ms-word-download.ru Open in urlscan Pro
185.244.217.228 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ms-word-download.ru/
Submission: On July 10 via manual (July 10th 2023, 9:24:34 am UTC) from DE — Scanned from NL

Summary HTTP 125 Redirects Behaviour Indicators

Summary

This website contacted 32 IPs in 10 countries across 49 domains to perform 125 HTTP transactions. The main IP is 185.244.217.228, located in Dronten, Netherlands and belongs to ON-LINE-DATA Server location - Netherlands, Dronten, NL. The main domain is ms-word-download.ru.
TLS certificate: Issued by R3 on June 10th 2023. Valid for: 3 months.

This is the only time ms-word-download.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	185.244.217.228 185.244.217.228	204601 (ON-LINE-D...) (ON-LINE-DATA Server location - Netherlands)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
11 24	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
2	95.216.65.102 95.216.65.102	24940 (HETZNER-AS) (HETZNER-AS)
3	88.208.46.222 88.208.46.222	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 19	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	159.69.75.12 159.69.75.12	24940 (HETZNER-AS) (HETZNER-AS)
12	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
1 24	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8::184 2a02:6b8::184	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	35.177.4.157 35.177.4.157	16509 (AMAZON-02) (AMAZON-02)
3 3	167.235.177.244 167.235.177.244	24940 (HETZNER-AS) (HETZNER-AS)
1 1	193.3.184.213 193.3.184.213	50214 (QWARTA) (QWARTA)
3 4	96.46.183.20 96.46.183.20	7979 (SERVERS-COM) (SERVERS-COM)
1 2	54.229.40.109 54.229.40.109	16509 (AMAZON-02) (AMAZON-02)
3 5	52.211.64.27 52.211.64.27	16509 (AMAZON-02) (AMAZON-02)
1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
2 9	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (VK-AS) (VK-AS)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
1	85.111.6.50 85.111.6.50	9121 (TTNET) (TTNET)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
1 1	2001:6d0:4001... 2001:6d0:4001::226	52016 (ADFACT) (ADFACT)
2	37.18.16.16 37.18.16.16	205675 (HYBRID-AS) (HYBRID-AS)
1 2	185.15.175.144 185.15.175.144	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 1	188.68.217.18 188.68.217.18	49505 (SELECTEL) (SELECTEL)
1 1	144.76.119.17 144.76.119.17	24940 (HETZNER-AS) (HETZNER-AS)
2 2	89.108.127.68 89.108.127.68	197695 (AS-REG) (AS-REG)
1 1	178.170.196.176 178.170.196.176	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
2 2	217.66.147.38 217.66.147.38	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
2 2	217.66.147.42 217.66.147.42	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
2 2	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1 1	217.65.2.150 217.65.2.150	3175 (CITYTELEC...) (CITYTELECOM-MSK)
2 2	23.88.12.14 23.88.12.14	24940 (HETZNER-AS) (HETZNER-AS)
1 1	91.192.150.14 91.192.150.14	42481 (BEGUN-AS) (BEGUN-AS)
2 2	193.232.150.61 193.232.150.61	48061 (UMA-TECH-AS) (UMA-TECH-AS)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:48bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	31.220.27.155 31.220.27.155	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 2	95.217.109.66 95.217.109.66	24940 (HETZNER-AS) (HETZNER-AS)
1 1	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
2	81.222.128.215 81.222.128.215	20597 (ELTEL-AS) (ELTEL-AS)
1	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	194.55.244.181 194.55.244.181	34959 (PROCLOUD ...) (PROCLOUD PROCLOUD MSK)
2 2	188.42.105.236 188.42.105.236	7979 (SERVERS-COM) (SERVERS-COM)
2 2	148.251.236.118 148.251.236.118	24940 (HETZNER-AS) (HETZNER-AS)
2 2	89.108.119.43 89.108.119.43	197695 (AS-REG) (AS-REG)
1 1	45.9.26.83 45.9.26.83	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 1	87.242.93.112 87.242.93.112	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1	2a02:6b8::5:114 2a02:6b8::5:114	208722 (GLOBAL_DC) (GLOBAL_DC)
2 3	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
125	32

9 185.244.217.228 (Dronten, Netherlands)

ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: 3150895.ds.had.pm

ms-word-download.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a02:6b8:a::a (Moscow, Russian Federation) 11 redirects

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.216.65.102 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: frodo.min.org.ua

rbfour.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.208.46.222 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

smatr.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
smelel.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.75.12 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.12.75.69.159.clients.your-server.de

ms-word-download.realpush.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.4.157 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-4-157.eu-west-2.compute.amazonaws.com

px.arcspire.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.235.177.244 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz2024479.sapientru.net

acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.3.184.213 (Russian Federation) 1 redirects

ASN50214 (QWARTA, RU)

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 96.46.183.20 (United States) 3 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.40.109 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-40-109.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.211.64.27 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-64-27.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
euw-ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.181.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.111.6.50 (Turkey)

ASN9121 (TTNET, TR)
PTR: ns1.ttidc.com.tr

rtb.programattik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (ADFACT, RU)

cm.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.18.16.16 (Russian Federation)

ASN205675 (HYBRID-AS, DE)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.144 (Russian Federation) 1 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.68.217.18 (St Petersburg, Russian Federation) 1 redirects

ASN49505 (SELECTEL, RU)

dsp.mpartner.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.119.17 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.17.119.76.144.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.127.68 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: srv4.kimberlite.io

kimberlite.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.170.196.176 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr13.segmento.ru

solta-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.66.147.38 (St Petersburg, Russian Federation) 2 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-38-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.66.147.42 (St Petersburg, Russian Federation) 2 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-42-147-66-217.spbmts.ru

vma.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.87.44.187 (Russian Federation) 2 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation) 1 redirects

ASN3175 (CITYTELECOM-MSK, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.88.12.14 (Gunzenhausen, Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.14.12.88.23.clients.your-server.de

nr.bidderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.150.14 (Russian Federation) 1 redirects

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru

profile.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.61 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp5.senders.rutube.ru

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:48bf (United States)

ASN13335 (CLOUDFLARENET, US)

rtb-eu-warsaw.intent.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.155 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.217.109.66 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de

sonar.semantiqo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.215 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad15.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.172 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.55.244.181 (Russian Federation)

ASN34959 (PROCLOUD PROCLOUD MSK, RU)

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.105.236 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

sync.gonet-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.236.118 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-4.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.119.43 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.9.26.83 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr03.segmento.ru

yandex-dmp-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.242.93.112 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr15.segmento.ru

yandex-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	yandex.ru 13 redirects yandex.ru — Cisco Umbrella Rank: 1687 mc.yandex.ru — Cisco Umbrella Rank: 3245 an.yandex.ru — Cisco Umbrella Rank: 4935 ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 24515	243 KB
12	yastatic.net yastatic.net — Cisco Umbrella Rank: 5573	231 KB
9	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 254 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57	8 KB
9	ms-word-download.ru ms-word-download.ru	248 KB
6	google.nl www.google.nl — Cisco Umbrella Rank: 7668	995 B
6	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 10	1 KB
6	mts.ru 6 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 34990 vma.mts.ru tech.rtb.mts.ru — Cisco Umbrella Rank: 41115	4 KB
5	360yield.com 3 redirects match.360yield.com — Cisco Umbrella Rank: 2409 euw-ice.360yield.com — Cisco Umbrella Rank: 12583	1 KB
4	betweendigital.com 3 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1863	3 KB
4	gstatic.com fonts.gstatic.com	51 KB
3	googleadservices.com 2 redirects www.googleadservices.com — Cisco Umbrella Rank: 169	17 KB
3	rutarget.ru 3 redirects solta-sync.rutarget.ru — Cisco Umbrella Rank: 56554 yandex-dmp-sync.rutarget.ru — Cisco Umbrella Rank: 67569 yandex-sync.rutarget.ru — Cisco Umbrella Rank: 67526	1 KB
3	acint.net 3 redirects acint.net — Cisco Umbrella Rank: 22610	1 KB
2	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 16386	1 KB
2	upravel.com 2 redirects sync.upravel.com — Cisco Umbrella Rank: 39319	1 KB
2	gonet-ads.com 2 redirects sync.gonet-ads.com — Cisco Umbrella Rank: 23936	578 B
2	adriver.ru ssp.adriver.ru — Cisco Umbrella Rank: 25029	402 B
2	semantiqo.com 1 redirects sonar.semantiqo.com — Cisco Umbrella Rank: 66127	976 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 13096	593 B
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 17605	812 B
2	bidderstack.com 2 redirects nr.bidderstack.com — Cisco Umbrella Rank: 35802	776 B
2	kimberlite.io 2 redirects kimberlite.io — Cisco Umbrella Rank: 31143	1 KB
2	digitaltarget.ru 1 redirects dmg.digitaltarget.ru — Cisco Umbrella Rank: 21230	697 B
2	hybrid.ai dm.hybrid.ai — Cisco Umbrella Rank: 9938	516 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 218	2 KB
2	smelel.icu smelel.icu — Cisco Umbrella Rank: 912157	968 B
2	rbfour.bid rbfour.bid — Cisco Umbrella Rank: 383935	10 KB
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 19099	69 B
1	bumlam.com sync.bumlam.com — Cisco Umbrella Rank: 3852	390 B
1	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9378	332 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 10937	205 B
1	intent.ai rtb-eu-warsaw.intent.ai — Cisco Umbrella Rank: 64876	830 B
1	rambler.ru 1 redirects profile.ssp.rambler.ru — Cisco Umbrella Rank: 42222	228 B
1	new-programmatic.com 1 redirects match.new-programmatic.com — Cisco Umbrella Rank: 37897	262 B
1	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 18858	178 B
1	mpartner.digital 1 redirects dsp.mpartner.digital — Cisco Umbrella Rank: 54884	373 B
1	tns-counter.ru 1 redirects cm.tns-counter.ru — Cisco Umbrella Rank: 66348	386 B
1	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 1435	228 B
1	programattik.com rtb.programattik.com — Cisco Umbrella Rank: 36814	152 B
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 2930	468 B
1	mail.ru ad.mail.ru — Cisco Umbrella Rank: 9416	764 B
1	bluevoox.com im.bluevoox.com — Cisco Umbrella Rank: 14999	241 B
1	sape.ru 1 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 26165	698 B
1	arcspire.io 1 redirects px.arcspire.io — Cisco Umbrella Rank: 60816	317 B
1	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 6806	93 KB
1	realpush.digital ms-word-download.realpush.digital	2 KB
1	smatr.icu smatr.icu	15 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	1 KB
0	whiteboxdigital.ru Failed mitdmp.whiteboxdigital.ru Failed
125	49

	Domain	Requested by
24	an.yandex.ru	1 redirects yandex.ru
24	yandex.ru	11 redirects ms-word-download.ru yandex.ru yastatic.net
19	mc.yandex.ru	1 redirects ms-word-download.ru mc.yandex.ru yastatic.net
12	yastatic.net	yandex.ru yastatic.net ms-word-download.ru
9	ms-word-download.ru	ms-word-download.ru rbfour.bid
6	www.google.nl
6	www.google.com	2 redirects
6	googleads.g.doubleclick.net	2 redirects www.googleadservices.com
4	ads.betweendigital.com	3 redirects
4	fonts.gstatic.com	fonts.googleapis.com
3	www.googleadservices.com	2 redirects yastatic.net
3	cm.g.doubleclick.net
3	match.360yield.com	1 redirects
3	acint.net	3 redirects
2	x01.aidata.io	2 redirects
2	sync.upravel.com	2 redirects
2	sync.gonet-ads.com	2 redirects
2	ssp.adriver.ru
2	sonar.semantiqo.com	1 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	px.adhigh.net	2 redirects
2	nr.bidderstack.com	2 redirects
2	tech.rtb.mts.ru	2 redirects
2	vma.mts.ru	2 redirects
2	sm.rtb.mts.ru	2 redirects
2	kimberlite.io	2 redirects
2	euw-ice.360yield.com	2 redirects
2	dmg.digitaltarget.ru	1 redirects
2	dm.hybrid.ai
2	dpm.demdex.net	1 redirects
2	smelel.icu	smatr.icu
2	rbfour.bid	ms-word-download.ru rbfour.bid
1	ysa-static.passport.yandex.ru
1	yandex-sync.rutarget.ru	1 redirects
1	yandex-dmp-sync.rutarget.ru	1 redirects
1	sync.dmp.otm-r.com
1	sync.bumlam.com
1	counter.yadro.ru	1 redirects
1	s.uuidksinc.net	1 redirects
1	rtb-eu-warsaw.intent.ai
1	profile.ssp.rambler.ru	1 redirects
1	match.new-programmatic.com	1 redirects
1	solta-sync.rutarget.ru	1 redirects
1	exchange.buzzoola.com	1 redirects
1	dsp.mpartner.digital	1 redirects
1	cm.tns-counter.ru	1 redirects
1	sync.adkernel.com
1	rtb.programattik.com
1	t.adx.opera.com
1	ad.mail.ru
1	im.bluevoox.com
1	ssp-rtb.sape.ru	1 redirects
1	px.arcspire.io	1 redirects
1	avatars.mds.yandex.net
1	ms-word-download.realpush.digital	ms-word-download.ru
1	smatr.icu	ms-word-download.ru
1	fonts.googleapis.com	ms-word-download.ru
0	mitdmp.whiteboxdigital.ru Failed
125	58

This site contains no links.

Subject Issuer	Validity	Valid
ms-word-download.ru R3	`2023-06-10` - `2023-09-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2023-06-21` - `2023-12-19`	6 months	crt.sh
rbfour.bid R3	`2023-06-30` - `2023-09-28`	3 months	crt.sh
smatr.icu R3	`2023-05-31` - `2023-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
smelel.icu R3	`2023-05-31` - `2023-08-29`	3 months	crt.sh
realpush.digital R3	`2023-06-23` - `2023-09-21`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-02-01` - `2023-08-01`	6 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-04-08` - `2023-10-07`	6 months	crt.sh
*.avatars.mds.yandex.net GlobalSign RSA OV SSL CA 2018	`2023-03-06` - `2023-10-06`	7 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-26` - `2023-09-26`	a year	crt.sh
intent.ai GTS CA 1P5	`2023-06-08` - `2023-09-06`	3 months	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-03-07` - `2024-04-07`	a year	crt.sh
*.bumlam.com R3	`2023-05-02` - `2023-07-31`	3 months	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G4	`2023-06-19` - `2024-07-20`	a year	crt.sh
ysa-static.passport.yandex.net GlobalSign ECC OV SSL CA 2018	`2023-03-06` - `2023-10-06`	7 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://ms-word-download.ru/
Frame ID: 7BBB2ABD7ABC0CC59789AEBC8F1844ED
Requests: 53 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: 855BDA85621D05E22AA5A669AA75A220
Requests: 70 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Microsoft Word скачать для Windows бесплатно и без регистрации

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

125
Requests

70 %
HTTPS

24 %
IPv6

49
Domains

58
Subdomains

32
IPs

10
Countries

921 kB
Transfer

2401 kB
Size

55
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://mc.yandex.ru/watch/80150683?wmode=7&page-url=https%3A%2F%2Fms-word-download.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aew9xzikdbvs4xc57dmj3aan%3Afp%3A765%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A1%3Adp%3A0%3Als%3A1225161438334%3Ahid%3A104078372%3Az%3A0%3Ai%3A20230710092404%3Aet%3A1688981045%3Ac%3A1%3Arn%3A343708536%3Arqn%3A1%3Au%3A1688981045474151148%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A59%2C58%2C385%2C1%2C0%2C0%2C%2C347%2C4%2C%2C%2C%2C852%3Aco%3A0%3Acpf%3A1%3Ans%3A1688981043337%3Arqnl%3A1%3Ast%3A1688981045%3At%3AMicrosoft%20Word%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20Windows%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B8%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr(14)mc(p-1)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
https://mc.yandex.ru/watch/80150683/1?wmode=7&page-url=https%3A%2F%2Fms-word-download.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aew9xzikdbvs4xc57dmj3aan%3Afp%3A765%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A1%3Adp%3A0%3Als%3A1225161438334%3Ahid%3A104078372%3Az%3A0%3Ai%3A20230710092404%3Aet%3A1688981045%3Ac%3A1%3Arn%3A343708536%3Arqn%3A1%3Au%3A1688981045474151148%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A59%2C58%2C385%2C1%2C0%2C0%2C%2C347%2C4%2C%2C%2C%2C852%3Aco%3A0%3Acpf%3A1%3Ans%3A1688981043337%3Arqnl%3A1%3Ast%3A1688981045%3At%3AMicrosoft%20Word%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20Windows%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B8%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Request Chain 46

https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389 HTTP 307
https://an.yandex.ru/mapuid/arcspireis/e2306e4149965f9ec12faf

Request Chain 47

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D HTTP 302
https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D&dp=151&tc=1 HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F$%257BUSER_ID%257D&dp=14 HTTP 302
https://acint.net/rmatch?dp=14&euid=4102420A35CEAB645505A37002F79BD3&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/sapeis/0100007F35CEAB64740FAA3E02AA1811

Request Chain 48

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/a0617ae7-7e86-53bf-b02b-90edd4805ed8

Request Chain 49

https://yandex.ru/an/mapuid/adobedmp/ HTTP 302
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=F05424C21600E86E HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=F05424C21600E86E

Request Chain 50

https://yandex.ru/an/mapuid/azerionis/ HTTP 302
https://match.360yield.com/match?external_user_id=9D58F116D26BB43&publisher_dsp_id=429&publisher_call_type=redirect HTTP 302
https://match.360yield.com/ul_cb/match?external_user_id=9D58F116D26BB43&publisher_dsp_id=429&publisher_call_type=redirect

Request Chain 52

https://yandex.ru/an/mapuid/betweenx/ HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=EFBACA6BF2C91ADC HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=EFBACA6BF2C91ADC&crf=1

Request Chain 53

https://yandex.ru/an/mapuid/blueseaxcom/ HTTP 302
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=30A7090F6CA65F10

Request Chain 55

https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=2B9044359FB222A6&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 56

https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=2B9044359FB222A6&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 57

https://yandex.ru/an/mapuid/google/?partner-tag=yandexru HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=2B9044359FB222A6&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 58

https://yandex.ru/an/mapuid/mailweb/ HTTP 302
https://ad.mail.ru/cm.gif?p=155&id=83544D7D5C30B3E8

Request Chain 60

https://yandex.ru/an/mapuid/operacom/ HTTP 302
https://t.adx.opera.com/sync?vendor=60143&uid=712F138FD23749C6

Request Chain 61

https://yandex.ru/an/mapuid/turktelekomrtb/ HTTP 302
https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=FFCD36C94A06BEEF

