microsoft-teams.ru.uptodown.com Open in urlscan Pro
23.199.198.174  Public Scan

63 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://dw.uptodown.com/dwn/He9Y-t2vyiZ-zpnVVetVSbT46c3TWOmbXygslwSNxo8GOLlCEPI7fCW2CaN6WGsTrHp4qvP4IFv2Wo9wSOTBfXUdmVgOVHQh6G7b0DuJYaPoDFQRNe1M7Ev1DDYmqsyt/73Sc1iMFWwnTZP_0jOyXvhFcLu5LG1efvxdYztePIx-3ZiskyzLAaiKLS5PsI3K6tKbXVOBN2PqP1mtE27VmbRJIYB5CquXSkDhGqigs4ZOU3YVcyZLJQCFg_qvAY1eH/c0b0FR1GSzLxNSD7II8Z3nU9VyZHhKVmFPmwxKpUnovlSJIReeteV-bS6CJN8G-IWKbfM0kMV3rwqTmgG_fAPdN4rU7ghdEkw8qxWTQ2WIA=/ HTTP 302
   https://microsoft-teams.ru.uptodown.com/windows Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

• https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_n-simpli.fi_ppt_n-emx_dm_n-amobee_sovrn HTTP 302
• https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_n-simpli.fi_ppt_n-emx_dm_n-amobee_sovrn&dcc=t

Request Chain 49

• https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
• https://s.amazon-adsystem.com/ecm3?id=226E43A863FB4CB39E1DF8AEF16927C8&ex=simpli.fi&status=ok

Request Chain 50

• https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID HTTP 302
• https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ= HTTP 302
• https://cs.emxdgt.com/umcheck?apnxid=574499394184642902&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ= HTTP 302
• https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=574499394184642902brt50371641589387707057b2

Request Chain 53

• https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=districtm HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Ddistrictm HTTP 302
• https://s.amazon-adsystem.com/ecm3?id=574499394184642902&ex=districtm

Request Chain 54

• https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23 HTTP 302
• https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=8283938955838361880

Request Chain 55

• https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
• https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1

Request Chain 59

• https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
• https://ssc-cms.33across.com/ps/?ri=0013300001kQj2HAAS&ru=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DkzFyzzqXEqukMDumpVLB6Eq3%26source_user_id%3D33XUSERID33X HTTP 302
• https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=1818667774951

Request Chain 60

• https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1 HTTP 302
• https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=76d7e019-893a-497f-b3fd-9ff9c22f458a&gdpr=0&gdpr_consent=

Request Chain 61

• https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
• https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=$UID HTTP 302
• https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=574499394184642902

Request Chain 62

• https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
• https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1 HTTP 302
• https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=4a348e60-f870-4f44-b99e-4ddedd789785

Request Chain 63

• https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=UExjNDM4WU44VjVKYTAyQ2E5ZS1xdw&gdpr=0&gdpr_consent= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm=&google_sc=&google_hm=UExjNDM4WU44VjVKYTAyQ2E5ZS1xdw&gdpr=0&gdpr_consent=&google_tc= HTTP 302
• https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEKiYpcZmyoZ5bmHdsQuH06o&google_cver=1

Request Chain 64

• https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
• https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=2763190bac7208ef&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
• https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAADLIczVc3T0wNWf3b8AAAAAAA&expiration=1641675787&nuid=&is_secure=true

Request Chain 65

• https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent= HTTP 302
• https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=95&gdpr=0&gdpr_consent= HTTP 302
• https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=6b05d4ae-97ef-447e-be6f-6b49d2627587-61d8aa8b-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D6b05d4ae-97ef-447e-be6f-6b49d2627587-61d8aa8b-4341%26partner_url%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtset%253Fdo%253Dadd%2526pid%253D543793%2526ev%253D6b05d4ae-97ef-447e-be6f-6b49d2627587-61d8aa8b-4341%2526gdpr_in_effect%253D0%2526gdpr_consent%253D HTTP 302
• https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=6b05d4ae-97ef-447e-be6f-6b49d2627587-61d8aa8b-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D6b05d4ae-97ef-447e-be6f-6b49d2627587-61d8aa8b-4341%26partner_url%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtset%253Fdo%253Dadd%2526pid%253D543793%2526ev%253D6b05d4ae-97ef-447e-be6f-6b49d2627587-61d8aa8b-4341%2526gdpr_in_effect%253D0%2526gdpr_consent%253D&xl8blockcheck=1 HTTP 302
• https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=6b05d4ae-97ef-447e-be6f-6b49d2627587-61d8aa8b-4341&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D543793%26ev%3D6b05d4ae-97ef-447e-be6f-6b49d2627587-61d8aa8b-4341%26gdpr_in_effect%3D0%26gdpr_consent%3D HTTP 302
• https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=6b05d4ae-97ef-447e-be6f-6b49d2627587-61d8aa8b-4341&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D543793%26ev%3D6b05d4ae-97ef-447e-be6f-6b49d2627587-61d8aa8b-4341%26gdpr_in_effect%3D0%26gdpr_consent%3D HTTP 302
• https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=6b05d4ae-97ef-447e-be6f-6b49d2627587-61d8aa8b-4341&gdpr_in_effect=0&gdpr_consent=

Request Chain 71

• https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
• https://ce.lijit.com/merge?pid=49&3pid=QcL15ljhV5MP&ev=1&pid=558511&gdpr_consent=&gdpr=0

Request Chain 72

• https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NWQ3NjNiMWYyMDYxYjdiMDM0MWIzMzQy&gdpr=0

Request Chain 73

• https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3651553093 HTTP 302
• https://sync.1rx.io/usersync/tradedesk/76d7e019-893a-497f-b3fd-9ff9c22f458a HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-1b5ea890-5e92-4fd2-8d94-b96f3ffbf648-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-1b5ea890-5e92-4fd2-8d94-b96f3ffbf648-005 HTTP 302
• https://ce.lijit.com/merge?pid=56&3pid=RX-1b5ea890-5e92-4fd2-8d94-b96f3ffbf648-005

Request Chain 74

• https://ums.acuityplatform.com/tum?umid=27&uid=5d763b1f2061b7b0341b3342&gdpr=0&gdpr_consent= HTTP 302
• https://ce.lijit.com/merge?pid=66&3pid=638227605463

Request Chain 75

• https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
• https://ce.lijit.com/merge?pid=80&3pid=KY4VXQ9R-1P-F7NL&gdpr=0

