mail.ru — Cisco Umbrella Rank: 6293	16 KB
3	relap.io relap.io — Cisco Umbrella Rank: 33293	47 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 5261	696 B
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 7108	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	134 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1132	605 B
0	hotlog.ru Failed js.hotlog.ru Failed
0	google.ru Failed www.google.ru Failed
121	18

	Domain	Requested by
24	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
23	vindavoz.ru	vindavoz.ru
16	pagead2.googlesyndication.com	vindavoz.ru pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	mc.yandex.com	3 redirects vindavoz.ru
6	www.gstatic.com	googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
5	fonts.googleapis.com	vindavoz.ru googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
3	mc.yandex.ru	2 redirects vindavoz.ru
3	top-fwz1.mail.ru	vindavoz.ru
3	relap.io	vindavoz.ru
2	www.google.com	1 redirects tpc.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	counter.yadro.ru	1 redirects vindavoz.ru
2	www.googletagmanager.com	vindavoz.ru www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
0	js.hotlog.ru Failed	vindavoz.ru
0	www.google.ru Failed	vindavoz.ru
121	22

This site contains links to these domains. Also see Links.

Domain
vk.com
facebook.com
twitter.com
feedburner.google.com
www.liveinternet.ru

Subject Issuer	Validity	Valid
vindavoz.ru R3	`2023-03-19` - `2023-06-17`	3 months	crt.sh
*.relap.io GlobalSign RSA OV SSL CA 2018	`2022-08-24` - `2023-09-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-11-19`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://vindavoz.ru/
Frame ID: 886F7508BEE98819BA36D586E25167C5
Requests: 57 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20190131/zrt_lookup.html
Frame ID: 49288ADBC7D5813E5FCE810340F9DDDF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7732969217111510&output=html&adk=1812271804&adf=3025194257&lmt=1682440439&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fvindavoz.ru%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682440438848&bpp=6&bdt=381&idt=204&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8714819021023&frm=20&pv=2&ga_vid=2091429159.1682440439&ga_sid=1682440439&ga_hid=402077848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071755%2C31073967%2C31073973%2C31074088%2C44789762&oid=2&pvsid=2430234488376507&tmod=1169851320&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=227
Frame ID: E9533542389FEC272ECC12008BFA165F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7732969217111510&output=html&h=600&slotname=2619098183&adk=783891544&adf=1795251393&pi=t.ma~as.2619098183&w=120&lmt=1682440439&format=120x600&url=https%3A%2F%2Fvindavoz.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682440438854&bpp=2&bdt=387&idt=229&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8714819021023&frm=20&pv=1&ga_vid=2091429159.1682440439&ga_sid=1682440439&ga_hid=402077848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=76&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071755%2C31073967%2C31073973%2C31074088%2C44789762&oid=2&pvsid=2430234488376507&tmod=1169851320&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kLdUmGeexW&p=https%3A//vindavoz.ru&dtd=236
Frame ID: B47CA5A52FA0B730452C7890D839CBBC
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7732969217111510&output=html&h=280&slotname=6237976587&adk=3199321624&adf=4059110530&pi=t.ma~as.6237976587&w=1018&fwrn=4&fwrnh=100&lmt=1682440439&rafmt=1&format=1018x280&url=https%3A%2F%2Fvindavoz.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682440438856&bpp=3&bdt=389&idt=239&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600&nras=1&correlator=8714819021023&frm=20&pv=1&ga_vid=2091429159.1682440439&ga_sid=1682440439&ga_hid=402077848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=242&ady=45&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071755%2C31073967%2C31073973%2C31074088%2C44789762&oid=2&pvsid=2430234488376507&tmod=1169851320&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UK7F6khGot&p=https%3A//vindavoz.ru&dtd=243
Frame ID: E373B699B24B7654F929E886E1CF045A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7732969217111510&output=html&h=600&slotname=3252168986&adk=1097189318&adf=3643374295&pi=t.ma~as.3252168986&w=300&lmt=1682440439&format=300x600&url=https%3A%2F%2Fvindavoz.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682440438859&bpp=1&bdt=391&idt=279&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C1018x280&nras=1&correlator=8714819021023&frm=20&pv=1&ga_vid=2091429159.1682440439&ga_sid=1682440439&ga_hid=402077848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1280&ady=769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071755%2C31073967%2C31073973%2C31074088%2C44789762&oid=2&pvsid=2430234488376507&tmod=1169851320&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Rl8csdmfy6&p=https%3A//vindavoz.ru&dtd=284
Frame ID: EE0E2FF8F10CB1CF92B9C00799E27B78
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
Frame ID: E1244D619F4807E251D9D8A656FA7197
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
Frame ID: 6DFDEE339BB336DBEE220BF45275429A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
Frame ID: 1AC5881FDC690E260BFB75C766382A70
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Frame ID: 09E3C1E8CA6CDA51CCD91F81B0A99746
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: B33D06D9AB51B5541303AC2C08537FFC
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B462AB4FEFDE449895732051242CC0E9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
Frame ID: 9AAECDA01C5C05236D1B7FC3593B0A5D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F5EE2A2F58834E4AEAB2F38667035D31
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 702B91E4DD15606C274A59B2FC08549E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Информационный портал о Windows XP, 7, 8, 10

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

121
Requests

93 %
HTTPS

83 %
IPv6

18
Domains

22
Subdomains

19
IPs

3
Countries

1661 kB
Transfer

4047 kB
Size

34
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://vk.com/vindavoz

Search URL Search Domain Scan URL

URL: http://facebook.com/VindaVoz

Search URL Search Domain Scan URL

URL: https://twitter.com/VindaVoz

Search URL Search Domain Scan URL

URL: http://feedburner.google.com/fb/a/mailverify?uri=vindavoz&loc=ru_RU
Title: Подписаться на новости следи за нами на feedburner

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://counter.yadro.ru/hit?t57.5;r;s1600*1200*24;uhttps%3A//vindavoz.ru/;0.13452261521622977 HTTP 302
https://counter.yadro.ru/hit?q;t57.5;r;s1600*1200*24;uhttps%3A//vindavoz.ru/;0.13452261521622977

Request Chain 49

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9984.pCtqPhkdzHNiqti-feDq-rPgDhMmHVO6d4asdfbYeMLPMLCHMyt5-8KGYEC2RsRs.hXEzWl5vGHx0wV400wFoVJypals%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9984.PTSM6t0cfU8p5L7E4maOUW1SA0EqWHqwVeRFbVrKL8ZKcv2WH_hW-4hJiCTvaJy_XUVzoTjICAbMujJNLfGpwDJbEv-yb71r3OHtykhzt34%2C.M1X-BECl4Iai1am9IrQCg2bTwME%2C

Request Chain 52

https://mc.yandex.com/watch/50856723?wmode=7&page-url=https%3A%2F%2Fvindavoz.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A579%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A0%3Als%3A1570883319480%3Ahid%3A552067493%3Az%3A0%3Ai%3A20230425163359%3Aet%3A1682440439%3Ac%3A1%3Arn%3A110249486%3Arqn%3A1%3Au%3A1682440439961370513%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A145%2C111%2C73%2C34%2C0%2C0%2C%2C195%2C18%2C%2C%2C%2C559%3Aco%3A0%3Acpf%3A1%3Ans%3A1682440438134%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682440439%3At%3A%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%BE%20Windows%20XP%2C%207%2C%208%2C%2010&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/50856723/1?wmode=7&page-url=https%3A%2F%2Fvindavoz.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A579%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A0%3Als%3A1570883319480%3Ahid%3A552067493%3Az%3A0%3Ai%3A20230425163359%3Aet%3A1682440439%3Ac%3A1%3Arn%3A110249486%3Arqn%3A1%3Au%3A1682440439961370513%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A145%2C111%2C73%2C34%2C0%2C0%2C%2C195%2C18%2C%2C%2C%2C559%3Aco%3A0%3Acpf%3A1%3Ans%3A1682440438134%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682440439%3At%3A%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%BE%20Windows%20XP%2C%207%2C%208%2C%2010&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 76

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9984._0n6TF31jxvyYDzqVe-C2k--BlozOJvEc1IT_nRTZG6gsV4iC-yYr-lV40F0MsTE.EE122yIUSI3Rv9LfhD_8ATPdqMw%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9984.b_MgJGU6DJRWeYD5x1RtkCj_LPN6NEbT9GNr9EqZsLMhxT0dvbash52_jNOdVA16I2xv905oEIo0dfYsvkJXa2Q3CLH1UeK3SfrQQiyK7aY%2C.YE3hAHnh_e8GMdAY27HNE0TZ6tU%2C

Request Chain 114

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

121 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
vindavoz.ru/ 31 KB
11 KB 329ms
73ms Document
text/html 2a03:c980:5fb7:f6b:95:183:15:107
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://vindavoz.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:c980:5fb7:f6b:95:183:15:107 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software: LiteSpeed / PHP/5.3.29
Resource Hash: 2c4930c2f662051f1adef033e83b32a39f2f27fd3db676a89dd2ec039ac00796

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=WINDOWS-1251
date: Tue, 25 Apr 2023 16:33:58 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/5.3.29

GET
H2 200 index.php Show response
vindavoz.ru/engine/classes/min/ 179 KB
55 KB 110ms
108ms Script
application/x-javascript 2a03:c980:5fb7:f6b:95:183:15:107
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://vindavoz.ru/engine/classes/min/index.php?charset=windows-1251&g=general&9
Requested by: Host: vindavoz.ru
URL: https://vindavoz.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:c980:5fb7:f6b:95:183:15:107 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software: LiteSpeed / PHP/5.3.29
Resource Hash: 4ee3facf1f835a3a42353b05ac20516c56e8953f5b37cf6c240724b4d18b77a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:58 GMT
content-encoding: gzip
last-modified: Wed, 30 Mar 2016 08:20:11 GMT
server: LiteSpeed
x-powered-by: PHP/5.3.29
etag: "pub1459326011;gz"
vary: Accept-Encoding
content-type: application/x-javascript; charset=windows-1251
cache-control: max-age=31536000
content-length: 56206
expires: Wed, 24 Apr 2024 16:33:58 GMT