Request Chain 62

https://yandex.ru/an/mapuid/xapadsssp/ HTTP 302
https://sync.adkernel.com/user-sync?dsp=94&t=image&uid=F415F70E0DA81D6E

Request Chain 63

https://cm.tns-counter.ru/yacm HTTP 302
https://an.yandex.ru/mapuid/mediascope/732bd0195fb77b4a2fda2b49169c73cce055be0102d510b4d115b6fc0c3592b0

Request Chain 66

https://dmg.digitaltarget.ru/1/119/i/i?i=1688981044 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1688981045257&i=1688981044

Request Chain 67

https://dsp.mpartner.digital/dmp/syncsspdmp?sspid=4 HTTP 301
https://an.yandex.ru/mapuid/mediasurferis/GdbzzjyLAErgTdriFUdGVaWfqZovgmlZ

Request Chain 68

https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID} HTTP 302
https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/azerionis/89cb778e-8ce8-4eda-af09-bbdfa2ee4fd8 HTTP 302
https://match.360yield.com/match?external_user_id=89cb778e-8ce8-4eda-af09-bbdfa2ee4fd8&publisher_dsp_id=429&publisher_call_type=redirect

Request Chain 69

https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D HTTP 301
https://an.yandex.ru/mapuid/buzzooladspis/47a9abf6-440b-4895-6eaf-6fa5c074be2c

Request Chain 70

https://kimberlite.io/rtb/sync/yandex HTTP 307
https://solta-sync.rutarget.ru/sync HTTP 302
https://kimberlite.io/rtb/sync/segmento?u=kFtLBvGW25aq HTTP 307
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZKvONY_qa2s HTTP 301
https://vma.mts.ru/match/second?ssp=59&exu=ZKvONY_qa2s HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=9d7894b1-4a9a-4009-8740-a5bbabd19631&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FnXiUsUqaQAmHQKW7q9GWMQ%3Flocation%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D59%2526em%253D0%26sign%3D3807163214 HTTP 302
https://an.yandex.ru/setud/mts_banner/nXiUsUqaQAmHQKW7q9GWMQ?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=3807163214

Request Chain 71

https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
https://an.yandex.ru/mapuid/targetrtbis/

Request Chain 73

https://nr.bidderstack.com/yandex/cm?user_id={partner_user_id} HTTP 302
https://nr.bidderstack.com/yandex/cm?user_id={partner_user_id}&pupa=1 HTTP 302
https://an.yandex.ru/mapuid/hyperdspis/550ec3e1-8a06-0749-7475-3022c2712653

Request Chain 74

https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
https://an.yandex.ru/mapuid/ramblerssp/

Request Chain 75

https://px.adhigh.net/p/cm/yandexssp HTTP 302
https://px.adhigh.net/p/cm/yandexssp?bounced=1 HTTP 302
https://an.yandex.ru/mapuid/getintentis/x0pjWX7sec8.AikABlGJPx2BUQ

Request Chain 76

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=3096994932 HTTP 302
https://an.yandex.ru/mapuid/dmpweborama/6iGar6qOdUBhFHQNU004AO

Request Chain 78

https://s.uuidksinc.net/match/501 HTTP 302
https://an.yandex.ru/mapuid/kadamis/bQhB7rmMaKrf6lXrXHX5

Request Chain 79

https://sm.rtb.mts.ru/p?ssp=yandex&id=map HTTP 301
https://vma.mts.ru/match/second?ssp=55 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=9d7894b1-4a9a-4009-8740-a5bbabd19631&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F9d7894b1-4a9a-4009-8740-a5bbabd19631 HTTP 302
https://an.yandex.ru/mapuid/mtsdspis/9d7894b1-4a9a-4009-8740-a5bbabd19631

Request Chain 80

https://sonar.semantiqo.com/dmp/scr.php HTTP 302
https://counter.yadro.ru/id127/reff-id.gif?sid=f6c0b42c52f448f6bc9628dfdce6498d HTTP 302
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=f6c0b42c52f448f6bc9628dfdce6498d

Request Chain 85

https://sync.gonet-ads.com/match/yandex?id=[buyerUid] HTTP 302
https://sync.gonet-ads.com/match/yandex?id=%5BbuyerUid%5D&chk=1 HTTP 302
https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ

Request Chain 86

https://sync.upravel.com/yandex/sync HTTP 302
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
https://an.yandex.ru/mapuid/upravelis/ca9e4b00-b663-459c-8e1c-f1a72ac65ed1

Request Chain 87

https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 HTTP 302
https://an.yandex.ru/mapuid/dmpaidatame/ueI7xAtGdsigle6%2FbE4PbQ?sign=1935734187

Request Chain 88

https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/dmpsegmento/kFtLBvGW25aq?sign=3645812680

Request Chain 89

https://yandex-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/rutargetis/kFtLBvGW25aq

Request Chain 98

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=N86rZI7XBfKg7_UPjKqYiAo&random=90684100&sscte=1&crd=&pscrd=IhMIzs7g2uiDgAMVctC7CB0MFQah HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=90684100&crd=&is_vtc=1&random=107982425 HTTP 302
https://www.google.nl/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=90684100&crd=&is_vtc=1&random=107982425&ipr=y

Request Chain 99

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=N86rZKvEBZyL7_UPifSdkAI&random=30362330&sscte=1&crd=&pscrd=IhMI67vg2uiDgAMVnMW7CB0Jegci HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=30362330&crd=&is_vtc=1&random=1980050882 HTTP 302
https://www.google.nl/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=30362330&crd=&is_vtc=1&random=1980050882&ipr=y

125 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ms-word-download.ru/ 46 KB
9 KB 503ms
384ms Document
text/html 185.244.217.228
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: https://ms-word-download.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.244.217.228 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: 3150895.ds.had.pm
Software: nginx /
Resource Hash: dba0c2ccec8f48fcbe62a2903e2464beb784c1f7ed8a2c9496411a99fe93fb6f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 10 Jul 2023 09:24:03 GMT
server: nginx
vary: Accept-Encoding
x-hyper-cache: stop - no cache header

GET
H2 200 classic-themes.min.css
ms-word-download.ru/wp-includes/css/ 291 B
462 B 27ms
26ms Stylesheet
text/css 185.244.217.228
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: https://ms-word-download.ru/wp-includes/css/classic-themes.min.css
Requested by: Host: ms-word-download.ru
URL: https://ms-word-download.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.244.217.228 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: 3150895.ds.had.pm
Software: nginx /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ms-word-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:03 GMT
last-modified: Sat, 06 May 2023 02:48:49 GMT
server: nginx
etag: "6455c011-123"
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
content-length: 291
expires: Tue, 11 Jul 2023 09:24:03 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 188ms
58ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap

Requested by

Host: ms-word-download.ru
URL: https://ms-word-download.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

626c91a33d665410e0e0cfbca6f571dc84132a5271a4d8db5eab22511e031e62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ms-word-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Jul 2023 09:24:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 08:58:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Jul 2023 09:24:04 GMT

GET
H2 200 style.min.css
ms-word-download.ru/wp-content/themes/root/assets/css/ 163 KB
33 KB 97ms
96ms Stylesheet
text/css 185.244.217.228
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: https://ms-word-download.ru/wp-content/themes/root/assets/css/style.min.css
Requested by: Host: ms-word-download.ru
URL: https://ms-word-download.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.244.217.228 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: 3150895.ds.had.pm
Software: nginx /
Resource Hash: 1e6fe57f38267d69cea075da28e783dcf8b220723b8448dc2238955bfd4efd8c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ms-word-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:03 GMT
content-encoding: gzip
last-modified: Fri, 10 Feb 2023 04:19:05 GMT
server: nginx
etag: W/"63e5c5b9-28a9a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
expires: Tue, 11 Jul 2023 09:24:03 GMT

GET
H2 200 jquery.min.js Show response
ms-word-download.ru/wp-includes/js/jquery/ 88 KB
31 KB 97ms
96ms Script
application/javascript 185.244.217.228
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: https://ms-word-download.ru/wp-includes/js/jquery/jquery.min.js
Requested by: Host: ms-word-download.ru
URL: https://ms-word-download.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.244.217.228 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: 3150895.ds.had.pm
Software: nginx /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ms-word-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:03 GMT
content-encoding: gzip
last-modified: Sat, 06 May 2023 02:48:49 GMT
server: nginx
etag: W/"6455c011-15ed7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
expires: Tue, 11 Jul 2023 09:24:03 GMT

GET
H2 200 fontawesome-webfont.ttf
ms-word-download.ru/wp-content/themes/root/fonts/ 162 KB
162 KB 196ms
195ms Font
font/ttf 185.244.217.228
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: https://ms-word-download.ru/wp-content/themes/root/fonts/fontawesome-webfont.ttf
Requested by: Host: ms-word-download.ru
URL: https://ms-word-download.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.244.217.228 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: 3150895.ds.had.pm
Software: nginx /
Resource Hash: aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8

Request headers

Referer: https://ms-word-download.ru/
Origin: https://ms-word-download.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:04 GMT
last-modified: Fri, 10 Feb 2023 04:19:05 GMT
server: nginx
accept-ranges: bytes
etag: "286ac-5f450cc4d20e0"
content-length: 165548
content-type: font/ttf

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 321 KB
89 KB 241ms
85ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: ms-word-download.ru
URL: https://ms-word-download.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f334eb0a979e74ef42adc0a9ef3d1767fca3dab68f9f0b9fe7cabc15eff5683e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ms-word-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1688981044265093-2322320197411966891-balancer-l7leveler-kubr-yp-sas-82-BAL-9146
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 10 Jul 2023 10:24:04 GMT

GET
H2 200 A_YcmpY8o.js Show response
rbfour.bid/pjs/ 41 KB
10 KB 352ms
180ms Script
application/javascript 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rbfour.bid/pjs/A_YcmpY8o.js

Requested by

Host: ms-word-download.ru
URL: https://ms-word-download.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

090d7825461ba0e58b068dbccf19805b8d1a801670e8e4ed9778166137f4b2ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ms-word-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:04 GMT
strict-transport-security: max-age=63072000
content-encoding: br
last-modified: Mon, 31 Oct 2022 10:08:08 GMT
server: cloudflare-nginx
etag: W/"635f9e88-a34b"
content-type: application/javascript
cache-control: max-age=600, public, must_revalidate
expires: Mon, 10 Jul 2023 09:34:04 GMT

GET
H2 200 microsoft-word-logo.png
ms-word-download.ru/wp-content/uploads/ 4 KB
4 KB 70ms
70ms Image
image/png 185.244.217.228
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ms-word-download.ru/wp-content/uploads/microsoft-word-logo.png
Requested by: Host: ms-word-download.ru
URL: https://ms-word-download.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.244.217.228 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: 3150895.ds.had.pm
Software: nginx /
Resource Hash: b06d1f00a784656db7e858289bb82eb19ec049f23b1635a12a168b85f2ace4ec

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ms-word-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:04 GMT
last-modified: Fri, 10 Feb 2023 04:19:05 GMT
server: nginx
etag: "63e5c5b9-e89"
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3721
expires: Tue, 11 Jul 2023 09:24:04 GMT

GET
H2 200 scripts.min.js Show response
ms-word-download.ru/wp-content/themes/root/assets/js/ 7 KB
3 KB 35ms
34ms Script
application/javascript 185.244.217.228
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: https://ms-word-download.ru/wp-content/themes/root/assets/js/scripts.min.js
Requested by: Host: ms-word-download.ru
URL: https://ms-word-download.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.244.217.228 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: 3150895.ds.had.pm
Software: nginx /
Resource Hash: 68babdfc4950d6f622a966498dbe69a5d2c99665f0388af533848f4f7c165cb4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ms-word-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:04 GMT
content-encoding: gzip
last-modified: Fri, 10 Feb 2023 04:19:05 GMT
server: nginx
etag: W/"63e5c5b9-1d5e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
expires: Tue, 11 Jul 2023 09:24:04 GMT

GET
H2 200 frontend.min.js Show response
ms-word-download.ru/wp-content/plugins/q2w3-fixed-widget/js/ 23 KB
6 KB 70ms
69ms Script
application/javascript 185.244.217.228
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: https://ms-word-download.ru/wp-content/plugins/q2w3-fixed-widget/js/frontend.min.js
Requested by: Host: ms-word-download.ru
URL: https://ms-word-download.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.244.217.228 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: 3150895.ds.had.pm
Software: nginx /
Resource Hash: a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ms-word-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:04 GMT
content-encoding: gzip
last-modified: Fri, 10 Feb 2023 04:19:05 GMT
server: nginx
etag: W/"63e5c5b9-5b89"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
expires: Tue, 11 Jul 2023 09:24:04 GMT

GET
H/1.1 200
OK getcode Show response
smatr.icu/sm/ 46 KB
15 KB 91ms
29ms Script
text/html 88.208.46.222
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://smatr.icu/sm/getcode?apiKey=4f4dd89164e690ff9f839dd52ab7e802
Requested by: Host: ms-word-download.ru
URL: https://ms-word-download.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.208.46.222 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: c077083c40d9ddfe0648ff81e30d6762efdb123039a247915ac9c10862f2e4e5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ms-word-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 10 Jul 2023 09:24:04 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 108ms
32ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ms-word-download.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 04:52:01 GMT
x-content-type-options: nosniff
age: 448323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jul 2024 04:52:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 143ms
67ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ms-word-download.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 05:19:29 GMT
x-content-type-options: nosniff
age: 101075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jul 2024 05:19:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 113ms
37ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ms-word-download.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 22:16:07 GMT
x-content-type-options: nosniff
age: 299277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jul 2024 22:16:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 147ms
77ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ms-word-download.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 21:11:38 GMT
x-content-type-options: nosniff
age: 130346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 21:11:38 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 215 KB
74 KB 297ms
144ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: ms-word-download.ru
URL: https://ms-word-download.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

edf140400633c1d0705815190a41d83880d077c1af973c97cd617218c96a8d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ms-word-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 05 Jul 2023 16:40:28 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64a572cc-125cb"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 75211
expires: Mon, 10 Jul 2023 10:24:04 GMT

GET
H/1.1 200
OK stat Show response
smelel.icu/sm/ 0
484 B 98ms
30ms XHR
text/html 88.208.46.222
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://smelel.icu/sm/stat?uuid=313559fc-da00-461f-9d64-feb5b1b98582&apiKey=4f4dd89164e690ff9f839dd52ab7e802&action=80&rfr=https%3A%2F%2Fms-word-download.ru%2F
Requested by: Host: smatr.icu
URL: https://smatr.icu/sm/getcode?apiKey=4f4dd89164e690ff9f839dd52ab7e802
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.208.46.222 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ms-word-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 10 Jul 2023 09:24:04 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 sA_YcmpY8o.js Show response
ms-word-download.ru/ 48 B
228 B 26ms
25ms XHR
application/javascript 185.244.217.228
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: https://ms-word-download.ru/sA_YcmpY8o.js
Requested by: Host: rbfour.bid
URL: https://rbfour.bid/pjs/A_YcmpY8o.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.244.217.228 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: 3150895.ds.had.pm
Software: nginx /
Resource Hash: 37662bd3bb4f662adb9590b592422457eff20a84c86e088927923e6c7c7435c7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ms-word-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:04 GMT
last-modified: Fri, 10 Feb 2023 04:19:06 GMT
server: nginx
etag: "63e5c5ba-30"
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 48
expires: Tue, 11 Jul 2023 09:24:04 GMT

GET
H2 200 rb_darke_arrow.png
ms-word-download.realpush.digital/images/ 1 KB
2 KB 193ms
47ms Image
image/png 159.69.75.12
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ms-word-download.realpush.digital/images/rb_darke_arrow.png
Requested by: Host: ms-word-download.ru
URL: https://ms-word-download.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.75.12 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.12.75.69.159.clients.your-server.de
Software: nginx /
Resource Hash: 3795d041425e25372f0d6fcb7a66494c0224d844dd3038458549d05889052f96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ms-word-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:04 GMT
last-modified: Sat, 29 Feb 2020 12:02:55 GMT
server: nginx
etag: "5e5a52ef-5c5"
content-type: image/png
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 1477
expires: Thu, 13 Jul 2023 09:24:04 GMT

GET
H2 200 cookie Show response
rbfour.bid/ 2 B
192 B 78ms
75ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rbfour.bid/cookie?sub_u=1

Requested by

Host: rbfour.bid
URL: https://rbfour.bid/pjs/A_YcmpY8o.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ms-word-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://ms-word-download.ru
date: Mon, 10 Jul 2023 09:24:04 GMT
strict-transport-security: max-age=63072000
access-control-allow-credentials: true
server: cloudflare-nginx
content-length: 2
content-type: application/json

GET
H2 200 30cf5e0ee5aad723a2ae.js Show response
yastatic.net/partner-code-bundles/802049/ 14 KB
5 KB 133ms
65ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/802049/30cf5e0ee5aad723a2ae.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e2b311167e600ddb905015c4ead47b713bb37f17f9869ad61aaa040fe7aebcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://ms-word-download.ru/
Origin: https://ms-word-download.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:04 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4777
last-modified: Fri, 07 Jul 2023 14:11:59 GMT
server: nginx/1.17.9
etag: "3ee9443fca1164ba22b55459354ba9e8"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 09 Jul 2053 15:55:51 GMT

GET
H2 200 fb4241335b00834e7004.js Show response
yastatic.net/partner-code-bundles/802049/ 19 KB
7 KB 134ms
66ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/802049/fb4241335b00834e7004.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

8a16301f4186ac5563d98816d373093a66b7ea5d9e5454cdad5baa62399cbf35

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://ms-word-download.ru/
Origin: https://ms-word-download.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:04 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 6466
last-modified: Fri, 07 Jul 2023 14:12:00 GMT
server: nginx/1.17.9
etag: "64f2ed7e7b6b90efe71e3cd4b2a78d69"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 09 Jul 2053 15:55:52 GMT

GET
H2 200 3fd86f3b73e7acc885a9.js Show response
yastatic.net/partner-code-bundles/802049/ 113 KB
24 KB 149ms
81ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/802049/3fd86f3b73e7acc885a9.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0bc28e4b32af4d0cc39e4ddaa80684eed32576b97761f30e7b42bfcee0ed24f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://ms-word-download.ru/
Origin: https://ms-word-download.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:04 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 23584
last-modified: Fri, 07 Jul 2023 14:11:59 GMT
server: nginx/1.17.9
etag: "316174a4d92e7fd8f85e6c4a0e83c210"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 09 Jul 2053 15:55:52 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 180ms
113ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://ms-word-download.ru/
Origin: https://ms-word-download.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:04 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 09 Jul 2053 15:59:50 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 114ms
48ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://ms-word-download.ru/
Origin: https://ms-word-download.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:04 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: fad8362a06c92d10
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Jul 2024 15:13:02 GMT