Request Chain 87

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 101

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 112

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 124

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request windows Show response microsoft-teams.ru.uptodown.com/ Redirect Chain https://dw.uptodown.com/dwn/He9Y-t2vyiZ-zpnVVetVSbT46c3TWOmbXygslwSNxo8GOLlCEPI7fCW2CaN6WGsTrHp4qvP4IFv2Wo9wSOTBfXUdmVgOVHQh6G7b0DuJYaPoDFQRNe1M7Ev1DDYmqsyt/73Sc1iMFWwnTZP_0jOyXvhFcLu5LG1efvxdYzteP... https://microsoft-teams.ru.uptodown.com/windows?	64 KB 13 KB	217ms 147ms	Document text/html	23.199.198.174 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://microsoft-teams.ru.uptodown.com/windows? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.199.198.174 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-198-174.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 884c254f235e1b7a2582019ed4a7403fbec57258d9663777bbb6496c51e2af90 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-CA,en;q=0.9 Response headers server nginx content-type text/html;charset=UTF-8 strict-transport-security max-age=16000000; includeSubDomains; preload referrer-policy strict-origin-when-cross-origin x-frame-options SAMEORIGIN content-encoding gzip cache-control private, max-age=60 expires Fri, 07 Jan 2022 21:04:06 GMT date Fri, 07 Jan 2022 21:03:06 GMT content-length 13331 vary Accept-Encoding Redirect headers server nginx date Fri, 07 Jan 2022 21:03:05 GMT content-type text/html; charset=UTF-8 location https://microsoft-teams.ru.uptodown.com/windows? x-xss-protection 1; mode=block strict-transport-security max-age=16000000; includeSubDomains; preload referrer-policy strict-origin-when-cross-origin x-frame-options SAMEORIGIN
GET H2	200	24106850346710ce7c94faf3e7e97956a93ac43341ba0e43dea7b9117c013f07:200 img.utdstc.com/icon/241/068/	6 KB 6 KB	132ms 121ms	Image image/webp	23.199.198.174 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/icon/241/068/24106850346710ce7c94faf3e7e97956a93ac43341ba0e43dea7b9117c013f07:200 Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.199.198.174 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-198-174.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash b8c66bf83572d547ab8156b1246e8d1c0355fde07d63ff033032d0e7c5d2f97d Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; referrer-policy no-referrer-when-downgrade last-modified Sun, 10 Oct 2021 10:41:49 GMT server nginx/1.14.2 etag "6162c36d-17a2" x-frame-options SAMEORIGIN content-type image/webp cache-control private, max-age=10947 date Fri, 07 Jan 2022 21:03:06 GMT content-security-policy default-src 'self' accept-ranges bytes vary Accept content-length 6050 x-xss-protection 1; mode=block expires Sat, 08 Jan 2022 00:05:33 GMT
GET H2	200	BngMUXZYTXPIvIBgJJSb6ufJ5qWr4xCCQ_k.woff2 fonts.gstatic.com/s/robotoslab/v16/	20 KB 21 KB	87ms 26ms	Font font/woff2	2607:f8b0:4006:81f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufJ5qWr4xCCQ_k.woff2 Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2d354a7f5b1102a2b479c16c639657aeea187f93973782775a6048fd2fb23a23 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 03 Jan 2022 09:45:01 GMT x-content-type-options nosniff age 386285 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20724 x-xss-protection 0 last-modified Thu, 16 Sep 2021 18:18:34 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Tue, 03 Jan 2023 09:45:01 GMT
GET H2	200	uptodown.js Show response ssm.codes/smart-tag/	373 KB 105 KB	313ms 37ms	Script application/javascript	2606:4700:20::681a:478 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ssm.codes/smart-tag/uptodown.js Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:478 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b93639d4aac5af0d04cc0d0127f9132a4529814fdc90cf2e53ad51ceb6e96fb5 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 07 Jan 2022 21:03:06 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 28298 cf-polished origSize=382252 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Wed, 15 Dec 2021 16:00:06 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDaZb8LCybz7jAxCOL3HMoNqSlm8KpmH9wFbX5rv1abLtd1XpYAPER16qXcQWDvPEr%2FMMPjSeZJl3dW3O3m5niCawCjRYOnzmNhz3L1CNT%2BemJc22%2B%2B5qGCe9ZnLu2AYKPTSCwDbGg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=3600 cf-ray 6ca021807f1e4bbf-YUL cf-bgj minify
GET H2	200	vendor.css stc.utdstc.com/1641372547306/	5 KB 2 KB	59ms 47ms	Stylesheet text/css	23.199.198.174 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://stc.utdstc.com/1641372547306/vendor.css Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.199.198.174 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-198-174.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 8d42b52d0ee5987a43c5763d7e433557ca6ac4c43a23445be5f9769762b8566b Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"61d55c52-12e6" content-length 1677 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Wed, 05 Jan 2022 08:52:34 GMT server nginx x-frame-options SAMEORIGIN date Fri, 07 Jan 2022 21:03:06 GMT vary Accept-Encoding content-type text/css cache-control max-age=15552000, public content-security-policy default-src 'self' expires Mon, 04 Jul 2022 09:12:06 GMT
GET H2	200	detail.css stc.utdstc.com/1641372547306/	40 KB 7 KB	66ms 55ms	Stylesheet text/css	23.199.198.174 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://stc.utdstc.com/1641372547306/detail.css Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.199.198.174 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-198-174.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 18f122933698031d280b758180fe06dacc57b3f27ac90791af06713be3067ab9 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"61d55c52-a16e" content-length 6541 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Wed, 05 Jan 2022 08:52:34 GMT server nginx x-frame-options SAMEORIGIN date Fri, 07 Jan 2022 21:03:06 GMT vary Accept-Encoding content-type text/css cache-control max-age=15552000, public content-security-policy default-src 'self' expires Mon, 04 Jul 2022 09:12:21 GMT
GET H2	200	vendor-ru.js Show response stc.utdstc.com/1641372547306/	76 KB 25 KB	20ms 20ms	Script application/javascript	23.199.198.174 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://stc.utdstc.com/1641372547306/vendor-ru.js Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.199.198.174 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-198-174.deploy.static.akamaitechnologies.com Software nginx / Resource Hash f804374205f0854ac486f90207fdc4f9f71b1480702ee21f0c70d8eae8a715f2 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"61d55c52-12eb1" content-length 25344 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Wed, 05 Jan 2022 08:52:34 GMT server nginx x-frame-options SAMEORIGIN date Fri, 07 Jan 2022 21:03:06 GMT vary Accept-Encoding content-type application/javascript cache-control max-age=15552000, public content-security-policy default-src 'self' accept-ranges bytes expires Mon, 04 Jul 2022 09:12:19 GMT
GET H2	200	detail-ru.js Show response stc.utdstc.com/1641372547306/	62 KB 13 KB	20ms 20ms	Script application/javascript	23.199.198.174 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://stc.utdstc.com/1641372547306/detail-ru.js Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.199.198.174 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-198-174.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e7786475e2590af9d336ed10a7506cdb5567336b94a71460c035ce3ab17f6d0c Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"61d55c52-f7a6" content-length 13044 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Wed, 05 Jan 2022 08:52:34 GMT server nginx x-frame-options SAMEORIGIN date Fri, 07 Jan 2022 21:03:06 GMT vary Accept-Encoding content-type application/javascript cache-control max-age=15552000, public content-security-policy default-src 'self' accept-ranges bytes expires Mon, 04 Jul 2022 09:12:21 GMT
GET H2	200	header-btn-menu.svg stc.utdstc.com/img/	329 B 544 B	24ms 24ms	Image image/svg+xml	23.199.198.174 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/header-btn-menu.svg Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.199.198.174 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-198-174.deploy.static.akamaitechnologies.com Software nginx / Resource Hash edf9aaeb4b02399681f93612ffecac6f2347009bffd52fb5eab056939c2399aa Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"6183e0e7-149" content-length 190 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Thu, 04 Nov 2021 13:32:23 GMT server nginx x-frame-options SAMEORIGIN date Fri, 07 Jan 2022 21:03:06 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-security-policy default-src 'self' expires Tue, 10 May 2022 11:25:01 GMT
GET H2	200	logo.svg stc.utdstc.com/img/	4 KB 1 KB	25ms 24ms	Image image/svg+xml	23.199.198.174 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/logo.svg Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.199.198.174 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-198-174.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 9d72f0312a1466baa268cc0ded170291c5037335cf124f840e4397dbfa850cc4 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"5f6867d7-fce" content-length 918 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Mon, 21 Sep 2020 08:44:07 GMT server nginx x-frame-options SAMEORIGIN date Fri, 07 Jan 2022 21:03:06 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-security-policy default-src 'self' expires Sun, 08 May 2022 17:12:55 GMT
GET H2	200	header-btn-search.svg stc.utdstc.com/img/	582 B 674 B	19ms 19ms	Image image/svg+xml	23.199.198.174 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/header-btn-search.svg Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.199.198.174 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-198-174.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 3905e01fb4ee5610d7a1076f1c7794f9e41aa81a8d77d915cabeeaaf4fea3cc7 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"6183e0ff-246" content-length 319 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Thu, 04 Nov 2021 13:32:47 GMT server nginx x-frame-options SAMEORIGIN date Fri, 07 Jan 2022 21:03:06 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-security-policy default-src 'self' expires Tue, 10 May 2022 11:25:01 GMT
GET H2	200	icon-star.svg stc.utdstc.com/img/	506 B 660 B	44ms 44ms	Image image/svg+xml	23.199.198.174 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/icon-star.svg Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.199.198.174 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-198-174.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 086082e9c25f074ab48a40655ad9c881dd4f90f10b94b69a3167ad0494932639 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"6184fac6-1fa" content-length 305 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 05 Nov 2021 09:35:02 GMT server nginx x-frame-options SAMEORIGIN date Fri, 07 Jan 2022 21:03:06 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-security-policy default-src 'self' expires Tue, 10 May 2022 11:25:01 GMT
GET H2	200	icon-comment.svg stc.utdstc.com/img/	209 B 523 B	20ms 19ms	Image image/svg+xml	23.199.198.174 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/icon-comment.svg Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.199.198.174 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-198-174.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 1392ed173851ca4cc26834f1b2556167e66620fb81c9dcd222af1bd02f390fe8 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"6184fad8-d1" content-length 169 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 05 Nov 2021 09:35:20 GMT server nginx x-frame-options SAMEORIGIN date Fri, 07 Jan 2022 21:03:06 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-security-policy default-src 'self' expires Tue, 10 May 2022 11:25:01 GMT
GET H2	200	icon-download.svg stc.utdstc.com/img/	541 B 681 B	19ms 19ms	Image image/svg+xml	23.199.198.174 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/icon-download.svg Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.199.198.174 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-198-174.deploy.static.akamaitechnologies.com Software nginx / Resource Hash c01524a3a9835d934fc9546e82fb2f72eb70ca3528328b537280f8d4d287a12d Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"6184fae5-21d" content-length 326 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 05 Nov 2021 09:35:33 GMT server nginx x-frame-options SAMEORIGIN date Fri, 07 Jan 2022 21:03:06 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-security-policy default-src 'self' expires Tue, 10 May 2022 11:25:01 GMT
GET H2	200	icon-shield.svg stc.utdstc.com/img/	638 B 720 B	169ms 169ms	Image image/svg+xml	23.199.198.174 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/icon-shield.svg Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.199.198.174 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-198-174.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 2c587010af5ec749079fd5a4d6c00d525c66f92da8e877f8ce89a05b4a0d7eeb Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"6184faf3-27e" content-length 365 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Fri, 05 Nov 2021 09:35:47 GMT server nginx x-frame-options SAMEORIGIN date Fri, 07 Jan 2022 21:03:06 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-security-policy default-src 'self' expires Tue, 10 May 2022 11:25:01 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	93 KB 37 KB	115ms 55ms	Script application/javascript	2607:f8b0:4006:81d::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-313498-1 Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ef9518fda24bd408f1b15b3ebe1d71014ae364e8e176966f7add1e95e9794444 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 07 Jan 2022 21:03:06 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37267 x-xss-protection 0 expires Fri, 07 Jan 2022 21:03:06 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	78 KB 27 KB	100ms 43ms	Script text/javascript	142.251.40.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: ssm.codes URL: https://ssm.codes/smart-tag/uptodown.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f2.1e100.net Software sffe / Resource Hash d688a92abdb790d9c2afb2ff8135b9608847fadb951f98dfa9ec61cfdc423ca7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 07 Jan 2022 21:03:06 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 26877 x-xss-protection 0 server sffe etag "1095 / 123 of 1000 / last-modified: 1641462333" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Fri, 07 Jan 2022 21:03:06 GMT