GET
H2 200 index.php Show response
vindavoz.ru/engine/classes/min/ 45 KB
14 KB 162ms
161ms Script
application/x-javascript 2a03:c980:5fb7:f6b:95:183:15:107
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://vindavoz.ru/engine/classes/min/index.php?charset=windows-1251&f=engine/classes/highslide/highslide.js&9
Requested by: Host: vindavoz.ru
URL: https://vindavoz.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:c980:5fb7:f6b:95:183:15:107 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software: LiteSpeed / PHP/5.3.29
Resource Hash: 210340069c6e7b9a4eee6b9880287f411d1a43748b933ede336f531ae266883e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:58 GMT
content-encoding: gzip
last-modified: Thu, 14 May 2015 13:54:17 GMT
server: LiteSpeed
x-powered-by: PHP/5.3.29
etag: "pub1431611657;gz"
vary: Accept-Encoding
content-type: application/x-javascript; charset=windows-1251
cache-control: max-age=31536000
content-length: 14067
expires: Wed, 24 Apr 2024 16:33:58 GMT

GET
H2 200 engine.css
vindavoz.ru/templates/vindanew/style/ 31 KB
6 KB 55ms
54ms Stylesheet
text/css 2a03:c980:5fb7:f6b:95:183:15:107
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://vindavoz.ru/templates/vindanew/style/engine.css
Requested by: Host: vindavoz.ru
URL: https://vindavoz.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:c980:5fb7:f6b:95:183:15:107 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 58c298d24aad5b556a5f400304f692d50e647e475e7f6c5679010638721ee600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:58 GMT
content-encoding: br
last-modified: Thu, 14 May 2015 13:58:29 GMT
server: LiteSpeed
etag: "7cc8-5554aa05-5438231e1e2535;br"
vary: Accept-Encoding
content-type: text/css; charset=WINDOWS-1251
accept-ranges: bytes
content-length: 5986

GET
H2 200 styles.css
vindavoz.ru/templates/vindanew/style/ 21 KB
4 KB 55ms
54ms Stylesheet
text/css 2a03:c980:5fb7:f6b:95:183:15:107
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://vindavoz.ru/templates/vindanew/style/styles.css
Requested by: Host: vindavoz.ru
URL: https://vindavoz.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:c980:5fb7:f6b:95:183:15:107 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 1cf28db32b3068b8b7e976ce34f82561d53c63f530a3141a6929b9343ee7f27f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:58 GMT
content-encoding: br
last-modified: Mon, 26 Oct 2015 12:40:54 GMT
server: LiteSpeed
etag: "5538-562e1f56-542ff56b71d34284;br"
vary: Accept-Encoding
content-type: text/css; charset=WINDOWS-1251
accept-ranges: bytes
content-length: 4422

GET
H2 200 bbcodes.css
vindavoz.ru/templates/vindanew/style/ 6 KB
1 KB 56ms
55ms Stylesheet
text/css 2a03:c980:5fb7:f6b:95:183:15:107
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://vindavoz.ru/templates/vindanew/style/bbcodes.css
Requested by: Host: vindavoz.ru
URL: https://vindavoz.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:c980:5fb7:f6b:95:183:15:107 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 171bd5d3b7c902480919a65c1019a0e17f5ee62955c77e7db93a47d616c90b07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:58 GMT
content-encoding: br
last-modified: Thu, 14 May 2015 13:58:29 GMT
server: LiteSpeed
etag: "1938-5554aa05-8ee531ec1e6446e4;br"
vary: Accept-Encoding
content-type: text/css; charset=WINDOWS-1251
accept-ranges: bytes
content-length: 1135

GET
H2 200 font-awesome.min.css
vindavoz.ru/templates/vindanew/font-awesome/ 23 KB
5 KB 56ms
55ms Stylesheet
text/css 2a03:c980:5fb7:f6b:95:183:15:107
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://vindavoz.ru/templates/vindanew/font-awesome/font-awesome.min.css
Requested by: Host: vindavoz.ru
URL: https://vindavoz.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:c980:5fb7:f6b:95:183:15:107 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: c86f7b62a894d5799f1aa0a535efb34ed6f914447f901f1da50c837dee13fa72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:58 GMT
content-encoding: br
last-modified: Thu, 14 May 2015 13:57:28 GMT
server: LiteSpeed
etag: "5c85-5554a9c8-dbb0b665d81fc2fb;br"
vary: Accept-Encoding
content-type: text/css; charset=WINDOWS-1251
accept-ranges: bytes
content-length: 5110

GET
H2 200 libs.js Show response
vindavoz.ru/templates/vindanew/js/ 3 KB
1 KB 56ms
56ms Script
application/javascript 2a03:c980:5fb7:f6b:95:183:15:107
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://vindavoz.ru/templates/vindanew/js/libs.js
Requested by: Host: vindavoz.ru
URL: https://vindavoz.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:c980:5fb7:f6b:95:183:15:107 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: f9a2d4090f8fac10ddf907b7a4a4f713bec305b2c7c5ad604244390377113f29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:58 GMT
content-encoding: br
last-modified: Thu, 14 May 2015 13:58:25 GMT
server: LiteSpeed
etag: "ab9-5554aa01-52f4441b2f65d9d3;br"
vary: Accept-Encoding
content-type: application/javascript; charset=WINDOWS-1251
accept-ranges: bytes
content-length: 943

GET
H2 200 head.js Show response
relap.io/api/v6/ 190 KB
46 KB 225ms
84ms Script
text/javascript 95.163.43.46
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v6/head.js?token=SDBIIaUhnOMeDwwJ

Requested by

Host: vindavoz.ru
URL: https://vindavoz.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.43.46 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

982ef9bec5c65c3cf0f87a4c6bdae9215f329a18f3810036fddaa8cf8ec193f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 16:33:58 GMT
strict-transport-security: max-age=5184000; includeSubdomains;
x-content-type-options: nosniff
content-encoding: br
server: nginx
content-type: text/javascript; charset=utf-8
cache-control: max-age=1, no-cache
x-server: back26
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 120ms
95ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: vindavoz.ru
URL: https://vindavoz.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae1512e2ea26d032b18ccf5e48f9feb9c523547220d020128c40cb64b27bb99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47317
x-xss-protection: 0
server: cafe
etag: 11426305733114218492
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 16:33:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
61 KB 48ms
23ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-125814068-1

Requested by

Host: vindavoz.ru
URL: https://vindavoz.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8ba1ba3c3f3095372e588504d55793118b760c6f1735cc42a1b174b68a2c9d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61807
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 16:04:09 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Apr 2023 16:33:58 GMT

GET
H3 200 1668677012_1.png
vindavoz.ru/uploads/posts/2022-11/thumbs/ 25 KB
25 KB 57ms
55ms Image
image/png 2a03:c980:5fb7:f6b:95:183:15:107
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vindavoz.ru/uploads/posts/2022-11/thumbs/1668677012_1.png
Requested by: Host: vindavoz.ru
URL: https://vindavoz.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:c980:5fb7:f6b:95:183:15:107 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 6ff0ec32e2d11708e361c1b9b8702b1e0efa4570cc5f4d435b5cba014725b434

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:58 GMT
last-modified: Thu, 17 Nov 2022 09:23:11 GMT
server: LiteSpeed
accept-ranges: bytes
etag: "6577-6375fd7f-66cbac7438cdaa3b;;;"
content-length: 25975
content-type: image/png

GET
H3 200 1638969749_dicord_zvuk_problema_1.jpg
vindavoz.ru/uploads/posts/2021-12/thumbs/ 24 KB
24 KB 68ms
66ms Image
image/jpeg 2a03:c980:5fb7:f6b:95:183:15:107
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vindavoz.ru/uploads/posts/2021-12/thumbs/1638969749_dicord_zvuk_problema_1.jpg
Requested by: Host: vindavoz.ru
URL: https://vindavoz.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:c980:5fb7:f6b:95:183:15:107 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: c5d24abbbb2734843f731b7509bd6a997477f474a7aa9247d60a082cd4ad31bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:58 GMT
last-modified: Wed, 08 Dec 2021 13:22:04 GMT
server: LiteSpeed
accept-ranges: bytes
etag: "6094-61b0b17c-5e1d4057087a2b7b;;;"
content-length: 24724
content-type: image/jpeg

GET
H3 200 1634735262_ghostery1.jpg
vindavoz.ru/uploads/posts/2021-10/thumbs/ 15 KB
15 KB 59ms
56ms Image
image/jpeg 2a03:c980:5fb7:f6b:95:183:15:107
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vindavoz.ru/uploads/posts/2021-10/thumbs/1634735262_ghostery1.jpg
Requested by: Host: vindavoz.ru
URL: https://vindavoz.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:c980:5fb7:f6b:95:183:15:107 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 0aa415b4c962a4efc7177151035c597cbc57d7098de604d9dd3b0d7b67726560

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:58 GMT
last-modified: Wed, 20 Oct 2021 13:07:19 GMT
server: LiteSpeed
accept-ranges: bytes
etag: "3b0d-61701487-5b7829f647e461a5;;;"
content-length: 15117
content-type: image/jpeg