GET
H2 200 2436300 Show response
yandex.ru/ads/meta/ 22 KB
9 KB 227ms
226ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/2436300?target-ref=https%3A%2F%2Fms-word-download.ru%2F&charset=utf-8&pcode-test-ids=769343%2C0%2C6%3B801286%2C0%2C7%3B780720%2C0%2C5%3B786895%2C0%2C68%3B800957%2C0%2C87%3B799456%2C0%2C10%3B800038%2C0%2C71%3B774070%2C0%2C43%3B794562%2C0%2C90%3B799554%2C0%2C11%3B800948%2C0%2C2%3B802049%2C0%2C9%3B681844%2C0%2C65&pcode-flags-map=eJy1WNty2zYQ%2FRc9xynvF7%2BBJEihIgkWACUrmQxGjVVHHV86jp2mzuTfu7jYFmWVshPXDzRFag%2BXezl7Vt8mc8Qln9KFRIWsUYZrWVImSSsz1LaYTY7ff5t8WZ3frifHE8F6PHkzuVl%2FviGn8DmKfD%2BIJ98%2FvHmE6Rgt%2BlxwSVvZoZ7jUYTYTQPfIOAWZTWWOKfNI0hNuFDOzEmBqTqBuxmViDUD2PXXv3ZQQz%2FUqAXhGjanfSskwwVhOFeQqOvGPfOcIPAe3g1eRDZ9LQijdQ1orVAnmMkFEvkUF1KQBktalhyLcVzfc%2BKdmAkiwEXUFjKjxVJlokMMNVgAfoFLBM8dYJao5kPQIA6iR1CGBVuqBLRYLCibScwYHU9lHEZBnD4g2GTwHMGxJjM47dkcLwFxAS5xUrXjcJET%2B%2FETuJ%2FBqGlbybJGlYpZXxcSMlgvJZ%2BRzgR%2Fjur%2BQLXFUZxED4iQt3wGRb%2BkvZC8pnAg7zDkoG8LxAjmB8ASN3CH7uGTzrgIBZxjzglcg5tCnjT1OFjiu0H8fDCZLSGoheRLaIfXh0ZFIRtiruc15VDfGUP57FBIfugtclpg2bP62dgq2yplHcO6Gx%2F70tCEvT%2BAcx34G%2BClfho7B%2FCyviyhB3HTiSW0QUN2QV%2BMOO8QKV7fw7KH8x9FbRVVv7Kn%2F4H5U%2FnZj%2Fn%2FReBHs695XWjGm2PGCR3yXJwmaRxt2yaO61mmW8IUwCeS9bKgDSLt2JgLndjzo71mEuaeYCQbNfdcJwqsubI0JhLVC7Tko5Yws1NDfZ3uXpiHHLdi3Cb0HGcwk%2B0szjkbNUzdODFu6tQYXSL7lpQEeIm0MCVLlONxjMSzQ1cNH4ZLhvkUCKoi%2BZhd5Ca%2BDRG8YklYoyiLAfOqigOdBEWTkWIUAqLsuYP3Bi3BUAXxshNIlS7PGcat5Lwb9yd1A%2BsPggqlrfUFlUorkFKpBngtVOBxp%2BIkjcy0V8KmhGHXFjBMjT2Uz646GrfPZnpych2SoVQbR0kDJ35AqTEIH0AYlXZRlASRCedW2CoGVAWSYibouN9JFLj%2Bdvy0MpKLKYBs4bWgBXTCq56p2dcr6ZhjMh8Pa%2Bw6QWx0J2PSVJroWWvTk9cEsi2mjPbV9IAsBiQT3xq9W%2BqMSt1q22bfJn%2Bsbz5%2BalbXZ5vLybEbOm8mF1e%2Fb87X%2FOPqfHN5Njn2vg9QQ2gDjcobxIT8rcc91hM6q5GSQsAA2w94P7lYbc7fXt%2BCb%2F%2BsLk%2FXX%2BH8l83F6mz9eXDpbHWhr5zerS%2FN11dfNjdX5vTi7daH08uNvaqQHxDgwvXq7vzq7pO9fXdt%2Ft9er95erv%2F%2B%2FOQLf66uLjba9MP%2BV2yRgHzJBrNKHQuCpEDVKK%2BBNvdscem2wJB7hlEugMIPGIa%2BY5YF0P%2F3mh1UPDy67ZsMjzJcHLq%2BHR16Y9LbCVjCUMpwbjpyTjgB7jgAEzum%2BqxCzoFjGLbrhV4tVGsDib2sT%2BMY2tTdBlZOcrGscdUDymuiZpQpPqMwOEGYvxgyApFoIHkHKrZRFF9p0iVFifYUOC5KD8VedOTi0jsKghwdZVmRHRU58vwkwTgKi2GFJWGY2jk%2FXEq3%2BEPQPp8aFlHqWWUSBAFTLPIrjLwDLAIkFST6CRVDmaeCAEOmAFzUjNJbnMSBG%2B3zTa%2BZsDbWmerzDg5wRSi%2FSEvEnv3wCXIQhO4Qeet9deZIJRGH8ud6GIyipS40zIEYKsxcIL0WP%2Fw2YRfv8Wbcg76FW5NqKoCFcfNcH4HL7xdYqCq9vIAfUKGjgidOYVZ5ewAsMT0LIg0tBGxPDTXxlR3lROyqyh1TkJSRVU0v%2BWGlpFRNqpKc7NTox5vz4W6e%2BoGJDip4MZvvMJxStMkTjWt3b%2BsQwx1GQre4GpU7ntzX6NCLyx03EpDAzjaoQnoo7wPsMYJ2L9VsrgwI6D8ImtZIo7FJoiS1KgAvGBHYTn4rIdHh3DlpaOf0gghgEtLAJOFyS%2F8eKJsgjKza7Rmqrf2BZzp%2Bcq90YRGAKoHo5ZR3ioeXSIJimGHFYAerVhH7PUPC1CI1gf1pgYBn9vixGzzluil5KEJofNTpDJhfZvrqULuEVh1PUVuZdrP7goA1rkZiNHMq8JZ5tdh6WtWekmUDC88Ite%2F%2FAti5P4k%3D&pcode-icookie=HiEmIz1RrGN5%2FDBiB72HTHaspg%2B%2B8sJV0sEP0SyL%2FOGVxpI9KC1vUvy%2BVuKk1EJ8iSjnJ7Fdy3%2BWwlvzADPhPNJljCs%3D&imp-id=3&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=141287244169218&ad-session-id=7193231688981044537&target-id=32831065&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fms-word-download.ru&top-ancestor-undetermined=0&pcode-version=802049&pcodever=802049&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.6%2C%22supportHDRBrightness%22%3Afalse%2C%22isInIframe%22%3Afalse%2C%22w%22%3A670%2C%22h%22%3A0%2C%22width%22%3A670%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A285%2C%22top%22%3A277%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=1296&grab=eyJncmFiX3ZlcnNpb24iOjIsIm9sZF9ncmFiX3NpemUiOjkxfQoyqDSRLL_rIgjUuabMMrRbvY1CnSTqdNEu22HbXAXahLMW0VrtutVd7VPuHfC9tGULbg_0HMAdoUCVxLFdXd2avk8QxsyMGCPMKKyG34VhHMSCtvHiMN8eVkWsHA_jAYL3wOwKpCJ4aBuvJ3mME-wKtLJ_Drgi3FEZlb4r03VV1va4DyBKZXpYz4v7e3CVWZnEsgryFhX1F5xnlFiqpY245LU0K0remHlRtt6yUQAQU0uFQ3GZjjZ3MtNBoMxHIAx71HqcKLcwTtpIGoGygqic7VoB9tmFP6s5FelpZu8KykPfFb7SK_Lbf26tYVqiA7xhLjV_epjvODboZz1aZXnoD83W1H78Kqsy_voT9WnkPldmRXKIj_Fwju49rC2VyyUuBazn_KY81ztQ3UMihkakVBSlwtG1KM6xtzCbQUCg5MXp2NHkj9VGGmWzjZUPwfSz5rqct-eLcCuLMu8QLY5Bb-Pd04TA7dHKeoK7v4kxkhU-rSN8piA0ZVGBnw3f9rXytiFulwyMa-aAPMxSMZ0wj9BA-7K8r7_ZkxHSmG6vV0_-UTdticKZ5D3hU34XRQbckCoLfMjrFLGgxDhJFs-cKPRLxY-KMtIvDDksdgVmh9dRuhuI1-817_gr3ePSppT5Wf1mUTzMz-7DORwRP-KgPQwd-2ZOP92MHyBf7KB_oj_Vn57zsw3cma94-nG7YamICpvseiCnraJMptl6-g2vh-j8eaSkqm7tUq_qovQzczgS_11Z__BqBLxULpW5gVfcQ30tg0pmLSazlpBZyzVr-5cTwv0KP9O29-XTpNYWvJoO9Tt7vOZj33-uLz3j5z9sGLYuzIb1RnHQHm-5mKlhR2O5sEGbzQ9W5IuyHvBO8zrc-RSH2Db-vU-m--0Y6KTBR1xmTLfRDIevbYA26V-XoAtPmvOk2nKeUal-80Y1SMHgp7Qsu_d3nwbUHeoeOIODaCb61yKHMa03tpU99SOR39phFxO_uHjGiT8t_oUBK8UkZKWEhKyUk5KVJ8NJykqY1Bc1IFuGPuyJTN03g56bkhKn5_xhCj0NgQ6N7sy30A9anK5DhC3HqytfNEMVaX2_uri2POqu9JDttCXcq1LO3VY7GjFoFmPYPFHDaUCjns_qQQcGpLQWk1lLyKzl5NY2eI_SWgK7dMNKK7qEXnotSEEcNy1azfJaoB5VpJwzVkOq2a8oftKlam9PBPGjAR_dLNnqCLmtShKHlwl1aIsDMx3grID-&uniformat=true&callback=Ya%5B4540535474961%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

05655fe74f75f1807644edca7055721100197df5d8df262b732d2e50f32f3745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ms-word-download.ru/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 10 Jul 2023 09:24:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1688981044606459-2823831934020271436-balancer-l7leveler-kubr-yp-sas-82-BAL-9353
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: MediaImage
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 10 Jul 2023 09:24:04 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
uniformat: true
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: https://ms-word-download.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 10 Jul 2023 09:24:04 GMT

GET
H2 200 41fe0c2aa0e86e1a244b.js Show response
yastatic.net/partner-code-bundles/802049/ 24 KB
8 KB 135ms
114ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/802049/41fe0c2aa0e86e1a244b.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

fff685adc0d25dcd03d5ca7b75850382a5caf11eea5b82f78831e1067f424d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://ms-word-download.ru/
Origin: https://ms-word-download.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:04 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7953
last-modified: Fri, 07 Jul 2023 14:11:59 GMT
server: nginx/1.17.9
etag: "15d13069bd9a91e2c72abb4dc54febe7"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 09 Jul 2053 15:55:51 GMT

GET
H2 200 5dcd2da27311f4dbbc82.js Show response
yastatic.net/partner-code-bundles/802049/ 7 KB
3 KB 75ms
75ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/802049/5dcd2da27311f4dbbc82.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

d31a55d2897243a57b225bc8cb5ee0a6feaebb286b58fab969dd0d38d998964c

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://ms-word-download.ru/
Origin: https://ms-word-download.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:04 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 2083
last-modified: Fri, 07 Jul 2023 14:11:59 GMT
server: nginx/1.17.9
etag: "6fb1fb038aeb67c895c1b0fabc1020dc"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 09 Jul 2053 15:55:51 GMT

GET
H2 200 55341f907b5afd34b72f.js Show response
yastatic.net/partner-code-bundles/802049/ 510 KB
102 KB 76ms
75ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/802049/55341f907b5afd34b72f.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ed29289bf501c6110ea435421e89b31f73e6e8b9ffdb5bb0aeefea235e767b5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://ms-word-download.ru/
Origin: https://ms-word-download.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:04 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 103907
last-modified: Fri, 07 Jul 2023 14:11:59 GMT
server: nginx/1.17.9
etag: "eac9de379d6489d2abc5501be87d1d42"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 09 Jul 2053 15:55:51 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
114 B 77ms
75ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: ms-word-download.ru
URL: https://ms-word-download.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ms-word-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:04 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 05 Jul 2023 16:40:28 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64a572cc-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 10 Jul 2023 10:24:04 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/80150683/
Redirect Chain

https://mc.yandex.ru/watch/80150683?wmode=7&page-url=https%3A%2F%2Fms-word-download.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aew9xzikdbvs4xc57dmj3aan%3Afp%3A765%3Afu%3A0%3Aen%3A...
https://mc.yandex.ru/watch/80150683/1?wmode=7&page-url=https%3A%2F%2Fms-word-download.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aew9xzikdbvs4xc57dmj3aan%3Afp%3A765%3Afu%3A0%3Aen%...

462 B
545 B

72ms
72ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/80150683/1?wmode=7&page-url=https%3A%2F%2Fms-word-download.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aew9xzikdbvs4xc57dmj3aan%3Afp%3A765%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A1%3Adp%3A0%3Als%3A1225161438334%3Ahid%3A104078372%3Az%3A0%3Ai%3A20230710092404%3Aet%3A1688981045%3Ac%3A1%3Arn%3A343708536%3Arqn%3A1%3Au%3A1688981045474151148%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A59%2C58%2C385%2C1%2C0%2C0%2C%2C347%2C4%2C%2C%2C%2C852%3Aco%3A0%3Acpf%3A1%3Ans%3A1688981043337%3Arqnl%3A1%3Ast%3A1688981045%3At%3AMicrosoft%20Word%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20Windows%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B8%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Requested by

Host: ms-word-download.ru
URL: https://ms-word-download.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

831fb80dec12d831a254e5c7f1e48fccebd1b7e1c597a7caabc66cf75b37bff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ms-word-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 10-Jul-2023 09:24:04 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ms-word-download.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 462
x-xss-protection: 1; mode=block
expires: Mon, 10-Jul-2023 09:24:04 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:04 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 10-Jul-2023 09:24:04 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/80150683/1?wmode=7&page-url=https%3A%2F%2Fms-word-download.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aew9xzikdbvs4xc57dmj3aan%3Afp%3A765%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A1%3Adp%3A0%3Als%3A1225161438334%3Ahid%3A104078372%3Az%3A0%3Ai%3A20230710092404%3Aet%3A1688981045%3Ac%3A1%3Arn%3A343708536%3Arqn%3A1%3Au%3A1688981045474151148%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A59%2C58%2C385%2C1%2C0%2C0%2C%2C347%2C4%2C%2C%2C%2C852%3Aco%3A0%3Acpf%3A1%3Ans%3A1688981043337%3Arqnl%3A1%3Ast%3A1688981045%3At%3AMicrosoft%20Word%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20Windows%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B8%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin: https://ms-word-download.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 10-Jul-2023 09:24:04 GMT

POST
H2 200 1
mc.yandex.ru/watch/80150683/ 43 B
0 75ms
75ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/80150683/1?page-url=https%3A%2F%2Fms-word-download.ru%2F&charset=utf-8&hittoken=1688981044_824a5e01e063c47e01aab2b630a4fc72a0b5321bf603796301aa6bb5989b86b0&browser-info=pa%3A1%3Aar%3A1%3Avf%3Aew9xzikdbvs4xc57dmj3aan%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A1%3Adp%3A1%3Als%3A1225161438334%3Ahid%3A104078372%3Az%3A0%3Ai%3A20230710092404%3Aet%3A1688981045%3Ac%3A1%3Arn%3A558278339%3Arqn%3A2%3Au%3A1688981045474151148%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1398%2C1398%2C0%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1688981043337%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1688981045&t=gdpr(14%2C14)mc(p-1)clc(0-0-0)rqnt(2)lt(6100)aw(1)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ms-word-download.ru/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:04 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 10-Jul-2023 09:24:04 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://ms-word-download.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 10-Jul-2023 09:24:04 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 232ms
77ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ms-word-download.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ms-word-download.ru
access-control-max-age: 1728000
content-encoding: gzip
date: Mon, 10 Jul 2023 09:24:04 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
398 B 216ms
73ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ms-word-download.ru/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://ms-word-download.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:05 GMT

GET
H2 200 0b74611c6e5af4352fca.js Show response
yastatic.net/partner-code-bundles/802049/ 7 KB
2 KB 28ms
27ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/802049/0b74611c6e5af4352fca.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4aacfe5a54cec83501228763bc6fca71341d9ab5fdf369e0886ee4bdf564a5f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://ms-word-download.ru/
Origin: https://ms-word-download.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:04 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 1689
last-modified: Fri, 07 Jul 2023 14:11:59 GMT
server: nginx/1.17.9
etag: "ed3c4a05aed13b070d3e39efbe0b173d"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 09 Jul 2053 15:57:30 GMT

GET
H2 200 493e59870adf44175591.js Show response
yastatic.net/partner-code-bundles/802049/ 2 KB
1 KB 31ms
30ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/802049/493e59870adf44175591.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

40d51f2216a8b5dec25709fbba4dd08115a07b8c916c942c704e739306571fb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://ms-word-download.ru/
Origin: https://ms-word-download.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:04 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 733
last-modified: Fri, 07 Jul 2023 14:11:59 GMT
server: nginx/1.17.9
etag: "645c9d721d82fd98651768fbf39b5c17"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 09 Jul 2053 15:57:57 GMT