GET H3	200	BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2 fonts.gstatic.com/s/robotoslab/v16/	32 KB 32 KB	58ms 26ms	Font font/woff2	2607:f8b0:4006:81f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2 Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 282da86e1071d060a343341b75391a036a23e28adfc93e879fae9775e45bfd7d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://microsoft-teams.ru.uptodown.com/ Origin https://microsoft-teams.ru.uptodown.com Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 04 Jan 2022 11:41:34 GMT x-content-type-options nosniff age 292892 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32784 x-xss-protection 0 last-modified Thu, 16 Sep 2021 18:11:38 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 04 Jan 2023 11:41:34 GMT
GET H3	200	BngMUXZYTXPIvIBgJJSb6ufJ5qWr4xCCQ_k.woff2 fonts.gstatic.com/s/robotoslab/v16/	20 KB 20 KB	54ms 30ms	Font font/woff2	2607:f8b0:4006:81f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufJ5qWr4xCCQ_k.woff2 Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2d354a7f5b1102a2b479c16c639657aeea187f93973782775a6048fd2fb23a23 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://microsoft-teams.ru.uptodown.com/ Origin https://microsoft-teams.ru.uptodown.com Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 03 Jan 2022 09:45:01 GMT x-content-type-options nosniff age 386285 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20724 x-xss-protection 0 last-modified Thu, 16 Sep 2021 18:18:34 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Tue, 03 Jan 2023 09:45:01 GMT
GET H2	200	menu-windows.svg stc.utdstc.com/img/	274 B 574 B	55ms 52ms	Image image/svg+xml	23.199.198.174 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/menu-windows.svg Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.199.198.174 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-198-174.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 58378bf5f6a6c3493374a7e30e2d59b5287f9f3ed854f4e4866da31f36440738 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"6183e134-112" content-length 220 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Thu, 04 Nov 2021 13:33:40 GMT server nginx x-frame-options SAMEORIGIN date Fri, 07 Jan 2022 21:03:06 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-security-policy default-src 'self' expires Tue, 10 May 2022 11:25:02 GMT
GET H2	200	2bd988e82749e41de437a3a9844a3d2a017e9c391cf9568cb32d1a7447d50579:200 img.utdstc.com/screen/2bd/988/	1 KB 2 KB	62ms 59ms	Image image/webp	23.199.198.174 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/screen/2bd/988/2bd988e82749e41de437a3a9844a3d2a017e9c391cf9568cb32d1a7447d50579:200 Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.199.198.174 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-198-174.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash f4c5fde007fc4d086f66e5b523ecfe0a3c5615807cec01f2d74c8662b60e6088 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; referrer-policy no-referrer-when-downgrade last-modified Mon, 19 Apr 2021 11:32:15 GMT server nginx/1.14.2 etag "607d6a3f-5ce" x-frame-options SAMEORIGIN content-type image/webp cache-control private, max-age=12292 date Fri, 07 Jan 2022 21:03:06 GMT content-security-policy default-src 'self' accept-ranges bytes vary Accept content-length 1486 x-xss-protection 1; mode=block expires Sat, 08 Jan 2022 00:27:58 GMT
GET H2	200	55436eeadd518270cbfdf09ddf5e7d6283e344214ffbafa116da47ee4a847974:200 img.utdstc.com/screen/554/36e/	2 KB 3 KB	69ms 67ms	Image image/webp	23.199.198.174 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/screen/554/36e/55436eeadd518270cbfdf09ddf5e7d6283e344214ffbafa116da47ee4a847974:200 Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.199.198.174 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-198-174.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash 3a6a701589a6334cc78950055d79a0310fa2f2223c606473234867d185987315 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; referrer-policy no-referrer-when-downgrade last-modified Mon, 19 Apr 2021 11:48:03 GMT server nginx/1.14.2 etag "607d6df3-968" x-frame-options SAMEORIGIN content-type image/webp cache-control private, max-age=6113 date Fri, 07 Jan 2022 21:03:06 GMT content-security-policy default-src 'self' accept-ranges bytes vary Accept content-length 2408 x-xss-protection 1; mode=block expires Fri, 07 Jan 2022 22:44:59 GMT
GET H2	200	76b56ea3e25fe4dc0b7d12e8ea05e9ba2c3e447d64cf1faf64b37ab3be2e90f5:200 img.utdstc.com/screen/76b/56e/	3 KB 3 KB	63ms 60ms	Image image/webp	23.199.198.174 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/screen/76b/56e/76b56ea3e25fe4dc0b7d12e8ea05e9ba2c3e447d64cf1faf64b37ab3be2e90f5:200 Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.199.198.174 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-198-174.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash 10492fa1a8d2ce7369119fa46886c071b218e5fddb58d900e58f004c118dc63d Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; referrer-policy no-referrer-when-downgrade last-modified Mon, 19 Apr 2021 16:11:51 GMT server nginx/1.14.2 etag "607dabc7-acc" x-frame-options SAMEORIGIN content-type image/webp cache-control private, max-age=5964 date Fri, 07 Jan 2022 21:03:06 GMT content-security-policy default-src 'self' accept-ranges bytes vary Accept content-length 2764 x-xss-protection 1; mode=block expires Fri, 07 Jan 2022 22:42:30 GMT
GET H2	200	49774506ecea95712f606aa8a0ba92e7d1061bcb50aba839a3d50e222a3083c9:200 img.utdstc.com/screen/497/745/	4 KB 4 KB	174ms 172ms	Image image/webp	23.199.198.174 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/screen/497/745/49774506ecea95712f606aa8a0ba92e7d1061bcb50aba839a3d50e222a3083c9:200 Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.199.198.174 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-198-174.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash 04ab8c9d1e96ac21fdc6a052ed3f2dbe2531df5046ed5b0af13d16aba3aba716 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; referrer-policy no-referrer-when-downgrade last-modified Mon, 19 Apr 2021 11:48:03 GMT server nginx/1.14.2 etag "607d6df3-f60" x-frame-options SAMEORIGIN content-type image/webp cache-control private, max-age=21596 date Fri, 07 Jan 2022 21:03:06 GMT content-security-policy default-src 'self' accept-ranges bytes vary Accept content-length 3936 x-xss-protection 1; mode=block expires Sat, 08 Jan 2022 03:03:02 GMT
GET H2	200	891eb4120d858a08ea715ce45d5132ce442533379a30e7a3685c6794fa8ef812:200 img.utdstc.com/screen/891/eb4/	2 KB 2 KB	117ms 116ms	Image image/webp	23.199.198.174 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/screen/891/eb4/891eb4120d858a08ea715ce45d5132ce442533379a30e7a3685c6794fa8ef812:200 Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.199.198.174 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-198-174.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash b4014333d5cc182adac8c48a0448f504fba9b277ac6cf605cf3265579dc20e5e Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; referrer-policy no-referrer-when-downgrade last-modified Mon, 19 Apr 2021 16:56:54 GMT server nginx/1.14.2 etag "607db656-78a" x-frame-options SAMEORIGIN content-type image/webp cache-control private, max-age=5992 date Fri, 07 Jan 2022 21:03:06 GMT content-security-policy default-src 'self' accept-ranges bytes vary Accept content-length 1930 x-xss-protection 1; mode=block expires Fri, 07 Jan 2022 22:42:58 GMT
GET H2	200	b33e824677769e95981c9e710be0a5bb8ec81d2e75d10848d80209731b088e6f:200 img.utdstc.com/screen/b33/e82/	2 KB 2 KB	343ms 342ms	Image image/webp	23.199.198.174 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.utdstc.com/screen/b33/e82/b33e824677769e95981c9e710be0a5bb8ec81d2e75d10848d80209731b088e6f:200 Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.199.198.174 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-198-174.deploy.static.akamaitechnologies.com Software nginx/1.14.2 / Resource Hash 4c159c94b4e7ee964dfb6622a3d981b3e699b4c9a12e84c481af1405affa2950 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; referrer-policy no-referrer-when-downgrade last-modified Mon, 19 Apr 2021 17:24:20 GMT server nginx/1.14.2 etag "607dbcc4-77a" x-frame-options SAMEORIGIN content-type image/webp cache-control private, max-age=21580 date Fri, 07 Jan 2022 21:03:06 GMT content-security-policy default-src 'self' accept-ranges bytes vary Accept content-length 1914 x-xss-protection 1; mode=block expires Sat, 08 Jan 2022 03:02:46 GMT
GET H3	200	pubads_impl_2022010402.js Show response securepubads.g.doubleclick.net/gpt/	348 KB 117 KB	78ms 51ms	Script text/javascript	142.251.40.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f2.1e100.net Software sffe / Resource Hash dbd5e5c6f492cb57725acb0285b903b83c24dfe4337eea573ff6e6168733156a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 07 Jan 2022 21:03:06 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 119548 x-xss-protection 0 last-modified Tue, 04 Jan 2022 15:59:55 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Fri, 07 Jan 2022 21:03:06 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	308 B 187 B	60ms 34ms	XHR application/json	142.251.40.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=microsoft-teams.ru.uptodown.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f2.1e100.net Software cafe / Resource Hash 7e43a2865b7ff812bb28aa7ad916d9197c7496567e480c4f5d4f1fcd687748f4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 07 Jan 2022 21:03:06 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 162 x-xss-protection 0 expires Fri, 07 Jan 2022 21:03:06 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	164 KB 61 KB	89ms 56ms	Script application/javascript	2607:f8b0:4006:81d::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-DW5XRK7GYT&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-313498-1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e68cf9e935522c024a1f062ae8fb4a56c1238c63a00d34987919f41fbdd0e020 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 07 Jan 2022 21:03:06 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62271 x-xss-protection 0 expires Fri, 07 Jan 2022 21:03:06 GMT
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	134 KB 36 KB	98ms 20ms	Script application/javascript	143.204.137.197 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: ssm.codes URL: https://ssm.codes/smart-tag/uptodown.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.137.197 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-137-197.ewr52.r.cloudfront.net Software Server / Resource Hash d8c62b0d4ac621bedd0ca5a4e96b12a77118338d4166f94d65c15bb154d455aa Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 07 Jan 2022 07:19:13 GMT content-encoding gzip age 49432 x-cache Hit from cloudfront timing-allow-origin * server Server x-amz-rid 11FBFPDWD43Z7EZ9X0QE etag 4da12c74ee926b2a11a4e43bfb72b2fd vary Accept-Encoding x-amz-version-id 4VmutqpMSKe44XUliQiub0_OOWAXoLbl via 1.1 5dd7b838ea405f86fdd3f313ecc68490.cloudfront.net (CloudFront) cache-control public, max-age=86400 x-amz-cf-pop EWR52-C2 accept-ranges bytes content-type application/javascript x-amz-cf-id BKiu6NLMKM35fGxDagQKbuBZ0syJON0aXXTWatuIyD-t0UruyeA8Xg==
POST H2	204	collect www.google-analytics.com/g/	0 182 B	110ms 51ms	Ping text/plain	2607:f8b0:4006:823::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-DW5XRK7GYT&gtm=2oe150&_p=1825835321&sr=1600x1200&ul=en-us&cid=1100747102.1641589387&_s=1&dl=https%3A%2F%2Fmicrosoft-teams.ru.uptodown.com%2Fwindows&dt=Microsoft%20Teams%201.4.00.20211%20%D0%B4%D0%BB%D1%8F%20Windows%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C&sid=1641589386&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-DW5XRK7GYT&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://microsoft-teams.ru.uptodown.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 07 Jan 2022 21:03:06 GMT server Golfe2 content-type text/plain access-control-allow-origin https://microsoft-teams.ru.uptodown.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	83ms 26ms	Script text/javascript	2607:f8b0:4006:823::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-313498-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 2474 date Fri, 07 Jan 2022 20:21:52 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Fri, 07 Jan 2022 22:21:52 GMT
GET H2	204	config Show response c.amazon-adsystem.com/cdn/prod/	0 316 B	41ms 41ms	XHR text/plain	143.204.137.197 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fmicrosoft-teams.ru.uptodown.com&pubid=9fb11589-5021-48ea-beaa-c53b84a2543f Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.137.197 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-137-197.ewr52.r.cloudfront.net Software Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 07 Jan 2022 21:03:06 GMT via 1.1 5dd7b838ea405f86fdd3f313ecc68490.cloudfront.net (CloudFront) server Server x-amz-cf-pop EWR52-C2 x-cache Miss from cloudfront access-control-allow-origin https://microsoft-teams.ru.uptodown.com cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-id 9A5gWyCOvdDIwkxZ4Z7FP7F_A6GqrMvCV_yycO2MEqRpUDIJWhT-kg==