GET
H3 200 1634562816_vivaldi2.jpg
vindavoz.ru/uploads/posts/2021-10/thumbs/ 35 KB
35 KB 112ms
109ms Image
image/jpeg 2a03:c980:5fb7:f6b:95:183:15:107
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vindavoz.ru/uploads/posts/2021-10/thumbs/1634562816_vivaldi2.jpg
Requested by: Host: vindavoz.ru
URL: https://vindavoz.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:c980:5fb7:f6b:95:183:15:107 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: a3dc7a87da4eb4880f59928033e49a3193ced6631b0541d1b84708f45290d91f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:58 GMT
last-modified: Mon, 18 Oct 2021 13:12:57 GMT
server: LiteSpeed
accept-ranges: bytes
etag: "8cb0-616d72d9-3a566af933003f14;;;"
content-length: 36016
content-type: image/jpeg

GET
H3 200 1634136118_brave1.jpg
vindavoz.ru/uploads/posts/2021-10/thumbs/ 53 KB
53 KB 147ms
145ms Image
image/jpeg 2a03:c980:5fb7:f6b:95:183:15:107
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vindavoz.ru/uploads/posts/2021-10/thumbs/1634136118_brave1.jpg
Requested by: Host: vindavoz.ru
URL: https://vindavoz.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:c980:5fb7:f6b:95:183:15:107 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 0eefa00a4b0582ff21013ef2b5ae839199a99914432c0cfec6da1c728cb8a83e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:58 GMT
last-modified: Wed, 13 Oct 2021 14:41:36 GMT
server: LiteSpeed
accept-ranges: bytes
etag: "d422-6166f020-64147d4b5aafe199;;;"
content-length: 54306
content-type: image/jpeg

GET
H3 200 1606407141_brandmauer_1.jpg
vindavoz.ru/uploads/posts/2020-11/thumbs/ 11 KB
11 KB 148ms
145ms Image
image/jpeg 2a03:c980:5fb7:f6b:95:183:15:107
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vindavoz.ru/uploads/posts/2020-11/thumbs/1606407141_brandmauer_1.jpg
Requested by: Host: vindavoz.ru
URL: https://vindavoz.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:c980:5fb7:f6b:95:183:15:107 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 32ed7dbf215c63d5132c3da4f7fe176bd8153b83672de1c0b4a6beeb1bee973d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:58 GMT
last-modified: Thu, 26 Nov 2020 16:11:12 GMT
server: LiteSpeed
accept-ranges: bytes
etag: "2b23-5fbfd3a0-5354697523bb4c47;;;"
content-length: 11043
content-type: image/jpeg

GET
H3 200 1596975012_vkadki_1.png
vindavoz.ru/uploads/posts/2020-08/ 13 KB
13 KB 149ms
147ms Image
image/png 2a03:c980:5fb7:f6b:95:183:15:107
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vindavoz.ru/uploads/posts/2020-08/1596975012_vkadki_1.png
Requested by: Host: vindavoz.ru
URL: https://vindavoz.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:c980:5fb7:f6b:95:183:15:107 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 6b55410b4c66906cbfea9b4758b09d55b0240a68cf8f308d4c65e70336dc9534

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:58 GMT
last-modified: Sun, 09 Aug 2020 12:09:46 GMT
server: LiteSpeed
accept-ranges: bytes
etag: "326c-5f2fe78a-5b4c8b4e0bcaa737;;;"
content-length: 12908
content-type: image/png

GET
H3 200 Annoyed.gif
vindavoz.ru/engine/data/emoticons/ 3 KB
3 KB 146ms
144ms Image
image/gif 2a03:c980:5fb7:f6b:95:183:15:107
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vindavoz.ru/engine/data/emoticons/Annoyed.gif
Requested by: Host: vindavoz.ru
URL: https://vindavoz.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:c980:5fb7:f6b:95:183:15:107 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 7cc068005e5469ffc41ac56d97663dc9d00df86d6dafa1947344316ce3401be3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:58 GMT
last-modified: Tue, 01 Jan 2013 19:22:02 GMT
server: LiteSpeed
accept-ranges: bytes
etag: "bae-50e3375a-68d633c344138fb2;;;"
content-length: 2990
content-type: image/gif

GET
H3 200 jquery-ias.min.js Show response
vindavoz.ru/templates/vindanew/js/ 17 KB
6 KB 55ms
55ms Script
application/javascript 2a03:c980:5fb7:f6b:95:183:15:107
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://vindavoz.ru/templates/vindanew/js/jquery-ias.min.js
Requested by: Host: vindavoz.ru
URL: https://vindavoz.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:c980:5fb7:f6b:95:183:15:107 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 05f12aac06e5d72dedafdacd657f3b685a1ff6ac6a5f0473819cd57fcb40530f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:58 GMT
content-encoding: br
last-modified: Tue, 07 Jul 2015 15:58:16 GMT
server: LiteSpeed
etag: "4361-559bf718-5e798feb233cc700;br"
vary: Accept-Encoding
content-type: application/javascript; charset=WINDOWS-1251
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 5620

GET
H3 200 logo.png
vindavoz.ru/templates/vindanew/images/ 3 KB
3 KB 148ms
146ms Image
image/png 2a03:c980:5fb7:f6b:95:183:15:107
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vindavoz.ru/templates/vindanew/images/logo.png
Requested by: Host: vindavoz.ru
URL: https://vindavoz.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:c980:5fb7:f6b:95:183:15:107 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 64427d670b121a26080266c80484256a6fd7b9e5f95b5205c5bd8884889c193b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:58 GMT
last-modified: Thu, 14 May 2015 13:58:13 GMT
server: LiteSpeed
accept-ranges: bytes
etag: "b6d-5554a9f5-ef5e0601a1eabdc5;;;"
content-length: 2925
content-type: image/png

GET
H3 200 tablet.css
vindavoz.ru/templates/vindanew/style/ 682 B
346 B 80ms
77ms Stylesheet
text/css 2a03:c980:5fb7:f6b:95:183:15:107
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://vindavoz.ru/templates/vindanew/style/tablet.css
Requested by: Host: vindavoz.ru
URL: https://vindavoz.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:c980:5fb7:f6b:95:183:15:107 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 1810802204e1e3f948391f2ef81febe537cbed5d0a124f2c75ee4fb18f3edacb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:58 GMT
content-encoding: br
last-modified: Thu, 14 May 2015 14:19:50 GMT
server: LiteSpeed
etag: "2aa-5554af06-2eaa735c0cf8eded;br"
vary: Accept-Encoding
content-type: text/css; charset=WINDOWS-1251
accept-ranges: bytes
content-length: 238

GET
H3 200 small.tablet.css
vindavoz.ru/templates/vindanew/style/ 465 B
252 B 80ms
78ms Stylesheet
text/css 2a03:c980:5fb7:f6b:95:183:15:107
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://vindavoz.ru/templates/vindanew/style/small.tablet.css
Requested by: Host: vindavoz.ru
URL: https://vindavoz.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:c980:5fb7:f6b:95:183:15:107 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 2f5999290c38dbb4ea38cf589785bb0e9dd7ddebaadd70befa6cb924561907bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:58 GMT
content-encoding: br
last-modified: Thu, 14 May 2015 13:58:29 GMT
server: LiteSpeed
etag: "1d1-5554aa05-33b560340cd54fb2;br"
vary: Accept-Encoding
content-type: text/css; charset=WINDOWS-1251
accept-ranges: bytes
content-length: 180

GET
H3 200 mobile.css
vindavoz.ru/templates/vindanew/style/ 31 KB
11 KB 80ms
78ms Stylesheet
text/html 2a03:c980:5fb7:f6b:95:183:15:107
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://vindavoz.ru/templates/vindanew/style/mobile.css
Requested by: Host: vindavoz.ru
URL: https://vindavoz.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:c980:5fb7:f6b:95:183:15:107 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software: LiteSpeed / PHP/5.3.29
Resource Hash: 2863a3c4b28eff35b244a579bfa102c2796b9153ecf0ee07579ce2e7e1de2dc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 16:33:58 GMT
content-encoding: gzip
server: LiteSpeed
x-powered-by: PHP/5.3.29
vary: Accept-Encoding
content-type: text/html; charset=WINDOWS-1251
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET css
fonts.googleapis.com/ 0
0

GET brand
www.google.ru/coop/cse/ 0
0

GET
H3 200 fontawesome-webfont.woff2
vindavoz.ru/templates/vindanew/font-awesome/ 55 KB
56 KB 76ms
76ms Font
font/woff2 2a03:c980:5fb7:f6b:95:183:15:107
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://vindavoz.ru/templates/vindanew/font-awesome/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: vindavoz.ru
URL: https://vindavoz.ru/templates/vindanew/font-awesome/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:c980:5fb7:f6b:95:183:15:107 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer: https://vindavoz.ru/templates/vindanew/font-awesome/font-awesome.min.css
Origin: https://vindavoz.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:58 GMT
last-modified: Thu, 14 May 2015 13:57:57 GMT
server: LiteSpeed
accept-ranges: bytes
etag: "ddcc-5554a9e5-309a6d4e764656c;;;"
content-length: 56780
content-type: font/woff2

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 33 KB
15 KB 202ms
50ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: vindavoz.ru
URL: https://vindavoz.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

5b9b5b9e92ca410c2b2c97c9bf53d51ebf533520c4737698ae96ea3897685313

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Tue, 21 Mar 2023 13:41:37 GMT
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag: W/"6419b411-85fb"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Tue, 25 Apr 2023 17:33:58 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t57.5;r;s1600*1200*24;uhttps%3A//vindavoz.ru/;0.13452261521622977
https://counter.yadro.ru/hit?q;t57.5;r;s1600*1200*24;uhttps%3A//vindavoz.ru/;0.13452261521622977

678 B
1 KB

47ms
46ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t57.5;r;s1600*1200*24;uhttps%3A//vindavoz.ru/;0.13452261521622977