GET
H2 404 1988056 Show response
yandex.ru/ads/meta/ 30 B
169 B 88ms
83ms XHR
text/html 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/1988056?target-ref=https%3A%2F%2Fms-word-download.ru%2F&charset=utf-8&pcode-test-ids=769343%2C0%2C6%3B801286%2C0%2C7%3B780720%2C0%2C5%3B786895%2C0%2C68%3B800957%2C0%2C87%3B799456%2C0%2C10%3B800038%2C0%2C71%3B774070%2C0%2C43%3B794562%2C0%2C90%3B799554%2C0%2C11%3B800948%2C0%2C2%3B802049%2C0%2C9%3B681844%2C0%2C65&pcode-flags-map=eJy1WNty2zYQ%2FRc9xynvF7%2BBJEihIgkWACUrmQxGjVVHHV86jp2mzuTfu7jYFmWVshPXDzRFag%2BXezl7Vt8mc8Qln9KFRIWsUYZrWVImSSsz1LaYTY7ff5t8WZ3frifHE8F6PHkzuVl%2FviGn8DmKfD%2BIJ98%2FvHmE6Rgt%2BlxwSVvZoZ7jUYTYTQPfIOAWZTWWOKfNI0hNuFDOzEmBqTqBuxmViDUD2PXXv3ZQQz%2FUqAXhGjanfSskwwVhOFeQqOvGPfOcIPAe3g1eRDZ9LQijdQ1orVAnmMkFEvkUF1KQBktalhyLcVzfc%2BKdmAkiwEXUFjKjxVJlokMMNVgAfoFLBM8dYJao5kPQIA6iR1CGBVuqBLRYLCibScwYHU9lHEZBnD4g2GTwHMGxJjM47dkcLwFxAS5xUrXjcJET%2B%2FETuJ%2FBqGlbybJGlYpZXxcSMlgvJZ%2BRzgR%2Fjur%2BQLXFUZxED4iQt3wGRb%2BkvZC8pnAg7zDkoG8LxAjmB8ASN3CH7uGTzrgIBZxjzglcg5tCnjT1OFjiu0H8fDCZLSGoheRLaIfXh0ZFIRtiruc15VDfGUP57FBIfugtclpg2bP62dgq2yplHcO6Gx%2F70tCEvT%2BAcx34G%2BClfho7B%2FCyviyhB3HTiSW0QUN2QV%2BMOO8QKV7fw7KH8x9FbRVVv7Kn%2F4H5U%2FnZj%2Fn%2FReBHs695XWjGm2PGCR3yXJwmaRxt2yaO61mmW8IUwCeS9bKgDSLt2JgLndjzo71mEuaeYCQbNfdcJwqsubI0JhLVC7Tko5Yws1NDfZ3uXpiHHLdi3Cb0HGcwk%2B0szjkbNUzdODFu6tQYXSL7lpQEeIm0MCVLlONxjMSzQ1cNH4ZLhvkUCKoi%2BZhd5Ca%2BDRG8YklYoyiLAfOqigOdBEWTkWIUAqLsuYP3Bi3BUAXxshNIlS7PGcat5Lwb9yd1A%2BsPggqlrfUFlUorkFKpBngtVOBxp%2BIkjcy0V8KmhGHXFjBMjT2Uz646GrfPZnpych2SoVQbR0kDJ35AqTEIH0AYlXZRlASRCedW2CoGVAWSYibouN9JFLj%2Bdvy0MpKLKYBs4bWgBXTCq56p2dcr6ZhjMh8Pa%2Bw6QWx0J2PSVJroWWvTk9cEsi2mjPbV9IAsBiQT3xq9W%2BqMSt1q22bfJn%2Bsbz5%2BalbXZ5vLybEbOm8mF1e%2Fb87X%2FOPqfHN5Njn2vg9QQ2gDjcobxIT8rcc91hM6q5GSQsAA2w94P7lYbc7fXt%2BCb%2F%2BsLk%2FXX%2BH8l83F6mz9eXDpbHWhr5zerS%2FN11dfNjdX5vTi7daH08uNvaqQHxDgwvXq7vzq7pO9fXdt%2Ft9er95erv%2F%2B%2FOQLf66uLjba9MP%2BV2yRgHzJBrNKHQuCpEDVKK%2BBNvdscem2wJB7hlEugMIPGIa%2BY5YF0P%2F3mh1UPDy67ZsMjzJcHLq%2BHR16Y9LbCVjCUMpwbjpyTjgB7jgAEzum%2BqxCzoFjGLbrhV4tVGsDib2sT%2BMY2tTdBlZOcrGscdUDymuiZpQpPqMwOEGYvxgyApFoIHkHKrZRFF9p0iVFifYUOC5KD8VedOTi0jsKghwdZVmRHRU58vwkwTgKi2GFJWGY2jk%2FXEq3%2BEPQPp8aFlHqWWUSBAFTLPIrjLwDLAIkFST6CRVDmaeCAEOmAFzUjNJbnMSBG%2B3zTa%2BZsDbWmerzDg5wRSi%2FSEvEnv3wCXIQhO4Qeet9deZIJRGH8ud6GIyipS40zIEYKsxcIL0WP%2Fw2YRfv8Wbcg76FW5NqKoCFcfNcH4HL7xdYqCq9vIAfUKGjgidOYVZ5ewAsMT0LIg0tBGxPDTXxlR3lROyqyh1TkJSRVU0v%2BWGlpFRNqpKc7NTox5vz4W6e%2BoGJDip4MZvvMJxStMkTjWt3b%2BsQwx1GQre4GpU7ntzX6NCLyx03EpDAzjaoQnoo7wPsMYJ2L9VsrgwI6D8ImtZIo7FJoiS1KgAvGBHYTn4rIdHh3DlpaOf0gghgEtLAJOFyS%2F8eKJsgjKza7Rmqrf2BZzp%2Bcq90YRGAKoHo5ZR3ioeXSIJimGHFYAerVhH7PUPC1CI1gf1pgYBn9vixGzzluil5KEJofNTpDJhfZvrqULuEVh1PUVuZdrP7goA1rkZiNHMq8JZ5tdh6WtWekmUDC88Ite%2F%2FAti5P4k%3D&pcode-icookie=HiEmIz1RrGN5%2FDBiB72HTHaspg%2B%2B8sJV0sEP0SyL%2FOGVxpI9KC1vUvy%2BVuKk1EJ8iSjnJ7Fdy3%2BWwlvzADPhPNJljCs%3D&duid=MTY4ODk4MTA0NTQ3NDE1MTE0OA%3D%3D&imp-id=3&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=141287244169218&ad-session-id=7193231688981044537&target-id=83749083&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fms-word-download.ru&top-ancestor-undetermined=0&pcode-version=802049&pcodever=802049&flash-ver=0&skip-token=yabs.NzIwNTc2MDc3MjE1MzYxMDU%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.6%2C%22supportHDRBrightness%22%3Afalse%2C%22isInIframe%22%3Afalse%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A1045%2C%22top%22%3A391%2C%22ad_no%22%3A0%2C%22req_no%22%3A1%7D&grab-orig-len=1296&grab=eyJncmFiX3ZlcnNpb24iOjIsIm9sZF9ncmFiX3NpemUiOjkxfQoyqDSRLL_rIgjUuabMMrRbvY1CnSTqdNEu22HbXAXahLMW0VrtutVd7VPuHfC9tGULbg_0HMAdoUCVxLFdXd2avk8QxsyMGCPMKKyG34VhHMSCtvHiMN8eVkWsHA_jAYL3wOwKpCJ4aBuvJ3mME-wKtLJ_Drgi3FEZlb4r03VV1va4DyBKZXpYz4v7e3CVWZnEsgryFhX1F5xnlFiqpY245LU0K0remHlRtt6yUQAQU0uFQ3GZjjZ3MtNBoMxHIAx71HqcKLcwTtpIGoGygqic7VoB9tmFP6s5FelpZu8KykPfFb7SK_Lbf26tYVqiA7xhLjV_epjvODboZz1aZXnoD83W1H78Kqsy_voT9WnkPldmRXKIj_Fwju49rC2VyyUuBazn_KY81ztQ3UMihkakVBSlwtG1KM6xtzCbQUCg5MXp2NHkj9VGGmWzjZUPwfSz5rqct-eLcCuLMu8QLY5Bb-Pd04TA7dHKeoK7v4kxkhU-rSN8piA0ZVGBnw3f9rXytiFulwyMa-aAPMxSMZ0wj9BA-7K8r7_ZkxHSmG6vV0_-UTdticKZ5D3hU34XRQbckCoLfMjrFLGgxDhJFs-cKPRLxY-KMtIvDDksdgVmh9dRuhuI1-817_gr3ePSppT5Wf1mUTzMz-7DORwRP-KgPQwd-2ZOP92MHyBf7KB_oj_Vn57zsw3cma94-nG7YamICpvseiCnraJMptl6-g2vh-j8eaSkqm7tUq_qovQzczgS_11Z__BqBLxULpW5gVfcQ30tg0pmLSazlpBZyzVr-5cTwv0KP9O29-XTpNYWvJoO9Tt7vOZj33-uLz3j5z9sGLYuzIb1RnHQHm-5mKlhR2O5sEGbzQ9W5IuyHvBO8zrc-RSH2Db-vU-m--0Y6KTBR1xmTLfRDIevbYA26V-XoAtPmvOk2nKeUal-80Y1SMHgp7Qsu_d3nwbUHeoeOIODaCb61yKHMa03tpU99SOR39phFxO_uHjGiT8t_oUBK8UkZKWEhKyUk5KVJ8NJykqY1Bc1IFuGPuyJTN03g56bkhKn5_xhCj0NgQ6N7sy30A9anK5DhC3HqytfNEMVaX2_uri2POqu9JDttCXcq1LO3VY7GjFoFmPYPFHDaUCjns_qQQcGpLQWk1lLyKzl5NY2eI_SWgK7dMNKK7qEXnotSEEcNy1azfJaoB5VpJwzVkOq2a8oftKlam9PBPGjAR_dLNnqCLmtShKHlwl1aIsDMx3grID-&uniformat=true&callback=Ya%5B7737408461315%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

142b691e73bad269bf16bc26c12b2e9793c3607d1747152c84e5d340d1dcfc57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ms-word-download.ru/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 10 Jul 2023 09:24:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1688981044875248-16246998115624284663-balancer-l7leveler-kubr-yp-sas-82-BAL-7598
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 10 Jul 2023 09:24:04 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/html; charset=windows-1251
access-control-allow-origin: https://ms-word-download.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 10 Jul 2023 09:24:04 GMT

GET
H2 200 2436300 Show response
mc.yandex.ru/watch/ 256 B
292 B 84ms
83ms Fetch
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/2436300?wmode=7&page-url=https%3A%2F%2Fms-word-download.ru%2F&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aew9xzikdbvs4xc57dmj3aan%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A2%3Adp%3A1%3Als%3A1283730938261%3Ahid%3A104078372%3Az%3A0%3Ai%3A20230710092404%3Aet%3A1688981045%3Ac%3A1%3Arn%3A619246389%3Au%3A1688981045474151148%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1688981043337%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1688981045%3At%3AMicrosoft%20Word%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20Windows%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B8%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=mc(p-1)clc(0-0-0)lt(6100)aw(1)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

4980a909d1056b16db89f5af5879c1dce682cbf47c13d4bb70c76d1582e2b280

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ms-word-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 10-Jul-2023 09:24:04 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ms-word-download.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 256
x-xss-protection: 1; mode=block
expires: Mon, 10-Jul-2023 09:24:04 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame 855B 24 KB
7 KB 78ms
27ms Document
text/html 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://ms-word-download.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-type: text/html
date: Mon, 10 Jul 2023 09:24:04 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Wed, 09 Jul 2053 15:59:21 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

GET
H2 200 orig
avatars.mds.yandex.net/get-direct-picture/994844/OzysxKhM-FiCRvKhbHd0Jg/ 92 KB
93 KB 317ms
144ms Image
image/jpeg 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct-picture/994844/OzysxKhM-FiCRvKhbHd0Jg/orig
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 867f9ae2f67c391f4ecb638d3fde5169ebb9d4c4175edcd08a59aee362c1bf07

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ms-word-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:05 GMT
last-modified: Fri, 03 Mar 2023 13:03:40 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=MYT"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 94205
x-request-id: cb7af0c337769a5f

GET
H2 200 1988056 Show response
mc.yandex.ru/watch/ 391 B
499 B 82ms
81ms Fetch
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/1988056?wmode=7&page-url=https%3A%2F%2Fms-word-download.ru%2F&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aew9xzikdbvs4xc57dmj3aan%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A3%3Adp%3A1%3Als%3A832280392533%3Ahid%3A104078372%3Az%3A0%3Ai%3A20230710092404%3Aet%3A1688981045%3Ac%3A1%3Arn%3A734048350%3Au%3A1688981045474151148%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1688981043337%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1688981045%3At%3AMicrosoft%20Word%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20Windows%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B8%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=mc(p-2-h-1)clc(0-0-0)lt(6100)aw(1)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e52d530ab4c4782c377609ac83a8a8b61bb0bd3b208f84eaa38a4d33a398b83c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ms-word-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 10-Jul-2023 09:24:05 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ms-word-download.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 391
x-xss-protection: 1; mode=block
expires: Mon, 10-Jul-2023 09:24:05 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 83ms
83ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ms-word-download.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ms-word-download.ru
access-control-max-age: 1728000
content-encoding: gzip
date: Mon, 10 Jul 2023 09:24:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 166ms
73ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ms-word-download.ru/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://ms-word-download.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:05 GMT

POST
H2 200 1
mc.yandex.ru/watch/2436300/ 43 B
0 89ms
88ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/2436300/1?page-url=https%3A%2F%2Fms-word-download.ru%2F&charset=utf-8&cnt-class=1&hittoken=1688981044_18f9b1039e1af29a02aa58567e264491276634755368b3d080dfad33ff69ab6e&browser-info=pa%3A1%3Aar%3A1%3Avf%3Aew9xzikdbvs4xc57dmj3aan%3Afp%3A765%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A2%3Adp%3A1%3Als%3A1283730938261%3Ahid%3A104078372%3Az%3A0%3Ai%3A20230710092404%3Aet%3A1688981045%3Ac%3A1%3Arn%3A1028757050%3Arqn%3A1%3Au%3A1688981045474151148%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A59%2C58%2C385%2C1%2C0%2C0%2C%2C347%2C4%2C1398%2C1398%2C0%2C852%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1688981043337%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1688981045&t=mc(p-3-h-2)clc(0-0-0)rqnt(1)lt(6100)aw(1)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ms-word-download.ru/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 10-Jul-2023 09:24:05 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://ms-word-download.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 10-Jul-2023 09:24:05 GMT

GET
H2 200 2436300
mc.yandex.ru/watch/ 43 B
0 83ms
83ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/2436300?page-url=https%3A%2F%2Fms-word-download.ru%2F&charset=utf-8&cnt-class=1&hittoken=1688981044_18f9b1039e1af29a02aa58567e264491276634755368b3d080dfad33ff69ab6e&browser-info=pv%3A1%3Aar%3A1%3Avf%3Aew9xzikdbvs4xc57dmj3aan%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A2%3Adp%3A1%3Als%3A1283730938261%3Ahid%3A104078372%3Az%3A0%3Ai%3A20230710092404%3Aet%3A1688981045%3Ac%3A1%3Arn%3A969166700%3Arqn%3A2%3Au%3A1688981045474151148%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1688981043337%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1688981045%3At%3AMicrosoft%20Word%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20Windows%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B8%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=mc(p-3-h-2)clc(0-0-0)rqnt(2)lt(6100)aw(1)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ms-word-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 10-Jul-2023 09:24:05 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://ms-word-download.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 10-Jul-2023 09:24:05 GMT

GET
H2 200 WXaejI_zOoVX2Lbw0LqG03FUSxwforZbyKh7bIaxZJGxPLzbXxpKTyOcdcXfQMbfQUdiE1CWRkQGfxZpwSoR7_vYXDLz-H2c3pzu3KWY-UN3xa4mqiFOitaz-Kh2nB1GYWTn2GFeE5Ma8G2vk4253mKqU59OAvZ1mIvllZPwaEHSLTWYP5GH3cO2E8XDVFKDuoMKU...
yandex.ru/an/tracking/ Frame 855B 0
306 B 80ms
80ms Image
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yandex.ru/an/tracking/WXaejI_zOoVX2Lbw0LqG03FUSxwforZbyKh7bIaxZJGxPLzbXxpKTyOcdcXfQMbfQUdiE1CWRkQGfxZpwSoR7_vYXDLz-H2c3pzu3KWY-UN3xa4mqiFOitaz-Kh2nB1GYWTn2GFeE5Ma8G2vk4253mKqU59OAvZ1mIvllZPwaEHSLTWYP5GH3cO2E8XDVFKDuoMKU8FOnkgo5K18s92qAM6GIJICVGsvAKGAa4ZDs4zzyNrhnCoQCD0PMAlNW9jCk1pMS47GzHhTITZ5nW6bFg43XYq3aaX-mQ13iOYnvWe1mnulSAL2j5ZO0u04qQ-A5gosjXXTrvcOiDWPSbEcKTbKUf1wKe2dz04y3ehWfGO6cRAcJDQ1Pj5O85ZhfL1aIK6Vu6tg-XsJdesB4LyeV_75Q7sCxc7C5jXWlj121yBeC0ZW4QORW2ehAY_h3TxKyrYV30ABxOUz5TRS1_in7zF_UYj3iE_rLePWd-kzLDs_DvbmEVnQPf4ToiyoY-nGc6QRCxESezLrNSVIvXWkHxZqxjFokCQUxDFolaJwSOYrj3H0_wMzrzf5iFlNHR3xvxK-ZAdB4nu-EqB899OenHziXLvdpeYP0u7k3jdcIgLIMJNhmsqQX_97iFL0JgbKAWCH_0uX2Q2HOVZZAdZ7WN2wQmO51K9DXKMsSo12K1nbhwB4OMfHuXUkmDUEu08mI4sTXQvWKSybHIm0~2?action-id=11

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1688981045042209-7105663887673939931-balancer-l7leveler-kubr-yp-sas-82-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:05 GMT

GET
H2

200

e2306e4149965f9ec12faf
an.yandex.ru/mapuid/arcspireis/ Frame 855B
Redirect Chain

https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389
https://an.yandex.ru/mapuid/arcspireis/e2306e4149965f9ec12faf

43 B
108 B

128ms
78ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/arcspireis/e2306e4149965f9ec12faf

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:05 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/arcspireis/e2306e4149965f9ec12faf
date: Mon, 10 Jul 2023 09:24:04 GMT
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2

200

0100007F35CEAB64740FAA3E02AA1811
an.yandex.ru/mapuid/sapeis/ Frame 855B
Redirect Chain

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D
https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D&dp=151&tc=1
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F$%257BUSER_ID%257D&dp=14
https://acint.net/rmatch?dp=14&euid=4102420A35CEAB645505A37002F79BD3&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D
https://an.yandex.ru/mapuid/sapeis/0100007F35CEAB64740FAA3E02AA1811

43 B
80 B

78ms
75ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0100007F35CEAB64740FAA3E02AA1811

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:05 GMT

Redirect headers

date: Mon, 10 Jul 2023 09:24:05 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://an.yandex.ru/mapuid/sapeis/0100007F35CEAB64740FAA3E02AA1811
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

a0617ae7-7e86-53bf-b02b-90edd4805ed8
an.yandex.ru/mapuid/betweendigitalis/ Frame 855B
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1
https://an.yandex.ru/mapuid/betweendigitalis/a0617ae7-7e86-53bf-b02b-90edd4805ed8

43 B
80 B

72ms
71ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/a0617ae7-7e86-53bf-b02b-90edd4805ed8