GET H2	200	bid Show response c.amazon-adsystem.com/e/dtb/	167 B 648 B	344ms 344ms	XHR text/javascript	143.204.137.197 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fmicrosoft-teams.ru.uptodown.com%2Fwindows%3F&pid=2DljKPFj8NL3F&cb=0&ws=1600x1200&v=7.71.1&t=900&slots=%5B%7B%22sd%22%3A%22ssm_container-671967752%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%2C%22980x250%22%5D%2C%22sn%22%3A%22%2F1060150%2FLeaderboard_App_Info%22%7D%2C%7B%22sd%22%3A%22ssm_container-367918917%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%2C%22336x280%22%2C%22300x250%22%2C%22980x250%22%5D%2C%22sn%22%3A%22%2F1060150%2FLeaderboard_bottom_App_Info%22%7D%2C%7B%22sd%22%3A%22ssm_container-753728571%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F1060150%2FMPU_content_App_Info%22%7D%2C%7B%22sd%22%3A%22ssm_container-570815551%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%2C%22336x280%22%2C%22300x250%22%2C%22980x250%22%5D%2C%22sn%22%3A%22%2F1060150%2FMPU_content_2_App_Info%22%7D%2C%7B%22sd%22%3A%22ssm_container-801425412%22%2C%22s%22%3A%5B%22300x600%22%2C%22120x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F1060150%2FADHESION_ADS%2FADHESION_LEFT%22%7D%2C%7B%22sd%22%3A%22ssm_container-25268358%22%2C%22s%22%3A%5B%22300x600%22%2C%22120x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F1060150%2FADHESION_ADS%2FADHESION_RIGHT%22%7D%5D&schain=1.0%2C1!https%253A%252F%252Fwww.semseoymas.com%252Fsellers.json%2Cbe83ab3ecd0db773eb2dc1b0a17836a1%2C1%2C%2Cuptodown.com%2Cit.uptodown.com&pubid=9fb11589-5021-48ea-beaa-c53b84a2543f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.137.197 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-137-197.ewr52.r.cloudfront.net Software Server / Resource Hash 91917e353f7e1fba89a4a0f788a5e47af7e7ce1e22ff787b5e2a70c916ac440e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 07 Jan 2022 21:03:07 GMT via 1.1 5dd7b838ea405f86fdd3f313ecc68490.cloudfront.net (CloudFront) server Server x-amz-cf-pop EWR52-C2 x-amz-rid XV6P6AMXDW91KF0235JK vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://microsoft-teams.ru.uptodown.com access-control-allow-credentials true permissions-policy interest-cohort=() strict-transport-security max-age=47474747; includeSubDomains; preload timing-allow-origin * content-length 167 x-amz-cf-id GBcfy4LkeUI5eQj1Fowi5dNIIykKpETQbo--sEvkNEjhQxdbkJwyng==
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	81ms 41ms	XHR application/javascript	143.204.137.197 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.137.197 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-137-197.ewr52.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 07 Jan 2022 21:03:07 GMT content-encoding gzip vary Accept-Encoding,Origin x-amz-cf-pop EWR52-C2 x-cache Miss from cloudfront access-control-allow-origin * last-modified Wed, 22 Dec 2021 01:41:37 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET x-amz-version-id L2_MRp8KwiUR7xIWXZFooLHRBfnaqY96 via 1.1 f0f871e82b1bc21a8b78c1d73717a40a.cloudfront.net (CloudFront) cache-control public, max-age=86400 content-type application/javascript x-amz-cf-id 3Wbsoqdjctj5SxmDXrgJP7Vb7K-OeA1F78JKKKqM0RI8U69c6uAVpQ==
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	72ms 39ms	XHR text/plain	2607:f8b0:4006:823::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1825835321&t=pageview&_s=1&dl=https%3A%2F%2Fmicrosoft-teams.ru.uptodown.com%2Fwindows&ul=en-us&de=UTF-8&dt=Microsoft%20Teams%201.4.00.20211%20%D0%B4%D0%BB%D1%8F%20Windows%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1858647931&gjid=24877890&cid=1100747102.1641589387&tid=UA-313498-1&_gid=1098953835.1641589387&_r=1&gtm=2ou150&z=672622689 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://microsoft-teams.ru.uptodown.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 07 Jan 2022 21:03:06 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://microsoft-teams.ru.uptodown.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 453 B	124ms 51ms	XHR text/plain	2607:f8b0:4023:1404::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-313498-1&cid=1100747102.1641589387&jid=1858647931&gjid=24877890&_gid=1098953835.1641589387&_u=YADAAUAAAAAAAC~&z=402335728 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4023:1404::9a Columbus, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://microsoft-teams.ru.uptodown.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Fri, 07 Jan 2022 21:03:07 GMT content-type text/plain access-control-allow-origin https://microsoft-teams.ru.uptodown.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	105ms 44ms	Image image/gif	2607:f8b0:4006:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-313498-1&cid=1100747102.1641589387&jid=1858647931&_u=YADAAUAAAAAAAC~&z=1526580120 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 07 Jan 2022 21:03:07 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.ca/ads/	42 B 501 B	105ms 45ms	Image image/gif	2607:f8b0:4006:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-313498-1&cid=1100747102.1641589387&jid=1858647931&_u=YADAAUAAAAAAAC~&z=1526580120 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 07 Jan 2022 21:03:07 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	103ms 42ms	Script application/javascript	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=microsoft-teams.ru.uptodown.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 07 Jan 2022 21:03:07 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H/1.1	200 OK	iu3 Show response s.amazon-adsystem.com/ Frame 1E5E Redirect Chain https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_n-simpli.fi_ppt_n-emx_dm_n-amobee_sovrn https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_n-simpli.fi_ppt_n-emx_dm_n-amobee_sovrn&dcc=t	289 B 1 KB	50ms 50ms	Document text/html	209.54.176.128 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_n-simpli.fi_ppt_n-emx_dm_n-amobee_sovrn&dcc=t Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash 15669106a1a853d27da6254f78ddccc8041ad5c91dc9ca673c627e0130c833f2 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ Response headers Server Server Date Fri, 07 Jan 2022 21:03:07 GMT Content-Type text/html;charset=ISO-8859-1 Content-Length 289 Connection keep-alive x-amz-rid 3A8TKVRZSDHVP2JNQRSP Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Pragma no-cache Expires Thu, 01 Jan 1970 00:00:00 GMT p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Strict-Transport-Security max-age=47474747; includeSubDomains; preload Permissions-Policy interest-cohort=() Redirect headers Server Server Date Fri, 07 Jan 2022 21:03:07 GMT Content-Length 0 Connection keep-alive x-amz-rid 57MT7X8Y2KBSDSC6AEGW Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Pragma no-cache Expires Thu, 01 Jan 1970 00:00:00 GMT p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_n-simpli.fi_ppt_n-emx_dm_n-amobee_sovrn&dcc=t Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Strict-Transport-Security max-age=47474747; includeSubDomains; preload Permissions-Policy interest-cohort=()
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	48 KB 12 KB	565ms 565ms	XHR text/plain	142.251.40.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=917211761973110&correlator=363206057352945&output=ldjh&impl=fif&eid=31061814%2C31063975%2C44752540&vrg=2022010402&ptt=17&sc=1&sfv=1-0-38&ecs=20220107&iu_parts=1060150%2CLeaderboard_App_Info&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C468x60%7C980x250&fluid=height&prev_scp=amznbid%3D2%26amznp%3D2&cust_params=ssmasdomain%3Dmicrosoft-teams.ru.uptodown.com%26ssmasin%3D1%26ssmashour%3D21&cookie_enabled=1&bc=31&abxe=1&lmt=1641589387&dt=1641589387189&dlt=1641589386018&idt=649&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=340&adks=1109273584&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmicrosoft-teams.ru.uptodown.com%2Fwindows%3F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x15&msz=970x0&ga_vid=1100747102.1641589387&ga_sid=1641589387&ga_hid=1825835321&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f2.1e100.net Software cafe / Resource Hash 44a5941da096efebece5434113319270a291aaa6f5e215784f2cf8032f88de3c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 07 Jan 2022 21:03:07 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11811 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://microsoft-teams.ru.uptodown.com access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	11 KB 9 KB	115ms 46ms	XHR application/json	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022010402&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3a5bc8f725b7f019ce89e9085251d9ec5c99c580291a30780bb50c0bdb53c1f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 07 Jan 2022 21:03:07 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8342 x-xss-protection 0
GET H2	200	container.html Show response 807df371b290f170d2d7cf6b0acea568.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 334D	6 KB 4 KB	121ms 44ms	Document text/html	2607:f8b0:4006:822::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://807df371b290f170d2d7cf6b0acea568.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Fri, 07 Jan 2022 21:03:07 GMT expires Sat, 07 Jan 2023 21:03:07 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	41 KB 10 KB	1535ms 1535ms	XHR text/plain	142.251.40.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=917211761973110&correlator=363206057352945&output=ldjh&impl=fif&eid=31061814%2C31063975%2C44752540&vrg=2022010402&ptt=17&sc=1&sfv=1-0-38&ecs=20220107&iu_parts=1060150%2CADHESION_ADS%2CADHESION_LEFT&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C120x600%7C160x600&prev_scp=amznbid%3D2%26amznp%3D2&cust_params=ssmasdomain%3Dmicrosoft-teams.ru.uptodown.com%26ssmasin%3D1%26ssmashour%3D21&cookie_enabled=1&bc=31&abxe=1&lmt=1641589387&dt=1641589387202&dlt=1641589386018&idt=649&frm=20&biw=1600&bih=1200&oid=2&adxs=-8&adys=300&adks=193497532&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmicrosoft-teams.ru.uptodown.com%2Fwindows%3F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x4080&msz=300x-1&ga_vid=1100747102.1641589387&ga_sid=1641589387&ga_hid=1825835321&ga_fc=true&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f2.1e100.net Software cafe / Resource Hash de532568555700d85c04a018b3ae2e6a78fbadf1038a3ddc0c6b28ce41f01027 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 07 Jan 2022 21:03:08 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10672 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://microsoft-teams.ru.uptodown.com access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	41 KB 10 KB	893ms 893ms	XHR text/plain	142.251.40.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=917211761973110&correlator=363206057352945&output=ldjh&impl=fif&eid=31061814%2C31063975%2C44752540&vrg=2022010402&ptt=17&sc=1&sfv=1-0-38&ecs=20220107&iu_parts=1060150%2CADHESION_ADS%2CADHESION_RIGHT&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C120x600%7C160x600&prev_scp=amznbid%3D2%26amznp%3D2&cust_params=ssmasdomain%3Dmicrosoft-teams.ru.uptodown.com%26ssmasin%3D1%26ssmashour%3D21&cookie_enabled=1&bc=31&abxe=1&lmt=1641589387&dt=1641589387206&dlt=1641589386018&idt=649&frm=20&biw=1600&bih=1200&oid=2&adxs=1308&adys=300&adks=3073126929&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmicrosoft-teams.ru.uptodown.com%2Fwindows%3F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x4080&msz=300x-1&ga_vid=1100747102.1641589387&ga_sid=1641589387&ga_hid=1825835321&ga_fc=true&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f2.1e100.net Software cafe / Resource Hash ba9a39938356eb5052c17b6102c7a8b03b6c0fbc49ebb385c8aae3d45c650a81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 07 Jan 2022 21:03:08 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10687 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://microsoft-teams.ru.uptodown.com access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	41 KB 10 KB	1213ms 1213ms	XHR text/plain	142.251.40.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=917211761973110&correlator=363206057352945&output=ldjh&impl=fif&eid=31061814%2C31063975%2C44752540&vrg=2022010402&ptt=17&sc=1&sfv=1-0-38&ecs=20220107&iu_parts=1060150%2CMPU_content_App_Info&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C336x280%7C300x600%7C300x250&fluid=height&cust_params=ssmasdomain%3Dmicrosoft-teams.ru.uptodown.com%26ssmasin%3D1%26ssmashour%3D21&cookie_enabled=1&bc=31&abxe=1&lmt=1641589387&dt=1641589387213&dlt=1641589386018&idt=649&frm=20&biw=1600&bih=1200&oid=2&adxs=334&adys=790&adks=3629431256&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmicrosoft-teams.ru.uptodown.com%2Fwindows%3F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=360x0&msz=360x0&ga_vid=1100747102.1641589387&ga_sid=1641589387&ga_hid=1825835321&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f2.1e100.net Software cafe / Resource Hash c5902df3622c01b8d113a0bfb3ad00e5d6b9a4731373717661d6d563cfc93429 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 07 Jan 2022 21:03:08 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10477 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://microsoft-teams.ru.uptodown.com access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	118ms 42ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 07 Jan 2022 21:03:07 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 07 Jan 2022 21:03:07 GMT
GET H/1.1	200 OK	pr Show response s.amazon-adsystem.com/v3/ Frame 934C	2 KB 2 KB	29ms 29ms	Document text/html	209.54.176.128 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_n-simpli.fi_ppt_n-emx_dm_n-amobee_sovrn&fv=1.0&a=cm&cm3ppd=1 Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_n-simpli.fi_ppt_n-emx_dm_n-amobee_sovrn&dcc=t Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash db0df140cfc4ed167adc279263ae490f92ee224fe29cc88613bef4b12d2bc526 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-sharethrough_n-LoopMe_n-simpli.fi_ppt_n-emx_dm_n-amobee_sovrn&dcc=t Response headers Server Server Date Fri, 07 Jan 2022 21:03:07 GMT Content-Type text/html;charset=ISO-8859-1 Content-Length 1632 Connection keep-alive x-amz-rid GW2SRRQMXJ8HDZ0CY6Q0 Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Pragma no-cache Expires Thu, 01 Jan 1970 00:00:00 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Strict-Transport-Security max-age=47474747; includeSubDomains; preload Permissions-Policy interest-cohort=()
GET H2	204	/ s.ad.smaato.net/c/ Frame 934C	0 240 B	81ms 19ms	Image text/plain	2600:9000:2140:c800:1b:5138:8a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_n-simpli.fi_ppt_n-emx_dm_n-amobee_sovrn&fv=1.0&a=cm&cm3ppd=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2140:c800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 07 Jan 2022 21:03:07 GMT via 1.1 d4cdd862c8bc0148f37b685614031cf4.cloudfront.net (CloudFront) server CloudFront cache-control no-cache, must-revalidate x-amz-cf-pop EWR52-C1 x-amz-cf-id h9-rHwCmUGiqRUaMse4ORmzyWycxVismRFUoPj-Z_1Hav1LJTpcGxA== x-cache FunctionGeneratedResponse from cloudfront