Requested by

Host: vindavoz.ru
URL: https://vindavoz.ru/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

dac8668ef53d1284e69753d0a931b11aa7828b17bf600d04d4c867984c399b18

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Apr 2023 16:33:58 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 678
Expires: Sun, 24 Apr 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 25 Apr 2023 16:33:58 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t57.5;r;s1600*1200*24;uhttps%3A//vindavoz.ru/;0.13452261521622977
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Sun, 24 Apr 2022 21:00:00 GMT

GET 2276691.js
js.hotlog.ru/dcounter/ 0
0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 213 KB
73 KB 267ms
105ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: vindavoz.ru
URL: https://vindavoz.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e29f972527fba502ab11e9a889538d35368a7280215e478297fb1c30d1d7e044

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 21 Apr 2023 13:01:10 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64425ee6-1231f"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 74527
expires: Tue, 25 Apr 2023 17:33:58 GMT

GET
H3 200 zoomin.cur
vindavoz.ru/engine/classes/highslide/graphics/ 326 B
416 B 163ms
162ms Image
application/octet-stream 2a03:c980:5fb7:f6b:95:183:15:107
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vindavoz.ru/engine/classes/highslide/graphics/zoomin.cur
Requested by: Host: vindavoz.ru
URL: https://vindavoz.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:c980:5fb7:f6b:95:183:15:107 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 1318ef5f4f0e2f32fb2fd399260c54b5f15c6d9d909a3e224fab4bb7760a0cff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:58 GMT
last-modified: Thu, 14 May 2015 13:54:24 GMT
server: LiteSpeed
accept-ranges: bytes
etag: "146-5554a910-490d247fc4f318a5;;;"
content-length: 326
content-type: application/octet-stream

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 204 KB
73 KB 25ms
23ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z53KQ0ETEG&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-125814068-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

561b1e75f913f18ce6d6e73ccea7e25c0aaaef23a2469a3f55824f8984e709c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74495
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 25 Apr 2023 16:33:58 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-125814068-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Apr 2023 16:27:45 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 373
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Tue, 25 Apr 2023 18:27:45 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
203 B 16ms
15ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=402077848&t=pageview&_s=1&dl=https%3A%2F%2Fvindavoz.ru%2F&ul=en-us&de=windows-1251&dt=%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%BE%20Windows%20XP%2C%207%2C%208%2C%2010&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1997969549&gjid=1540992374&cid=2091429159.1682440439&tid=UA-125814068-1&_gid=655172922.1682440439&_r=1&gtm=457e34j0&jsscut=1&z=538386103

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vindavoz.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 16:33:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vindavoz.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 41ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z53KQ0ETEG&gtm=45je34j0&_p=402077848&cid=2091429159.1682440439&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1682440438&sct=1&seg=0&dl=https%3A%2F%2Fvindavoz.ru%2F&dt=%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%BE%20Windows%20XP%2C%207%2C%208%2C%2010&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z53KQ0ETEG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 16:33:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vindavoz.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304200101/ 354 KB
119 KB 81ms
79ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7732969217111510&plah=vindavoz.ru&bust=31074088

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2585cd32c1a0d70f7a408e121247b56bfcee11ac3d3418d46c86364917dc153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121893
x-xss-protection: 0
server: cafe
etag: 13833031012403570163
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 16:33:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230420/r20190131/ Frame 4928 10 KB
5 KB 28ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230420/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vindavoz.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 79926
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 18:21:52 GMT
etag: 2378337311435320485
expires: Mon, 08 May 2023 18:21:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 counter
top-fwz1.mail.ru/ 43 B
962 B 44ms
43ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=2293119;u=https%3A//vindavoz.ru/;st=1682440438693;title=%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%BE%20Windows%20XP%2C%207%2C%208%2C%2010;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=7808799ef7bd8003;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.8//4g/0/0/;lvid=1682440438951%3A1682440438966%3A1%3Ada0206c09b24fc02835372efe60312dd;opts=dl%2Cjst-gtag-ga;visible=true;_=0.43213838087344825

Requested by

Host: vindavoz.ru
URL: https://vindavoz.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:58 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 pixel.gif
relap.io/api/v1/ 43 B
501 B 58ms
57ms Image
image/gif 95.163.43.46
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/api/v1/pixel.gif?event=hit&url=https%3A%2F%2Fvindavoz.ru%2F&referrer=&_s=CQbcAA

Requested by

Host: vindavoz.ru
URL: https://vindavoz.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.43.46 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 16:33:59 GMT
strict-transport-security: max-age=5184000; includeSubdomains;
x-content-type-options: nosniff
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-server: back20
content-length: 43
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H2 200 ads.js
relap.io/ads/ 43 B
591 B 54ms
53ms Image
image/gif 95.163.43.46
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/ads/ads.js

Requested by

Host: vindavoz.ru
URL: https://vindavoz.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.43.46 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 16:33:59 GMT
strict-transport-security: max-age=5184000; includeSubdomains;
x-content-type-options: nosniff
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-server: back15
content-length: 43
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
605 B 40ms
17ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=vindavoz.ru&callback=_gfp_s_&client=ca-pub-7732969217111510

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7732969217111510&plah=vindavoz.ru&bust=31074088

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c027581d0486ea0744002a3806bc0305fc9a40d0cbd3d2dd3870395aa485be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 40ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vindavoz.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 41ms
17ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vindavoz.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 109ms
108ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=UL&cls=toolbar&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: vindavoz.ru
URL: https://vindavoz.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 16:33:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 110ms
110ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=UL&cls=toolbar&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: vindavoz.ru
URL: https://vindavoz.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 16:33:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E953 170 KB
47 KB 1409ms
1408ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7732969217111510&output=html&adk=1812271804&adf=3025194257&lmt=1682440439&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fvindavoz.ru%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682440438848&bpp=6&bdt=381&idt=204&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8714819021023&frm=20&pv=2&ga_vid=2091429159.1682440439&ga_sid=1682440439&ga_hid=402077848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071755%2C31073967%2C31073973%2C31074088%2C44789762&oid=2&pvsid=2430234488376507&tmod=1169851320&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=227

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03bac09fe84e45a1fb12790ca5ae109b9166231fb2c5f963aa72eef90633d77f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vindavoz.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 47978
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Apr 2023 16:34:00 GMT
expires: Tue, 25 Apr 2023 16:34:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B47C 91 KB
32 KB 467ms
466ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7732969217111510&output=html&h=600&slotname=2619098183&adk=783891544&adf=1795251393&pi=t.ma~as.2619098183&w=120&lmt=1682440439&format=120x600&url=https%3A%2F%2Fvindavoz.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682440438854&bpp=2&bdt=387&idt=229&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8714819021023&frm=20&pv=1&ga_vid=2091429159.1682440439&ga_sid=1682440439&ga_hid=402077848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=76&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071755%2C31073967%2C31073973%2C31074088%2C44789762&oid=2&pvsid=2430234488376507&tmod=1169851320&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kLdUmGeexW&p=https%3A//vindavoz.ru&dtd=236

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9b27c01499ac82556d0dd1184cae4d867da188561e14b9634b12f046f2f070a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vindavoz.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33156
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Apr 2023 16:33:59 GMT
expires: Tue, 25 Apr 2023 16:33:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E373 104 KB
35 KB 383ms
382ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7732969217111510&output=html&h=280&slotname=6237976587&adk=3199321624&adf=4059110530&pi=t.ma~as.6237976587&w=1018&fwrn=4&fwrnh=100&lmt=1682440439&rafmt=1&format=1018x280&url=https%3A%2F%2Fvindavoz.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682440438856&bpp=3&bdt=389&idt=239&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600&nras=1&correlator=8714819021023&frm=20&pv=1&ga_vid=2091429159.1682440439&ga_sid=1682440439&ga_hid=402077848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=242&ady=45&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071755%2C31073967%2C31073973%2C31074088%2C44789762&oid=2&pvsid=2430234488376507&tmod=1169851320&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UK7F6khGot&p=https%3A//vindavoz.ru&dtd=243

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3633d4a507b989aa4931f77aaa7277b33729fd0c5457d0b3ce4b50d6b43682c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vindavoz.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35622
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Apr 2023 16:33:59 GMT
expires: Tue, 25 Apr 2023 16:33:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9984.pCtqPhkdzHNiqti-feDq-rPgDhMmHVO6d4asdfbYeMLPMLCHMyt5-8KGYEC2RsRs.hXEzWl5vGHx0wV400wFoVJypals%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9984.PTSM6t0cfU8p5L7E4maOUW1SA0EqWHqwVeRFbVrKL8ZKcv2WH_hW-4hJiCTvaJy_XUVzoTjICAbMujJNLfGpwDJbEv-yb71r3OHtykhzt34%2C.M1X-BECl4Iai1am9IrQCg2bTwME%2C

43 B
67 B

61ms
61ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9984.PTSM6t0cfU8p5L7E4maOUW1SA0EqWHqwVeRFbVrKL8ZKcv2WH_hW-4hJiCTvaJy_XUVzoTjICAbMujJNLfGpwDJbEv-yb71r3OHtykhzt34%2C.M1X-BECl4Iai1am9IrQCg2bTwME%2C

Requested by

Host: vindavoz.ru
URL: https://vindavoz.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:59 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9984.PTSM6t0cfU8p5L7E4maOUW1SA0EqWHqwVeRFbVrKL8ZKcv2WH_hW-4hJiCTvaJy_XUVzoTjICAbMujJNLfGpwDJbEv-yb71r3OHtykhzt34%2C.M1X-BECl4Iai1am9IrQCg2bTwME%2C
date: Tue, 25 Apr 2023 16:33:59 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EE0E 104 KB
35 KB 284ms
283ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7732969217111510&output=html&h=600&slotname=3252168986&adk=1097189318&adf=3643374295&pi=t.ma~as.3252168986&w=300&lmt=1682440439&format=300x600&url=https%3A%2F%2Fvindavoz.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682440438859&bpp=1&bdt=391&idt=279&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C1018x280&nras=1&correlator=8714819021023&frm=20&pv=1&ga_vid=2091429159.1682440439&ga_sid=1682440439&ga_hid=402077848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1280&ady=769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071755%2C31073967%2C31073973%2C31074088%2C44789762&oid=2&pvsid=2430234488376507&tmod=1169851320&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Rl8csdmfy6&p=https%3A//vindavoz.ru&dtd=284

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6342cd72bf816bc71d93bdb8900577fc7014c6b1aa09ba9be36c47c3f6e30f69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vindavoz.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35530
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Apr 2023 16:33:59 GMT
expires: Tue, 25 Apr 2023 16:33:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
161 B 111ms
54ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: vindavoz.ru
URL: https://vindavoz.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:59 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 21 Apr 2023 13:01:10 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64425ee6-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Apr 2023 17:33:59 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/50856723/
Redirect Chain

https://mc.yandex.com/watch/50856723?wmode=7&page-url=https%3A%2F%2Fvindavoz.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A579%3Afu%3A0%3Aen%3Awindows...
https://mc.yandex.com/watch/50856723/1?wmode=7&page-url=https%3A%2F%2Fvindavoz.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A579%3Afu%3A0%3Aen%3Awindo...