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:05 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/betweendigitalis/a0617ae7-7e86-53bf-b02b-90edd4805ed8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 855B
Redirect Chain

https://yandex.ru/an/mapuid/adobedmp/
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=F05424C21600E86E
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=F05424C21600E86E

42 B
942 B

46ms
45ms

Image
image/gif

54.229.40.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=F05424C21600E86E

Protocol

HTTP/1.1

Server

54.229.40.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-229-40-109.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-0e4ebe0ec.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: JNBl5VsMQm0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v050-07c809c40.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: IMWSS8LBR/g=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=F05424C21600E86E
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

match
match.360yield.com/ul_cb/ Frame 855B
Redirect Chain

https://yandex.ru/an/mapuid/azerionis/
https://match.360yield.com/match?external_user_id=9D58F116D26BB43&publisher_dsp_id=429&publisher_call_type=redirect
https://match.360yield.com/ul_cb/match?external_user_id=9D58F116D26BB43&publisher_dsp_id=429&publisher_call_type=redirect

43 B
198 B

43ms
42ms

Image
image/gif

52.211.64.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/ul_cb/match?external_user_id=9D58F116D26BB43&publisher_dsp_id=429&publisher_call_type=redirect
Protocol: H2
Server: 52.211.64.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-64-27.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 10 Jul 2023 09:24:05 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://match.360yield.com/ul_cb/match?external_user_id=9D58F116D26BB43&publisher_dsp_id=429&publisher_call_type=redirect
access-control-allow-origin: *
date: Mon, 10 Jul 2023 09:24:05 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 /
yandex.ru/an/mapuid/behaviorx/ Frame 855B 0
0 88ms
73ms Image
text/html 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yandex.ru/an/mapuid/behaviorx/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2

200

match
ads.betweendigital.com/ Frame 855B
Redirect Chain

https://yandex.ru/an/mapuid/betweenx/
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=EFBACA6BF2C91ADC
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=EFBACA6BF2C91ADC&crf=1

68 B
598 B

118ms
116ms

Image
image/png

96.46.183.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=EFBACA6BF2C91ADC&crf=1
Protocol: H2
Server: 96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=161&external_user_id=EFBACA6BF2C91ADC&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1

204
No Content

pixel
im.bluevoox.com/ Frame 855B
Redirect Chain

https://yandex.ru/an/mapuid/blueseaxcom/
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=30A7090F6CA65F10

0
241 B

360ms
108ms

Image
text/plain

52.45.175.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=30A7090F6CA65F10
Protocol: HTTP/1.1
Server: 52.45.175.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-175-185.compute-1.amazonaws.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Connection: close
Date: Mon, 10 Jul 2023 09:24:05 GMT
Server: openresty

Redirect headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1688981045051169-1793070261108623075-balancer-l7leveler-kubr-yp-sas-82-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=30A7090F6CA65F10
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:05 GMT

GET
H2 200 /
yandex.ru/an/mapuid/eplanningrtb/ Frame 855B 0
0 94ms
79ms Image
text/html 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yandex.ru/an/mapuid/eplanningrtb/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 855B
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=2B9044359FB222A6&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
232 B

147ms
47ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=2B9044359FB222A6&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1688981045051670-10127526191315041936-balancer-l7leveler-kubr-yp-sas-82-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=2B9044359FB222A6&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:05 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 855B
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=2B9044359FB222A6&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
409 B

146ms
45ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=2B9044359FB222A6&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1688981045051918-10426934793572065658-balancer-l7leveler-kubr-yp-sas-82-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=2B9044359FB222A6&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:05 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 855B
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandexru
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=2B9044359FB222A6&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
232 B

146ms
46ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=2B9044359FB222A6&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1688981045052169-6528190807057570478-balancer-l7leveler-kubr-yp-sas-82-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=2B9044359FB222A6&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:05 GMT

GET
H/1.1

200
OK

cm.gif
ad.mail.ru/ Frame 855B
Redirect Chain

https://yandex.ru/an/mapuid/mailweb/
https://ad.mail.ru/cm.gif?p=155&id=83544D7D5C30B3E8

43 B
764 B

327ms
71ms

Image
image/gif

2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=155&id=83544D7D5C30B3E8
Protocol: HTTP/1.1
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 10 Jul 2023 09:24:05 GMT
Last-Modified: Mon, 10 Jul 2023 09:24:05 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Mon, 10 Jul 2023 15:24:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1688981045113386-7218896566881287648-balancer-l7leveler-kubr-yp-sas-82-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://ad.mail.ru/cm.gif?p=155&id=83544D7D5C30B3E8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:05 GMT

GET
H2 404 /
yandex.ru/an/mapuid/mimimobww/ Frame 855B 43 B
158 B 149ms
134ms Image
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yandex.ru/an/mapuid/mimimobww/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1688981045113671-11587770354902297869-balancer-l7leveler-kubr-yp-sas-82-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:05 GMT

GET
H2

200

sync
t.adx.opera.com/ Frame 855B
Redirect Chain

https://yandex.ru/an/mapuid/operacom/
https://t.adx.opera.com/sync?vendor=60143&uid=712F138FD23749C6

35 B
468 B

130ms
28ms

Image
image/gif

82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60143&uid=712F138FD23749C6
Protocol: H2
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1688981045113970-10037498747065318531-balancer-l7leveler-kubr-yp-sas-82-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://t.adx.opera.com/sync?vendor=60143&uid=712F138FD23749C6
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:05 GMT

GET
H2

200

user-sync
rtb.programattik.com/ Frame 855B
Redirect Chain

https://yandex.ru/an/mapuid/turktelekomrtb/
https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=FFCD36C94A06BEEF

42 B
152 B

264ms
81ms

Image
image/gif

85.111.6.50
TTNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=FFCD36C94A06BEEF
Protocol: H2
Server: 85.111.6.50 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
cache-control: no-store
server: nginx
age: 0
content-length: 42
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1688981045114318-2173422850081929524-balancer-l7leveler-kubr-yp-sas-82-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=FFCD36C94A06BEEF
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:05 GMT

GET
H/1.1

200
OK

user-sync
sync.adkernel.com/ Frame 855B
Redirect Chain

https://yandex.ru/an/mapuid/xapadsssp/
https://sync.adkernel.com/user-sync?dsp=94&t=image&uid=F415F70E0DA81D6E

42 B
228 B

109ms
33ms

Image
image/gif

77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adkernel.com/user-sync?dsp=94&t=image&uid=F415F70E0DA81D6E
Protocol: HTTP/1.1
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 Jul 2023 09:24:05 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: close
Content-Length: 42

Redirect headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1688981045114629-15891512808201774473-balancer-l7leveler-kubr-yp-sas-82-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://sync.adkernel.com/user-sync?dsp=94&t=image&uid=F415F70E0DA81D6E
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:05 GMT

GET
H2

200

732bd0195fb77b4a2fda2b49169c73cce055be0102d510b4d115b6fc0c3592b0
an.yandex.ru/mapuid/mediascope/ Frame 855B
Redirect Chain

https://cm.tns-counter.ru/yacm
https://an.yandex.ru/mapuid/mediascope/732bd0195fb77b4a2fda2b49169c73cce055be0102d510b4d115b6fc0c3592b0

43 B
80 B

77ms
76ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mediascope/732bd0195fb77b4a2fda2b49169c73cce055be0102d510b4d115b6fc0c3592b0

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
server: ms-counter-4.0.4/1.22.1
content-type: text/html
location: https://an.yandex.ru/mapuid/mediascope/732bd0195fb77b4a2fda2b49169c73cce055be0102d510b4d115b6fc0c3592b0
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 204 match
dm.hybrid.ai/ Frame 855B 0
278 B 225ms
68ms Image
text/plain 37.18.16.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=182

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.16 , Russian Federation, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: https://yastatic.net
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-mode: 105
x-xss-protection: 1; mode=block
expires: -1

GET
H2 204 yandexdmp-match
dm.hybrid.ai/ Frame 855B 0
238 B 224ms
67ms Image
text/plain 37.18.16.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/yandexdmp-match

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.16 , Russian Federation, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 126
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/119/i/ Frame 855B
Redirect Chain

https://dmg.digitaltarget.ru/1/119/i/i?i=1688981044
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1688981045257&i=1688981044

49 B
189 B

79ms
79ms

Image
image/gif

185.15.175.144
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1688981045257&i=1688981044
Protocol: HTTP/1.1
Server: 185.15.175.144 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 10 Jul 2023 09:24:05 GMT
Server: nginx
Connection: keep-alive
Content-Length: 49
Content-Type: image/gif

Redirect headers

Date: Mon, 10 Jul 2023 09:24:05 GMT
Server: nginx
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1688981045257&i=1688981044
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

GdbzzjyLAErgTdriFUdGVaWfqZovgmlZ
an.yandex.ru/mapuid/mediasurferis/ Frame 855B
Redirect Chain

https://dsp.mpartner.digital/dmp/syncsspdmp?sspid=4
https://an.yandex.ru/mapuid/mediasurferis/GdbzzjyLAErgTdriFUdGVaWfqZovgmlZ

43 B
80 B

72ms
72ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mediasurferis/GdbzzjyLAErgTdriFUdGVaWfqZovgmlZ

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:05 GMT

Redirect headers

location: http://an.yandex.ru/mapuid/mediasurferis/GdbzzjyLAErgTdriFUdGVaWfqZovgmlZ
date: Mon, 10 Jul 2023 09:24:05 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/html; charset=utf-8
content-length: 108
p3p: policyref="//dsp.mpartner.digital/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"

GET
H2

200

match
match.360yield.com/ Frame 855B
Redirect Chain

https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID}
https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D
https://an.yandex.ru/mapuid/azerionis/89cb778e-8ce8-4eda-af09-bbdfa2ee4fd8
https://match.360yield.com/match?external_user_id=89cb778e-8ce8-4eda-af09-bbdfa2ee4fd8&publisher_dsp_id=429&publisher_call_type=redirect

43 B
198 B

55ms
54ms

Image
image/gif

52.211.64.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?external_user_id=89cb778e-8ce8-4eda-af09-bbdfa2ee4fd8&publisher_dsp_id=429&publisher_call_type=redirect
Protocol: H2
Server: 52.211.64.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-64-27.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 10 Jul 2023 09:24:05 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://match.360yield.com/match?external_user_id=89cb778e-8ce8-4eda-af09-bbdfa2ee4fd8&publisher_dsp_id=429&publisher_call_type=redirect
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:05 GMT

GET
H2

200

47a9abf6-440b-4895-6eaf-6fa5c074be2c
an.yandex.ru/mapuid/buzzooladspis/ Frame 855B
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D
https://an.yandex.ru/mapuid/buzzooladspis/47a9abf6-440b-4895-6eaf-6fa5c074be2c

43 B
80 B

78ms
76ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/buzzooladspis/47a9abf6-440b-4895-6eaf-6fa5c074be2c

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:05 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/buzzooladspis/47a9abf6-440b-4895-6eaf-6fa5c074be2c
date: Mon, 10 Jul 2023 09:23:09 GMT
server: nginx
content-length: 113
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

404

nXiUsUqaQAmHQKW7q9GWMQ
an.yandex.ru/setud/mts_banner/ Frame 855B
Redirect Chain

https://kimberlite.io/rtb/sync/yandex
https://solta-sync.rutarget.ru/sync
https://kimberlite.io/rtb/sync/segmento?u=kFtLBvGW25aq
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZKvONY_qa2s
https://vma.mts.ru/match/second?ssp=59&exu=ZKvONY_qa2s
https://tech.rtb.mts.ru/?dsp_uid=9d7894b1-4a9a-4009-8740-a5bbabd19631&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FnXiUsUqaQAmHQKW7q9GWMQ%3Flocation%3Dhttps%253A%252F%252Fvma.mts.ru...
https://an.yandex.ru/setud/mts_banner/nXiUsUqaQAmHQKW7q9GWMQ?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=3807163214

43 B
104 B

76ms
76ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/mts_banner/nXiUsUqaQAmHQKW7q9GWMQ?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=3807163214

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 09:24:06 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:06 GMT

Redirect headers

Date: Mon, 10 Jul 2023 09:24:06 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/nXiUsUqaQAmHQKW7q9GWMQ?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=3807163214
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

/
an.yandex.ru/mapuid/targetrtbis/ Frame 855B
Redirect Chain

https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1
https://an.yandex.ru/mapuid/targetrtbis/

43 B
80 B

74ms
73ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/targetrtbis/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:05 GMT

Redirect headers

Date: Mon, 10 Jul 2023 09:24:05 GMT
Server: nginx/1.22.1
Vary: Origin
Access-Control-Allow-Origin: *
Location: https://an.yandex.ru/mapuid/targetrtbis/
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET pixel
mitdmp.whiteboxdigital.ru/ Frame 855B 0
0

GET
H2

200

550ec3e1-8a06-0749-7475-3022c2712653
an.yandex.ru/mapuid/hyperdspis/ Frame 855B
Redirect Chain

https://nr.bidderstack.com/yandex/cm?user_id={partner_user_id}
https://nr.bidderstack.com/yandex/cm?user_id={partner_user_id}&pupa=1
https://an.yandex.ru/mapuid/hyperdspis/550ec3e1-8a06-0749-7475-3022c2712653

43 B
80 B

73ms
72ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/hyperdspis/550ec3e1-8a06-0749-7475-3022c2712653

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:05 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/hyperdspis/550ec3e1-8a06-0749-7475-3022c2712653
Access-Control-Allow-Origin: *
Date: Mon, 10 Jul 2023 09:24:05 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

/
an.yandex.ru/mapuid/ramblerssp/ Frame 855B
Redirect Chain

https://profile.ssp.rambler.ru/sync3.302?pid=188
https://an.yandex.ru/mapuid/ramblerssp/

43 B
80 B

73ms
73ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/ramblerssp/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:05 GMT

Redirect headers

date: Mon, 10 Jul 2023 09:24:05 GMT
strict-transport-security: max-age=0
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location: //an.yandex.ru/mapuid/ramblerssp/
content-type: application/x-javascript
x-passed: 0bal1
content-length: 0

GET
H2

200

x0pjWX7sec8.AikABlGJPx2BUQ
an.yandex.ru/mapuid/getintentis/ Frame 855B
Redirect Chain

https://px.adhigh.net/p/cm/yandexssp
https://px.adhigh.net/p/cm/yandexssp?bounced=1
https://an.yandex.ru/mapuid/getintentis/x0pjWX7sec8.AikABlGJPx2BUQ

43 B
80 B

73ms
73ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/getintentis/x0pjWX7sec8.AikABlGJPx2BUQ

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
server: nginx
x-backend-id: f21-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://an.yandex.ru/mapuid/getintentis/x0pjWX7sec8.AikABlGJPx2BUQ
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

6iGar6qOdUBhFHQNU004AO
an.yandex.ru/mapuid/dmpweborama/ Frame 855B
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID}
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=3096994932
https://an.yandex.ru/mapuid/dmpweborama/6iGar6qOdUBhFHQNU004AO

43 B
80 B

72ms
72ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpweborama/6iGar6qOdUBhFHQNU004AO

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:04 GMT
via: 1.1 google
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://an.yandex.ru/mapuid/dmpweborama/6iGar6qOdUBhFHQNU004AO
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 y
rtb-eu-warsaw.intent.ai/um/ Frame 855B 68 B
830 B 2799ms
2728ms Image
image/png 2606:4700:20::ac43:48bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb-eu-warsaw.intent.ai/um/y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:48bf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:08 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 68
pragma: no-cache
last-modified: Mon, 10 Jul 2023 09:24:07 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5DzppjAKLsACE9EKsNjlrIy1qErtBxjl4O9hnOpjX55a0yZO8TaMGHGR06JlCLbKMD3%2BhXzidP%2FVjLSB0vc5L5fwQoy4zAkSyokaoxUvktWsreedhEudjL9n9%2BdYjmgY4t83TZR%2BNRZ0w0D8Vy6d4tbyOiB2"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
cf-ray: 7e47c06ebaec1b06-AMS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2

200

bQhB7rmMaKrf6lXrXHX5
an.yandex.ru/mapuid/kadamis/ Frame 855B
Redirect Chain

https://s.uuidksinc.net/match/501
https://an.yandex.ru/mapuid/kadamis/bQhB7rmMaKrf6lXrXHX5

43 B
80 B

73ms
72ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/kadamis/bQhB7rmMaKrf6lXrXHX5

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:05 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/kadamis/bQhB7rmMaKrf6lXrXHX5
date: Mon, 10 Jul 2023 09:24:05 GMT
server: nginx/1.23.2
content-length: 0

GET
H2

200

9d7894b1-4a9a-4009-8740-a5bbabd19631
an.yandex.ru/mapuid/mtsdspis/ Frame 855B
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=yandex&id=map
https://vma.mts.ru/match/second?ssp=55
https://tech.rtb.mts.ru/?dsp_uid=9d7894b1-4a9a-4009-8740-a5bbabd19631&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F9d7894b1-4a9a-4009-8740-a5bbabd19631
https://an.yandex.ru/mapuid/mtsdspis/9d7894b1-4a9a-4009-8740-a5bbabd19631

43 B
80 B

74ms
74ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mtsdspis/9d7894b1-4a9a-4009-8740-a5bbabd19631

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 09:24:06 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:06 GMT

Redirect headers

Date: Mon, 10 Jul 2023 09:24:06 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/mapuid/mtsdspis/9d7894b1-4a9a-4009-8740-a5bbabd19631
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

data_sess_sync.php
sonar.semantiqo.com/fbfli/ Frame 855B
Redirect Chain

https://sonar.semantiqo.com/dmp/scr.php
https://counter.yadro.ru/id127/reff-id.gif?sid=f6c0b42c52f448f6bc9628dfdce6498d
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=f6c0b42c52f448f6bc9628dfdce6498d

0
355 B

67ms
67ms

Image
text/html

95.217.109.66
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=f6c0b42c52f448f6bc9628dfdce6498d
Protocol: H2
Server: 95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.66.109.217.95.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:06 GMT
content-encoding: gzip
mode: no-cors
server: nginx/1.20.1
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

Location: https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=f6c0b42c52f448f6bc9628dfdce6498d
Date: Mon, 10 Jul 2023 09:24:05 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 364
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 855B 42 B
201 B 381ms
76ms Image
image/gif 81.222.128.215
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad15.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 10 Jul 2023 09:24:05 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 855B 42 B
201 B 317ms
76ms Image
image/gif 81.222.128.215
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad15.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 10 Jul 2023 09:24:05 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK /
sync.bumlam.com/ Frame 855B 43 B
390 B 134ms
31ms Image
image/gif 31.172.81.172
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=yandex
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.172 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 10 Jul 2023 09:24:05 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 204 yandexortb
sync.dmp.otm-r.com/match/ Frame 855B 0
69 B 222ms
68ms Image
text/plain 194.55.244.181
PROCLOUD PROCLOUD...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/yandexortb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.55.244.181 , Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 10 Jul 2023 09:24:05 GMT
server: nginx/1.23.2

GET
H2

200

NjcyMmEwMWYyN2UyNDU2ZQ
an.yandex.ru/mapuid/gonetisnew/ Frame 855B
Redirect Chain

https://sync.gonet-ads.com/match/yandex?id=[buyerUid]
https://sync.gonet-ads.com/match/yandex?id=%5BbuyerUid%5D&chk=1
https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ

43 B
80 B

73ms
72ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:05 GMT

Redirect headers

date: Mon, 10 Jul 2023 09:24:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
location: https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

200

ca9e4b00-b663-459c-8e1c-f1a72ac65ed1
an.yandex.ru/mapuid/upravelis/ Frame 855B
Redirect Chain

https://sync.upravel.com/yandex/sync
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
https://an.yandex.ru/mapuid/upravelis/ca9e4b00-b663-459c-8e1c-f1a72ac65ed1

43 B
152 B

72ms
72ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/upravelis/ca9e4b00-b663-459c-8e1c-f1a72ac65ed1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 09:24:06 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:06 GMT

Redirect headers

date: Mon, 10 Jul 2023 09:24:06 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://an.yandex.ru/mapuid/upravelis/ca9e4b00-b663-459c-8e1c-f1a72ac65ed1
access-control-allow-origin: *
content-type: image/png
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

200

ueI7xAtGdsigle6%2FbE4PbQ
an.yandex.ru/mapuid/dmpaidatame/ Frame 855B
Redirect Chain

https://x01.aidata.io/0.gif?pid=YANDEX
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1
https://an.yandex.ru/mapuid/dmpaidatame/ueI7xAtGdsigle6%2FbE4PbQ?sign=1935734187

43 B
80 B

72ms
72ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpaidatame/ueI7xAtGdsigle6%2FbE4PbQ?sign=1935734187

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 09:24:06 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:06 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:06 GMT
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://an.yandex.ru/mapuid/dmpaidatame/ueI7xAtGdsigle6%2FbE4PbQ?sign=1935734187
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 10 Jul 2023 09:24:05 GMT

GET
H2

200

kFtLBvGW25aq
an.yandex.ru/mapuid/dmpsegmento/ Frame 855B
Redirect Chain

https://yandex-dmp-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/dmpsegmento/kFtLBvGW25aq?sign=3645812680

43 B
80 B

72ms
71ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpsegmento/kFtLBvGW25aq?sign=3645812680

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 09:24:06 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:06 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/dmpsegmento/kFtLBvGW25aq?sign=3645812680
Date: Mon, 10 Jul 2023 09:24:06 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

kFtLBvGW25aq
an.yandex.ru/mapuid/rutargetis/ Frame 855B
Redirect Chain

https://yandex-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/rutargetis/kFtLBvGW25aq

43 B
80 B

72ms
72ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/rutargetis/kFtLBvGW25aq

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 09:24:06 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:06 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/rutargetis/kFtLBvGW25aq
Date: Mon, 10 Jul 2023 09:24:06 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame 855B 95 B
400 B 275ms
72ms Image
image/png 2a02:6b8::5:114
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 10 Jul 2023 09:24:06 GMT
Strict-Transport-Security: max-age=315360000; includeSubDomains
Server: nginx/1.14.2
X-RT-IH: 0.0002
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0001
Content-Length: 95
Expires: Tue, 11 Jul 2023 09:24:06 GMT

GET
H2 200 1RutiqZz0Ly200000000U9nJD95AdTStgR_Ey8lWrzEB7UwRMfgSMvt200IUC97G-u-b76FFwAWof382nJE_28Rk1OcNCWDvjLU1H2jZ6P3i1Ca20HF3J4QzFX4mUo7ZahFSODPAnYrbB63MNiP5zQ8CHy7yiumWGwuoWhJUPMIGOM3u2sRFPM82aakPT82SjKmHG... Show response
yandex.ru/an/rtbcount/ 43 B
342 B 152ms
150ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1RutiqZz0Ly200000000U9nJD95AdTStgR_Ey8lWrzEB7UwRMfgSMvt200IUC97G-u-b76FFwAWof382nJE_28Rk1OcNCWDvjLU1H2jZ6P3i1Ca20HF3J4QzFX4mUo7ZahFSODPAnYrbB63MNiP5zQ8CHy7yiumWGwuoWhJUPMIGOM3u2sRFPM82aakPT82SjKmHGCvPflz0y8f9eEntuPqlWemCH_oCkkKOs1Z-Ce6CRMLc1PAzp8f0SYepoD2vp20ZLZ8pEIg0hTt8R1bxHaAcxdBoIMQOhwyoWoq6aq-PQ--_uFh9xE343t4wY_52Gx2NDh3yXm767KZi0qZicn2_CNomVyXorJFjtb_Z6_PlMK1UNC3AUP8rU2ea52wmDZGat6GrMIMmv-cXQQ5VMK6QVx5o6beO6nWRcnkPDh3ztRSul8EjWMK2svOjKpw_lFZaUDqCjYk7WnUmRJlpTiwCbz-cgwvaWrbnWCtZ11lp8pPU_rHNgsm_9xV0uAGiyvTiCCVyP5Cs5qkPQVx9VYAxrvt_eNyTtjdFOcUpC30oCB5SmCwuWfrn0tjJGmFF3dQU4-pY3zYdFPdmUDE7li_bFzXv5d2icnEqWcF9RFqD75lU2kxWOBp5WH7yJpaO61hiUpb1NftA2Gg51PmDp2iuNp9ku1G606-Orf00?pcode-active-testids=794562%2C0%2C90

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ms-word-download.ru/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 10 Jul 2023 09:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1688981045114947-14250207264851172994-balancer-l7leveler-kubr-yp-sas-82-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 10 Jul 2023 09:24:05 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: https://ms-word-download.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 10 Jul 2023 09:24:05 GMT

POST
H2 200 1
mc.yandex.ru/watch/1988056/ 43 B
0 82ms
81ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/1988056/1?page-url=https%3A%2F%2Fms-word-download.ru%2F&charset=utf-8&cnt-class=1&hittoken=1688981045_68b9b38575e3a659ecd31135c2046d9d2141dd3120c7a15aabb5ebb3e50e49f2&browser-info=pa%3A1%3Aar%3A1%3Avf%3Aew9xzikdbvs4xc57dmj3aan%3Afp%3A765%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A3%3Adp%3A1%3Als%3A832280392533%3Ahid%3A104078372%3Az%3A0%3Ai%3A20230710092405%3Aet%3A1688981045%3Ac%3A1%3Arn%3A545315855%3Arqn%3A1%3Au%3A1688981045474151148%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A59%2C58%2C385%2C1%2C0%2C0%2C%2C347%2C4%2C1398%2C1398%2C0%2C852%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1688981043337%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1688981045&t=mc(p-3-h-2)clc(0-0-0)rqnt(1)lt(6100)aw(1)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ms-word-download.ru/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 10-Jul-2023 09:24:05 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://ms-word-download.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 10-Jul-2023 09:24:05 GMT

GET
H2 200 1988056
mc.yandex.ru/watch/ 43 B
0 72ms
72ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/1988056?page-url=https%3A%2F%2Fms-word-download.ru%2F&charset=utf-8&cnt-class=1&hittoken=1688981045_68b9b38575e3a659ecd31135c2046d9d2141dd3120c7a15aabb5ebb3e50e49f2&browser-info=pv%3A1%3Aar%3A1%3Avf%3Aew9xzikdbvs4xc57dmj3aan%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A3%3Adp%3A1%3Als%3A832280392533%3Ahid%3A104078372%3Az%3A0%3Ai%3A20230710092405%3Aet%3A1688981045%3Ac%3A1%3Arn%3A212870664%3Arqn%3A2%3Au%3A1688981045474151148%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1688981043337%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1688981045%3At%3AMicrosoft%20Word%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B4%D0%BB%D1%8F%20Windows%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B8%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=mc(p-3-h-2)clc(0-0-0)rqnt(2)lt(6100)aw(1)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ms-word-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:05 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 10-Jul-2023 09:24:05 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://ms-word-download.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 10-Jul-2023 09:24:05 GMT

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame 855B 105 KB
37 KB 35ms
35ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: ms-word-download.ru
URL: https://ms-word-download.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:06 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 81b8c49d72fb07aa
timing-allow-origin: *
expires: Wed, 12 Jul 2023 21:19:59 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame 855B 167 KB
59 KB 143ms
142ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

488fe6c46ab91503354f3dcfa02685e77d3c0eff8a098560c9292cf8fffae7d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 05 Jul 2023 16:40:28 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64a572cc-e9ed"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 59885
expires: Mon, 10 Jul 2023 10:24:06 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame 855B 362 B
1 KB 88ms
87ms Fetch
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fms-word-download.ru%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

1b21be50822c8f1e162a563f05543e3d8b2f97a91e6ebcb8064ebbe13c6037e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1688981046936497-5643594221060752285-balancer-l7leveler-kubr-yp-sas-82-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 855B 45 KB
16 KB 156ms
77ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ac1928b4eed775725d2c16502e1aefa6b1bb11569e9e3904a77a91470dcf65b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16519
x-xss-protection: 0
server: cafe
etag: 5789111909933878205
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 10 Jul 2023 09:24:07 GMT

GET
H2

200

/
www.google.nl/pagead/1p-user-list/1014923426/ Frame 855B
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=N86rZI7XBfKg7_UPjKqYiA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=90684100&crd=&is_vtc=1&random=107982425
https://www.google.nl/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=90684100&crd=&is_vtc=1&random=107982425&ipr=y

42 B
108 B

48ms
48ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=90684100&crd=&is_vtc=1&random=107982425&ipr=y

Protocol

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.nl/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=90684100&crd=&is_vtc=1&random=107982425&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.nl/pagead/1p-user-list/1014923426/ Frame 855B
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=N86rZKvEBZyL7_UPifSdkA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=30362330&crd=&is_vtc=1&random=1980050882
https://www.google.nl/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=30362330&crd=&is_vtc=1&random=1980050882&ipr=y

42 B
108 B

47ms
46ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=30362330&crd=&is_vtc=1&random=1980050882&ipr=y

Protocol

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.nl/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=30362330&crd=&is_vtc=1&random=1980050882&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1TvEq5Zx0Ly200000000U9nJD95AdTStgR_Ey8lWrzEB7UwRMfgSMvt200IUC97G-u-b76FFwAWof382nJE_28Rk1OcNCWDvjLU1H2jZ6P3i1Ca20HF3J4QzFX4mUo7ZahFSODPAnYrbB63MNiP5zQ8CHy7yiumWJLV1v5r61Xa6XhzWzbmc9Y2vb4a7o5dB507ad... Show response
yandex.ru/an/rtbcount/ 43 B
143 B 93ms
92ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1TvEq5Zx0Ly200000000U9nJD95AdTStgR_Ey8lWrzEB7UwRMfgSMvt200IUC97G-u-b76FFwAWof382nJE_28Rk1OcNCWDvjLU1H2jZ6P3i1Ca20HF3J4QzFX4mUo7ZahFSODPAnYrbB63MNiP5zQ8CHy7yiumWJLV1v5r61Xa6XhzWzbmc9Y2vb4a7o5dB507ad6Nw3mIlc0JAVXVU-IB8o734pwXRZe6DuIyJoDXMPbOWsSki22IdCeDSDfSPPCHAPYP71R2r6vajOyz8oDHTJZx93FFrLMQmnM3oANFj_HTSFvaTdFWXJcSnNcW8zj86blymmBW3YNq0YNqJuZU63_OFMQvwfjtxQtp3_YqBo8iBM3bFiWPFXOJ21TQ6XeIRh2Qh1FOyFJGjz2ihIFClLav32sC3OsDp8zC6jh_x5eTti3MmJ63RicNAvvSNdnolcy5svN3m0hPjPzxEcV7ostJLbMmmAmwmUPnWOtx4nkkVwcgLxUVa5XYSb6N-aWtcc9ziokPYAJFDFzbFPFUwyp_qhyCx-rdiR1O6HWOcbWlO6LUmCsvWRsfeuDd1pdE2NVm1-xGd4nvl-j3tkVm7Eyy2ZdLpWbPmB9cjlu5Zorl17HoCjpWmWlyf1mD3Wtql9yYhKpb1eR20iu5v1UTBnWsSmW1htjQE?media-test-tag=2251799813691219&confirmTime=2100000&confirmRatio=1000000&test-tag=141287244169218&rnd=2083844950566&width=670&height=600

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ms-word-download.ru/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 10 Jul 2023 09:24:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1688981047157013-16433298891834410787-balancer-l7leveler-kubr-yp-sas-82-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 10 Jul 2023 09:24:07 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: https://ms-word-download.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 10 Jul 2023 09:24:07 GMT

GET
H2 200 WQGejI_zOoVX2LaU0RKC04CMLdx7wmrtk7udg-FeTVOAETaAkexDqVq7i__GMC80EauLQGX0BYvGuKC13PuKrWfcSB3B3by8EdXT606ysIxlT9l6xsLJlciedYEHGBBMGB8c_IG1KMzaiFd388bt40hv3h3D1cpZLIgLIgMC3nSsEsnqc2LYn4Z6Dh4X7Cm4S11Fs...
yandex.ru/an/count/ Frame 855B 0
181 B 76ms
76ms Image
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yandex.ru/an/count/WQGejI_zOoVX2LaU0RKC04CMLdx7wmrtk7udg-FeTVOAETaAkexDqVq7i__GMC80EauLQGX0BYvGuKC13PuKrWfcSB3B3by8EdXT606ysIxlT9l6xsLJlciedYEHGBBMGB8c_IG1KMzaiFd388bt40hv3h3D1cpZLIgLIgMC3nSsEsnqc2LYn4Z6Dh4X7Cm4S11FsC3LC1Q2TQZLi3U5LDbfDMnz3Vb9esNIP6aoD6vW-AF8NG1X7q0sW01q6Wnc0OI43KcR4WQP18CMYaMCDLS86FPuWHi098X-LRHWjRKnOR4pPBg2tfHfL3QL7gIU5E0fVG2FWo9ugO51fgmfa_KyA6IN5FG9tWbcvdX28wthEZP6x67CD8ouWbRNORpGGWV2w308u16c6u0gAoelwmtUrFEBpU-ohBdxtvYZrNLTnzBc9fGkUoBT-8U8P8CS3mbOQRWbdQMzb-uEsPhruHwKduSqI62Xb9kU4lo19iVjWfK8d57ktpSSY8oALzKk53E_pwYJIP9Fy_eQJbG1JOeAUq7CWThj3Ep2_Xkbch_meXJEeGG0~2=WNyejI_zOoVX2Ldf08qB08FLKRwforZbyKh7bIaxZJGxPLzbXxpKTyRUSEUhR2ezI3qfm5Fw01u7HV1I0uEEeuadMbfQMbfQEZkSvRC2jCvoMG5QPvci0AspaAa0hPEmIm5Q9w6v0AsJi4lEru5cqLWWMElDwSO8g_lo8KmVVl1w3zmQNcQw0IVdymqJSyFNnkgorR8IWdMerR0tXLJPQJLiwQcQif_wullMY47GzHhTITZ50QNKh3kpfQygbEaAEWStdO9vIK6Vu9rWPeudDCeT0iQGcraBR31VQA43ONGO1F08qrsMDRbIy8ul1e75ziFU2clkW_sOZ-b_lPKXsFSscN0v_5fcaHtApzgScML_PdxffJU6on4klViwGYqhRxxwia_Bunfxia_B-nBfno7Mqj80_PVsNciNmUvV5y7kdzVwCAOkJtZux0WXarYY57-m5LRP0iiWA0tynDhBDK0Mj8SnGScjWcyO1_1fyHUW_Vk2Chcioq0zAOsOo1QE1m00~2?media-test-tag=2251799813691219&confirmTime=2100000&confirmRatio=1000000&renderWidth=670&renderHeight=600

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 10 Jul 2023 09:24:07 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1688981047157455-1478420760026539915-balancer-l7leveler-kubr-yp-sas-82-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 10 Jul 2023 09:24:07 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ Frame 855B 43 B
122 B 71ms
71ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 09:24:07 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 05 Jul 2023 16:40:28 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64a572cc-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 10 Jul 2023 10:24:07 GMT

GET
H2 200 3 Show response
mc.yandex.ru/watch/ Frame 855B 256 B
352 B 72ms
72ms Fetch
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fms-word-download.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Afl86j8c0cs0gu7ldrh10om7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A1%3Adp%3A0%3Als%3A735425536912%3Ahid%3A1029712838%3Az%3A0%3Ai%3A20230710092407%3Aet%3A1688981047%3Ac%3A1%3Arn%3A919434066%3Arqn%3A1%3Au%3A1688981047862475976%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C51%2C26%2C1%2C0%2C0%2C%2C59%2C0%2C138%2C138%2C0%2C138%3Aco%3A0%3Acpf%3A1%3Ans%3A1688981044847%3Ast%3A1688981047&t=clc(0-0-0)rqnt(1)aw(1)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

14e5773d0a07dfa8c816bfa95ca0cc0de086818868dc2044e0ebeb5761b82e00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 10-Jul-2023 09:24:07 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 256
x-xss-protection: 1; mode=block
expires: Mon, 10-Jul-2023 09:24:07 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 855B 3 KB
2 KB 71ms
71ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1688981047151&cv=9&fst=1688981047151&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=b%3D%3Bbrowser%3Dchrome%3Bextensions%3D%3Bfresh%3D0%3BfromCancel%3Dfalse%3BfromGoogle%3Dfalse%3Binfected%3D%3Bloyal%3D0%3Bold%3Dactual%3Bos%3Dwindows%3Bp%3D%3Bsbscrb%3D%3Bslow%3D%3Bwinxp%3Dfalse&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fms-word-download.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

73eae1f5e0119c7143dc6282825b56de410720193102578749d09109a0435a0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1493
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 855B 3 KB
2 KB 71ms
71ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1688981047153&cv=9&fst=1688981047153&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=b%3D%3Bbrowser%3Dchrome%3Bextensions%3D%3Bfresh%3D0%3BfromCancel%3Dfalse%3BfromGoogle%3Dfalse%3Binfected%3D%3Bloyal%3D0%3Bold%3Dactual%3Bos%3Dwindows%3Bp%3D%3Bsbscrb%3D%3Bslow%3D%3Bwinxp%3Dfalse&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fms-word-download.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

fd695f74431a8ce809b58d0e6497e081338c4aba290f3a75d3197ea30881bde0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1504
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 855B 3 KB
2 KB 71ms
71ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1688981047155&cv=9&fst=1688981047155&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=b%3D%3Bbrowser%3Dchrome%3Bextensions%3D%3Bfresh%3D0%3BfromCancel%3Dfalse%3BfromGoogle%3Dfalse%3Binfected%3D%3Bloyal%3D0%3Bold%3Dactual%3Bos%3Dwindows%3Bp%3D%3Bsbscrb%3D%3Bslow%3D%3Bwinxp%3Dfalse&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fms-word-download.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

cb4566838c8aee42d37dc3cd2b5b236e979894fd885bb01fc55a036bfd4abc2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1494
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 855B 3 KB
2 KB 72ms
72ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1688981047156&cv=9&fst=1688981047156&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=b%3D%3Bbrowser%3Dchrome%3Bextensions%3D%3Bfresh%3D0%3BfromCancel%3Dfalse%3BfromGoogle%3Dfalse%3Binfected%3D%3Bloyal%3D0%3Bold%3Dactual%3Bos%3Dwindows%3Bp%3D%3Bsbscrb%3D%3Bslow%3D%3Bwinxp%3Dfalse&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fms-word-download.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

4edfd5498b25cb0fca096d283020c867517af4776d36487cd3a3038c518ec5b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1504
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 855B 42 B
108 B 90ms
48ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1688981047151&cv=9&fst=1688979600000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=b%3D%3Bbrowser%3Dchrome%3Bextensions%3D%3Bfresh%3D0%3BfromCancel%3Dfalse%3BfromGoogle%3Dfalse%3Binfected%3D%3Bloyal%3D0%3Bold%3Dactual%3Bos%3Dwindows%3Bp%3D%3Bsbscrb%3D%3Bslow%3D%3Bwinxp%3Dfalse&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fms-word-download.ru%2F&async=1&fmt=3&is_vtc=1&random=2208712269&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/947884341/ Frame 855B 42 B
455 B 124ms
48ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/947884341/?random=1688981047151&cv=9&fst=1688979600000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=b%3D%3Bbrowser%3Dchrome%3Bextensions%3D%3Bfresh%3D0%3BfromCancel%3Dfalse%3BfromGoogle%3Dfalse%3Binfected%3D%3Bloyal%3D0%3Bold%3Dactual%3Bos%3Dwindows%3Bp%3D%3Bsbscrb%3D%3Bslow%3D%3Bwinxp%3Dfalse&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fms-word-download.ru%2F&async=1&fmt=3&is_vtc=1&random=2208712269&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 855B 42 B
455 B 88ms
48ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1688981047153&cv=9&fst=1688979600000&num=1&guid=ON&eid=466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=b%3D%3Bbrowser%3Dchrome%3Bextensions%3D%3Bfresh%3D0%3BfromCancel%3Dfalse%3BfromGoogle%3Dfalse%3Binfected%3D%3Bloyal%3D0%3Bold%3Dactual%3Bos%3Dwindows%3Bp%3D%3Bsbscrb%3D%3Bslow%3D%3Bwinxp%3Dfalse&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fms-word-download.ru%2F&async=1&fmt=3&is_vtc=1&random=2261491426&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/693627671/ Frame 855B 42 B
108 B 122ms
49ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/693627671/?random=1688981047153&cv=9&fst=1688979600000&num=1&guid=ON&eid=466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=b%3D%3Bbrowser%3Dchrome%3Bextensions%3D%3Bfresh%3D0%3BfromCancel%3Dfalse%3BfromGoogle%3Dfalse%3Binfected%3D%3Bloyal%3D0%3Bold%3Dactual%3Bos%3Dwindows%3Bp%3D%3Bsbscrb%3D%3Bslow%3D%3Bwinxp%3Dfalse&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fms-word-download.ru%2F&async=1&fmt=3&is_vtc=1&random=2261491426&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 855B 42 B
108 B 88ms
49ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1688981047155&cv=9&fst=1688979600000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=b%3D%3Bbrowser%3Dchrome%3Bextensions%3D%3Bfresh%3D0%3BfromCancel%3Dfalse%3BfromGoogle%3Dfalse%3Binfected%3D%3Bloyal%3D0%3Bold%3Dactual%3Bos%3Dwindows%3Bp%3D%3Bsbscrb%3D%3Bslow%3D%3Bwinxp%3Dfalse&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fms-word-download.ru%2F&async=1&fmt=3&is_vtc=1&random=3804941242&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/947884341/ Frame 855B 42 B
108 B 121ms
48ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/947884341/?random=1688981047155&cv=9&fst=1688979600000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=b%3D%3Bbrowser%3Dchrome%3Bextensions%3D%3Bfresh%3D0%3BfromCancel%3Dfalse%3BfromGoogle%3Dfalse%3Binfected%3D%3Bloyal%3D0%3Bold%3Dactual%3Bos%3Dwindows%3Bp%3D%3Bsbscrb%3D%3Bslow%3D%3Bwinxp%3Dfalse&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fms-word-download.ru%2F&async=1&fmt=3&is_vtc=1&random=3804941242&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 855B 42 B
108 B 49ms
47ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1688981047156&cv=9&fst=1688979600000&num=1&guid=ON&eid=466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=b%3D%3Bbrowser%3Dchrome%3Bextensions%3D%3Bfresh%3D0%3BfromCancel%3Dfalse%3BfromGoogle%3Dfalse%3Binfected%3D%3Bloyal%3D0%3Bold%3Dactual%3Bos%3Dwindows%3Bp%3D%3Bsbscrb%3D%3Bslow%3D%3Bwinxp%3Dfalse&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fms-word-download.ru%2F&async=1&fmt=3&is_vtc=1&random=1083843698&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/693627671/ Frame 855B 42 B
108 B 49ms
48ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/693627671/?random=1688981047156&cv=9&fst=1688979600000&num=1&guid=ON&eid=466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=b%3D%3Bbrowser%3Dchrome%3Bextensions%3D%3Bfresh%3D0%3BfromCancel%3Dfalse%3BfromGoogle%3Dfalse%3Binfected%3D%3Bloyal%3D0%3Bold%3Dactual%3Bos%3Dwindows%3Bp%3D%3Bsbscrb%3D%3Bslow%3D%3Bwinxp%3Dfalse&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fms-word-download.ru%2F&async=1&fmt=3&is_vtc=1&random=1083843698&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 80150683
mc.yandex.ru/webvisor/ 43 B
0 290ms
107ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/80150683?wmode=0&wv-part=1&wv-hit=104078372&page-url=https%3A%2F%2Fms-word-download.ru%2F&rn=290608757&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1688981047%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230710092407%3Au%3A1688981045474151148%3Avf%3Aew9xzikdbvs4xc57dmj3aan%3Ast%3A1688981047&t=gdpr(14%2C14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ms-word-download.ru/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:07 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 10-Jul-2023 09:24:07 GMT
content-type: image/gif
access-control-allow-origin: https://ms-word-download.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 10-Jul-2023 09:24:07 GMT

GET
H2 200 37412095 Show response
mc.yandex.ru/watch/ Frame 855B 439 B
475 B 110ms
110ms Fetch
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fms-word-download.ru%2F&charset=utf-8&site-info=%7B%22b%22%3A%22%22%2C%22browser%22%3A%22chrome%22%2C%22extensions%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22fromCancel%22%3A%22false%22%2C%22fromGoogle%22%3A%22false%22%2C%22infected%22%3A%22%22%2C%22loyal%22%3A%220%22%2C%22old%22%3A%22actual%22%2C%22os%22%3A%22windows%22%2C%22p%22%3A%22%22%2C%22sbscrb%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22winxp%22%3A%22false%22%2C%22yabroAge%22%3Anull%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afl86j8c0cs0gu7ldrh10om7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A2%3Adp%3A1%3Als%3A1369229111939%3Ahid%3A1029712838%3Aphid%3A104078372%3Az%3A0%3Ai%3A20230710092407%3Aet%3A1688981048%3Ac%3A1%3Arn%3A468341005%3Arqn%3A1%3Au%3A1688981047862475976%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C51%2C26%2C1%2C0%2C0%2C%2C59%2C0%2C138%2C138%2C0%2C138%3Aco%3A0%3Acpf%3A1%3Ans%3A1688981044847%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1688981048%3At%3A&t=gdpr(6)clc(0-0-0)rqnt(1)aw(1)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

0e277c7bfc958bb28a82764cca52dbe5f489860e49524cd9fb5a1798be52354f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 10-Jul-2023 09:24:07 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Mon, 10-Jul-2023 09:24:07 GMT

POST
H2 200 80150683
mc.yandex.ru/webvisor/ 43 B
0 72ms
71ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/80150683?wmode=0&wv-part=1&wv-hit=104078372&page-url=https%3A%2F%2Fms-word-download.ru%2F&rn=1024197006&wv-type=3&browser-info=we%3A1%3Aet%3A1688981048%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230710092407%3Au%3A1688981045474151148%3Avf%3Aew9xzikdbvs4xc57dmj3aan%3Ast%3A1688981048&t=gdpr(14%2C14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ms-word-download.ru/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:07 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 10-Jul-2023 09:24:07 GMT
content-type: image/gif
access-control-allow-origin: https://ms-word-download.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 10-Jul-2023 09:24:07 GMT

GET
H2 200 WXaejI_zOoVX2Lbw0LqG03FUSxwforZbyKh7bIaxZJGxPLzbXxpKTyOcdcXfQMbfQUdiE1CWRkQGfxZpwSoR7_vYXDLz-H2c3pzu3KWY-UN3xa4mqiFOitaz-Kh2nB1GYWTn2GFeE5Ma8G2vk4253mKqU59OAvZ1mIvllZPwaEHSLTWYP5GH3cO2E8XDVFKDuoMKU... Show response
yandex.ru/an/tracking/ 0
184 B 73ms
73ms XHR
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ms-word-download.ru/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 10 Jul 2023 09:24:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1688981050054046-12755720977369755826-balancer-l7leveler-kubr-yp-sas-82-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 10 Jul 2023 09:24:10 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
access-control-allow-origin: https://ms-word-download.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 10 Jul 2023 09:24:10 GMT

GET
H2 200 WXaejI_zOoVX2Lbw0LqG03FUSxwforZbyKh7bIaxZJGxPLzbXxpKTyOcdcXfQMbfQUdiE1CWRkQGfxZpwSoR7_vYXDLz-H2c3pzu3KWY-UN3xa4mqiFOitaz-Kh2nB1GYWTn2GFeE5Ma8G2vk4253mKqU59OAvZ1mIvllZPwaEHSLTWYP5GH3cO2E8XDVFKDuoMKU... Show response
yandex.ru/an/tracking/ 0
184 B 74ms
73ms XHR
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ms-word-download.ru/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 10 Jul 2023 09:24:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1688981055053817-17587776725384894701-balancer-l7leveler-kubr-yp-sas-82-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 10 Jul 2023 09:24:15 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
access-control-allow-origin: https://ms-word-download.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 10 Jul 2023 09:24:15 GMT

POST
H2 200 80150683
mc.yandex.ru/watch/ 43 B
397 B 78ms
77ms Ping
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/80150683?page-url=https%3A%2F%2Fms-word-download.ru%2F&charset=utf-8&hittoken=1688981044_824a5e01e063c47e01aab2b630a4fc72a0b5321bf603796301aa6bb5989b86b0&browser-info=nb%3A1%3Acl%3A170%3Aar%3A1%3Avf%3Aew9xzikdbvs4xc57dmj3aan%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A1%3Adp%3A1%3Als%3A1225161438334%3Ahid%3A104078372%3Az%3A0%3Ai%3A20230710092419%3Aet%3A1688981060%3Ac%3A1%3Arn%3A1007645595%3Arqn%3A3%3Au%3A1688981045474151148%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1688981043337%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1688981060&t=gdpr(14%2C14)mc(p-3-h-2)clc(0-0-0)rqnt(3)lt(6100)aw(1)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ms-word-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:19 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 10-Jul-2023 09:24:19 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://ms-word-download.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 10-Jul-2023 09:24:19 GMT

POST
H2 200 37412095
mc.yandex.ru/watch/ Frame 855B 43 B
158 B 78ms
78ms Ping
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/37412095?page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&charset=utf-8&hittoken=1688981047_5c34eb0878b35a50425fc95a384fb0e31a3a19c1d79bf2a7bd868519e1cbed48&browser-info=nb%3A1%3Acl%3A531%3Aar%3A1%3Avf%3Afl86j8c0cs0gu7ldrh10om7%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A2%3Adp%3A1%3Als%3A1369229111939%3Ahid%3A1029712838%3Aphid%3A104078372%3Az%3A0%3Ai%3A20230710092422%3Aet%3A1688981062%3Ac%3A1%3Arn%3A207425592%3Arqn%3A2%3Au%3A1688981047862475976%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1688981044847%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1688981062&t=gdpr(6)clc(0-0-0)rqnt(2)aw(1)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jul 2023 09:24:22 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 10-Jul-2023 09:24:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 10-Jul-2023 09:24:22 GMT

GET
H/1.1 200
OK stat Show response
smelel.icu/sm/ 0
484 B 80ms
28ms XHR
text/html 88.208.46.222
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://smelel.icu/sm/stat?uuid=313559fc-da00-461f-9d64-feb5b1b98582&apiKey=4f4dd89164e690ff9f839dd52ab7e802&action=90&rfr=https%3A%2F%2Fms-word-download.ru%2F
Requested by: Host: smatr.icu
URL: https://smatr.icu/sm/getcode?apiKey=4f4dd89164e690ff9f839dd52ab7e802
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.208.46.222 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ms-word-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 10 Jul 2023 09:24:29 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mitdmp.whiteboxdigital.ru
URL: https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

55 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 13:18:19	Name: pcssspb Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 13:11:07	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 13:11:07	Name: pcs3 Value: 1
kimberlite.io/rtb/sync	1970-01-20 13:09:41	Name: f Value: https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsoltadspis%2FZKvONY_qa2s
kimberlite.io/rtb/sync	1970-01-20 13:09:41	Name: n Value: 2
.dmg.digitaltarget.ru/1/119/i	1970-01-20 22:45:41	Name: viuserid Value: Mq2zaEO2PT3T6HD7upLr
.yandex.ru/	1970-01-20 22:45:41	Name: i Value: TMoFIqLaHr3szgzy+VK9kZsICQ0QGF4Kjsscw2sZIs6bP71QI1us2+2lC8gdiRm5msfVOQW9l8Vghn7dNGrfkv7WJ+I=
.yandex.ru/	1970-01-20 21:55:17	Name: yandexuid Value: 9119668911688981044
.ms-word-download.ru/	1970-01-20 21:55:17	Name: _ym_uid Value: 1688981045474151148
.ms-word-download.ru/	1970-01-20 21:55:17	Name: _ym_d Value: 1688981045
.ms-word-download.ru/	1970-01-20 13:10:53	Name: _ym_isad Value: 2
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 659535211688981044
.yandex.ru/	1970-01-20 21:55:17	Name: yuidss Value: 9119668911688981044
.yandex.ru/	1970-01-20 21:55:17	Name: ymex Value: 1720517044.yrts.1688981044
.yandex.ru/	1970-01-20 21:55:17	Name: bh Value: KgI/MA==
.ms-word-download.ru/	1970-01-20 13:09:42	Name: _ym_visorc Value: w
px.arcspire.io/	1970-01-20 13:52:53	Name: arcid Value: e2306e4149965f9ec12faf
.360yield.com/	1970-01-20 15:19:17	Name: tuuid_lu Value: 1688981045
.acint.net/	1970-01-20 13:09:41	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-20 22:45:41	Name: aid Value: fwAAAWSrzjU+qg90ERiqAq1/RM+pesdLxPmQypsL3KZ/4t77
.360yield.com/	1970-01-20 15:19:17	Name: tuuid Value: cb8ece9f-73c5-429a-976f-9af95b81c124
.acint.net/	1970-01-20 13:52:53	Name: cSyncDp14v4 Value: 1688981045
.tns-counter.ru/	1970-01-20 21:55:17	Name: guid Value: 89C17A1264ABCE35X1688981045
.adx.opera.com/	1970-01-20 21:55:17	Name: UID Value: OPU35b5bfc4969446bcb55ae529b73e7652
.demdex.net/	1970-01-20 17:28:53	Name: demdex Value: 09962119882389762993089699494372923958
.dpm.demdex.net/	1970-01-20 17:28:53	Name: dpm Value: 09962119882389762993089699494372923958
.dsp.mpartner.digital/	1970-01-20 21:55:17	Name: dmp Value: GdbzzjyLAErgTdriFUdGVaWfqZovgmlZ
.ssp-rtb.sape.ru/	1970-01-20 22:45:41	Name: sspuid Value: CkICQWSrzjVwowVV05v3AihjYE03SeOsoQpvjF4A6VayO7CT
kimberlite.io/	1970-01-20 15:19:17	Name: u Value: ZKvONY_qa2s~Z8qHjRjQ8gUus-b-rfEUKuvgNKU
.weborama.fr/	1970-01-20 22:35:36	Name: AFFICHE_W Value: OAtwP67g7Y4449
.mail.ru/	1970-01-20 21:56:43	Name: VID Value: 0zje6k1L7lYI0022vT2uKAoI:::0-0-0-9c626f5:CAASEOKxxrC7qfOUJ117_a4LXmEaYN-BELl5KX0idp2xJAYLlO_L0dNPblT1jn0_di8IYkGTfDRHbUdH0bE06wyt2qMg0X1BjTBYihGUdXQL2ykqIbjUhZ8nqzvKCNJhXmMqT6QkU0KhbWTFWbi5B7nShDhLVQ
.betweendigital.com/	1970-01-20 21:55:17	Name: dc Value: was1
.betweendigital.com/	1970-01-20 21:55:17	Name: ss Value: 1
.betweendigital.com/	1970-01-20 21:55:17	Name: tuuid Value: a0617ae7-7e86-53bf-b02b-90edd4805ed8
.adhigh.net/	1970-01-20 21:55:17	Name: gi_u Value: x0pjWX7sec8.AikABlGJPx2BUQ
.uuidksinc.net/	1970-01-20 21:55:17	Name: jcsuuid Value: bQhB7rmMaKrf6lXrXHX5
.betweendigital.com/	1970-01-20 21:55:17	Name: ut Value: ZKvONQAIygBGNX7bu9YUdWu9kP2kgGDJ90Y7UA==
.adhigh.net/	1970-01-20 21:55:17	Name: yandexssp_sync Value: LLK6
.rutarget.ru/	1970-01-20 17:28:53	Name: userId Value: kFtLBvGW25aq
.mts.ru/	1970-01-20 21:42:19	Name: dspid Value: 9d7894b1-4a9a-4009-8740-a5bbabd19631
.mts.ru/	1970-01-20 21:42:19	Name: reset_cookie Value: 1
.sonar.semantiqo.com/	1970-01-20 22:45:41	Name: semantiqo_a Value: f6c0b42c52f448f6bc9628dfdce6498d
.sonar.semantiqo.com/	1970-01-20 22:05:21	Name: check Value: 3a5ecacdca9c43c7aa3cea83f06ad99b
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.gonet-ads.com/	1970-01-20 21:56:43	Name: pid Value: NjcyMmEwMWYyN2UyNDU2ZQ
.upravel.com/	1970-01-20 13:09:41	Name: session_tptc Value: 1688981045981
.upravel.com/	1970-01-20 22:45:41	Name: user_id Value: ca9e4b00-b663-459c-8e1c-f1a72ac65ed1
.aidata.io/	1970-01-20 22:45:41	Name: __upin Value: ueI7xAtGdsigle6/bE4PbQ
.aidata.io/	1970-01-20 22:45:41	Name: __upints Value: 1688981046
.mts.ru/	1970-01-20 22:45:41	Name: mts_id_last_sync Value: 1688981046
x01.aidata.io/	1970-01-20 13:19:45	Name: yaya Value: 1
.mts.ru/	1970-01-20 22:45:41	Name: mts_id Value: 4778052e-5a4d-4f87-955f-5d72b2196ccc
.yandex.ru/	1970-01-20 22:45:41	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 22:45:41	Name: is_gdpr_b Value: CKyEIBD8wQEYAQ==
.doubleclick.net/	1970-01-20 13:09:41	Name: test_cookie Value: CheckForPermission

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://yandex.ru/ads/meta/1988056?target-ref=https%3A%2F%2Fms-word-download.ru%2F&charset=utf-8&pcode-test-ids=769343%2C0%2C6%3B801286%2C0%2C7%3B780720%2C0%2C5%3B786895%2C0%2C68%3B800957%2C0%2C87%3B799456%2C0%2C10%3B800038%2C0%2C71%3B774070%2C0%2C43%3B794562%2C0%2C90%3B799554%2C0%2C11%3B800948%2C0%2C2%3B802049%2C0%2C9%3B681844%2C0%2C65&pcode-flags-map=eJy1WNty2zYQ%2FRc9xynvF7%2BBJEihIgkWACUrmQxGjVVHHV86jp2mzuTfu7jYFmWVshPXDzRFag%2BXezl7Vt8mc8Qln9KFRIWsUYZrWVImSSsz1LaYTY7ff5t8WZ3frifHE8F6PHkzuVl%2FviGn8DmKfD%2BIJ98%2FvHmE6Rgt%2BlxwSVvZoZ7jUYTYTQPfIOAWZTWWOKfNI0hNuFDOzEmBqTqBuxmViDUD2PXXv3ZQQz%2FUqAXhGjanfSskwwVhOFeQqOvGPfOcIPAe3g1eRDZ9LQijdQ1orVAnmMkFEvkUF1KQBktalhyLcVzfc%2BKdmAkiwEXUFjKjxVJlokMMNVgAfoFLBM8dYJao5kPQIA6iR1CGBVuqBLRYLCibScwYHU9lHEZBnD4g2GTwHMGxJjM47dkcLwFxAS5xUrXjcJET%2B%2FETuJ%2FBqGlbybJGlYpZXxcSMlgvJZ%2BRzgR%2Fjur%2BQLXFUZxED4iQt3wGRb%2BkvZC8pnAg7zDkoG8LxAjmB8ASN3CH7uGTzrgIBZxjzglcg5tCnjT1OFjiu0H8fDCZLSGoheRLaIfXh0ZFIRtiruc15VDfGUP57FBIfugtclpg2bP62dgq2yplHcO6Gx%2F70tCEvT%2BAcx34G%2BClfho7B%2FCyviyhB3HTiSW0QUN2QV%2BMOO8QKV7fw7KH8x9FbRVVv7Kn%2F4H5U%2FnZj%2Fn%2FReBHs695XWjGm2PGCR3yXJwmaRxt2yaO61mmW8IUwCeS9bKgDSLt2JgLndjzo71mEuaeYCQbNfdcJwqsubI0JhLVC7Tko5Yws1NDfZ3uXpiHHLdi3Cb0HGcwk%2B0szjkbNUzdODFu6tQYXSL7lpQEeIm0MCVLlONxjMSzQ1cNH4ZLhvkUCKoi%2BZhd5Ca%2BDRG8YklYoyiLAfOqigOdBEWTkWIUAqLsuYP3Bi3BUAXxshNIlS7PGcat5Lwb9yd1A%2BsPggqlrfUFlUorkFKpBngtVOBxp%2BIkjcy0V8KmhGHXFjBMjT2Uz646GrfPZnpych2SoVQbR0kDJ35AqTEIH0AYlXZRlASRCedW2CoGVAWSYibouN9JFLj%2Bdvy0MpKLKYBs4bWgBXTCq56p2dcr6ZhjMh8Pa%2Bw6QWx0J2PSVJroWWvTk9cEsi2mjPbV9IAsBiQT3xq9W%2BqMSt1q22bfJn%2Bsbz5%2BalbXZ5vLybEbOm8mF1e%2Fb87X%2FOPqfHN5Njn2vg9QQ2gDjcobxIT8rcc91hM6q5GSQsAA2w94P7lYbc7fXt%2BCb%2F%2BsLk%2FXX%2BH8l83F6mz9eXDpbHWhr5zerS%2FN11dfNjdX5vTi7daH08uNvaqQHxDgwvXq7vzq7pO9fXdt%2Ft9er95erv%2F%2B%2FOQLf66uLjba9MP%2BV2yRgHzJBrNKHQuCpEDVKK%2BBNvdscem2wJB7hlEugMIPGIa%2BY5YF0P%2F3mh1UPDy67ZsMjzJcHLq%2BHR16Y9LbCVjCUMpwbjpyTjgB7jgAEzum%2BqxCzoFjGLbrhV4tVGsDib2sT%2BMY2tTdBlZOcrGscdUDymuiZpQpPqMwOEGYvxgyApFoIHkHKrZRFF9p0iVFifYUOC5KD8VedOTi0jsKghwdZVmRHRU58vwkwTgKi2GFJWGY2jk%2FXEq3%2BEPQPp8aFlHqWWUSBAFTLPIrjLwDLAIkFST6CRVDmaeCAEOmAFzUjNJbnMSBG%2B3zTa%2BZsDbWmerzDg5wRSi%2FSEvEnv3wCXIQhO4Qeet9deZIJRGH8ud6GIyipS40zIEYKsxcIL0WP%2Fw2YRfv8Wbcg76FW5NqKoCFcfNcH4HL7xdYqCq9vIAfUKGjgidOYVZ5ewAsMT0LIg0tBGxPDTXxlR3lROyqyh1TkJSRVU0v%2BWGlpFRNqpKc7NTox5vz4W6e%2BoGJDip4MZvvMJxStMkTjWt3b%2BsQwx1GQre4GpU7ntzX6NCLyx03EpDAzjaoQnoo7wPsMYJ2L9VsrgwI6D8ImtZIo7FJoiS1KgAvGBHYTn4rIdHh3DlpaOf0gghgEtLAJOFyS%2F8eKJsgjKza7Rmqrf2BZzp%2Bcq90YRGAKoHo5ZR3ioeXSIJimGHFYAerVhH7PUPC1CI1gf1pgYBn9vixGzzluil5KEJofNTpDJhfZvrqULuEVh1PUVuZdrP7goA1rkZiNHMq8JZ5tdh6WtWekmUDC88Ite%2F%2FAti5P4k%3D&pcode-icookie=HiEmIz1RrGN5%2FDBiB72HTHaspg%2B%2B8sJV0sEP0SyL%2FOGVxpI9KC1vUvy%2BVuKk1EJ8iSjnJ7Fdy3%2BWwlvzADPhPNJljCs%3D&duid=MTY4ODk4MTA0NTQ3NDE1MTE0OA%3D%3D&imp-id=3&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=141287244169218&ad-session-id=7193231688981044537&target-id=83749083&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fms-word-download.ru&top-ancestor-undetermined=0&pcode-version=802049&pcodever=802049&flash-ver=0&skip-token=yabs.NzIwNTc2MDc3MjE1MzYxMDU%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.6%2C%22supportHDRBrightness%22%3Afalse%2C%22isInIframe%22%3Afalse%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A1045%2C%22top%22%3A391%2C%22ad_no%22%3A0%2C%22req_no%22%3A1%7D&grab-orig-len=1296&grab=eyJncmFiX3ZlcnNpb24iOjIsIm9sZF9ncmFiX3NpemUiOjkxfQoyqDSRLL_rIgjUuabMMrRbvY1CnSTqdNEu22HbXAXahLMW0VrtutVd7VPuHfC9tGULbg_0HMAdoUCVxLFdXd2avk8QxsyMGCPMKKyG34VhHMSCtvHiMN8eVkWsHA_jAYL3wOwKpCJ4aBuvJ3mME-wKtLJ_Drgi3FEZlb4r03VV1va4DyBKZXpYz4v7e3CVWZnEsgryFhX1F5xnlFiqpY245LU0K0remHlRtt6yUQAQU0uFQ3GZjjZ3MtNBoMxHIAx71HqcKLcwTtpIGoGygqic7VoB9tmFP6s5FelpZu8KykPfFb7SK_Lbf26tYVqiA7xhLjV_epjvODboZz1aZXnoD83W1H78Kqsy_voT9WnkPldmRXKIj_Fwju49rC2VyyUuBazn_KY81ztQ3UMihkakVBSlwtG1KM6xtzCbQUCg5MXp2NHkj9VGGmWzjZUPwfSz5rqct-eLcCuLMu8QLY5Bb-Pd04TA7dHKeoK7v4kxkhU-rSN8piA0ZVGBnw3f9rXytiFulwyMa-aAPMxSMZ0wj9BA-7K8r7_ZkxHSmG6vV0_-UTdticKZ5D3hU34XRQbckCoLfMjrFLGgxDhJFs-cKPRLxY-KMtIvDDksdgVmh9dRuhuI1-817_gr3ePSppT5Wf1mUTzMz-7DORwRP-KgPQwd-2ZOP92MHyBf7KB_oj_Vn57zsw3cma94-nG7YamICpvseiCnraJMptl6-g2vh-j8eaSkqm7tUq_qovQzczgS_11Z__BqBLxULpW5gVfcQ30tg0pmLSazlpBZyzVr-5cTwv0KP9O29-XTpNYWvJoO9Tt7vOZj33-uLz3j5z9sGLYuzIb1RnHQHm-5mKlhR2O5sEGbzQ9W5IuyHvBO8zrc-RSH2Db-vU-m--0Y6KTBR1xmTLfRDIevbYA26V-XoAtPmvOk2nKeUal-80Y1SMHgp7Qsu_d3nwbUHeoeOIODaCb61yKHMa03tpU99SOR39phFxO_uHjGiT8t_oUBK8UkZKWEhKyUk5KVJ8NJykqY1Bc1IFuGPuyJTN03g56bkhKn5_xhCj0NgQ6N7sy30A9anK5DhC3HqytfNEMVaX2_uri2POqu9JDttCXcq1LO3VY7GjFoFmPYPFHDaUCjns_qQQcGpLQWk1lLyKzl5NY2eI_SWgK7dMNKK7qEXnotSEEcNy1azfJaoB5VpJwzVkOq2a8oftKlam9PBPGjAR_dLNnqCLmtShKHlwl1aIsDMx3grID-&uniformat=true&callback=Ya%5B7737408461315%5D Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://yandex.ru/an/mapuid/mimimobww/ Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://an.yandex.ru/setud/mts_banner/nXiUsUqaQAmHQKW7q9GWMQ?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=3807163214 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://ms-word-download.ru/ Message: The resource https://ms-word-download.ru/wp-content/themes/root/fonts/fontawesome-webfont.ttf was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://ms-word-download.ru/ Message: The resource https://ms-word-download.ru/wp-content/themes/root/fonts/fontawesome-webfont.ttf was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://ms-word-download.ru/ Message: The resource https://ms-word-download.ru/wp-content/themes/root/fonts/fontawesome-webfont.ttf was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://ms-word-download.ru/ Message: The resource https://ms-word-download.ru/wp-content/themes/root/fonts/fontawesome-webfont.ttf was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acint.net
ad.mail.ru
ads.betweendigital.com
an.yandex.ru
avatars.mds.yandex.net
cm.g.doubleclick.net
cm.tns-counter.ru
counter.yadro.ru
dm.hybrid.ai
dmg.digitaltarget.ru
dpm.demdex.net
dsp.mpartner.digital
euw-ice.360yield.com
exchange.buzzoola.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
im.bluevoox.com
kimberlite.io
match.360yield.com
match.new-programmatic.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
ms-word-download.realpush.digital
ms-word-download.ru
nr.bidderstack.com
profile.ssp.rambler.ru
px.adhigh.net
px.arcspire.io
rbfour.bid
redirect.frontend.weborama.fr
rtb-eu-warsaw.intent.ai
rtb.programattik.com
s.uuidksinc.net
sm.rtb.mts.ru
smatr.icu
smelel.icu
solta-sync.rutarget.ru
sonar.semantiqo.com
ssp-rtb.sape.ru
ssp.adriver.ru
sync.adkernel.com
sync.bumlam.com
sync.dmp.otm-r.com
sync.gonet-ads.com
sync.upravel.com
t.adx.opera.com
tech.rtb.mts.ru
vma.mts.ru
www.google.com
www.google.nl
www.googleadservices.com
x01.aidata.io
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
mitdmp.whiteboxdigital.ru
142.250.181.226
142.250.186.130
144.76.119.17
148.251.236.118
159.69.75.12
167.235.177.244
178.170.196.176
185.15.175.144
185.244.217.228
188.42.105.236
188.68.217.18
193.232.150.61
193.3.184.213
194.55.244.181
2001:6d0:4001::226
213.87.44.187
217.65.2.150
217.66.147.38
217.66.147.42
23.88.12.14
2606:4700:20::ac43:48bf
2a00:1148:db00::17
2a00:1450:4001:802::200a
2a00:1450:4001:808::2003
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
31.172.81.172
31.220.27.155
35.177.4.157
35.190.24.218
37.18.16.16
45.9.26.83
52.211.64.27
52.45.175.185
54.229.40.109
77.245.57.72
81.222.128.215
82.145.213.8
85.111.6.50
87.242.93.112
88.208.46.222
88.212.202.52
89.108.119.43
89.108.127.68
91.192.150.14
95.216.65.102
95.217.109.66
96.46.183.20
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
05655fe74f75f1807644edca7055721100197df5d8df262b732d2e50f32f3745
090d7825461ba0e58b068dbccf19805b8d1a801670e8e4ed9778166137f4b2ae
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc28e4b32af4d0cc39e4ddaa80684eed32576b97761f30e7b42bfcee0ed24f4
0e277c7bfc958bb28a82764cca52dbe5f489860e49524cd9fb5a1798be52354f
142b691e73bad269bf16bc26c12b2e9793c3607d1747152c84e5d340d1dcfc57
14e5773d0a07dfa8c816bfa95ca0cc0de086818868dc2044e0ebeb5761b82e00
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1b21be50822c8f1e162a563f05543e3d8b2f97a91e6ebcb8064ebbe13c6037e4
1e6fe57f38267d69cea075da28e783dcf8b220723b8448dc2238955bfd4efd8c
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
37662bd3bb4f662adb9590b592422457eff20a84c86e088927923e6c7c7435c7
3795d041425e25372f0d6fcb7a66494c0224d844dd3038458549d05889052f96
40d51f2216a8b5dec25709fbba4dd08115a07b8c916c942c704e739306571fb0
488fe6c46ab91503354f3dcfa02685e77d3c0eff8a098560c9292cf8fffae7d6
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4980a909d1056b16db89f5af5879c1dce682cbf47c13d4bb70c76d1582e2b280
4aacfe5a54cec83501228763bc6fca71341d9ab5fdf369e0886ee4bdf564a5f6
4edfd5498b25cb0fca096d283020c867517af4776d36487cd3a3038c518ec5b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
626c91a33d665410e0e0cfbca6f571dc84132a5271a4d8db5eab22511e031e62
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
68babdfc4950d6f622a966498dbe69a5d2c99665f0388af533848f4f7c165cb4
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
73eae1f5e0119c7143dc6282825b56de410720193102578749d09109a0435a0e
831fb80dec12d831a254e5c7f1e48fccebd1b7e1c597a7caabc66cf75b37bff5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
867f9ae2f67c391f4ecb638d3fde5169ebb9d4c4175edcd08a59aee362c1bf07
8a16301f4186ac5563d98816d373093a66b7ea5d9e5454cdad5baa62399cbf35
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8
ac1928b4eed775725d2c16502e1aefa6b1bb11569e9e3904a77a91470dcf65b8
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b06d1f00a784656db7e858289bb82eb19ec049f23b1635a12a168b85f2ace4ec
c077083c40d9ddfe0648ff81e30d6762efdb123039a247915ac9c10862f2e4e5
cb4566838c8aee42d37dc3cd2b5b236e979894fd885bb01fc55a036bfd4abc2d
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d31a55d2897243a57b225bc8cb5ee0a6feaebb286b58fab969dd0d38d998964c
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
dba0c2ccec8f48fcbe62a2903e2464beb784c1f7ed8a2c9496411a99fe93fb6f
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e2b311167e600ddb905015c4ead47b713bb37f17f9869ad61aaa040fe7aebcc8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52d530ab4c4782c377609ac83a8a8b61bb0bd3b208f84eaa38a4d33a398b83c
ed29289bf501c6110ea435421e89b31f73e6e8b9ffdb5bb0aeefea235e767b5b
edf140400633c1d0705815190a41d83880d077c1af973c97cd617218c96a8d65
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f334eb0a979e74ef42adc0a9ef3d1767fca3dab68f9f0b9fe7cabc15eff5683e
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fd695f74431a8ce809b58d0e6497e081338c4aba290f3a75d3197ea30881bde0
fff685adc0d25dcd03d5ca7b75850382a5caf11eea5b82f78831e1067f424d74

ms-word-download.ru Open in urlscan Pro 185.244.217.228 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

125 Requests

70 %HTTPS

24 %IPv6

49 Domains

58 Subdomains

32 IPs

10 Countries

921 kBTransfer

2401 kBSize

55 Cookies

0 Outgoing links

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ms-word-download.ru Open in urlscan Pro
185.244.217.228 Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

70 %
HTTPS

24 %
IPv6

49
Domains

58
Subdomains

32
IPs

10
Countries

921 kB
Transfer

2401 kB
Size

55
Cookies

125 HTTP transactions
0 data transactions