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame 934C Redirect Chain https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D https://s.amazon-adsystem.com/ecm3?id=226E43A863FB4CB39E1DF8AEF16927C8&ex=simpli.fi&status=ok	43 B 556 B	30ms 30ms	Image image/gif	209.54.176.128 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?id=226E43A863FB4CB39E1DF8AEF16927C8&ex=simpli.fi&status=ok Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_n-simpli.fi_ppt_n-emx_dm_n-amobee_sovrn&fv=1.0&a=cm&cm3ppd=1 Protocol HTTP/1.1 Server 209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Jan 2022 21:03:07 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid XJSW02T8YZAZCDMXZVPB Strict-Transport-Security max-age=47474747; includeSubDomains; preload Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers date Fri, 07 Jan 2022 21:03:07 GMT x-content-type-options nosniff server nginx location https://s.amazon-adsystem.com/ecm3?id=226E43A863FB4CB39E1DF8AEF16927C8&ex=simpli.fi&status=ok strict-transport-security max-age=63072000; includeSubdomains; preload access-control-allow-methods GET, POST, OPTIONS content-type text/html access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 138 expires Thu, 06 Jan 2022 21:03:07 GMT
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame 934C Redirect Chain https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1h... https://cs.emxdgt.com/umcheck?apnxid=574499394184642902&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVh... https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=574499394184642902brt50371641589387707057b2	43 B 556 B	30ms 30ms	Image image/gif	209.54.176.128 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=574499394184642902brt50371641589387707057b2 Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_n-simpli.fi_ppt_n-emx_dm_n-amobee_sovrn&fv=1.0&a=cm&cm3ppd=1 Protocol HTTP/1.1 Server 209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Jan 2022 21:03:07 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid AFCN3KFQQE2WNCV1HX6Z Strict-Transport-Security max-age=47474747; includeSubDomains; preload Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers location https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=574499394184642902brt50371641589387707057b2 date Fri, 07 Jan 2022 21:03:07 GMT content-length 0 content-type text/html
GET H2	200	/ Show response match.sharethrough.com/jwumXNuB/v1/ Frame 73BD	427 B 613 B	74ms 23ms	Document text/html	52.205.156.156 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_n-simpli.fi_ppt_n-emx_dm_n-amobee_sovrn&fv=1.0&a=cm&cm3ppd=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.205.156.156 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-205-156-156.compute-1.amazonaws.com Software / Resource Hash 3b7df82a036a63dd8a0bb4ba8812cd244b9aa17150f1424ec6fa1fe1879b0403 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-CA,en;q=0.9 Response headers date Fri, 07 Jan 2022 21:03:07 GMT content-length 427
GET H2	200	visitormatch Show response bh.contextweb.com/ Frame 7B02	930 B 2 KB	79ms 26ms	Document text/html	198.148.27.140 PULSEPOINT
General Check archive.org Show headers Download Go to Full URL https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_n-simpli.fi_ppt_n-emx_dm_n-amobee_sovrn&fv=1.0&a=cm&cm3ppd=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US), Reverse DNS Software Jetty(9.4.14.v20181114) / Resource Hash ca2e22e1fa15793ec9575e74ae81d3bcaf90f47d79387303b847a461101314dd Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-CA,en;q=0.9 Response headers p3p policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT" cw-server bh-deployment-6cff57fdbc-nmbsw cache-control private, max-age=0, no-cache, no-store expires -1 content-language en-CA content-type text/html;charset=iso-8859-1 content-length 930 server Jetty(9.4.14.v20181114) strict-transport-security max-age=15768000
GET H/1.1	200 OK	ecm3 Show response s.amazon-adsystem.com/ Frame 6B4A Redirect Chain https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=districtm https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Ddistrictm https://s.amazon-adsystem.com/ecm3?id=574499394184642902&ex=districtm	43 B 556 B	30ms 30ms	Document image/gif	209.54.176.128 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.amazon-adsystem.com/ecm3?id=574499394184642902&ex=districtm Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_n-simpli.fi_ppt_n-emx_dm_n-amobee_sovrn&fv=1.0&a=cm&cm3ppd=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-CA,en;q=0.9 Response headers Server Server Date Fri, 07 Jan 2022 21:03:07 GMT Content-Type image/gif Content-Length 43 Connection keep-alive x-amz-rid B37ZZHEMMDWZNRX6QZKE Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Pragma no-cache Expires Thu, 01 Jan 1970 00:00:00 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Strict-Transport-Security max-age=47474747; includeSubDomains; preload Permissions-Policy interest-cohort=() Redirect headers Server nginx/1.17.9 Date Fri, 07 Jan 2022 21:03:07 GMT Content-Type text/html; charset=utf-8 Content-Length 0 Connection keep-alive Cache-Control no-store, no-cache, private Pragma no-cache Expires Sat, 15 Nov 2008 16:00:00 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" X-XSS-Protection 0 Access-Control-Allow-Credentials true Access-Control-Allow-Origin * Location https://s.amazon-adsystem.com/ecm3?id=574499394184642902&ex=districtm AN-X-Request-Uuid aff46956-675d-4287-b7e4-071570742f81 X-Proxy-Origin 149.56.153.187; 149.56.153.187; 570.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
GET H/1.1	200 OK	ecm3 Show response s.amazon-adsystem.com/ Frame 6CAC Redirect Chain https://ad.turn.com/r/cs?pid=64&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Damobee.com%26id%3D%23USER_ID%23 https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=8283938955838361880	43 B 556 B	30ms 29ms	Document image/gif	209.54.176.128 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=8283938955838361880 Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_n-simpli.fi_ppt_n-emx_dm_n-amobee_sovrn&fv=1.0&a=cm&cm3ppd=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-CA,en;q=0.9 Response headers Server Server Date Fri, 07 Jan 2022 21:03:07 GMT Content-Type image/gif Content-Length 43 Connection keep-alive x-amz-rid BGRBKH35CAZ3MNZYFYAM Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Pragma no-cache Expires Thu, 01 Jan 1970 00:00:00 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Strict-Transport-Security max-age=47474747; includeSubDomains; preload Permissions-Policy interest-cohort=() Redirect headers p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV" cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 pragma no-cache location https://s.amazon-adsystem.com/ecm3?ex=amobee.com&id=8283938955838361880 content-length 0 date Fri, 07 Jan 2022 21:03:07 GMT
GET H/1.1	200 OK	amazon Show response ap.lijit.com/beacon/ Frame 575D Redirect Chain https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1	1 KB 1 KB	18ms 18ms	Document text/html	23.92.190.68 VOXEL-DOT-NET
General Check archive.org Show headers Download Go to Full URL https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1 Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_n-simpli.fi_ppt_n-emx_dm_n-amobee_sovrn&fv=1.0&a=cm&cm3ppd=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.92.190.68 , United States, ASN29791 (VOXEL-DOT-NET, US), Reverse DNS Software nginx / raptor Resource Hash 53873373e393b871b02e5ff49ff8bf3de099739301e99e04fafb9ae41c71f703 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-CA,en;q=0.9 Response headers Server nginx Date Fri, 07 Jan 2022 21:03:07 GMT Content-Type text/html Transfer-Encoding chunked Vary Accept-Encoding Expires Fri, 20 Mar 2009 00:00:00 GMT Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 Pragma no-cache P3P CP="CUR ADM OUR NOR STA NID" X-Powered-By raptor Content-Encoding gzip X-Sovrn-Pod ad_ap2ewr1 Redirect headers Server nginx Date Fri, 07 Jan 2022 21:03:07 GMT Content-Length 0 Expires Fri, 20 Mar 2009 00:00:00 GMT Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 Pragma no-cache P3P CP="CUR ADM OUR NOR STA NID" Location https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1 X-Powered-By raptor X-Sovrn-Pod ad_ap2ewr1
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4E1A	13 KB 5 KB	59ms 25ms	Document text/html	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5046 date Fri, 07 Jan 2022 06:39:25 GMT expires Sat, 07 Jan 2023 06:39:25 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 51822 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame B5D5	783 B 535 B	80ms 45ms	Document text/html	2607:f8b0:4006:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash db1bb81155dcbea001ae01f41a65b56a7b0d4eb6311f18c0d745fbb1deae73f9 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-TunEJWUjzzDf0+eCf77IyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Fri, 07 Jan 2022 21:03:07 GMT date Fri, 07 Jan 2022 21:03:07 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-TunEJWUjzzDf0+eCf77IyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 513 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame 73BD	43 B 556 B	53ms 29ms	Image image/gif	209.54.176.128 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=758b0d54-e9a5-4f0c-ad9e-36267f17fca9 Requested by Host: match.sharethrough.com URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Accept-Language en-CA,en;q=0.9 Referer https://match.sharethrough.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Jan 2022 21:03:07 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid JGSR2E30KVZW9C7SFHT7 Strict-Transport-Security max-age=47474747; includeSubDomains; preload Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	v1 match.sharethrough.com/sync/ Frame 73BD Redirect Chain https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 https://ssc-cms.33across.com/ps/?ri=0013300001kQj2HAAS&ru=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DkzFyzzqXEqukMDumpVLB6Eq3%26source_user_id%3D33XUSERID33X https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=1818667774951	68 B 262 B	24ms 24ms	Image image/png	52.205.156.156 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=1818667774951 Requested by Host: match.sharethrough.com URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID Protocol H2 Server 52.205.156.156 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-205-156-156.compute-1.amazonaws.com Software / Resource Hash 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824 Request headers Accept-Language en-CA,en;q=0.9 Referer https://match.sharethrough.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 07 Jan 2022 21:03:07 GMT content-length 68 content-type image/png Redirect headers pragma no-cache date Fri, 07 Jan 2022 21:03:07 GMT referrer-policy unsafe-url server 33XP005 x-33x-status 100000000008200000C p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA" location https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=1818667774951 cache-control no-store, no-cache, must-revalidate content-length 0 expires Thu, 01-Jan-70 00:00:01 GMT
GET H2	200	v1 match.sharethrough.com/sync/ Frame 73BD Redirect Chain https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1 https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=76d7e019-893a-497f-b3fd-9ff9c22f458a&gdpr=0&gdpr_consent=	68 B 262 B	24ms 23ms	Image image/png	52.205.156.156 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=76d7e019-893a-497f-b3fd-9ff9c22f458a&gdpr=0&gdpr_consent= Requested by Host: match.sharethrough.com URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID Protocol H2 Server 52.205.156.156 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-205-156-156.compute-1.amazonaws.com Software / Resource Hash 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824 Request headers Accept-Language en-CA,en;q=0.9 Referer https://match.sharethrough.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 07 Jan 2022 21:03:07 GMT content-length 68 content-type image/png Redirect headers pragma no-cache date Fri, 07 Jan 2022 21:03:07 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=76d7e019-893a-497f-b3fd-9ff9c22f458a&gdpr=0&gdpr_consent= cache-control private,no-cache, must-revalidate content-type text/html content-length 323
GET H2	200	v1 match.sharethrough.com/sync/ Frame 73BD Redirect Chain https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=$UID https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=574499394184642902	68 B 262 B	24ms 24ms	Image image/png	52.205.156.156 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=574499394184642902 Requested by Host: match.sharethrough.com URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID Protocol H2 Server 52.205.156.156 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-205-156-156.compute-1.amazonaws.com Software / Resource Hash 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824 Request headers Accept-Language en-CA,en;q=0.9 Referer https://match.sharethrough.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 07 Jan 2022 21:03:07 GMT content-length 68 content-type image/png Redirect headers Pragma no-cache Date Fri, 07 Jan 2022 21:03:07 GMT X-Proxy-Origin 149.56.153.187; 149.56.153.187; 564.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com AN-X-Request-Uuid 1661713a-e5a2-4ef0-8385-1bcef7c40dd5 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&source_user_id=574499394184642902 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	v1 match.sharethrough.com/sync/ Frame 73BD Redirect Chain https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1 https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=4a348e60-f870-4f44-b99e-4ddedd789785	68 B 262 B	23ms 23ms	Image image/png	52.205.156.156 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=4a348e60-f870-4f44-b99e-4ddedd789785 Requested by Host: match.sharethrough.com URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID Protocol H2 Server 52.205.156.156 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-205-156-156.compute-1.amazonaws.com Software / Resource Hash 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824 Request headers Accept-Language en-CA,en;q=0.9 Referer https://match.sharethrough.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 07 Jan 2022 21:03:07 GMT content-length 68 content-type image/png Redirect headers X-ServerName Track004-dc3 Pragma no-cache Date Fri, 07 Jan 2022 21:03:07 GMT X-AspNetMvc-Version 5.2 Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 P3P CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC" Location https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=4a348e60-f870-4f44-b99e-4ddedd789785 Cache-Control private,no-cache Content-Type text/html; charset=utf-8 Content-Length 246 Expires -1