447 B
750 B

61ms
60ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/50856723/1?wmode=7&page-url=https%3A%2F%2Fvindavoz.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A579%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A0%3Als%3A1570883319480%3Ahid%3A552067493%3Az%3A0%3Ai%3A20230425163359%3Aet%3A1682440439%3Ac%3A1%3Arn%3A110249486%3Arqn%3A1%3Au%3A1682440439961370513%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A145%2C111%2C73%2C34%2C0%2C0%2C%2C195%2C18%2C%2C%2C%2C559%3Aco%3A0%3Acpf%3A1%3Ans%3A1682440438134%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682440439%3At%3A%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%BE%20Windows%20XP%2C%207%2C%208%2C%2010&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: vindavoz.ru
URL: https://vindavoz.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

799936ec0d2388f52363f19a2bcc4f1aba2f6fcc3489758771e0df23e23bd0b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 16:33:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 25-Apr-2023 16:33:59 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vindavoz.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Tue, 25-Apr-2023 16:33:59 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Apr 2023 16:33:59 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 25-Apr-2023 16:33:59 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/50856723/1?wmode=7&page-url=https%3A%2F%2Fvindavoz.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A579%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A0%3Als%3A1570883319480%3Ahid%3A552067493%3Az%3A0%3Ai%3A20230425163359%3Aet%3A1682440439%3Ac%3A1%3Arn%3A110249486%3Arqn%3A1%3Au%3A1682440439961370513%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A145%2C111%2C73%2C34%2C0%2C0%2C%2C195%2C18%2C%2C%2C%2C559%3Aco%3A0%3Acpf%3A1%3Ans%3A1682440438134%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682440439%3At%3A%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%BE%20Windows%20XP%2C%207%2C%208%2C%2010&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://vindavoz.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 25-Apr-2023 16:33:59 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EE0E 9 KB
1 KB 41ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7732969217111510&output=html&h=600&slotname=3252168986&adk=1097189318&adf=3643374295&pi=t.ma~as.3252168986&w=300&lmt=1682440439&format=300x600&url=https%3A%2F%2Fvindavoz.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682440438859&bpp=1&bdt=391&idt=279&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C1018x280&nras=1&correlator=8714819021023&frm=20&pv=1&ga_vid=2091429159.1682440439&ga_sid=1682440439&ga_hid=402077848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1280&ady=769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071755%2C31073967%2C31073973%2C31074088%2C44789762&oid=2&pvsid=2430234488376507&tmod=1169851320&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Rl8csdmfy6&p=https%3A//vindavoz.ru&dtd=284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Apr 2023 16:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 16:09:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Apr 2023 16:33:59 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame EE0E 2 KB
818 B 46ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 16:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 May 2023 16:42:18 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/ Frame EE0E 21 KB
9 KB 42ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 16:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 May 2023 16:42:18 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame EE0E 3 KB
1 KB 39ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 15:10:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 May 2023 15:10:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame EE0E 19 KB
8 KB 43ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 21:21:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 May 2023 21:21:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE0E 159 KB
49 KB 54ms
15ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Apr 2023 16:33:59 GMT

GET
H2 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame EE0E 32 KB
14 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 05:50:21 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EE0E 0
0 55ms
54ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLPWo9wBIZLK3Cs_G1fAPiMGgqAu2vL7_W9iF5MPRDsDR27uMAhABILeKyCFglQKgAZzyx-oDyAEJqQJDpHJDBdm0PqgDAcgDywSqBMQBT9BPhZLvoDMITfHxuZ_WLmJjqkRKb78JbxX1cTg9UmyX_UOlFfiqBw4MuR_FhkL10rESqPOf0UAAAiRcCvoKJCgkq34HPud8Ss4_4Rmsdycc1cUjERMkRqKbYMMNPS9HD2M9XlIFam2vfJTRNninumeXcA1AjeGaJOWF9jmsRUpBYH7adtM6iD7NrJyX4HfGLF0QVLazekUj5sYfhhsypz7GhNZH_cg8CXNZjSB05Gu03veP-MdV96r2MCol58QDuaTsy8AE8u3f4K0CkgUECAQYAZIFBAgFGASgBi6AB8yNuBWoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCR9AHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi03NzMyOTY5MjE3MTExNTEwGAA&sigh=UDkQpY7T36k&uach_m=[UACH]&cid=CAQSGwBygQiDnKD0qUqrkfPW8e51bafzikeRVvRw0RgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7732969217111510&output=html&h=600&slotname=3252168986&adk=1097189318&adf=3643374295&pi=t.ma~as.3252168986&w=300&lmt=1682440439&format=300x600&url=https%3A%2F%2Fvindavoz.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682440438859&bpp=1&bdt=391&idt=279&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600%2C1018x280&nras=1&correlator=8714819021023&frm=20&pv=1&ga_vid=2091429159.1682440439&ga_sid=1682440439&ga_hid=402077848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1280&ady=769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071755%2C31073967%2C31073973%2C31074088%2C44789762&oid=2&pvsid=2430234488376507&tmod=1169851320&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Rl8csdmfy6&p=https%3A//vindavoz.ru&dtd=284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 25 Apr 2023 16:33:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 25 Apr 2023 16:33:59 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/3191144225618752543/ Frame EE0E 15 KB
16 KB 46ms
35ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3191144225618752543/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

641bca2667a6fabc3119a6191d88f5b5712c2966426aad8500ecadd07e8fc114

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 08:42:21 GMT
x-content-type-options: nosniff
age: 373898
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15646
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 13:12:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 Apr 2024 08:42:21 GMT

GET
DATA 200
OK truncated
/ Frame EE0E 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame EE0E 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css
fonts.googleapis.com/ Frame E373 9 KB
994 B 24ms
18ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7732969217111510&output=html&h=280&slotname=6237976587&adk=3199321624&adf=4059110530&pi=t.ma~as.6237976587&w=1018&fwrn=4&fwrnh=100&lmt=1682440439&rafmt=1&format=1018x280&url=https%3A%2F%2Fvindavoz.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682440438856&bpp=3&bdt=389&idt=239&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600&nras=1&correlator=8714819021023&frm=20&pv=1&ga_vid=2091429159.1682440439&ga_sid=1682440439&ga_hid=402077848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=242&ady=45&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071755%2C31073967%2C31073973%2C31074088%2C44789762&oid=2&pvsid=2430234488376507&tmod=1169851320&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UK7F6khGot&p=https%3A//vindavoz.ru&dtd=243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Apr 2023 16:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 16:00:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Apr 2023 16:33:59 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame E373 2 KB
799 B 29ms
24ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 16:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 May 2023 16:42:18 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/ Frame E373 21 KB
8 KB 25ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 16:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 May 2023 16:42:18 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame E373 3 KB
1 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 15:10:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 May 2023 15:10:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame E373 19 KB
8 KB 26ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 21:21:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 May 2023 21:21:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E373 159 KB
49 KB 46ms
41ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Apr 2023 16:33:59 GMT

GET
H2 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame E373 32 KB
13 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 05:50:21 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E373 0
0 53ms
52ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8Eui9wBIZPLRB7SCmwfomr_IDba8vv9b2IXkw9EOwNHbu4wCEAEgt4rIIWCVAqABnPLH6gPIAQmpAkOkckMF2bQ-qAMByAPLBKoExgFP0DCoKJhkCneLe49ml2wZ_LL6oqd-N7oPM-jE0tC81ExqgACFCnXSNOWGp1YoJUB-DW-sH6msmCqb4Lj7XQTu2tO1kHlpSj9Um8ABQTQbAA4oX-2D49Yt-_kCKlizVBDhbonKNs-vV8fEStx_MqFFk3InbMsBy3W3BjhHh0tZv-xWCWHLoeynS1-CjQwhfVIgtSjKAA0Wo8nNi5It_kdMTdCVHhOHJJWu5LBIhuuq2EXLMsE88BMOJInCY9Qi2nVTnHqQShbABPLt3-CtApIFBAgEGAGSBQQIBRgEoAYugAfMjbgVqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ5dgB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFALQFQGYFgGAFwGyFxwKGggAEhRwdWItNzczMjk2OTIxNzExMTUxMBgA&sigh=ACDyrsNI2zE&uach_m=[UACH]&cid=CAQSGwBygQiDnuthfx8NXqluxZKGEiCyBx8KjevrDRgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7732969217111510&output=html&h=280&slotname=6237976587&adk=3199321624&adf=4059110530&pi=t.ma~as.6237976587&w=1018&fwrn=4&fwrnh=100&lmt=1682440439&rafmt=1&format=1018x280&url=https%3A%2F%2Fvindavoz.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682440438856&bpp=3&bdt=389&idt=239&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600&nras=1&correlator=8714819021023&frm=20&pv=1&ga_vid=2091429159.1682440439&ga_sid=1682440439&ga_hid=402077848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=242&ady=45&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071755%2C31073967%2C31073973%2C31074088%2C44789762&oid=2&pvsid=2430234488376507&tmod=1169851320&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UK7F6khGot&p=https%3A//vindavoz.ru&dtd=243
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 25 Apr 2023 16:33:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/3191144225618752543/ Frame E373 28 KB
28 KB 104ms
92ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3191144225618752543/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f4863b228433690018903cd25a607870e67af9c805157631394a0a0677348dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:59 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28919
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 13:12:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 24 Apr 2024 16:33:59 GMT

GET
DATA 200
OK truncated
/ Frame E373 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E373 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame EE0E 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88c546face023648a862537a6307cda22fc17aa642f9e09aeb524318673fa045

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9984._0n6TF31jxvyYDzqVe-C2k--BlozOJvEc1IT_nRTZG6gsV4iC-yYr-lV40F0MsTE.EE122yIUSI3Rv9LfhD_8ATPdqMw%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9984.b_MgJGU6DJRWeYD5x1RtkCj_LPN6NEbT9GNr9EqZsLMhxT0dvbash52_jNOdVA16I2xv905oEIo0dfYsvkJXa2Q3CLH1UeK3SfrQQiyK7aY%2C.YE3hAHnh_e8GMdAY27...

43 B
79 B

61ms
60ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9984.b_MgJGU6DJRWeYD5x1RtkCj_LPN6NEbT9GNr9EqZsLMhxT0dvbash52_jNOdVA16I2xv905oEIo0dfYsvkJXa2Q3CLH1UeK3SfrQQiyK7aY%2C.YE3hAHnh_e8GMdAY27HNE0TZ6tU%2C

Requested by

Host: vindavoz.ru
URL: https://vindavoz.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:59 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9984.b_MgJGU6DJRWeYD5x1RtkCj_LPN6NEbT9GNr9EqZsLMhxT0dvbash52_jNOdVA16I2xv905oEIo0dfYsvkJXa2Q3CLH1UeK3SfrQQiyK7aY%2C.YE3hAHnh_e8GMdAY27HNE0TZ6tU%2C
date: Tue, 25 Apr 2023 16:33:59 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3 200 css
fonts.googleapis.com/ Frame B47C 6 KB
695 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7732969217111510&output=html&h=600&slotname=2619098183&adk=783891544&adf=1795251393&pi=t.ma~as.2619098183&w=120&lmt=1682440439&format=120x600&url=https%3A%2F%2Fvindavoz.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682440438854&bpp=2&bdt=387&idt=229&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8714819021023&frm=20&pv=1&ga_vid=2091429159.1682440439&ga_sid=1682440439&ga_hid=402077848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=76&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071755%2C31073967%2C31073973%2C31074088%2C44789762&oid=2&pvsid=2430234488376507&tmod=1169851320&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kLdUmGeexW&p=https%3A//vindavoz.ru&dtd=236

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f323fc9e13fd6a7758914ff9eefe58a1828eceaf1fe979659b1117694910c1e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Apr 2023 16:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 15:56:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Apr 2023 16:33:59 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame B47C 2 KB
765 B 27ms
26ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 16:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 May 2023 16:42:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/ Frame B47C 21 KB
8 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 16:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 May 2023 16:42:18 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame B47C 3 KB
1 KB 26ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 15:10:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 May 2023 15:10:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame B47C 19 KB
8 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 21:21:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 May 2023 21:21:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B47C 159 KB
49 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Apr 2023 16:33:59 GMT

GET
H3 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame B47C 32 KB
13 KB 16ms
8ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 05:50:21 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B47C 0
0 58ms
50ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CetfE9wBIZNLjC6-DtOUPp52QqAGHydOgcLWUncGhEcGEwPz6ARABILeKyCFglQKgAZ6S28gpyAEJqQIMxv2kR6qKPqgDAcgDywSqBNUBT9B8SLKlU77zk8zM6WprL-yO-lWl2-EI8o9Yjf7yO3CqOn__Dv91WRbhHxUQqBP5WLJk10JcQYsC0n-xXkQIO8f4sHC6r0_q3AdDE8col6qrZZch3M7BTuZB5Q54c1_iWpz5FzzrOd8wdNk1qpPIrg_D79bjYFn95VanPtHZb5UZonFoxMTE4uakKj9KY7l3j1XauCXiiQF7fBSBkAlp_AxliXI3192CuWnlYCsvDzHGP5EI7uLh35kQDcgzKL6N7wFXmLMkgB_WqTjF1qIZMY-Ckp61wASs5aqCrASSBQQIBBgBkgUECAUYBKAGLoAHnsqrqASoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDx4wHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwzQFQGAFwGyFxwKGggAEhRwdWItNzczMjk2OTIxNzExMTUxMBgA&sigh=i4l-P53F7cg&uach_m=[UACH]&cid=CAQSGwBygQiDjwptzLx8tmz_sRKS2dLWVqRlFLnGQRgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7732969217111510&output=html&h=600&slotname=2619098183&adk=783891544&adf=1795251393&pi=t.ma~as.2619098183&w=120&lmt=1682440439&format=120x600&url=https%3A%2F%2Fvindavoz.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682440438854&bpp=2&bdt=387&idt=229&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8714819021023&frm=20&pv=1&ga_vid=2091429159.1682440439&ga_sid=1682440439&ga_hid=402077848&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=76&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071755%2C31073967%2C31073973%2C31074088%2C44789762&oid=2&pvsid=2430234488376507&tmod=1169851320&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kLdUmGeexW&p=https%3A//vindavoz.ru&dtd=236
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 25 Apr 2023 16:33:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/16983247560663963509/ Frame B47C 55 KB
55 KB 24ms
19ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16983247560663963509/2076313506083323656

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1053ffb0d7174a8f915a80250ac7ad7308cfd0fc5200b2f3563b1542ed42f383

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:27:27 GMT
x-content-type-options: nosniff
age: 392
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56142
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 14:41:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 24 Apr 2024 16:27:27 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/15218100322047127956/ Frame B47C 4 KB
4 KB 29ms
23ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15218100322047127956/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b971b6feb106c14543843e1e1f357d22503d42dafb0353d1c538892e695e8e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:26:48 GMT
x-content-type-options: nosniff
age: 431
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3813
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 14:41:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 24 Apr 2024 16:26:48 GMT

GET
DATA 200
OK truncated
/ Frame B47C 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame EE0E 29 KB
30 KB 35ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:16:02 GMT
x-content-type-options: nosniff
age: 299877
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 05:16:02 GMT

GET
DATA 200
OK truncated
/ Frame E373 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09e761b6c42edfe2de6ccce11477d29b5e82e4b26ea98142955057a0ad47fa5e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response
pagead2.googlesyndication.com/bg/ Frame E124 36 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 12:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14209
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Apr 2024 12:11:53 GMT

GET
DATA 200
OK truncated
/ Frame B47C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17e532f0fecd801a09ff90b52d7681d1584b8484459d7fb0530aed3b44d31e0a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame E373 29 KB
29 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:16:02 GMT
x-content-type-options: nosniff
age: 299877
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 05:16:02 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B47C 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options: nosniff
age: 397716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Apr 2024 02:05:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B47C 15 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 257384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 17:04:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B47C 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 15:24:53 GMT
x-content-type-options: nosniff
age: 263346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 15:24:53 GMT

GET
H3 200 sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response
pagead2.googlesyndication.com/bg/ Frame 6DFD 36 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 12:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14209
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Apr 2024 12:11:53 GMT

GET
H3 200 sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response
pagead2.googlesyndication.com/bg/ Frame 1AC5 36 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 12:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14209
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Apr 2024 12:11:53 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304200101/ 149 KB
51 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304200101/reactive_library_fy2021.js?bust=31074088

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f738ea35894eae8ce4dd264a1e5301559d8c3c45e7a4d8b99a6338e91307de1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:34:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51688
x-xss-protection: 0
server: cafe
etag: 6911556937457815912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 16:34:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vindavoz.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:34:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vindavoz.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:34:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/ Frame 09E3 10 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vindavoz.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3737
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Apr 2023 15:31:43 GMT
etag: 2378337311435320485
expires: Tue, 09 May 2023 15:31:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 09E3 5 KB
659 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Apr 2023 16:34:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 16:02:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Apr 2023 16:34:00 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 09E3 205 B
229 B 8ms
8ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:16:28 GMT
x-content-type-options: nosniff
age: 22652
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 24 Apr 2024 10:16:28 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 09E3 604 B
628 B 8ms
8ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 14:43:34 GMT
x-content-type-options: nosniff
age: 6626
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 24 Apr 2024 14:43:34 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/elements/html/ Frame 09E3 19 KB
8 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 15:24:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8167
x-xss-protection: 0
server: cafe
etag: 3140062999518874537
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 May 2023 15:24:08 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B33D 9 KB
921 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Apr 2023 16:34:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 15:24:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Apr 2023 16:34:00 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame B33D 2 KB
765 B 18ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 16:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 May 2023 16:42:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/ Frame B33D 21 KB
8 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 16:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 May 2023 16:42:18 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame B33D 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 15:10:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 May 2023 15:10:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame B33D 19 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 21:21:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69135
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 May 2023 21:21:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B33D 159 KB
49 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:34:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Apr 2023 16:34:00 GMT

GET
H3 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame B33D 32 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 05:50:21 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B462 143 B
166 B 8ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 735
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Apr 2023 16:21:45 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B462
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

23ms
23ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Apr 2023 16:34:00 GMT
expires: Tue, 25 Apr 2023 16:34:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Apr 2023 16:34:00 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EE0E 42 B
64 B 60ms
45ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6pNjWq1Q8TTqfUXereJI6NBtpCBxmaXGtqpL93cBmLXn9dqzaGuHbpVu5cXX7Dlx4h7713jIXwKwdrRTRNcTnYIHGLkLvSBiSxINMEDQKEGAB3LXm152LjC9GL5rcb98JlsCatg&sai=AMfl-YRfL_LKaGY-Z40JtHe5tVQVtaZbtEa4uIPRYU_-ovHDNtpvUo5GVysii6cLeoYVzpQflNJEhHiMXsme&sig=Cg0ArKJSzA1J4fAmS_zmEAE&cid=CAQSGwBygQiDnKD0qUqrkfPW8e51bafzikeRVvRw0RgB&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=0.72&if=1&vu=1&app=0&itpl=22&adk=1097189318&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682440439144&rpt=572&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 16:34:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
872 B 44ms
44ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=2293119;u=https%3A//vindavoz.ru/;st=1682440438693;title=%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%BE%20Windows%20XP%2C%207%2C%208%2C%2010;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=7808799ef7bd8003;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1682440438134/////0/1/146/146/257/200/257/330/364/333/559/559/577/2662/2662/;ni=9.8//4g/0/0/;lvid=1682440438951%3A1682440440798%3A2%3Ada0206c09b24fc02835372efe60312dd;opts=dl%2Cjst-gtag-ga-ym;visible=true;_=0.7107939563469963;e=RT/load;et=1682440440797

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:34:00 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 57ms
57ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230420&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3cbb8a6e385cd068d139136edfc4ba938554eef66d462ab565100cb74ac485e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:34:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11235
x-xss-protection: 0

GET
H3 200 sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response
pagead2.googlesyndication.com/bg/ Frame 9AAE 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js

Requested by

Host: vindavoz.ru
URL: https://vindavoz.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 12:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14209
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Apr 2024 12:11:53 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:34:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Apr 2023 16:34:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E373 42 B
64 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssaPDhrc4mmcmy2NlhF60dXg3m_fuHBkvZoVO9QeNYQok6BcO1oNJ6aUsdmXSM-Q5D2MEvohYlabXXJZBaBr_a556RNb2BfXMrptLQ4rkYMgF_1mMO-HE6OIRkTgZIgEFcgO2s14A&sai=AMfl-YQbVsBYH8rLqzCfr-5Gb0h0-GQNQH_Hetun0z9YcL6bsLFKghHHlcMihF6p142aE6UL9nr_Mvr8xotZ&sig=Cg0ArKJSzCSjo8W5waB1EAE&cid=CAQSGwBygQiDnuthfx8NXqluxZKGEiCyBx8KjevrDRgB&id=lidar2&mcvt=1002&p=0,0,280,1018&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3199321624&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682440439101&rpt=770&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 16:34:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B47C 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-6XebxVD2IlUgkaAom3Gc-fTVXsouh1HCP8dRCyzoBu2dxyh7A8Xr5716AIennYhvCRCb51_ccX0eYON7944jukMc9OE-MJ7OfpgMKaipYVisxh5Az5rhCgPpkHdx99cCnobuGQ&sai=AMfl-YQAriyDbmL1j_ytezeRwVAEcZq1GVDus5BTEPJalJ7bZZPMgxsWynbixvLzUEkC75pzMXVWgV_fdSLz&sig=Cg0ArKJSzEm_n7TDmzBQEAE&cid=CAQSGwBygQiDjwptzLx8tmz_sRKS2dLWVqRlFLnGQRgB&id=lidar2&mcvt=1000&p=0,0,600,120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=783891544&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682440439091&rpt=798&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 16:34:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F5EE 13 KB
5 KB 19ms
18ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vindavoz.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 32711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Apr 2023 07:28:49 GMT
expires: Wed, 24 Apr 2024 07:28:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 702B 783 B
970 B 18ms
17ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9b9e5ed3f2fd334a887bcb5e1983e42d153308f4df88412bfa35479355e5c30f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ij8U-jjH-O_eY5Qqnnp2QA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vindavoz.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-Ij8U-jjH-O_eY5Qqnnp2QA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 25 Apr 2023 16:34:00 GMT
expires: Tue, 25 Apr 2023 16:34:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 702B 0
0 109ms
108ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230420&jk=2430234488376507&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response
pagead2.googlesyndication.com/bg/ Frame F5EE 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 12:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14209
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Apr 2024 12:11:53 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F5EE 0
10 B 18ms
18ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?x7VSbA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:34:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 114ms
114ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230420&jk=2430234488376507&bg=!GBulG0_NAAYfNdXmPzU7ADkAdvg8WlI2miIeH0WINUCYdmPKz9nZrDRiS9icJoB_-H-yV-HWsq2mpR1zi_ezvdZg2A6JBpHHjvUCAAAARVIAAAACaAEHmQLSPEfogh_vtaTPdsfdu7srCISQoBzGOO8vRjpAsBeIb0vRxhFLrK8Y0R6vTccVLj8y7t2oqkURY_RqjtQzl37grWn0_mIXNVqwu_H9wVxDLXz1_VVTAtXVKeyX2f3jydxyva1PZOLIw1fXBxaCRsVh2y-xFepTC6ayzYmECzuDbQOeh5P87kJQnkcOcWbSV4SlzsQjS5Uwvrd-SRpsuQpzB60spVcO8USjNxVXSXEDesT-L0JMuypcJ1wPyDm7fHMTLwfeXJ6nvSihs8hPyZgqYNZAz6BJSvtxlh2nGRC09dmXlvQKlmZaYA52Tr2bZhGyAz6Ls-AAe90qim3LR3tdYeWHA_ejbUuv9M1w2p4Ik0v7lacj9zZ-xzQPoySbYKuXRFOJBSos48-DSxMAhmJEjqPvZQ3_zRdj2Z1s39JJMTQP3IRUXCaAVN2pfURV_oH6q9_un5o_gdk-Al98cO0nd_MI7e0VELEmrFCxDJv2H_sffjAhU130OuTHNqTXY29LcYIckLp681Jiyexf4uG9_TpGwvhd1we0TPOHS1bEgRFBPZ7LY-5UJBR4lspmHteVaEd117Vf9H3NNjmmVRyRE2buWxb9lWfX97ghehwg6gbX-UVwMKrZ8freFfbD0RAKSOr9BY6mP7Ddqndad4Q931Y2KhJ2vUnUKm2MU0yb2taSSApsMaPwKGpQlFcq-eCiuy8k__6cuYjgSkQlFJVjZZdctHPjY2HZwwiNzw37VvU1R8mpXc6n4ZhpPWVl4Ml2phaVuqpR_MtBMe48VunNPm0DHl0YLizSuG5AGdUhYb2X-oy0DDW0sLLfVhR6igE057tcYM8nsGNEqbEpiopYSUxN69kLHojVdsrBAhGeNS8H-uKDB8J6YBTK_oQhV_6sn70CS-54Qt2-V53l-6sNLCCLNvBhu99eepVKOgN2RW3LSmPCQxwjghy8fUjdSpq0haE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vindavoz.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,300,400,600,700&subset=latin,cyrillic

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=PT+Sans+Narrow:400,700&subset=latin,cyrillic

Domain: www.google.ru
URL: http://www.google.ru/coop/cse/brand?form=cse-search-box&lang=ru

Domain: js.hotlog.ru
URL: http://js.hotlog.ru/dcounter/2276691.js

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vindavoz.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: c2012c368e0bed4e403d3faa0434ab54
.vindavoz.ru/	1970-01-20 11:22:06	Name: _gid Value: GA1.2.655172922.1682440439
.vindavoz.ru/	1970-01-20 11:20:40	Name: _gat_gtag_UA_125814068_1 Value: 1
.vindavoz.ru/	1970-01-20 20:56:40	Name: _ga_Z53KQ0ETEG Value: GS1.1.1682440438.1.0.1682440438.0.0.0
.vindavoz.ru/	1970-01-20 20:56:40	Name: _ga Value: GA1.1.2091429159.1682440439
.yadro.ru/	1970-01-20 20:05:06	Name: FTID Value: 1aI03s3q7vOY1aI03s001Qas
.relap.io/	1970-01-20 20:56:40	Name: unique Value: e0E5FD29EeC8cb26
.relap.io/	1970-01-20 20:56:40	Name: fsts Value: 1682440438
.relap.io/	1969-12-31 23:59:59	Name: suid Value: 3473800e7b245117d2984c23bc247361a641ab49--27da7e00db0f3f403b0ced6fd40488f8bc4c2a364ae70c8755302644b94caf43
.relap.io/	1969-12-31 23:59:59	Name: 3rdpce Value: 1
.yadro.ru/	1970-01-20 20:05:06	Name: VID Value: 2NJT2b1Vlb8Y1aI03s001Qbn
.vindavoz.ru/	1970-01-20 19:20:11	Name: tmr_lvid Value: da0206c09b24fc02835372efe60312dd
.vindavoz.ru/	1970-01-20 19:20:11	Name: tmr_lvidTS Value: 1682440438951
.relap.io/	1970-01-20 20:56:40	Name: lsts Value: 1682440439
.relap.io/	1970-01-20 11:22:06	Name: hllc Value: 2
.relap.io/	1970-01-20 11:20:44	Name: rlpadbf Value: 1
.vindavoz.ru/	1970-01-20 20:06:16	Name: _ym_uid Value: 1682440439961370513
.vindavoz.ru/	1970-01-20 20:06:16	Name: _ym_d Value: 1682440439
.vindavoz.ru/	1970-01-20 20:42:16	Name: __gads Value: ID=a2887ef870e7f6a3-2239018daddd0028:T=1682440439:RT=1682440439:S=ALNI_MbAMMkPYuy-8FRIHjSDOpvOE47rmA
.vindavoz.ru/	1970-01-20 20:42:16	Name: __gpi Value: UID=00000befab269b40:T=1682440439:RT=1682440439:S=ALNI_MYXrnRym3Mt2mRT47yEUbzTKw4Xcw
.vindavoz.ru/	1970-01-20 11:21:52	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 11:20:41	Name: sync_cookie_csrf Value: 1915570106fake
.mc.yandex.ru/	1970-01-20 11:20:41	Name: sync_cookie_csrf Value: 2042430600fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 180516351682440439
.yandex.com/	1970-01-20 20:56:40	Name: i Value: Pl838E7o5LHT8bq8VJ1eyJLW9l3scpKyjazrE5kSgwXlx8kNCgeAnG824atDP7w0cpdbRWC2x6mbMoe8nKVpAlPo8Vg=
.yandex.com/	1970-01-20 20:56:40	Name: yandexuid Value: 5983440781682440439
.yandex.com/	1970-01-20 20:06:16	Name: yuidss Value: 5983440781682440439
.yandex.com/	1970-01-20 20:06:16	Name: ymex Value: 1713976439.yc.1682440439#1713976439.yrts.1682440439#1713976439.yrtsi.1682440439
.yandex.com/	1970-01-20 20:06:16	Name: bh Value: KgI/MA==
.doubleclick.net/	1970-01-20 20:42:16	Name: IDE Value: AHWqTUk49eA387LF9GhrIT_nWqrHm23ZbXFhS_WUTR-IG__5F6Nqc4yVVTSrxbXxpVU
.doubleclick.net/	1970-01-20 11:20:41	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 11:20:44	Name: DSID Value: NO_DATA
.mail.ru/	1970-01-20 20:07:42	Name: VID Value: 2df1Xl3V102H00000q1eP4YH:::0-0-0-96259b6:CAASELYrurbel5uhVOPU2kR0DfUaYF3uTwvCAnVNa5xYUK7G1dBD2Phnddg2Pqa2JL797b1eF9MsPufMQobUeWcmfmb8g2EtzVK8_dg20wqlb4rD_pKvjFfaeplpFVqkEbEgxU-3j0UIlJx9HMv4x05ug4-jww
vindavoz.ru/	1970-01-20 11:22:06	Name: tmr_detect Value: 0%7C1682440441306

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://vindavoz.ru/(Line 39) Message: Mixed Content: The page at 'https://vindavoz.ru/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,300,400,600,700&subset=latin,cyrillic'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://vindavoz.ru/(Line 40) Message: Mixed Content: The page at 'https://vindavoz.ru/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=PT+Sans+Narrow:400,700&subset=latin,cyrillic'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://vindavoz.ru/(Line 101) Message: Mixed Content: The page at 'https://vindavoz.ru/' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://vindavoz.ru/search.html'. This endpoint should be made available over a secure connection.
security	error	URL: https://vindavoz.ru/ Message: Mixed Content: The page at 'https://vindavoz.ru/' was loaded over HTTPS, but requested an insecure script 'http://www.google.ru/coop/cse/brand?form=cse-search-box&lang=ru'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://vindavoz.ru/(Line 410) Message: Mixed Content: The page at 'https://vindavoz.ru/' was loaded over HTTPS, but requested an insecure script 'http://js.hotlog.ru/dcounter/2276691.js'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.hotlog.ru
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
relap.io
top-fwz1.mail.ru
tpc.googlesyndication.com
vindavoz.ru
www.google-analytics.com
www.google.com
www.google.ru
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
fonts.googleapis.com
js.hotlog.ru
www.google.ru
2001:4860:4802:32::36
2a00:1450:4001:800::2003
2a00:1450:4001:801::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2004
2a00:1450:4001:830::2002
2a02:6b8::1:119
2a03:c980:5fb7:f6b:95:183:15:107
88.212.201.198
95.163.43.46
95.163.52.67
03bac09fe84e45a1fb12790ca5ae109b9166231fb2c5f963aa72eef90633d77f
05f12aac06e5d72dedafdacd657f3b685a1ff6ac6a5f0473819cd57fcb40530f
09e761b6c42edfe2de6ccce11477d29b5e82e4b26ea98142955057a0ad47fa5e
0aa415b4c962a4efc7177151035c597cbc57d7098de604d9dd3b0d7b67726560
0eefa00a4b0582ff21013ef2b5ae839199a99914432c0cfec6da1c728cb8a83e
1053ffb0d7174a8f915a80250ac7ad7308cfd0fc5200b2f3563b1542ed42f383
1318ef5f4f0e2f32fb2fd399260c54b5f15c6d9d909a3e224fab4bb7760a0cff
171bd5d3b7c902480919a65c1019a0e17f5ee62955c77e7db93a47d616c90b07
17e532f0fecd801a09ff90b52d7681d1584b8484459d7fb0530aed3b44d31e0a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1810802204e1e3f948391f2ef81febe537cbed5d0a124f2c75ee4fb18f3edacb
1cf28db32b3068b8b7e976ce34f82561d53c63f530a3141a6929b9343ee7f27f
210340069c6e7b9a4eee6b9880287f411d1a43748b933ede336f531ae266883e
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2863a3c4b28eff35b244a579bfa102c2796b9153ecf0ee07579ce2e7e1de2dc4
2ae1512e2ea26d032b18ccf5e48f9feb9c523547220d020128c40cb64b27bb99
2c4930c2f662051f1adef033e83b32a39f2f27fd3db676a89dd2ec039ac00796
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
2f5999290c38dbb4ea38cf589785bb0e9dd7ddebaadd70befa6cb924561907bf
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32ed7dbf215c63d5132c3da4f7fe176bd8153b83672de1c0b4a6beeb1bee973d
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
43c027581d0486ea0744002a3806bc0305fc9a40d0cbd3d2dd3870395aa485be
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ee3facf1f835a3a42353b05ac20516c56e8953f5b37cf6c240724b4d18b77a1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561b1e75f913f18ce6d6e73ccea7e25c0aaaef23a2469a3f55824f8984e709c4
56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439
58c298d24aad5b556a5f400304f692d50e647e475e7f6c5679010638721ee600
5b9b5b9e92ca410c2b2c97c9bf53d51ebf533520c4737698ae96ea3897685313
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6342cd72bf816bc71d93bdb8900577fc7014c6b1aa09ba9be36c47c3f6e30f69
641bca2667a6fabc3119a6191d88f5b5712c2966426aad8500ecadd07e8fc114
64427d670b121a26080266c80484256a6fd7b9e5f95b5205c5bd8884889c193b
6b55410b4c66906cbfea9b4758b09d55b0240a68cf8f308d4c65e70336dc9534
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ff0ec32e2d11708e361c1b9b8702b1e0efa4570cc5f4d435b5cba014725b434
799936ec0d2388f52363f19a2bcc4f1aba2f6fcc3489758771e0df23e23bd0b4
7cc068005e5469ffc41ac56d97663dc9d00df86d6dafa1947344316ce3401be3
7f4863b228433690018903cd25a607870e67af9c805157631394a0a0677348dd
831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
88c546face023648a862537a6307cda22fc17aa642f9e09aeb524318673fa045
8ba1ba3c3f3095372e588504d55793118b760c6f1735cc42a1b174b68a2c9d87
982ef9bec5c65c3cf0f87a4c6bdae9215f329a18f3810036fddaa8cf8ec193f7
9b9e5ed3f2fd334a887bcb5e1983e42d153308f4df88412bfa35479355e5c30f
a3633d4a507b989aa4931f77aaa7277b33729fd0c5457d0b3ce4b50d6b43682c
a3dc7a87da4eb4880f59928033e49a3193ced6631b0541d1b84708f45290d91f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b971b6feb106c14543843e1e1f357d22503d42dafb0353d1c538892e695e8e6c
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738
c5d24abbbb2734843f731b7509bd6a997477f474a7aa9247d60a082cd4ad31bd
c86f7b62a894d5799f1aa0a535efb34ed6f914447f901f1da50c837dee13fa72
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
d3cbb8a6e385cd068d139136edfc4ba938554eef66d462ab565100cb74ac485e
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dac8668ef53d1284e69753d0a931b11aa7828b17bf600d04d4c867984c399b18
e2585cd32c1a0d70f7a408e121247b56bfcee11ac3d3418d46c86364917dc153
e29f972527fba502ab11e9a889538d35368a7280215e478297fb1c30d1d7e044
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f323fc9e13fd6a7758914ff9eefe58a1828eceaf1fe979659b1117694910c1e4
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f738ea35894eae8ce4dd264a1e5301559d8c3c45e7a4d8b99a6338e91307de1d
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f9a2d4090f8fac10ddf907b7a4a4f713bec305b2c7c5ad604244390377113f29
f9b27c01499ac82556d0dd1184cae4d867da188561e14b9634b12f046f2f070a

vindavoz.ru Open in urlscan Pro 2a03:c980:5fb7:f6b:95:183:15:107 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

121 Requests

93 %HTTPS

83 %IPv6

18 Domains

22 Subdomains

19 IPs

3 Countries

1661 kBTransfer

4047 kBSize

34 Cookies

5 Outgoing links

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

vindavoz.ru Open in urlscan Pro
2a03:c980:5fb7:f6b:95:183:15:107 Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

93 %
HTTPS

83 %
IPv6

18
Domains

22
Subdomains

19
IPs

3
Countries

1661 kB
Transfer

4047 kB
Size

34
Cookies

121 HTTP transactions
8 data transactions