GET H2	200	rtset bh.contextweb.com/bh/ Frame 7B02 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=UExjNDM4WU44VjVKYTAyQ2E5ZS1xdw&gdpr=0&gdpr_consent= https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm=&google_sc=&google_hm=UExjNDM4WU44VjVKYTAyQ2E5ZS1xdw&gdpr=0&gdpr_consent=&google_tc= https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEKiYpcZmyoZ5bmHdsQuH06o&google_cver=1	49 B 740 B	21ms 20ms	Image image/gif	198.148.27.140 PULSEPOINT
General Check archive.org Show headers Download Go to Show image Full URL https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEKiYpcZmyoZ5bmHdsQuH06o&google_cver=1 Requested by Host: bh.contextweb.com URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint Protocol H2 Server 198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US), Reverse DNS Software Jetty(9.4.14.v20181114) / Resource Hash d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Accept-Language en-CA,en;q=0.9 Referer https://bh.contextweb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=15768000 server Jetty(9.4.14.v20181114) content-language en-CA p3p policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT" cache-control private, max-age=0, no-cache, no-store content-type image/gif;charset=iso-8859-1 cw-server bh-deployment-6cff57fdbc-nmbsw expires -1 Redirect headers pragma no-cache date Fri, 07 Jan 2022 21:03:08 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEKiYpcZmyoZ5bmHdsQuH06o&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 335 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	rtset bh.contextweb.com/bh/ Frame 7B02 Redirect Chain https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=2763190bac7208ef&is_secure=true&networkId=14200&version=1&nuid= https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAADLIczVc3T0wNWf3b8AAAAAAA&expiration=1641675787&nuid=&is_secure=true	49 B 652 B	22ms 22ms	Image image/gif	198.148.27.140 PULSEPOINT
General Check archive.org Show headers Download Go to Show image Full URL https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAADLIczVc3T0wNWf3b8AAAAAAA&expiration=1641675787&nuid=&is_secure=true Requested by Host: bh.contextweb.com URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint Protocol H2 Server 198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US), Reverse DNS Software Jetty(9.4.14.v20181114) / Resource Hash d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Accept-Language en-CA,en;q=0.9 Referer https://bh.contextweb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=15768000 server Jetty(9.4.14.v20181114) content-language en-CA p3p policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT" cache-control private, max-age=0, no-cache, no-store content-type image/gif;charset=iso-8859-1 cw-server bh-deployment-6cff57fdbc-nmbsw expires -1 Redirect headers pragma no-cache date Fri, 07 Jan 2022 21:03:07 GMT server nginx p3p policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP" location https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAADLIczVc3T0wNWf3b8AAAAAAA&expiration=1641675787&nuid=&is_secure=true cache-control no-cache, private, max-age=0, no-store content-length 0 expires 0
GET H2	200	rtset bh.contextweb.com/bh/ Frame 7B02 Redirect Chain https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent= https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=95&gdpr=0&gdpr_consent= https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=6b05d4ae-97ef-447e-be6f-6b49d2627587-61d8aa8b-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i... https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=6b05d4ae-97ef-447e-be6f-6b49d2627587-61d8aa8b-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i... https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=6b05d4ae-97ef-447e-be6f-6b49d2627587-61d8aa8b-4341&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid... https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=6b05d4ae-97ef-447e-be6f-6b49d2627587-61d8aa8b-4341&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd... https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=6b05d4ae-97ef-447e-be6f-6b49d2627587-61d8aa8b-4341&gdpr_in_effect=0&gdpr_consent=	49 B 711 B	20ms 20ms	Image image/gif	198.148.27.140 PULSEPOINT
General Check archive.org Show headers Download Go to Show image Full URL https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=6b05d4ae-97ef-447e-be6f-6b49d2627587-61d8aa8b-4341&gdpr_in_effect=0&gdpr_consent= Requested by Host: bh.contextweb.com URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint Protocol H2 Server 198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US), Reverse DNS Software Jetty(9.4.14.v20181114) / Resource Hash d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Accept-Language en-CA,en;q=0.9 Referer https://bh.contextweb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=15768000 server Jetty(9.4.14.v20181114) content-language en-CA p3p policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT" cache-control private, max-age=0, no-cache, no-store content-type image/gif;charset=iso-8859-1 cw-server bh-deployment-6cff57fdbc-nmbsw expires -1 Redirect headers location https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=6b05d4ae-97ef-447e-be6f-6b49d2627587-61d8aa8b-4341&gdpr_in_effect=0&gdpr_consent= date Fri, 07 Jan 2022 21:03:07 GMT via 1.1 google alt-svc clear content-length 0 strict-transport-security max-age=31536000 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame 7B02	43 B 556 B	75ms 33ms	Image image/gif	209.54.176.128 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?id=QcL15ljhV5MP&ex=Pulsepoint Requested by Host: bh.contextweb.com URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Accept-Language en-CA,en;q=0.9 Referer https://bh.contextweb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Jan 2022 21:03:07 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid HGZWEES3RFC5ZBE7A0SP Strict-Transport-Security max-age=47474747; includeSubDomains; preload Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js Show response pagead2.googlesyndication.com/bg/ Frame 4E1A	35 KB 13 KB	60ms 27ms	Script text/javascript	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f7821e6a538cc11ee4c5fea34be8c61b4b888c96338f6f0d22be66b5519c7615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 04 Jan 2022 15:39:57 GMT content-encoding br x-content-type-options nosniff age 278590 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13400 x-xss-protection 0 last-modified Tue, 21 Dec 2021 11:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 04 Jan 2023 15:39:57 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame B5D5	0 0	65ms 62ms	Image text/html	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022010402&jk=917211761973110&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	49ms 49ms	Image image/gif	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022010402&jk=917211761973110&bg=!LS6lLmrNAAbDtiZlw7Y7ACkAdvg8Wg4nUGhdQ1FyDQBnZy-OvGeaH9KlgTg_pfbsiLGrGwmb_0oQpQIAAABoUgAAAAhoAQcKADKAc48ZYzCXIfO8bXfBe64kUV-GL-UnyZrN8FvK59xFTFfvXob3sUzefnVeYKTD7p3n4ZkCn3dOCXBEdqab8ah_bWJrVMCzs6EyCMU_MkiCBto-tytkLGjBZzdWTTj_N4huAvqw6E53yCWGAtyEewsBBtZFZKv_m3rTfBpy4joHtx6UfEuMt4y1HJ23tNj-xmL-H82QVcahL97jfYC6VPmhAUrMJl27-rpr8PRlr1Cp1lJrdx4vJFjtkU3X4iqYMMlTHRjkzloqcRgRhM2btJF2R7K_elD7qxEM90WBlPpdXfschFoNOPeUykJDV4Sbkm-AV_NJIQVn3dMxd_t-8DTG9vttnKSqhBWU21QUHkXuqf69pUnugL5In3PckYQhdt77391JPMlOCtC0RC5GEOPDsD1g_9QJIXMhPSDRkOfzeB9wcpicq-qO2_-2WiEPhWbwmj2MiHtvBGQRW_x5lKwHuEGjDi_Mj_bSdsER2yPDlKEst5s3epPIrZxArDB0FiXg5Qic281sU5YkuuQaMKSKzDVqZ2RHFxIGqEQ3akle8YRknBvO8uRP8ATRtcLPdIzPhY3r8s-_QH-94wntA4k13tN630aVoS2GysUcTqsii3ZyscxP_qmB26srY5-6B8D78RT4ig-NOUcqf69TsKRyXOJgL53jBaibUTM67ec2hHjSAVoOE3ZXbD58xkHuja5ilFDzqwjgZuyWC8ejJu1rWaCxeuIY6eoXvdQgiOefHe1qhl6R2hpx_TeOo1ORMFtaalXJ68nfIdPMduly9HZB2ENysvOln549NqFixrksV1bYvr2xWZFbxdLvOR1WrO5qJtumO-qWeZ5llGwjvtQdtRjKsyEFLoOEfENKszqu-wQBnC04AjwM153msS-5-Dsxa5GQFvmL6i6tvyNENwCruL9n4a01mYUAEFPS2fE4BzMjNfWlkczkUKEaQcr7BGE47pzu Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 07 Jan 2022 21:03:07 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame 575D	43 B 556 B	264ms 264ms	Image image/gif	209.54.176.128 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?id=5d763b1f2061b7b0341b3342&ex=sovrn.com&gdpr=0&gdpr_consent= Requested by Host: ap.lijit.com URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Accept-Language en-CA,en;q=0.9 Referer https://ap.lijit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Jan 2022 21:03:07 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid 20D3A4D75RG9ARP9PXPB Strict-Transport-Security max-age=47474747; includeSubDomains; preload Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	merge ce.lijit.com/ Frame 575D Redirect Chain https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= https://ce.lijit.com/merge?pid=49&3pid=QcL15ljhV5MP&ev=1&pid=558511&gdpr_consent=&gdpr=0	43 B 834 B	90ms 30ms	Image image/gif	63.251.86.49 INTERNAP-BLK
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=49&3pid=QcL15ljhV5MP&ev=1&pid=558511&gdpr_consent=&gdpr=0 Requested by Host: ap.lijit.com URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1 Protocol HTTP/1.1 Server 63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US), Reverse DNS Software nginx / raptor Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language en-CA,en;q=0.9 Referer https://ap.lijit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Jan 2022 21:03:07 GMT Server nginx X-Powered-By raptor P3P CP="CUR ADM OUR NOR STA NID" Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap1dca1 Content-Type image/gif Content-Length 43 Expires Fri, 20 Mar 2009 00:00:00 GMT Redirect headers strict-transport-security max-age=15768000 server Jetty(9.4.14.v20181114) p3p policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT" content-language en-CA location https://ce.lijit.com/merge?pid=49&3pid=QcL15ljhV5MP&ev=1&pid=558511&gdpr_consent=&gdpr=0 cache-control private, max-age=0, no-cache, no-store cw-server bh-deployment-6cff57fdbc-nmbsw expires -1
GET H3	200	pixel cm.g.doubleclick.net/ Frame 575D Redirect Chain https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NWQ3NjNiMWYyMDYxYjdiMDM0MWIzMzQy&gdpr=0	170 B 188 B	253ms 35ms	Image image/png	142.250.80.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NWQ3NjNiMWYyMDYxYjdiMDM0MWIzMzQy&gdpr=0 Requested by Host: ap.lijit.com URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1 Protocol H3 Server 142.250.80.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s35-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://ap.lijit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 07 Jan 2022 21:03:07 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Fri, 07 Jan 2022 21:03:07 GMT Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, POST, DELETE, PUT Location https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=NWQ3NjNiMWYyMDYxYjdiMDM0MWIzMzQy&gdpr=0 Access-Control-Allow-Credentials true Connection close X-Sovrn-Pod ad_ap2ewr1 Access-Control-Allow-Headers X-Requested-With, Content-Type
GET H/1.1	200 OK	merge ce.lijit.com/ Frame 575D Redirect Chain https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3651553093 https://sync.1rx.io/usersync/tradedesk/76d7e019-893a-497f-b3fd-9ff9c22f458a https://sync.targeting.unrulymedia.com/csync/RX-1b5ea890-5e92-4fd2-8d94-b96f3ffbf648-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-1b5ea890-5e92-4fd2-8d94-b96f3ffbf648-005 https://ce.lijit.com/merge?pid=56&3pid=RX-1b5ea890-5e92-4fd2-8d94-b96f3ffbf648-005	43 B 1 KB	31ms 31ms	Image image/gif	63.251.86.49 INTERNAP-BLK
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=56&3pid=RX-1b5ea890-5e92-4fd2-8d94-b96f3ffbf648-005 Requested by Host: ap.lijit.com URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1 Protocol HTTP/1.1 Server 63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US), Reverse DNS Software nginx / raptor Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language en-CA,en;q=0.9 Referer https://ap.lijit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Jan 2022 21:03:08 GMT Server nginx X-Powered-By raptor P3P CP="CUR ADM OUR NOR STA NID" Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap1dca1 Content-Type image/gif Content-Length 43 Expires Fri, 20 Mar 2009 00:00:00 GMT Redirect headers Date Fri, 07 Jan 2022 21:03:08 GMT Server Tengine ETag RX1b5ea8905e924fd28d94b96f3ffbf648005 Transfer-Encoding chunked P3P CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why" Location https://ce.lijit.com/merge?pid=56&3pid=RX-1b5ea890-5e92-4fd2-8d94-b96f3ffbf648-005 Connection keep-alive Content-Type text/html
GET H/1.1	200 OK	merge ce.lijit.com/ Frame 575D Redirect Chain https://ums.acuityplatform.com/tum?umid=27&uid=5d763b1f2061b7b0341b3342&gdpr=0&gdpr_consent= https://ce.lijit.com/merge?pid=66&3pid=638227605463	43 B 1 KB	30ms 30ms	Image image/gif	63.251.86.49 INTERNAP-BLK
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=66&3pid=638227605463 Requested by Host: ap.lijit.com URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1 Protocol HTTP/1.1 Server 63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US), Reverse DNS Software nginx / raptor Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language en-CA,en;q=0.9 Referer https://ap.lijit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Jan 2022 21:03:07 GMT Server nginx X-Powered-By raptor P3P CP="CUR ADM OUR NOR STA NID" Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap1dca1 Content-Type image/gif Content-Length 43 Expires Fri, 20 Mar 2009 00:00:00 GMT Redirect headers Access-Control-Allow-Origin * Content-Length 0 Location https://ce.lijit.com/merge?pid=66&3pid=638227605463
GET H/1.1	200 OK	merge ce.lijit.com/ Frame 575D Redirect Chain https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= https://ce.lijit.com/merge?pid=80&3pid=KY4VXQ9R-1P-F7NL&gdpr=0	43 B 1 KB	59ms 31ms	Image image/gif	63.251.86.49 INTERNAP-BLK
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=80&3pid=KY4VXQ9R-1P-F7NL&gdpr=0 Requested by Host: ap.lijit.com URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1 Protocol HTTP/1.1 Server 63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US), Reverse DNS Software nginx / raptor Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language en-CA,en;q=0.9 Referer https://ap.lijit.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Fri, 07 Jan 2022 21:03:07 GMT Server nginx X-Powered-By raptor P3P CP="CUR ADM OUR NOR STA NID" Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap1dca1 Content-Type image/gif Content-Length 43 Expires Fri, 20 Mar 2009 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://ce.lijit.com/merge?pid=80&3pid=KY4VXQ9R-1P-F7NL&gdpr=0 Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost ace9692b4e77bdf741ff63add80edaca Expires 0
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012111011823000/ Frame 577C	189 KB 54 KB	128ms 49ms	Script text/javascript	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 51792 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 55592 x-xss-protection 0 server sffe date Fri, 07 Jan 2022 06:39:55 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "11dee2040f5fc1d7" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 07 Jan 2023 06:39:55 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012111011823000/v0/ Frame 577C	13 KB 5 KB	115ms 37ms	Script text/javascript	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 51793 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4992 x-xss-protection 0 server sffe date Fri, 07 Jan 2022 06:39:54 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "858600ba27ef7413" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 07 Jan 2023 06:39:54 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012111011823000/v0/ Frame 577C	89 KB 28 KB	162ms 83ms	Script text/javascript	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 51792 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28555 x-xss-protection 0 server sffe date Fri, 07 Jan 2022 06:39:55 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "a64e482645fd262b" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 07 Jan 2023 06:39:55 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012111011823000/v0/ Frame 577C	5 KB 3 KB	104ms 26ms	Script text/javascript	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 51793 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1731 x-xss-protection 0 server sffe date Fri, 07 Jan 2022 06:39:54 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "cb4f0e89d7d37d9b" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 07 Jan 2023 06:39:54 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012111011823000/v0/ Frame 577C	40 KB 13 KB	106ms 28ms	Script text/javascript	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 51793 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12826 x-xss-protection 0 server sffe date Fri, 07 Jan 2022 06:39:54 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "0f988502fa2967b0" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 07 Jan 2023 06:39:54 GMT
GET H2	200	css fonts.googleapis.com/ Frame 577C	3 KB 1 KB	100ms 42ms	Stylesheet text/css	2607:f8b0:4006:817::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 07 Jan 2022 20:00:38 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 07 Jan 2022 21:03:07 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 07 Jan 2022 21:03:07 GMT
GET H3	200	ru.png tpc.googlesyndication.com/pagead/images/abg/ Frame 577C	3 KB 3 KB	26ms 25ms	Image image/png	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/ru.png Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 07 Jan 2022 01:27:12 GMT x-content-type-options nosniff server cafe age 70555 etag 6726277462267614359 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control public, max-age=86400 cross-origin-resource-policy cross-origin content-type image/png alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3041 x-xss-protection 0 expires Sat, 08 Jan 2022 01:27:12 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/abg/ Frame 577C	344 B 368 B	26ms 26ms	Image image/png	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/icon.png Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 07 Jan 2022 16:11:55 GMT x-content-type-options nosniff server cafe age 17472 etag 6766994032117382215 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control public, max-age=86400 cross-origin-resource-policy cross-origin content-type image/png alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 344 x-xss-protection 0 expires Sat, 08 Jan 2022 16:11:55 GMT
GET DATA	200 OK	truncated / Frame 577C	206 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8ab502fc4919474e01e8f6359cbfee630720213ed82a953b3042cf2e7a03ea07 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET H3	200	4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2 fonts.gstatic.com/s/googlesans/v36/ Frame 577C	21 KB 21 KB	27ms 26ms	Font font/woff2	2607:f8b0:4006:81f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://microsoft-teams.ru.uptodown.com Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 03 Jan 2022 09:40:16 GMT x-content-type-options nosniff age 386571 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21660 x-xss-protection 0 last-modified Wed, 01 Sep 2021 18:07:18 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Tue, 03 Jan 2023 09:40:16 GMT
GET H3	200	4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2 fonts.gstatic.com/s/googlesans/v36/ Frame 577C	21 KB 21 KB	28ms 27ms	Font font/woff2	2607:f8b0:4006:81f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://microsoft-teams.ru.uptodown.com Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 01 Jan 2022 13:56:16 GMT x-content-type-options nosniff age 544011 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21424 x-xss-protection 0 last-modified Wed, 01 Sep 2021 18:08:24 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sun, 01 Jan 2023 13:56:16 GMT
GET H2	200	si googleads.g.doubleclick.net/pagead/drt/ Frame 577C Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0	112ms 53ms	Image text/html	2607:f8b0:4006:81e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H2 Server 2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers date Fri, 07 Jan 2022 21:03:08 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 577C	0 0	46ms 46ms	Image text/html	142.251.40.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CBDLbi6rYYfuvDoevogbOqr6YBYWDyvBiqqXM49EN2e2O2pMOEAEg48isImDJ7qmKpKSYEKAB8Zqg0AHIAQbgAgCoAwGqBIECT9C8GHs-XQbM9HpRGJKq8uNX9pcwHSLC9t3tGQGANmnWqu54RFoEQ-ppWObOFrjNrACTu4vtKj_onV4dBrXPbfyZ2P8wdsoZIk668HOgeyG70DpiTLb7Ie7gPqc2DEhVToWvISoRjTU0fo9pSyGeAzwHOxGD9k1TbNl2UsNKuMAKHs66x4ziCWs09wXmCWPW_QHdks8UywO0AXNTb2HtiNK81j6E1oQO-8FSm4rjBTr1w3m0MCKZlBpWBlNQ1KvUbdPy8iPIB_-5UjsvA3LALqEKZ8JuG9ovMW8tltdJcMteUOeOEbGOtE0Ybr850svZ9W3x0znro1t8ofC8Wwe5yb7ABPfMpe_QA-AEAZIFBAgEGAGSBQQIBRgEgAf35N-vAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcFEKLmmQvSCAcIiGEQARgd8ggbYWR4LXN1YnN5bi0zMTU5Nzg4MDgyNjI4ODUxgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTU5MTg1NTIyNzA3NDczMTMY_oYJ&sigh=-E7Bd-IKqMY&uach_m=[]&template_id=492&uap=&uapv=&uaa=&uam=&uafv=&uab=&cbvp=2 Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H3	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012111011823000/ Frame 4379	189 KB 54 KB	114ms 59ms	Script text/javascript	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 51793 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 55592 x-xss-protection 0 server sffe date Fri, 07 Jan 2022 06:39:55 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "11dee2040f5fc1d7" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 07 Jan 2023 06:39:55 GMT
GET H3	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012111011823000/v0/ Frame 4379	13 KB 5 KB	82ms 28ms	Script text/javascript	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 51794 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4992 x-xss-protection 0 server sffe date Fri, 07 Jan 2022 06:39:54 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "858600ba27ef7413" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 07 Jan 2023 06:39:54 GMT
GET H3	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012111011823000/v0/ Frame 4379	89 KB 28 KB	79ms 26ms	Script text/javascript	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 51793 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28555 x-xss-protection 0 server sffe date Fri, 07 Jan 2022 06:39:55 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "a64e482645fd262b" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 07 Jan 2023 06:39:55 GMT
GET H3	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012111011823000/v0/ Frame 4379	5 KB 2 KB	112ms 59ms	Script text/javascript	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 51794 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1731 x-xss-protection 0 server sffe date Fri, 07 Jan 2022 06:39:54 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "cb4f0e89d7d37d9b" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 07 Jan 2023 06:39:54 GMT
GET H3	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012111011823000/v0/ Frame 4379	40 KB 13 KB	141ms 87ms	Script text/javascript	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 51794 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12826 x-xss-protection 0 server sffe date Fri, 07 Jan 2022 06:39:54 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "0f988502fa2967b0" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 07 Jan 2023 06:39:54 GMT
GET H3	200	ru.png tpc.googlesyndication.com/pagead/images/abg/ Frame 4379	3 KB 3 KB	25ms 25ms	Image image/png	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/ru.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 07 Jan 2022 01:27:12 GMT x-content-type-options nosniff server cafe age 70556 etag 6726277462267614359 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control public, max-age=86400 cross-origin-resource-policy cross-origin content-type image/png alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3041 x-xss-protection 0 expires Sat, 08 Jan 2022 01:27:12 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/abg/ Frame 4379	344 B 368 B	25ms 25ms	Image image/png	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/icon.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 07 Jan 2022 16:11:55 GMT x-content-type-options nosniff server cafe age 17473 etag 6766994032117382215 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control public, max-age=86400 cross-origin-resource-policy cross-origin content-type image/png alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 344 x-xss-protection 0 expires Sat, 08 Jan 2022 16:11:55 GMT
GET DATA	200 OK	truncated / Frame 4379	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 650964ce308002149e5d343b88e0b36c9699ef845847af07f77690a662a5e605 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET H3	200	12524491037668340022 tpc.googlesyndication.com/simgad/ Frame 4379	14 KB 14 KB	26ms 26ms	Image image/png	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/12524491037668340022?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm3Em3avfTZ-ikQq_F6swOYe2ZuvA Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6ffb38b7fb160d89c551f2045ff9890f70268ef268dbb39c0603cf43713990c9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 01 Jan 2022 17:47:00 GMT x-content-type-options nosniff age 530168 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14176 x-xss-protection 0 last-modified Tue, 16 Feb 2021 17:05:20 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 01 Jan 2023 17:47:00 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 4379	0 0	44ms 43ms	Image text/html	2607:f8b0:4006:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQul6a4-4N19I34L1d_gM-XeFi9vqUqj9Lpp_-hLb7ByORxDsG419-4gBT1Q1sPp67GerDOmm_Nyhht5z8FEw8qXcQHJw Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 4379	0 0	44ms 44ms	Image text/html	142.251.40.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=C40kYi6rYYb_OK8KTyQPB-rroCIWDyvBig9TD6Y4P-KemyI8OEAEg48isImDJ7qmKpKSYEKAB8Zqg0AHIAQLgAgCoAwHIAwiqBIcCT9A3fRNpsmh7Bd62BNoW6tAdDrelQzxSa-6C0O6zqKY7ZXrgRuqZGVCx93CZJ6USpBt8cNYfH7XzoYsZmdFyej70goiTp0mq9ldzv6YeusOvxnaDeQTlLfAAl-oXIk4VVfdu-huYaXTO_mUI1oHbaf82sOwamFSMxvabXquqMOfcdHcfvcgzuo8-05ENWZJI3H-qD1AbLBRPgYUhVmn5e82qJ7G-sAEsOFl5Kd-IGRv_4gvboRwyDSF8fymktnDaGY0OPYgfUAWPEAHRm_dt2EksyRmilOLJkMH3HwErQuRTbilBNEBSw-GXtW5XWvEheAW5rWd_12FzXq7jvZ6J40qvemoeyzjABPfMpe_QA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAf35N-vAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcFELmagAHSCAcIiGEQARgd8ggbYWR4LXN1YnN5bi0zMTU5Nzg4MDgyNjI4ODUxgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTU5MTg1NTIyNzA3NDczMTMY_oYJ&sigh=XuFkhsGMls8&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness) Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H2	200	menu-close.svg stc.utdstc.com/img/	273 B 555 B	20ms 19ms	Image image/svg+xml	23.199.198.174 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stc.utdstc.com/img/menu-close.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.199.198.174 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-199-198-174.deploy.static.akamaitechnologies.com Software nginx / Resource Hash d2c93a24a13c1c829e2d49cccc6d5fbee92ef5b9cad4be4d8a5cb974d4b3b4bf Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=16000000; includeSubDomains; preload; X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; content-encoding gzip etag W/"6183e4c3-111" content-length 201 x-xss-protection 1; mode=block pragma public referrer-policy no-referrer-when-downgrade last-modified Thu, 04 Nov 2021 13:48:51 GMT server nginx x-frame-options SAMEORIGIN date Fri, 07 Jan 2022 21:03:08 GMT vary Accept-Encoding content-type image/svg+xml cache-control max-age=15552000, public content-security-policy default-src 'self' expires Tue, 10 May 2022 11:25:01 GMT
GET H3	200	si googleads.g.doubleclick.net/pagead/drt/ Frame 4379 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0	84ms 50ms	Image text/html	2607:f8b0:4006:81e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H3 Server 2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers date Fri, 07 Jan 2022 21:03:08 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012111011823000/ Frame 8AE1	189 KB 54 KB	27ms 26ms	Script text/javascript	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 51793 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 55592 x-xss-protection 0 server sffe date Fri, 07 Jan 2022 06:39:55 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "11dee2040f5fc1d7" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 07 Jan 2023 06:39:55 GMT
GET H3	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012111011823000/v0/ Frame 8AE1	13 KB 5 KB	34ms 33ms	Script text/javascript	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 51794 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4992 x-xss-protection 0 server sffe date Fri, 07 Jan 2022 06:39:54 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "858600ba27ef7413" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 07 Jan 2023 06:39:54 GMT
GET H3	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012111011823000/v0/ Frame 8AE1	89 KB 28 KB	34ms 34ms	Script text/javascript	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 51793 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28555 x-xss-protection 0 server sffe date Fri, 07 Jan 2022 06:39:55 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "a64e482645fd262b" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 07 Jan 2023 06:39:55 GMT
GET H3	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012111011823000/v0/ Frame 8AE1	5 KB 2 KB	36ms 35ms	Script text/javascript	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 51794 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1731 x-xss-protection 0 server sffe date Fri, 07 Jan 2022 06:39:54 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "cb4f0e89d7d37d9b" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 07 Jan 2023 06:39:54 GMT
GET H3	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012111011823000/v0/ Frame 8AE1	40 KB 13 KB	37ms 36ms	Script text/javascript	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 51794 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12826 x-xss-protection 0 server sffe date Fri, 07 Jan 2022 06:39:54 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "0f988502fa2967b0" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 07 Jan 2023 06:39:54 GMT
GET H3	200	12524491037668340022 tpc.googlesyndication.com/simgad/ Frame 8AE1	14 KB 14 KB	27ms 26ms	Image image/png	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/12524491037668340022?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm3Em3avfTZ-ikQq_F6swOYe2ZuvA Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6ffb38b7fb160d89c551f2045ff9890f70268ef268dbb39c0603cf43713990c9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 01 Jan 2022 17:47:00 GMT x-content-type-options nosniff age 530168 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14176 x-xss-protection 0 last-modified Tue, 16 Feb 2021 17:05:20 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 01 Jan 2023 17:47:00 GMT
GET H3	200	ru.png tpc.googlesyndication.com/pagead/images/abg/ Frame 8AE1	3 KB 3 KB	27ms 26ms	Image image/png	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/ru.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 07 Jan 2022 01:27:12 GMT x-content-type-options nosniff server cafe age 70556 etag 6726277462267614359 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control public, max-age=86400 cross-origin-resource-policy cross-origin content-type image/png alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3041 x-xss-protection 0 expires Sat, 08 Jan 2022 01:27:12 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/abg/ Frame 8AE1	344 B 368 B	29ms 28ms	Image image/png	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/icon.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 07 Jan 2022 16:11:55 GMT x-content-type-options nosniff server cafe age 17473 etag 6766994032117382215 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control public, max-age=86400 cross-origin-resource-policy cross-origin content-type image/png alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 344 x-xss-protection 0 expires Sat, 08 Jan 2022 16:11:55 GMT
GET DATA	200 OK	truncated / Frame 8AE1	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a05a13f70823c9ebecccd7506d5b7321b211fed2712853566c7d9e4df506d39e Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 8AE1	0 0	44ms 44ms	Image text/html	142.251.40.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=C6Y28jKrYYYm5BMukoga976jgB4WDyvBig9TD6Y4P2e2O2pMOEAEghtTOHmDJ7qmKpKSYEKAB8Zqg0AHIAQLgAgCoAwHIAwiqBIcCT9BpIuQ6AJzcle7JprVZb2Rre5yqANtd6osdQML19eg6gaxSqPVS_Wr6PyWwip1rb7k_ITNMcIXwAJf99A9sQ3TT2mvYFk0uJ-6bj7jnzxjmH_-IkaDEL79qJLVfycxDgZfIPX87lcKuxotF32qryztHQRFjA24dEmY22svMYWEYmNceQlmm6RLJiDkuhI6iSx4m5d9c4cG8iQXOL5IXjZdA4GcgjRVUelWdXmBwEgoJWVH7Y8I4wMqkEjjdq1xEIPHxpD_M3A0Lv2msNrmZL0IfWj0JVFp-lPfaXtzg3eXFVBk2wIi9kDN6Vda_cF4Wnqrf5-TQB8JzMjbtVizTdJG0msU8ZenABPfMpe_QA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAf35N-vAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcFEP-v6QHSCAcIiGEQARgdgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTE0NDAwMDE0MjY3NjE2MjcY_oYJ&sigh=VLasVf1XHn4&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness) Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H3	200	si googleads.g.doubleclick.net/pagead/drt/ Frame 8AE1 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0	52ms 52ms	Image text/html	2607:f8b0:4006:81e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H3 Server 2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers date Fri, 07 Jan 2022 21:03:08 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012111011823000/ Frame 0A7D	189 KB 54 KB	27ms 26ms	Script text/javascript	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 51793 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 55592 x-xss-protection 0 server sffe date Fri, 07 Jan 2022 06:39:55 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "11dee2040f5fc1d7" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 07 Jan 2023 06:39:55 GMT
GET H3	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012111011823000/v0/ Frame 0A7D	13 KB 5 KB	32ms 31ms	Script text/javascript	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 51794 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4992 x-xss-protection 0 server sffe date Fri, 07 Jan 2022 06:39:54 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "858600ba27ef7413" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 07 Jan 2023 06:39:54 GMT
GET H3	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012111011823000/v0/ Frame 0A7D	89 KB 28 KB	33ms 32ms	Script text/javascript	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 51793 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28555 x-xss-protection 0 server sffe date Fri, 07 Jan 2022 06:39:55 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "a64e482645fd262b" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 07 Jan 2023 06:39:55 GMT
GET H3	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012111011823000/v0/ Frame 0A7D	5 KB 2 KB	35ms 34ms	Script text/javascript	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 51794 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1731 x-xss-protection 0 server sffe date Fri, 07 Jan 2022 06:39:54 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "cb4f0e89d7d37d9b" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 07 Jan 2023 06:39:54 GMT
GET H3	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012111011823000/v0/ Frame 0A7D	40 KB 13 KB	35ms 35ms	Script text/javascript	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 51794 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12826 x-xss-protection 0 server sffe date Fri, 07 Jan 2022 06:39:54 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "0f988502fa2967b0" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 07 Jan 2023 06:39:54 GMT
GET H3	200	12524491037668340022 tpc.googlesyndication.com/simgad/ Frame 0A7D	14 KB 14 KB	26ms 26ms	Image image/png	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/12524491037668340022?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm3Em3avfTZ-ikQq_F6swOYe2ZuvA Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6ffb38b7fb160d89c551f2045ff9890f70268ef268dbb39c0603cf43713990c9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 01 Jan 2022 17:47:00 GMT x-content-type-options nosniff age 530168 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14176 x-xss-protection 0 last-modified Tue, 16 Feb 2021 17:05:20 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 01 Jan 2023 17:47:00 GMT
GET H3	200	ru.png tpc.googlesyndication.com/pagead/images/abg/ Frame 0A7D	3 KB 3 KB	27ms 26ms	Image image/png	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/ru.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 07 Jan 2022 01:27:12 GMT x-content-type-options nosniff server cafe age 70556 etag 6726277462267614359 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control public, max-age=86400 cross-origin-resource-policy cross-origin content-type image/png alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3041 x-xss-protection 0 expires Sat, 08 Jan 2022 01:27:12 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/abg/ Frame 0A7D	344 B 368 B	28ms 28ms	Image image/png	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/icon.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Fri, 07 Jan 2022 16:11:55 GMT x-content-type-options nosniff server cafe age 17473 etag 6766994032117382215 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control public, max-age=86400 cross-origin-resource-policy cross-origin content-type image/png alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 344 x-xss-protection 0 expires Sat, 08 Jan 2022 16:11:55 GMT
GET DATA	200 OK	truncated / Frame 0A7D	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 256b584c48d35c949d912ec150e25b8e5b9ac135796e11c1abf2848269ae2b0f Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET H3	204	l www.google.com/ads/measurement/ Frame 0A7D	0 0	43ms 42ms	Image text/html	2607:f8b0:4006:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRGQNw_q1BNv_ZKK0LIwRJxDY6Z8W9c0LRno0KDVOEWujX6dxle7p9wJl0NUCxuPGOlTNBzFOQNBAHUC3XVGl8Sj_dcFw Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 0A7D	0 0	93ms 93ms	Image text/html	142.251.40.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CczlwjKrYYYWpGJetogbdu6OgCIWDyvBig9TD6Y4P2e2O2pMOEAEg48isImDJ7qmKpKSYEKAB8Zqg0AHIAQLgAgCoAwHIAwiqBIcCT9Af7twFNGeRrO-o2bCenP3-d_9ktEsAfq1NkWZez5ysPdGI326-O0N8TJ6vUSxRaof-B_6DEFBxembLw55jqGjsMfXnnx_ZDUlZ4El9aPMqnnhI9WdBzb2mZrFU0OZpkj5Zjn6QQIf3kNOS7L3SasXKg-IoDjlycLFA66K8_r2MTC3wMOhcGoVGmQ5uCxg2I0tuYRRmzyV-ZcBZ6_nBLzhn8Baq0-8fj9732m-d3vLqEdqpHrrKvmOJ42etafnSeqG92QcmWAZH8wR3EA0XgFoBCzNdlXUw7UeoxD53KrNNsnLxIZAM677UJvJLnC6C1CQbwfT-SqcuXqJqyi-VbnpRXXYGxqrABPfMpe_QA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAf35N-vAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcFELbFtAHSCAcIiGEQARgd8ggbYWR4LXN1YnN5bi0zMTU5Nzg4MDgyNjI4ODUxgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTU5MTg1NTIyNzA3NDczMTMY_oYJ&sigh=yicM-fAkDkE&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness) Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H3	200	si googleads.g.doubleclick.net/pagead/drt/ Frame 0A7D Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0	50ms 49ms	Image text/html	2607:f8b0:4006:81e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: microsoft-teams.ru.uptodown.com URL: https://microsoft-teams.ru.uptodown.com/windows? Protocol H3 Server 2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers date Fri, 07 Jan 2022 21:03:08 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame 577C	42 B 64 B	121ms 120ms	Image image/gif	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLmWQjaz6RUrxaxNWla4fKgTrLq-vy4e0MEu3U-RISxGwT_4Q179rrwkWwr9-Pg2QSBeglyLeENmv7d0Y1gQCFJev86P3Ye-NtgvVgYyVI59Dd4nk&sai=AMfl-YTkwOKzF97d2I7YXNj51itIhzVsN614mBtyWDxgE9Z1gz-yQFhdWd0tGs3sFwac6o5KynYmwj5pJhO_-QVxldMH_Ve7YeeIS5dFVF4SbiM1Gh37G53eIt9mfbNPU5o&sig=Cg0ArKJSzBI_eZhJWNgcEAE&id=ampim&o=315,340&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=67&tls=1067&g=100&h=100&tt=1067&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1109273584 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 07 Jan 2022 21:03:09 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame 4379	42 B 64 B	49ms 49ms	Image image/gif	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTVHIZ4PvRT0VFEv3AyLqoVg5rFCUsF3fC4E5mS1nJB7aEpf2CvJ92GMKQlhYvEqYq2_A5cAFAbA2nrfUXl-I_TWuPto4qXycUA9v9RCwwsMcSnyc&sai=AMfl-YT82rcXDAt9l56CvoO_Th2KYgCEtHRI_p_up7LGK80zRYb_VsYQgl1rme9xQEdAbZVMCwHPhfRaJ3bS9OosdDj0aCnPkHyYW7lE97cRYRvSCPtw4ZXdpSu8dcFjgVwr&sig=Cg0ArKJSzGxY-iITBMMgEAE&id=ampim&o=1308,300&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=34&tls=1035&g=97.33333587646484&h=97.33333587646484&tt=1035&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=3073126929 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 07 Jan 2022 21:03:09 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame 0A7D	42 B 64 B	49ms 48ms	Image image/gif	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuoNcZX7Zyvs9p8RF0z7AJ7FCKXDU8R0N2MnKsLzt_QTvxvLNYEzi28UVlpBS00UsEoUwuHe20GYqfgXdBrusDSiwuk9rHc1YBa5mAVyk7gxW6hgb0&sai=AMfl-YSxkmyrFvrVCeSOfGJb_744yS11YGSKzR9mAkwMSVeb1sWKG57_-56EJQhvwr137kFFAhOR0mSotizGU2nQBzErC1LIRyXzpMERfYT0DAx5aLPxQwTRrhCucVFj3Ds&sig=Cg0ArKJSzEsXBGXaGDB8EAE&id=ampim&o=-8,300&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=39&tls=1039&g=97.33333587646484&h=97.33333587646484&tt=1039&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=193497532 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://microsoft-teams.ru.uptodown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 07 Jan 2022 21:03:09 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT