kazus.ru Open in urlscan Pro
195.201.86.197 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kazus.ru/programs/download/16497/
Effective URL:
https://kazus.ru/programs/download/16497/
Submission Tags: falconsandbox
Submission: On November 17 via api (November 17th 2023, 6:18:54 am UTC) from US — Scanned from DE

Summary HTTP 192 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 46 IPs in 12 countries across 52 domains to perform 192 HTTP transactions. The main IP is 195.201.86.197, located in Gunzenhausen, Germany and belongs to HETZNER-AS, DE. The main domain is kazus.ru.
TLS certificate: Issued by R3 on November 7th 2023. Valid for: 3 months.

This is the only time kazus.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	195.201.86.197 195.201.86.197	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	143.198.242.75 143.198.242.75	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
24	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2 4	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
4 26	142.132.138.213 142.132.138.213	24940 (HETZNER-AS) (HETZNER-AS)
3 20	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2 2	193.3.184.218 193.3.184.218	50214 (QWARTA) (QWARTA)
2 2	193.232.150.46 193.232.150.46	48061 (UMA-TECH-AS) (UMA-TECH-AS)
2 2	195.209.108.55 195.209.108.55	52007 (ADRIVER) (ADRIVER)
2	81.222.128.214 81.222.128.214	20597 (ELTEL-AS) (ELTEL-AS)
1	2606:4700:e2:... 2606:4700:e2::ac40:8924	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.230.131.16 37.230.131.16	200197 (HYBRID-PO...) (HYBRID-POLAND)
2	185.15.175.132 185.15.175.132	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	116.202.236.228 116.202.236.228	24940 (HETZNER-AS) (HETZNER-AS)
2 2	178.63.75.168 178.63.75.168	24940 (HETZNER-AS) (HETZNER-AS)
1 1	78.40.218.117 78.40.218.117	9123 (TIMEWEB-AS) (TIMEWEB-AS)
1 1	83.222.96.170 83.222.96.170	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
1	5.189.234.229 5.189.234.229	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1 1	46.243.142.239 46.243.142.239	208677 (CLOUDRU-AS) (CLOUDRU-AS)
1	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
1 1	176.122.21.139 176.122.21.139	48096 (ITGRAD) (ITGRAD)
2 2	217.66.147.33 217.66.147.33	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
4 4	217.66.147.34 217.66.147.34	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
2 2	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1 1	87.242.95.200 87.242.95.200	208677 (CLOUDRU-AS) (CLOUDRU-AS)
1 1	176.9.81.69 176.9.81.69	24940 (HETZNER-AS) (HETZNER-AS)
1 1	31.220.27.155 31.220.27.155	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	65.109.65.187 65.109.65.187	24940 (HETZNER-AS) (HETZNER-AS)
1	217.65.2.150 217.65.2.150	3175 (CITYTELEC...) (CITYTELECOM-MSK)
2 3	89.108.119.43 89.108.119.43	197695 (AS-REG) (AS-REG)
1 2	188.42.105.236 188.42.105.236	7979 (SERVERS-COM) (SERVERS-COM)
2 3	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
3 5	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	80.87.198.24 80.87.198.24	29182 (RU-JSCIOT) (RU-JSCIOT)
1 2	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1 2	162.55.144.211 162.55.144.211	24940 (HETZNER-AS) (HETZNER-AS)
1 1	23.111.107.44 23.111.107.44	39134 (UNITEDNET) (UNITEDNET)
1 1	167.235.14.51 167.235.14.51	24940 (HETZNER-AS) (HETZNER-AS)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
3 3	167.235.117.41 167.235.117.41	24940 (HETZNER-AS) (HETZNER-AS)
5 6	185.15.175.159 185.15.175.159	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	83.222.105.70 83.222.105.70	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
2 2	217.199.220.43 217.199.220.43	61400 (NETRACK-AS) (NETRACK-AS)
1 1	130.193.58.13 130.193.58.13	200350 (YANDEXCLOUD) (YANDEXCLOUD)
2 2	185.40.31.213 185.40.31.213	61400 (NETRACK-AS) (NETRACK-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (VK-AS) (VK-AS)
1	91.192.149.36 91.192.149.36	42481 (BEGUN-AS) (BEGUN-AS)
1 1	45.139.25.125 45.139.25.125	34959 (PROCLOUD ...) (PROCLOUD PROCLOUD MSK)
1	162.19.169.11 162.19.169.11	16276 (OVH) (OVH)
5	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
4 5	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
6	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
3 4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	18.203.173.246 18.203.173.246	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2.18.160.221 2.18.160.221	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:212... 2600:9000:2127:fa00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2600:1f13:800... 2600:1f13:800:7780:5f47:a114:af1e:1176	16509 (AMAZON-02) (AMAZON-02)
192	46

12 195.201.86.197 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: kazus.ru

kazus.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.198.242.75 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)

customfingerprints.bablosoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.212.201.204 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 142.132.138.213 (Falkenstein, Germany) 4 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.213.138.132.142.clients.your-server.de

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.3.184.218 (Russian Federation) 2 redirects

ASN50214 (QWARTA, RU)

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.46 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp3.senders.rutube.ru

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.55 (Russian Federation) 2 redirects

ASN52007 (ADRIVER, RU)

ev.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.214 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad14.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:8924 (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.230.131.16 (Amsterdam, Netherlands)

ASN200197 (HYBRID-POLAND, PL)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.132 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.236.228 (Bad Griesbach, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.228.236.202.116.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.63.75.168 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-20.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.40.218.117 (St Petersburg, Russian Federation) 1 redirects

ASN9123 (TIMEWEB-AS, RU)

s.ccsyncuuid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 83.222.96.170 (Russian Federation) 1 redirects

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

ssp.bestssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.189.234.229 (Moscow, Russian Federation)

ASN50340 (SELECTEL-MSK, RU)

sync.adspend.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.243.142.239 (Ukraine) 1 redirects

ASN208677 (CLOUDRU-AS, RU)
PTR: fr07.segmento.ru

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.122.21.139 (Russian Federation) 1 redirects

ASN48096 (ITGRAD, RU)

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.66.147.33 (St Petersburg, Russian Federation) 2 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-33-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.66.147.34 (St Petersburg, Russian Federation) 4 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-34-147-66-217.spbmts.ru

vma.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.87.44.187 (Russian Federation) 2 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.242.95.200 (Russian Federation) 1 redirects

ASN208677 (CLOUDRU-AS, RU)

mts-dsp-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.81.69 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.69.81.9.176.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.155 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.109.65.187 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.187.65.109.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.108.119.43 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.105.236 (Luxembourg) 1 redirects

ASN7979 (SERVERS-COM, US)

sync.gonet-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.172 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 31.172.81.160 (Germany) 3 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

pix.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.87.198.24 (Moscow, Russian Federation) 2 redirects

ASN29182 (RU-JSCIOT, RU)
PTR: sync07.platforma.id

2ab5eb26-8511-11ee-86e0-002590c0647c.n6.sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.55.144.211 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.211.144.55.162.clients.your-server.de

nr.bidderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.107.44 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

cs.agency2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.235.14.51 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.51.14.235.167.clients.your-server.de

match.ohmy.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.235.117.41 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.41.117.235.167.clients.your-server.de

sync.programmatica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.15.175.159 (Russian Federation) 5 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 83.222.105.70 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

adx.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.199.220.43 (Canada) 2 redirects

ASN61400 (NETRACK-AS, RU)
PTR: s3.kimberlite.io

kimberlite.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.193.58.13 (Russian Federation) 1 redirects

ASN200350 (YANDEXCLOUD, RU)

pixel.konnektu.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.40.31.213 (Tula, Russian Federation) 2 redirects

ASN61400 (NETRACK-AS, RU)

sync.dsp.solta.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.149.36 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: sync.rambler.ru

sync.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.139.25.125 (Moscow, Russian Federation) 1 redirects

ASN34959 (PROCLOUD PROCLOUD MSK, RU)

ssp.afp.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.169.11 (France)

ASN16276 (OVH, FR)
PTR: ns3222241.ip-162-19-169.eu

fingerprints.bablosoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.20 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.203.173.246 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-173-246.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.160.221 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-221.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2127:fa00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f13:800:7780:5f47:a114:af1e:1176 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	542 KB
26	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439	211 KB
26	acint.net 4 redirects www.acint.net — Cisco Umbrella Rank: 27554 acint.net — Cisco Umbrella Rank: 22987	33 KB
15	gstatic.com www.gstatic.com fonts.gstatic.com	210 KB
12	kazus.ru 1 redirects kazus.ru	49 KB
11	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 898 static.adsafeprotected.com — Cisco Umbrella Rank: 587 dt.adsafeprotected.com — Cisco Umbrella Rank: 570	101 KB
10	bumlam.com 7 redirects sync.bumlam.com — Cisco Umbrella Rank: 3997 pix.bumlam.com — Cisco Umbrella Rank: 79438 2ab5eb26-8511-11ee-86e0-002590c0647c.n6.sync.bumlam.com	6 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	96 KB
8	mts.ru 8 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 33556 vma.mts.ru — Cisco Umbrella Rank: 35633 tech.rtb.mts.ru — Cisco Umbrella Rank: 39599	5 KB
8	digitaltarget.ru 5 redirects tag.digitaltarget.ru — Cisco Umbrella Rank: 140756 dmg.digitaltarget.ru — Cisco Umbrella Rank: 23414	23 KB
7	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 364 fonts.googleapis.com — Cisco Umbrella Rank: 31	71 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
5	google.com 4 redirects www.google.com — Cisco Umbrella Rank: 2	909 B
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	320 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	3 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	2 KB
4	adriver.ru 2 redirects ev.adriver.ru — Cisco Umbrella Rank: 34712 ssp.adriver.ru — Cisco Umbrella Rank: 26076	2 KB
4	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 11595	2 KB
3	programmatica.com 3 redirects sync.programmatica.com — Cisco Umbrella Rank: 91490	761 B
3	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 15037	1 KB
3	bablosoft.com customfingerprints.bablosoft.com — Cisco Umbrella Rank: 357436 fingerprints.bablosoft.com — Cisco Umbrella Rank: 337049	664 KB
2	mail.ru ad.mail.ru — Cisco Umbrella Rank: 10840 top-fwz1.mail.ru — Cisco Umbrella Rank: 10387	2 KB
2	solta.io 2 redirects sync.dsp.solta.io — Cisco Umbrella Rank: 42091	444 B
2	kimberlite.io 2 redirects kimberlite.io — Cisco Umbrella Rank: 29967	1 KB
2	bidderstack.com 1 redirects nr.bidderstack.com — Cisco Umbrella Rank: 40332	769 B
2	yandex.ru 1 redirects an.yandex.ru — Cisco Umbrella Rank: 5085	665 B
2	gonet-ads.com 1 redirects sync.gonet-ads.com — Cisco Umbrella Rank: 30346	634 B
2	rutarget.ru 2 redirects sape-sync.rutarget.ru — Cisco Umbrella Rank: 100333 mts-dsp-sync.rutarget.ru — Cisco Umbrella Rank: 67317	833 B
2	upravel.com 2 redirects sync.upravel.com — Cisco Umbrella Rank: 38307	1 KB
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 19224	827 B
2	sape.ru 2 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 27355	1 KB
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 574	17 KB
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 685	574 B
1	afp.ai 1 redirects ssp.afp.ai — Cisco Umbrella Rank: 38343	297 B
1	rambler.ru sync.rambler.ru — Cisco Umbrella Rank: 48432	172 B
1	konnektu.ru 1 redirects pixel.konnektu.ru — Cisco Umbrella Rank: 72248	212 B
1	com.ru adx.com.ru — Cisco Umbrella Rank: 38357
1	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 1545	22 B
1	ohmy.bid 1 redirects match.ohmy.bid — Cisco Umbrella Rank: 50697	277 B
1	agency2.ru 1 redirects cs.agency2.ru — Cisco Umbrella Rank: 117709	753 B
1	new-programmatic.com match.new-programmatic.com — Cisco Umbrella Rank: 36120	215 B
1	bidvol.com 1 redirects ssp.bidvol.com — Cisco Umbrella Rank: 36153	484 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 9432	207 B
1	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 21064	300 B
1	adlook.me 1 redirects ads.adlook.me — Cisco Umbrella Rank: 35501	304 B
1	betweendigital.com ads.betweendigital.com — Cisco Umbrella Rank: 1638
1	adspend.space sync.adspend.space — Cisco Umbrella Rank: 48977	46 B
1	bestssp.com 1 redirects ssp.bestssp.com — Cisco Umbrella Rank: 54381	169 B
1	ccsyncuuid.net 1 redirects s.ccsyncuuid.net — Cisco Umbrella Rank: 103084	200 B
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 24816	70 B
1	hybrid.ai dm-eu.hybrid.ai — Cisco Umbrella Rank: 11534	282 B
1	utraff.com a.utraff.com — Cisco Umbrella Rank: 41784	770 B
192	52

	Domain	Requested by
27	tpc.googlesyndication.com	googleads.g.doubleclick.net kazus.ru tpc.googlesyndication.com pagead2.googlesyndication.com
24	pagead2.googlesyndication.com	kazus.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
21	www.acint.net	4 redirects kazus.ru www.acint.net
20	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net kazus.ru
12	kazus.ru	1 redirects kazus.ru
10	www.gstatic.com	googleads.g.doubleclick.net
9	s0.2mdn.net	kazus.ru s0.2mdn.net googleads.g.doubleclick.net
7	dt.adsafeprotected.com	googleads.g.doubleclick.net
6	www.googleadservices.com	kazus.ru
6	dmg.digitaltarget.ru	5 redirects www.acint.net
5	fonts.gstatic.com	fonts.googleapis.com
5	www.google.com	4 redirects tpc.googlesyndication.com
5	www.googletagservices.com	googleads.g.doubleclick.net kazus.ru
5	fonts.googleapis.com	googleads.g.doubleclick.net
5	pix.bumlam.com	3 redirects www.acint.net
5	acint.net	www.acint.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	vma.mts.ru	4 redirects
4	counter.yadro.ru	2 redirects kazus.ru
3	sync.programmatica.com	3 redirects
3	sync.bumlam.com	2 redirects www.acint.net
3	x01.aidata.io	2 redirects www.acint.net
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	kazus.ru
2	fw.adsafeprotected.com	1 redirects kazus.ru
2	sync.dsp.solta.io	2 redirects
2	kimberlite.io	2 redirects
2	nr.bidderstack.com	1 redirects www.acint.net
2	an.yandex.ru	1 redirects www.acint.net
2	2ab5eb26-8511-11ee-86e0-002590c0647c.n6.sync.bumlam.com	2 redirects
2	sync.gonet-ads.com	1 redirects www.acint.net
2	tech.rtb.mts.ru	2 redirects
2	sm.rtb.mts.ru	2 redirects
2	sync.upravel.com	2 redirects
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	ssp.adriver.ru	www.acint.net
2	ev.adriver.ru	2 redirects
2	px.adhigh.net	2 redirects
2	ssp-rtb.sape.ru	2 redirects
2	ssl.google-analytics.com	kazus.ru
2	customfingerprints.bablosoft.com	kazus.ru customfingerprints.bablosoft.com
2	ajax.googleapis.com	kazus.ru
1	tags.bluekai.com	googleads.g.doubleclick.net
1	top-fwz1.mail.ru	www.acint.net
1	fingerprints.bablosoft.com	customfingerprints.bablosoft.com
1	ssp.afp.ai	1 redirects
1	sync.rambler.ru	www.acint.net
1	ad.mail.ru	www.acint.net
1	pixel.konnektu.ru	1 redirects
1	adx.com.ru	www.acint.net
1	sync.adkernel.com	www.acint.net
1	match.ohmy.bid	1 redirects
1	cs.agency2.ru	1 redirects
1	match.new-programmatic.com	www.acint.net
1	ssp.bidvol.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	exchange.buzzoola.com	1 redirects
1	mts-dsp-sync.rutarget.ru	1 redirects
1	ads.adlook.me	1 redirects
1	ads.betweendigital.com	www.acint.net
1	sape-sync.rutarget.ru	1 redirects
1	sync.adspend.space	www.acint.net
1	ssp.bestssp.com	1 redirects
1	s.ccsyncuuid.net	1 redirects
1	sync.dmp.otm-r.com	www.acint.net
1	dm-eu.hybrid.ai	www.acint.net
1	a.utraff.com	www.acint.net
192	69

This site contains links to these domains. Also see Links.

Domain
kazus.info
datasheets.ru
www.liveinternet.ru

Subject Issuer	Validity	Valid
kazus.ru R3	`2023-11-07` - `2024-02-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
customfingerprints.bablosoft.com R3	`2023-10-19` - `2024-01-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
counter.yadro.ru AlphaSSL CA - SHA256 - G4	`2023-11-04` - `2024-12-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.acint.net R3	`2023-10-31` - `2024-01-29`	3 months	crt.sh
utraff.com GTS CA 1P5	`2023-10-12` - `2024-01-10`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2023-09-14` - `2024-09-13`	a year	crt.sh
*.digitaltarget.ru R3	`2023-11-13` - `2024-02-11`	3 months	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G4	`2023-06-19` - `2024-07-20`	a year	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-03-07` - `2024-04-07`	a year	crt.sh
*.adspend.space R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-13` - `2024-02-13`	a year	crt.sh
ad.ad-blast.ru R3	`2023-10-07` - `2024-01-05`	3 months	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.adx.com.ru AlphaSSL CA - SHA256 - G4	`2023-05-26` - `2024-06-26`	a year	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2023-10-06` - `2024-11-06`	a year	crt.sh
sync.rambler.ru R3	`2023-11-13` - `2024-02-11`	3 months	crt.sh
fingerprints.bablosoft.com R3	`2023-10-19` - `2024-01-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 27 frames:

Primary Page: https://kazus.ru/programs/download/16497/
Frame ID: 10758FA6585A57D78CBB24D425109544
Requests: 33 HTTP requests in this frame

Frame: https://kazus.ru/js/stat-testdata/log_trackjs.htm
Frame ID: 6CD3663C98A7D8AC5EF9E971B70F896F
Requests: 1 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=10&tc=1
Frame ID: 260EEB5F779277089238728F14C4F5B1
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 04C6FB701051AAC2A312B5571CF79A0C
Requests: 1 HTTP requests in this frame

Frame: https://fingerprints.bablosoft.com/setcookies
Frame ID: 26335FACC88CC60CDBFFC32DCD58D0C4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1317160794948979&output=html&h=600&slotname=7998113593&adk=3289412158&adf=3456717570&pi=t.ma~as.7998113593&w=159&fwrn=4&fwrnh=100&lmt=1700201926&rafmt=1&format=159x600&url=https%3A%2F%2Fkazus.ru%2Fprograms%2Fdownload%2F16497%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700201926297&bpp=6&bdt=439&idt=466&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&correlator=4457092830913&frm=20&pv=2&ga_vid=24009785.1700201926&ga_sid=1700201926&ga_hid=1019080820&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=2201&ady=476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C31079517%2C44795921%2C31078297%2C31079757%2C44807764%2C44808148%2C44808284%2C44809057%2C21065724&oid=2&pvsid=2812712637081592&tmod=1476994647&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=496
Frame ID: 8EFC2AF46824F4A86620696D2C3CD1E5
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1317160794948979&output=html&adk=1812271804&adf=3025194257&lmt=1700201926&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fkazus.ru%2Fprograms%2Fdownload%2F16497%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700201926355&bpp=6&bdt=497&idt=474&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=159x600&nras=1&correlator=4457092830913&frm=20&pv=1&ga_vid=24009785.1700201926&ga_sid=1700201926&ga_hid=1019080820&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C31079517%2C44795921%2C31078297%2C31079757%2C44807764%2C44808148%2C44808284%2C44809057%2C21065724&oid=2&pvsid=2812712637081592&tmod=1476994647&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=519
Frame ID: 6807B6832AD243F0468089A4EB8F78B1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A7733B466E08B93E3FBFACCAF6736E5E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: 65066710CE74F4DBEF1D5C08A0A1861E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: EBD1FE2D9A17391A8552305353DC4262
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: B42459EF4253A16469A71B62B72FB549
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 96F3BA2FD47E78E76F9D9D979728B32A
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 256A6D3C1AC2ACB575112BF5F12494E9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGJ-x-_0BMAE&v=APEucNVSlCXS1JFyO7vheKujqAG0Z9_baneH885wYzChv5UBecXjLzXOurjHCtnqTnu7UWWl5uyTzugy0wvyQ0cggvfM4Zw7WM_3y0Etzq-gQmOhoGhn27QsfPG5xCallBhdVUmnhZkcA1rZfsNV8PIEaXkcNze84kuVkAw_vsfVmZkUSLHmHjQ
Frame ID: 31CAFC50EA7833CB9130E2DFE5FAA3DD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 1109CD2A564F2FAAF6143008ED7C56AF
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 883850A53C6B4FE1119EEB40A8690150
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5BC9660CB70C470C388E475E1273B3A6
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 73989BCBF1297BADDC51A93EEE3FCD88
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2573EB4E1B4782077B45437C5789E464
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: 55A02488FA90AFE855FAB57CDF93E62F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: 7B3C678A5FDFF0EF82CE2DEC2E821955
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3365586212222314499/728x90/index.html?ev=01_250
Frame ID: 5F982D3E56D9BCBA0225D9C1F2B56691
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: 52860EB4E0239EFB739C39DD751AAAF9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 40B2391C63E5C3885D6EF03B62EB17EF
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 43C4EE6C5A1DFE4B72081EF2F7159885
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 61068A8D14946784BB0FA9E6E47A8ABA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5833E02268DD9C87DE8059DC01044D8C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Crack.exe - Скачать Crack.exe | ЭЛЕКТРОНИКА / CAD / Protel_dxp / Protel_dxp

Page URL History Show full URLs

http://kazus.ru/programs/download/16497/ HTTP 301
https://kazus.ru/programs/download/16497/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

192
Requests

81 %
HTTPS

24 %
IPv6

52
Domains

69
Subdomains

46
IPs

12
Countries

2365 kB
Transfer

5418 kB
Size

97
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://kazus.info/
Title: English version

Search URL Search Domain Scan URL

URL: http://datasheets.ru/
Title: Datasheets

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kazus.ru/programs/download/16497/ HTTP 301
https://kazus.ru/programs/download/16497/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//kazus.ru/programs/download/16497/;hCrack.exe%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20Crack.exe%20%7C%20%u042D%u041B%u0415%u041A%u0422%u0420%u041E%u041D%u0418%u041A%u0410%20/%20CAD%20/%20Protel_dxp%20/%20Protel_dxp;0.014745539853209921 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//kazus.ru/programs/download/16497/;hCrack.exe%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20Crack.exe%20%7C%20%u042D%u041B%u0415%u041A%u0422%u0420%u041E%u041D%u0418%u041A%u0410%20/%20CAD%20/%20Protel_dxp%20/%20Protel_dxp;0.014745539853209921

Request Chain 21

https://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10&tc=1

Request Chain 26

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=1603420AC60557652E005C0B0227DF04

Request Chain 27

https://px.adhigh.net/p/cm/sape?u=0100007FC6055765250DE39702F8A33F HTTP 302
https://px.adhigh.net/p/cm/sape?u=0100007FC6055765250DE39702F8A33F&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=7GjLngOGrGi.AikABlGL2-6QfA

Request Chain 28

https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4496880928 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=A6WA8Kc5186JFSFwEu9DzkA&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FC6055765200D799702F3CB5A

Request Chain 33

https://sync.upravel.com/sape/sync HTTP 302
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP 302
https://www.acint.net/match?dp=71&euid=85227423-fb2d-4bc7-befe-5e4a36fde488 HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D&dp=14 HTTP 302
https://acint.net/match?dp=14&euid=1603420AC60557652E005C0B0227DF04

Request Chain 34

https://s.ccsyncuuid.net/match/5/?remote_uid=0100007FC6055765250DE39702F8A33F HTTP 302
https://acint.net/match?dp=80&euid=IIPKcWfuJGhjLEh2uLrO

Request Chain 36

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP 302
https://www.acint.net/match?dp=95&euid=DGVHUJLQ

Request Chain 38

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=aHGb4au2sinP

Request Chain 40

https://ads.adlook.me/csync?pid=sape&uid=0100007FC6055765250DE39702F8A33F&url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP 302
https://acint.net/match?dp=110&euid=48dc84904c504131936fd03568965507

Request Chain 41

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007FC6055765250DE39702F8A33F HTTP 301
https://vma.mts.ru/match/second?ssp=30&exu=0100007FC6055765250DE39702F8A33F HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=6bf619f2-596a-4a12-bdf7-612f95189f99&return_url=https%3A%2F%2Fmts-dsp-sync.rutarget.ru%2Fsync%3Fcallback_url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D30%2526em%253D3%2526ssp%253Dsegmento%2526id%253D%2524%257BRUTARGET_VISITOR_ID%257D HTTP 302
https://mts-dsp-sync.rutarget.ru/sync?callback_url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D30%26em%3D3%26ssp%3Dsegmento%26id%3D%24%7BRUTARGET_VISITOR_ID%7D HTTP 302
https://vma.mts.ru/em?next=30&em=3&ssp=segmento&id=aHGb4au2sinP HTTP 301
https://www.acint.net/match?dp=125&euid=6bf619f2-596a-4a12-bdf7-612f95189f99

Request Chain 42

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=1fe6c57f-76dd-4a7a-5fd6-56bfe8560168

Request Chain 43

https://s.uuidksinc.net/match/396/?remote_uid=0100007FC6055765250DE39702F8A33F HTTP 302
https://www.acint.net/match?dp=127&euid=0lcREzpDBIQxFs0b67bV

Request Chain 44

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1 HTTP 302
https://www.acint.net/match?dp=129&euid=y3go26gdpn

Request Chain 46

https://x01.aidata.io/0.gif?pid=9401454&id=0100007FC6055765250DE39702F8A33F HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=0100007FC6055765250DE39702F8A33F&bounce=1 HTTP 302
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
https://x01.aidata.io/0.gif?pid=LIVE&id=4F6C8EDB041A98E6BEF0&back=STOP

Request Chain 47

https://sync.gonet-ads.com/match/sape.js?id=0100007FC6055765250DE39702F8A33F HTTP 302
https://sync.gonet-ads.com/match/sape.js?id=0100007FC6055765250DE39702F8A33F&chk=1

Request Chain 48

https://sync.bumlam.com/?src=sap1&uid=0100007FC6055765250DE39702F8A33F HTTP 302
https://sync.bumlam.com/?src=sap1&s_data=CAIQARjHi9yqBmIgMDEwMDAwN0ZDNjA1NTc2NTI1MERFMzk3MDJGOEEzM0aiARAqtesmhRER7obgACWQwGR8

Request Chain 49

https://pix.bumlam.com/sync/sape/check?sspuid=0100007FC6055765250DE39702F8A33F HTTP 302
https://sync.bumlam.com/?src=sape HTTP 302
https://pix.bumlam.com/sync/sape/sync_ok?guid=2ab5eb26-8511-11ee-86e0-002590c0647c HTTP 302
https://2ab5eb26-8511-11ee-86e0-002590c0647c.n6.sync.bumlam.com/?src=sape HTTP 302
https://pix.bumlam.com/sync/sape/done

Request Chain 50

https://an.yandex.ru/mapuid/sapeis/0100007FC6055765250DE39702F8A33F HTTP 302
https://an.yandex.ru/mapuid/sapeis/0100007FC6055765250DE39702F8A33F?redir-setuniq=1

Request Chain 51

https://nr.bidderstack.com/sape/cm?user_id=0100007FC6055765250DE39702F8A33F HTTP 302
https://nr.bidderstack.com/sape/cm?user_id=0100007FC6055765250DE39702F8A33F&pupa=1

Request Chain 52

https://cs.agency2.ru/p?ssp=sp&uid=0100007FC6055765250DE39702F8A33F HTTP 301
https://www.acint.net/match?dp=186&euid=c57c710a-9ef8-46d0-a2d6-0557b6c627c8

Request Chain 53

https://match.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D HTTP 302
https://www.acint.net/match?dp=217&euid=edc3c37d-3f1f-45ad-9ad4-f130aca7d6ce

Request Chain 55

https://sync.programmatica.com/match/01 HTTP 302
https://sync.programmatica.com/match/01?chk=1 HTTP 302
https://www.acint.net/rmatch?dp=235&euid=N2E5YWJlM2RkOGU0MjI4Mw&r=https%3A%2F%2Fsync.programmatica.com%2Fmatch%2F01%3Fid%3D%24%7BUSER_ID%7D%26fp%3D1642882560 HTTP 302
https://sync.programmatica.com/match/01?id=0100007FC6055765200D799702F3CB5A&fp=1642882560 HTTP 302
https://dmg.digitaltarget.ru/1/7536/i/i?a=1051&e=N2E5YWJlM2RkOGU0MjI4Mw&i=1mi4jxdpc7l4k HTTP 307
https://dmg.digitaltarget.ru/awg/custom/7536/i/i?call_source=awg&ts=1700201927743&a=1051&e=N2E5YWJlM2RkOGU0MjI4Mw&i=1mi4jxdpc7l4k

Request Chain 57

https://kimberlite.io/rtb/sync/sape2?u=0100007FC6055765250DE39702F8A33F HTTP 307
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZVcFx0qEClc HTTP 301
https://vma.mts.ru/match/second?ssp=59&exu=ZVcFx0qEClc HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=6bf619f2-596a-4a12-bdf7-612f95189f99&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D59%2526em%253D1%2526ssp%253Dkonnektu%2526id%253D%257BUSER_ID%257D HTTP 302
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D HTTP 302
https://vma.mts.ru/em?next=59&em=1&ssp=konnektu&id= HTTP 301
https://kimberlite.io/rtb/sync/mts?u=6bf619f2-596a-4a12-bdf7-612f95189f99 HTTP 307
https://www.acint.net/match?dp=243&euid=ZVcFx0qEClc

Request Chain 58

https://sync.dsp.solta.io/match/sape?id=0100007FC6055765250DE39702F8A33F HTTP 302
https://sync.dsp.solta.io/match/sape?id=0100007FC6055765250DE39702F8A33F&chk=1 HTTP 302
https://www.acint.net/match?dp=260&euid=NWQ5MTc3YzdkYmJkZGQzMQ

Request Chain 61

https://ssp.afp.ai/api/sync/sape HTTP 302
https://www.acint.net/match?dp=261&euid=74338f1f-dd9d-4942-abb1-bce382a6fa56

Request Chain 76

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 80

https://googleads.g.doubleclick.net/pagead/adview?ai=C5PjxxgVXZduKN5OlkwOf0aqoA-q38Ix0-5OqhY4RvLWY4bgoEAEgm8WVA2CVqp-CsAegAfjg9PoDyAEBqQJa24gxmjWyPqgDAcgDywSqBPcBT9DYrBOwx-2qRTMTIiR5MpgrAWAtH4bbYmN4YLCE9DhwXbKAvNEidTOnl8ufqA0lpLcsJS1DDkgzq6ONbdr3zoOvHI-VyOzTniFMCl2pytb2sYnc61jW2NsISOal7M88qrWabMSSsft5iVFMniCBDHWpc78wgJpk1TXMwc_7nxDYdrM-1-QsSozqPsmuOdXSeBZBCK4ycDwcNHNkvXzma7nRpCaDicxP9V2F3oFiIVexYt3hN1gp_k3NHzwbTecf2V_FOX1yZQdbpDWTnweveFBj6NCDALpXy3SYi2pM9SBhTgToliNBi-VBj6qvCjOZAE2Hjb4QM8AEjbe3ydADiAXUptKdM5IFBAgEGAGSBQQIBRgEgAfwnosFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwUQquW_AdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCTJodHRwczovL3d3dy53YWdvLmNvbS9kZS9scC1kb3dubG9hZC1tdHAtNC1icmFuY2hlboAKAcgLAaIMECoOCgzktLEC7rWxArW4sQLYEw7QFQGYFgGAFwGyFxwKGggAEhRwdWItMTMxNzE2MDc5NDk0ODk3ORgA&sigh=u4RWC9HrB3w&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTwDICaaNIQjK6ROjupdNzVlzGZYUQNjy75gOVTD-FW0tEEcHcR4SwkVRvODAQ_-DNcnwMheFQ-Fl5jj0uDPgG43EQEviG1oMhhus7EHGmTcYAQ&template_id=5020&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227290624164773379377%22,%22debug_reporting%22:true,%22destination%22:%22https://wago.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221063071864%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222507123330863791137%22}&andc=true

Request Chain 82

https://dmg.digitaltarget.ru/1/1093/i/i?i=71961808101990.767534424091913&a=77&e=0100007FC6055765250DE39702F8A33F&pref=https%3A%2F%2Fkazus.ru%2F&c=ss:77.up:0100007FC6055765250DE39702F8A33F.sync:up.xdua:duoV0pbZ1_QtKHMWm6lGGaUt.xps:xpsksKqULNoUAQlMOzKDSfVBp.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1700201927794&i=71961808101990.767534424091913&a=77&e=0100007FC6055765250DE39702F8A33F&pref=https%3A%2F%2Fkazus.ru%2F&c=ss:77.up:0100007FC6055765250DE39702F8A33F.sync:up.xdua:duoV0pbZ1_QtKHMWm6lGGaUt.xps:xpsksKqULNoUAQlMOzKDSfVBp.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://pix.bumlam.com/sync/amb4/check?uid=FSaXhnBZ9Brr4kF71915 HTTP 302
https://2ab5eb26-8511-11ee-86e0-002590c0647c.n6.sync.bumlam.com/?src=amb4 HTTP 302
https://pix.bumlam.com/sync/amb4/done

Request Chain 83

https://dmg.digitaltarget.ru/1/1093/i/i?i=71961808101990.823126492303055&a=77&e=0100007FC6055765250DE39702F8A33F&pref=https%3A%2F%2Fkazus.ru%2F&c=ss:77.up:0100007FC6055765250DE39702F8A33F.sync:up.xdua:duoV0pbZ1_QtKHMWm6lGGaUt.xps:xpsksKqULNoUAQlMOzKDSfVBp.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1700201927794&i=71961808101990.823126492303055&a=77&e=0100007FC6055765250DE39702F8A33F&pref=https%3A%2F%2Fkazus.ru%2F&c=ss:77.up:0100007FC6055765250DE39702F8A33F.sync:up.xdua:duoV0pbZ1_QtKHMWm6lGGaUt.xps:xpsksKqULNoUAQlMOzKDSfVBp.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://top-fwz1.mail.ru/counter?id=3210372;pid=FSaXhnBZ9Brr4kF71915

Request Chain 119

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIzaW8gOhnNTTNV8xhwtag&google_cver=1

Request Chain 120

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVcFyEvwLxCPOS18XortFQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIzaW8gOhnNTTNV8xhwtag&google_cver=1

Request Chain 121

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJOWWNlUQ7inMmGH_05B6mM&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJOWWNlUQ7inMmGH_05B6mM%26google_cver%3D1

Request Chain 122

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc0NTY0MTI1NzQzOTQ0MzQ3OQ%3D%3D

Request Chain 128

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 141

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 143

https://googleads.g.doubleclick.net/pagead/adview?ai=CrDItxgVXZa-4OLK278EPp5SU4AyNksKGdIHhwuifEr2foPGXERABIJvFlQNglaqfgrAHoAGDrI2qKsgBAakCWtuIMZo1sj6oAwHIA8sEqgT1AU_QYYbI9GbmFNpmTMfXHN--31gEK-KDTTM56OJLdQ8j80_GaHbbU9MeGI89vSf3G0KQxiPAgacWi_DLNXZP7ugefPV_UDJC7-UQVWPQ_jwSGbF0BnHAjWBdwS9E7JiICofOMv9GKcV0dMjXrNqV3C-VYOR0KavVm1yzcGWxJIJatrU8akDG5REQ6fRZ3Ooa7KSmYcr3JrUHYViBz-i4sBEDLLGXEEjgezLuJ78IskdX-DLLuyJ3IN1jBXlytrv9xMd5dLd71VnN7UB5m0BqeccFs38oZCqAjitZKtSK0qha5PzOF54PIOL4apVhsmEjqTCSJzJvwASzqrm91wSIBcKM7Z5NkgUECAQYAZIFBAgFGASAB4Pk3YkFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ1PsS0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJGmh0dHBzOi8vbm92YXBvc3QuY29tL3VrLWRlgAoByAsBogwQKg4KDOS0sQLutbECtbixAtgTAogUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMzE3MTYwNzk0OTQ4OTc5GAA&sigh=90uBZjjiHio&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTwDICaaNPS34KfeAGbx4ldfJxaRfyjRhymCGeYNVS62s-hznkIg-mm6r984Nk6SFgGOHYBNEUbw4phL-3tuJufvpzs3igT4PTi6LlPVDKVsYAQ&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223432220640041925595%22,%22debug_reporting%22:true,%22destination%22:%22https://novapost.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211362588163%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223586066152348856017%22}&andc=true

Request Chain 156

https://googleads.g.doubleclick.net/pagead/adview?ai=CEo56xgVXZa64OLK278EPp5SU4AyNksKGdIHhwuifEr2foPGXERABIJvFlQNglaqfgrAHoAGDrI2qKsgBAakCWtuIMZo1sj6oAwHIA8sEqgT1AU_Q7EPqzyUUJz0AKErywzGo-4El7tcgwui5dSqv1uC6AfEQbxLWbW9A1SwFD8amoK-62xosEGMGEfMIPQvx87fneLzS3ofofa5z5gtJeczagm_imLFrUfls5smcYFLw0YQc-Jhkm8bq9oCxOy6ainJrw2_4sDmolqgzR3mWw56017_pBqk1y4rv9IkboK0PYENC99XRp4DObW5LeSVL_b-FhjR46h9enlIjyjdj7ut8LWIR5EYm19wiKZJ4H2oLJf3O3Nhq8MOsbi4TPn1LknduefJk-j7QcgaQQ-A0uFUOYuhS3I89uwvz_5mRS9KjmGb9oGUKwASzqrm91wSIBcKM7Z5NkgUECAQYAZIFBAgFGASAB4Pk3YkFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQqroT0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJGmh0dHBzOi8vbm92YXBvc3QuY29tL3VrLWRlgAoByAsBogwQKg4KDOS0sQLutbECtbixAtgTAogUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMzE3MTYwNzk0OTQ4OTc5GAA&sigh=-CKJRrTZExA&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTwDICaaNPS34KfeAGbx4ldfJxaRfyjRhymCGeYNVS62s-hznkIg-mm6r984Nk6SFgGOHYBNEUbw4phL-3tuJufvpzs3igT4PTi6LlPVDKVsYAQ&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212584199203626093587%22,%22debug_reporting%22:true,%22destination%22:%22https://novapost.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211362588163%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224557429558477121153%22}&andc=true

Request Chain 161

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 165

https://fw.adsafeprotected.com/rfw/st/1350098/76506716/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015034086&ias_pubId=pub-1317160794948979&ias_chanId=1&ias_placementId=20744673732&bidurl=https://kazus.ru/programs/download/16497/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hBNwlnWfIuxVs4TKKKODpQ&adsafe_url=https%3A%2F%2Fkazus.ru&adsafe_type=g&adsafe_url=https%3A%2F%2Fkazus.ru%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-1317160794948979%26fa%3D1%26ifi%3D6%26uci%3Da!6%26btvi%3D3&adsafe_type=be&adsafe_jsinfo=,id:375f6e9f-d337-3437-9bed-06c49e9b175b,c:ucSFdy,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7bc8d8d488-dfvr9,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:7,mot:0,app:0,maw:0,fm:tVQu1FI+11%7C12%7C13%7C14%7C151%7C152%7C16%7C1711%7C1712%7C181%7C182%7C191%7C192%7C1a1*.1350098-76506716%7C1a11%7C1a12%7C1a13,idMap:1a1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,smm:ibgm,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:47,oid:2ba02e1b-8511-11ee-85c6-e226cb27ff58,v:19.8.460,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&ias_xappb=

192 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
kazus.ru/programs/download/16497/
Redirect Chain

http://kazus.ru/programs/download/16497/
https://kazus.ru/programs/download/16497/

16 KB
6 KB

44ms
22ms

Document
text/html

195.201.86.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kazus.ru/programs/download/16497/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.86.197 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: kazus.ru
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 01d2a50e8bc78a26b95a9a4eb53ed68bf05afa355126854b6f0a0434f0096dcb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 5899
Content-Type: text/html
Date: Fri, 17 Nov 2023 06:18:45 GMT
Keep-Alive: timeout=5, max=150
Pragma: no-cache
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 323
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 17 Nov 2023 06:18:45 GMT
Keep-Alive: timeout=5, max=150
Location: https://kazus.ru/programs/download/16497/
Server: Apache/2.4.41 (Ubuntu)

GET
H/1.1 200
OK style.css
kazus.ru/styles/ 12 KB
2 KB 27ms
10ms Stylesheet
text/css 195.201.86.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kazus.ru/styles/style.css
Requested by: Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.86.197 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: kazus.ru
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 248a488bb0b6e81f058952c0d358d7cca8a6b18b99553b37694bb1831ee7a0e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kazus.ru/programs/download/16497/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 06:18:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Dec 2011 10:47:59 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "31fe-4b37e490295c0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=149
Content-Length: 1670

GET
H/1.1 200
OK round-button.css
kazus.ru/styles/ 3 KB
1 KB 51ms
7ms Stylesheet
text/css 195.201.86.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kazus.ru/styles/round-button.css
Requested by: Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.86.197 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: kazus.ru
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: edfd028de4817cff0700d86229b8805ef9f010f065df957c6b8a07832e73781a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kazus.ru/programs/download/16497/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 06:18:45 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Nov 2011 22:21:00 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "bec-4b1cd66ec0b00-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=148
Content-Length: 993

GET
H/1.1 200
OK magnific-popup.css
kazus.ru/styles/ 7 KB
2 KB 69ms
7ms Stylesheet
text/css 195.201.86.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kazus.ru/styles/magnific-popup.css
Requested by: Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.86.197 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: kazus.ru
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kazus.ru/programs/download/16497/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 06:18:45 GMT
Content-Encoding: gzip
Last-Modified: Sun, 04 Jun 2017 21:11:48 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "1b27-55128d59e0d00-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=147
Content-Length: 1816

GET
H/1.1 200
OK functions.js Show response
kazus.ru/includes/js/ 2 KB
1 KB 87ms
10ms Script
application/javascript 195.201.86.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kazus.ru/includes/js/functions.js
Requested by: Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.86.197 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: kazus.ru
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: a76a6f1152ca71f176eca74f86d2e36b94f3a53d2c5748b6944ae2a49aefb0a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kazus.ru/programs/download/16497/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 06:18:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Jan 2014 18:59:59 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "8d1-4f0f8507149c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=146
Content-Length: 766

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ 89 KB
32 KB 58ms
13ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kazus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 05:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 521052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Nov 2024 05:34:33 GMT

GET
H/1.1 200
OK jquery.rotator_728.js Show response
kazus.ru/includes/js/jquery/ 6 KB
2 KB 133ms
21ms Script
application/javascript 195.201.86.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kazus.ru/includes/js/jquery/jquery.rotator_728.js
Requested by: Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.86.197 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: kazus.ru
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 8bc041ed96e8d1b67dc6cc02fc4bf15311b8394667dc48ab1982ad897ee08320

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kazus.ru/programs/download/16497/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 06:18:45 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Mar 2014 17:05:02 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "18be-4f5715a4dcb80-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=145
Content-Length: 1753

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 46ms
6ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kazus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:55:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 01:55:01 GMT

GET
H/1.1 200
OK jquery.magnific-popup.min.js Show response
kazus.ru/includes/js/ 20 KB
8 KB 150ms
10ms Script
application/javascript 195.201.86.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kazus.ru/includes/js/jquery.magnific-popup.min.js
Requested by: Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.86.197 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: kazus.ru
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kazus.ru/programs/download/16497/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 06:18:46 GMT
Content-Encoding: gzip
Last-Modified: Sun, 04 Jun 2017 21:11:48 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "4ef8-55128d59e0d00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=144
Content-Length: 7346

GET
H/1.1 200
OK jquery.cookie.js Show response
kazus.ru/includes/js/ 3 KB
2 KB 163ms
12ms Script
application/javascript 195.201.86.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kazus.ru/includes/js/jquery.cookie.js
Requested by: Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.86.197 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: kazus.ru
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 8c0301b3dba5061632d7321cd8bb7bd527f48288d5cb15ff614ea0c1dcc1ad69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kazus.ru/programs/download/16497/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 06:18:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 May 2015 04:36:08 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "c44-51708c81bde00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=143
Content-Length: 1395

GET
H2 200 clientsafe.js Show response
customfingerprints.bablosoft.com/ 660 KB
662 KB 134ms
28ms Script
application/javascript 143.198.242.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://customfingerprints.bablosoft.com/clientsafe.js

Requested by

Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.198.242.75 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ Express

Resource Hash

43b3fe345a2ddddbb3b29f1207b8bdf941d8e1406883dde24b20a18cb8b7f63b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kazus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 14 Sep 2023 02:10:52 GMT
x-powered-by: Express
etag: W/"a5003-18a917497e0"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 675843

GET
H/1.1 200
OK logo_kazus.gif
kazus.ru/images/ 5 KB
5 KB 122ms
11ms Image
image/gif 195.201.86.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kazus.ru/images/logo_kazus.gif
Requested by: Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.86.197 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: kazus.ru
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 0a92226bb4bc03cf419e9b5ddfd82f1cf50232e8dd28b973c30dcfa73b7668cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kazus.ru/programs/download/16497/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 06:18:46 GMT
Last-Modified: Wed, 17 Sep 2008 15:53:06 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "13c8-4571976d03c80"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=142
Content-Length: 5064

GET
H/1.1 200
OK jlcpcb_468x60.jpg
kazus.ru/banners/adv/jlcpcb/ 19 KB
19 KB 134ms
8ms Image
image/jpeg 195.201.86.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kazus.ru/banners/adv/jlcpcb/jlcpcb_468x60.jpg
Requested by: Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.86.197 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: kazus.ru
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 92e96595262098fc17b472c80c55115e55f28835b6087fd96539cd67f3e0cfcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kazus.ru/programs/download/16497/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 06:18:46 GMT
Last-Modified: Fri, 26 Nov 2021 07:13:45 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "4bde-5d1abd4e5dc40"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=141
Content-Length: 19422

GET
H/1.1 200
OK hdatas.gif
kazus.ru/images/ 679 B
964 B 55ms
12ms Image
image/gif 195.201.86.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kazus.ru/images/hdatas.gif
Requested by: Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.86.197 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: kazus.ru
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: a4be8eff3a015d4675ff7dbe89c948fe5a209d358421f33907ca59898b05ea68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kazus.ru/programs/download/16497/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 06:18:46 GMT
Last-Modified: Thu, 09 Mar 2006 11:52:53 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "2a7-40e8e84342f40"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=140
Content-Length: 679

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
52 KB 137ms
99ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e9af23d1db66ede07fb04c501e640c3d43c22b11ed43a4ea7776c7085214fb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kazus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53055
x-xss-protection: 0
server: cafe
etag: 15038365403312705929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 17 Nov 2023 06:18:46 GMT

GET
H/1.1 200
OK logo
counter.yadro.ru/ 657 B
930 B 129ms
40ms Image
image/gif 88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/logo?29.5

Requested by

Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

fd8c465acc815fd7f23f973c2de10bd5cb42e6440663977b44f952277f2588cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kazus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 06:18:46 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
Cache-control: no-cache
Connection: keep-alive
Content-Length: 657
Expires: Wed, 16 Nov 2022 21:00:00 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//kazus.ru/programs/download/16497/;hCrack.exe%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20Crack.exe%20%7C%20%u042D%u041B%u0415%u041A%u0...
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//kazus.ru/programs/download/16497/;hCrack.exe%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20Crack.exe%20%7C%20%u042D%u041B%u0415%u041A%...

43 B
528 B

66ms
59ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//kazus.ru/programs/download/16497/;hCrack.exe%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20Crack.exe%20%7C%20%u042D%u041B%u0415%u041A%u0422%u0420%u041E%u041D%u0418%u041A%u0410%20/%20CAD%20/%20Protel_dxp%20/%20Protel_dxp;0.014745539853209921

Requested by

Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kazus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 06:18:46 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Wed, 16 Nov 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 06:18:46 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//kazus.ru/programs/download/16497/;hCrack.exe%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20Crack.exe%20%7C%20%u042D%u041B%u0415%u041A%u0422%u0420%u041E%u041D%u0418%u041A%u0410%20/%20CAD%20/%20Protel_dxp%20/%20Protel_dxp;0.014745539853209921
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Wed, 16 Nov 2022 21:00:00 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 52ms
14ms Script
text/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kazus.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Nov 2023 05:20:22 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3504
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Fri, 17 Nov 2023 07:20:22 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 16ms
15ms Image
image/gif 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1238049578&utmhn=kazus.ru&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Crack.exe%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Crack.exe%20%7C%20%D0%AD%D0%9B%D0%95%D0%9A%D0%A2%D0%A0%D0%9E%D0%9D%D0%98%D0%9A%D0%90%20%2F%20CAD%20%2F%20Protel_dxp%20%2F%20Protel_dxp&utmhid=1019080820&utmr=-&utmp=%2Fprograms%2Fdownload%2F16497%2F&utmht=1700201926128&utmac=UA-6715374-1&utmcc=__utma%3D77877902.24009785.1700201926.1700201926.1700201926.1%3B%2B__utmz%3D77877902.1700201926.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1615137189&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kazus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET log_trackjs.htm
kazus.ru/js/stat-testdata/ Frame 6CD3 0
0

GET
H2 200 aci.js Show response
www.acint.net/ 29 KB
8 KB 29ms
7ms Script
application/x-javascript 142.132.138.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.213 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: 9a4d4b0095f5dfd9adf1a509029b110a24bfc96c1cf3273c6d59718563e4c7db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kazus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:46 GMT
content-encoding: gzip
last-modified: Tue, 13 Jun 2023 08:01:51 GMT
server: openresty
etag: "6488226f-20c3"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 8387
expires: Fri, 17 Nov 2023 18:18:46 GMT

GET
H2 200 perfectcanvas Show response
customfingerprints.bablosoft.com/ 18 KB
2 KB 118ms
36ms Fetch 143.198.242.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://customfingerprints.bablosoft.com/perfectcanvas?publickey=f21dyxfnn0ip7xfhc9rc6ng35el9wbxira2oy6vz9rg9p6tsbqiar6n32425hpf1

Requested by

Host: customfingerprints.bablosoft.com
URL: https://customfingerprints.bablosoft.com/clientsafe.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.198.242.75 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

/ Express

Resource Hash

f240778515a8dbd3a8205d2a81d2b64dc367593d6698e6878d1510a81a6c46ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kazus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:46 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type, Accept-Datetime, Upgrade-Insecure-Requests, Authorization, Cache-Control, If-Match, If-Modified-Since, If-None-Match, If-Range, If-Unmodified-Since, Max-Forwards, Range, Pragma, X-Requested-With, DNT, X-HTTP-Method-Override, X-Csrf-Token, X-Request-ID

GET
H2

200

/ Show response
www.acint.net/mc/ Frame 260E
Redirect Chain

https://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10&tc=1

5 KB
5 KB

13ms
13ms

Document
text/html

142.132.138.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=10&tc=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.213 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: e379385ae4acb3695c5485334b9ad40a4c9b46d38436734978d1c11ba6d34d52

Request headers

Referer: https://kazus.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 17 Nov 2023 06:18:46 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
server: openresty

Redirect headers

content-length: 154
content-type: text/html
date: Fri, 17 Nov 2023 06:18:46 GMT
location: /mc/?dp=10&tc=1
server: openresty

GET
H2 200 oci.js Show response
www.acint.net/ 31 KB
14 KB 18ms
9ms Script
application/x-javascript 142.132.138.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/oci.js?t=1700201926233
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.213 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: 4b7a641911ec167f9bb0e5fad77703342ebadb9d28f15c2da7a2cef024725a8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kazus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:46 GMT
content-encoding: gzip
last-modified: Fri, 24 Mar 2023 20:32:13 GMT
server: openresty
etag: W/"641e08cd-7dac"
content-type: application/x-javascript

GET
H2 200 /
www.acint.net/hit/ 43 B
341 B 17ms
9ms Image
image/gif 142.132.138.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.6.0&uid=c7f3b1d8-7a0c-4423-a604-bf4e4c11dbed&dp=10&tz=%2B01%3A00&nc=525054&u=https%3A%2F%2Fkazus.ru%2Fprograms%2Fdownload%2F16497%2F&r=&rs=1600x1200&t=Crack.exe%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Crack.exe%20%7C%20%D0%AD%D0%9B%D0%95%D0%9A%D0%A2%D0%A0%D0%9E%D0%9D%D0%98%D0%9A%D0%90%20%2F%20CAD%20%2F%20Protel_dxp%20%2F%20Protel_dxp&oE=1&oP=1&dT=2023-11-17T07%3A18%3A46.216&fu=353cabd9-18e3-4af6-a48b-f3e1f8ee4926
Requested by: Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.213 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kazus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 17 Nov 2023 06:18:46 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 397 KB
134 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1317160794948979&plah=kazus.ru&bust=31079757

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc9f91f6e0f6ce3999b741d6c7bf51a19b9415b29d9df5f0a40d3cf84180c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kazus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137281
x-xss-protection: 0
server: cafe
etag: 831677073455457207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 06:18:46 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 04C6 9 KB
4 KB 404ms
9ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kazus.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 46749
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 17:19:37 GMT
etag: 16674218716276178799
expires: Thu, 30 Nov 2023 17:19:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

match
acint.net/ Frame 260E
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=1603420AC60557652E005C0B0227DF04

43 B
269 B

31ms
6ms

Image
image/gif

142.132.138.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=1603420AC60557652E005C0B0227DF04
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 142.132.138.213 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:46 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Fri, 17 Nov 2023 06:18:46 GMT
Server: openresty
Access-Control-Allow-Methods: GET
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Location: https://acint.net/match?dp=14&euid=1603420AC60557652E005C0B0227DF04
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame 260E
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=0100007FC6055765250DE39702F8A33F
https://px.adhigh.net/p/cm/sape?u=0100007FC6055765250DE39702F8A33F&bounced=1
https://acint.net/match?dp=17&euid=7GjLngOGrGi.AikABlGL2-6QfA

43 B
269 B

30ms
14ms

Image
image/gif

142.132.138.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=7GjLngOGrGi.AikABlGL2-6QfA
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 142.132.138.213 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:46 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:46 GMT
server: nginx
x-backend-id: f19-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://acint.net/match?dp=17&euid=7GjLngOGrGi.AikABlGL2-6QfA
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 260E
Redirect Chain

https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4496880928
https://www.acint.net/rmatch?dp=45&euid=A6WA8Kc5186JFSFwEu9DzkA&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FC6055765200D799702F3CB5A

42 B
201 B

176ms
54ms

Image
image/gif

81.222.128.214
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FC6055765200D799702F3CB5A
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad14.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 06:18:47 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Fri, 17 Nov 2023 06:18:46 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FC6055765200D799702F3CB5A
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 sync
a.utraff.com/ Frame 260E 0
770 B 380ms
26ms Image
text/plain 2606:4700:e2::ac40:8924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=8&id=0100007FC6055765250DE39702F8A33F
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hvOAhpU9Y81XyQMQPkChSa4gXZ%2Fb2esNZHvezurbjqV1YvlKg1epzkFfEz22iNTNROjZNnJVSuQSBIPYxcUigmsrphQLX82i1rc2co1NHYitA1V%2FhPyEAEkbIXGd9wZ8lyW5u0Aq%2Fg%2BkpiY%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 8275dbba48d4925f-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
alt-svc: h3=":443"; ma=86400

GET
H2 204 match
dm-eu.hybrid.ai/ Frame 260E 0
282 B 372ms
30ms Image
text/plain 37.230.131.16
HYBRID-POLAND

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=106&vid=0100007FC6055765250DE39702F8A33F

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.230.131.16 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:46 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: https://www.acint.net
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-mode: 530
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame 260E 3 KB
3 KB 388ms
46ms Script
application/javascript 185.15.175.132
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.132 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 06:18:46 GMT
Last-Modified: Tue, 14 Nov 2023 16:34:14 GMT
Server: nginx
ETag: "6553a186-beb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3051

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame 260E 0
70 B 608ms
266ms Image
text/plain 116.202.236.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=0100007FC6055765250DE39702F8A33F
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.202.236.228 Bad Griesbach, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.228.236.202.116.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 17 Nov 2023 06:18:46 GMT
server: nginx/1.17.10

GET
H2

200

match
acint.net/ Frame 260E
Redirect Chain

https://sync.upravel.com/sape/sync
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
https://www.acint.net/match?dp=71&euid=85227423-fb2d-4bc7-befe-5e4a36fde488
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D&dp=14
https://acint.net/match?dp=14&euid=1603420AC60557652E005C0B0227DF04

43 B
269 B

38ms
0ms

Image
image/gif

142.132.138.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=1603420AC60557652E005C0B0227DF04
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 142.132.138.213 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:47 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Fri, 17 Nov 2023 06:18:46 GMT
Server: openresty
Access-Control-Allow-Methods: GET
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Location: https://acint.net/match?dp=14&euid=1603420AC60557652E005C0B0227DF04
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame 260E
Redirect Chain

https://s.ccsyncuuid.net/match/5/?remote_uid=0100007FC6055765250DE39702F8A33F
https://acint.net/match?dp=80&euid=IIPKcWfuJGhjLEh2uLrO

43 B
269 B

8ms
7ms

Image
image/gif

142.132.138.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=80&euid=IIPKcWfuJGhjLEh2uLrO
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 142.132.138.213 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:47 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=80&euid=IIPKcWfuJGhjLEh2uLrO
date: Fri, 17 Nov 2023 06:18:46 GMT
server: nginx
content-length: 0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 260E 42 B
201 B 844ms
82ms Image
image/gif 81.222.128.214
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FC6055765250DE39702F8A33F
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad14.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 06:18:47 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

match
www.acint.net/ Frame 260E
Redirect Chain

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
https://www.acint.net/match?dp=95&euid=DGVHUJLQ

43 B
269 B

20ms
15ms

Image
image/gif

142.132.138.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=95&euid=DGVHUJLQ
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 142.132.138.213 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:46 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=95&euid=DGVHUJLQ
date: Fri, 17 Nov 2023 06:18:46 GMT
server: nginx/1.22.0
content-length: 74
content-type: text/html; charset=utf-8

GET
H2 204 sape
sync.adspend.space/ Frame 260E 0
46 B 224ms
46ms Image
text/plain 5.189.234.229
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adspend.space/sape?uid=0100007FC6055765250DE39702F8A33F
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.234.229 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:46 GMT
server: nginx/1.22.1

GET
H2

200

match
www.acint.net/ Frame 260E
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=aHGb4au2sinP

43 B
269 B

38ms
0ms

Image
image/gif

142.132.138.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=aHGb4au2sinP
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 142.132.138.213 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:47 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=aHGb4au2sinP
Date: Fri, 17 Nov 2023 06:18:46 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2 403 match
ads.betweendigital.com/ Frame 260E 0
0 130ms
25ms Image
text/html 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=0100007FC6055765250DE39702F8A33F&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2

200

match
acint.net/ Frame 260E
Redirect Chain

https://ads.adlook.me/csync?pid=sape&uid=0100007FC6055765250DE39702F8A33F&url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
https://acint.net/match?dp=110&euid=48dc84904c504131936fd03568965507

43 B
269 B

29ms
14ms

Image
image/gif

142.132.138.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=110&euid=48dc84904c504131936fd03568965507
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 142.132.138.213 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:47 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=110&euid=48dc84904c504131936fd03568965507
date: Fri, 17 Nov 2023 06:18:47 GMT
server: Microsoft-IIS/10.0

GET
H2

200

match
www.acint.net/ Frame 260E
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007FC6055765250DE39702F8A33F
https://vma.mts.ru/match/second?ssp=30&exu=0100007FC6055765250DE39702F8A33F
https://tech.rtb.mts.ru/?dsp_uid=6bf619f2-596a-4a12-bdf7-612f95189f99&return_url=https%3A%2F%2Fmts-dsp-sync.rutarget.ru%2Fsync%3Fcallback_url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D30...
https://mts-dsp-sync.rutarget.ru/sync?callback_url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D30%26em%3D3%26ssp%3Dsegmento%26id%3D%24%7BRUTARGET_VISITOR_ID%7D
https://vma.mts.ru/em?next=30&em=3&ssp=segmento&id=aHGb4au2sinP
https://www.acint.net/match?dp=125&euid=6bf619f2-596a-4a12-bdf7-612f95189f99

43 B
269 B

22ms
21ms

Image
image/gif

142.132.138.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=125&euid=6bf619f2-596a-4a12-bdf7-612f95189f99
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 142.132.138.213 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:47 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Fri, 17 Nov 2023 06:18:47 GMT
Server: nginx
Vary: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Location: https://www.acint.net/match?dp=125&euid=6bf619f2-596a-4a12-bdf7-612f95189f99
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame 260E
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=1fe6c57f-76dd-4a7a-5fd6-56bfe8560168

43 B
269 B

11ms
6ms

Image
image/gif

142.132.138.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=1fe6c57f-76dd-4a7a-5fd6-56bfe8560168
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 142.132.138.213 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:47 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=1fe6c57f-76dd-4a7a-5fd6-56bfe8560168
date: Fri, 17 Nov 2023 06:18:47 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame 260E
Redirect Chain

https://s.uuidksinc.net/match/396/?remote_uid=0100007FC6055765250DE39702F8A33F
https://www.acint.net/match?dp=127&euid=0lcREzpDBIQxFs0b67bV

43 B
269 B

8ms
7ms

Image
image/gif

142.132.138.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=0lcREzpDBIQxFs0b67bV
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 142.132.138.213 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:47 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=127&euid=0lcREzpDBIQxFs0b67bV
date: Fri, 17 Nov 2023 06:18:47 GMT
server: nginx/1.23.2
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 260E
Redirect Chain

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1
https://www.acint.net/match?dp=129&euid=y3go26gdpn

43 B
269 B

16ms
11ms

Image
image/gif

142.132.138.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=129&euid=y3go26gdpn
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 142.132.138.213 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:47 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:47 GMT
server: nginx/1.22.0
surrogate-control: no-store
vary: Origin
access-control-allow-origin: *
location: https://www.acint.net/match?dp=129&euid=y3go26gdpn
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
x-request-id: 5a29a4b1-a204-4c63-8d4d-b3e48b8fd9f3
expires: 0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame 260E 0
215 B 168ms
42ms Image
text/plain 217.65.2.150
CITYTELECOM-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=0100007FC6055765250DE39702F8A33F
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 17 Nov 2023 06:18:47 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.22.1
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2

204

0.gif
x01.aidata.io/ Frame 260E
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=0100007FC6055765250DE39702F8A33F
https://x01.aidata.io/0.gif?pid=9401454&id=0100007FC6055765250DE39702F8A33F&bounce=1
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
https://x01.aidata.io/0.gif?pid=LIVE&id=4F6C8EDB041A98E6BEF0&back=STOP

0
433 B

41ms
40ms

Image
text/plain

89.108.119.43
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LIVE&id=4F6C8EDB041A98E6BEF0&back=STOP
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51370.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:47 GMT
last-modified: Fri, 17 Nov 2023 06:18:46 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Fri, 17 Nov 2023 06:18:46 GMT

Redirect headers

Location: https://x01.aidata.io/0.gif?pid=LIVE&id=4F6C8EDB041A98E6BEF0&back=STOP
Date: Fri, 17 Nov 2023 06:18:47 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 262
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

sape.js
sync.gonet-ads.com/match/ Frame 260E
Redirect Chain

https://sync.gonet-ads.com/match/sape.js?id=0100007FC6055765250DE39702F8A33F
https://sync.gonet-ads.com/match/sape.js?id=0100007FC6055765250DE39702F8A33F&chk=1

345 B
345 B

59ms
59ms

Image
application/javascript

188.42.105.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.gonet-ads.com/match/sape.js?id=0100007FC6055765250DE39702F8A33F&chk=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

188.42.105.236 , Luxembourg, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block

Redirect headers

date: Fri, 17 Nov 2023 06:18:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
location: https://sync.gonet-ads.com/match/sape.js?id=0100007FC6055765250DE39702F8A33F&chk=1
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame 260E
Redirect Chain

https://sync.bumlam.com/?src=sap1&uid=0100007FC6055765250DE39702F8A33F
https://sync.bumlam.com/?src=sap1&s_data=CAIQARjHi9yqBmIgMDEwMDAwN0ZDNjA1NTc2NTI1MERFMzk3MDJGOEEzM0aiARAqtesmhRER7obgACWQwGR8

0
523 B

13ms
11ms

Image
text/html

31.172.81.172
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=sap1&s_data=CAIQARjHi9yqBmIgMDEwMDAwN0ZDNjA1NTc2NTI1MERFMzk3MDJGOEEzM0aiARAqtesmhRER7obgACWQwGR8
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 31.172.81.172 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Date: Fri, 17 Nov 2023 06:18:47 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Fri, 17 Nov 2023 06:18:47 GMT
Server: nginx
ETag: 2ab5eb26-8511-11ee-86e0-002590c0647c
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARjHi9yqBmIgMDEwMDAwN0ZDNjA1NTc2NTI1MERFMzk3MDJGOEEzM0aiARAqtesmhRER7obgACWQwGR8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

done
pix.bumlam.com/sync/sape/ Frame 260E
Redirect Chain

https://pix.bumlam.com/sync/sape/check?sspuid=0100007FC6055765250DE39702F8A33F
https://sync.bumlam.com/?src=sape
https://pix.bumlam.com/sync/sape/sync_ok?guid=2ab5eb26-8511-11ee-86e0-002590c0647c
https://2ab5eb26-8511-11ee-86e0-002590c0647c.n6.sync.bumlam.com/?src=sape
https://pix.bumlam.com/sync/sape/done

43 B
673 B

11ms
10ms

Image
image/gif

31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.bumlam.com/sync/sape/done

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Server

31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 06:18:47 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.acint.net
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
X-Xss-Protection: 0
Expires: 05-Jun-2005 22:00:00 GMT

Redirect headers

location: https://pix.bumlam.com/sync/sape/done
access-control-allow-origin: *
date: Fri, 17 Nov 2023 06:18:47 GMT
server: nginx/1.24.0
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

0100007FC6055765250DE39702F8A33F
an.yandex.ru/mapuid/sapeis/ Frame 260E
Redirect Chain

https://an.yandex.ru/mapuid/sapeis/0100007FC6055765250DE39702F8A33F
https://an.yandex.ru/mapuid/sapeis/0100007FC6055765250DE39702F8A33F?redir-setuniq=1

43 B
108 B

60ms
57ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0100007FC6055765250DE39702F8A33F?redir-setuniq=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 17 Nov 2023 06:18:47 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 17 Nov 2023 06:18:47 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 17 Nov 2023 06:18:47 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/sapeis/0100007FC6055765250DE39702F8A33F?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 17 Nov 2023 06:18:47 GMT

GET
H/1.1

200
OK

cm
nr.bidderstack.com/sape/ Frame 260E
Redirect Chain

https://nr.bidderstack.com/sape/cm?user_id=0100007FC6055765250DE39702F8A33F
https://nr.bidderstack.com/sape/cm?user_id=0100007FC6055765250DE39702F8A33F&pupa=1

44 B
384 B

26ms
12ms

Image
image/gif

162.55.144.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nr.bidderstack.com/sape/cm?user_id=0100007FC6055765250DE39702F8A33F&pupa=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 162.55.144.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.211.144.55.162.clients.your-server.de
Software: nginx /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 17 Nov 2023 06:18:47 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 44
Content-Type: image/gif

Redirect headers

Location: /sape/cm?user_id=0100007FC6055765250DE39702F8A33F&pupa=1
Access-Control-Allow-Origin: *
Date: Fri, 17 Nov 2023 06:18:47 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
www.acint.net/ Frame 260E
Redirect Chain

https://cs.agency2.ru/p?ssp=sp&uid=0100007FC6055765250DE39702F8A33F
https://www.acint.net/match?dp=186&euid=c57c710a-9ef8-46d0-a2d6-0557b6c627c8

43 B
269 B

10ms
7ms

Image
image/gif

142.132.138.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=186&euid=c57c710a-9ef8-46d0-a2d6-0557b6c627c8
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 142.132.138.213 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:47 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Fri, 17 Nov 2023 06:18:47 GMT
Server: fasthttp
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Location: https://www.acint.net/match?dp=186&euid=c57c710a-9ef8-46d0-a2d6-0557b6c627c8
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Host: 23.111.107.44
Connection: keep-alive
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame 260E
Redirect Chain

https://match.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D
https://www.acint.net/match?dp=217&euid=edc3c37d-3f1f-45ad-9ad4-f130aca7d6ce

43 B
269 B

21ms
16ms

Image
image/gif

142.132.138.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=217&euid=edc3c37d-3f1f-45ad-9ad4-f130aca7d6ce
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 142.132.138.213 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:47 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=217&euid=edc3c37d-3f1f-45ad-9ad4-f130aca7d6ce
date: Fri, 17 Nov 2023 06:18:47 GMT
access-control-allow-credentials: true
server: nginx
bidder: bid-05
content-length: 0

GET
H/1.1 400
Bad Request user-sync
sync.adkernel.com/ Frame 260E 22 B
22 B 127ms
13ms Image
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 06:18:47 GMT
Cache-Control: no-store
Server: nginx
Connection: close
Age: 0
Content-Length: 22

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/7536/i/ Frame 260E
Redirect Chain

https://sync.programmatica.com/match/01
https://sync.programmatica.com/match/01?chk=1
https://www.acint.net/rmatch?dp=235&euid=N2E5YWJlM2RkOGU0MjI4Mw&r=https%3A%2F%2Fsync.programmatica.com%2Fmatch%2F01%3Fid%3D%24%7BUSER_ID%7D%26fp%3D1642882560
https://sync.programmatica.com/match/01?id=0100007FC6055765200D799702F3CB5A&fp=1642882560
https://dmg.digitaltarget.ru/1/7536/i/i?a=1051&e=N2E5YWJlM2RkOGU0MjI4Mw&i=1mi4jxdpc7l4k
https://dmg.digitaltarget.ru/awg/custom/7536/i/i?call_source=awg&ts=1700201927743&a=1051&e=N2E5YWJlM2RkOGU0MjI4Mw&i=1mi4jxdpc7l4k

49 B
523 B

45ms
44ms

Image
image/gif

185.15.175.159
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/7536/i/i?call_source=awg&ts=1700201927743&a=1051&e=N2E5YWJlM2RkOGU0MjI4Mw&i=1mi4jxdpc7l4k

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Server

185.15.175.159 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 06:18:47 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 49
X-XSS-Protection: 1; mode=block

Redirect headers

Date: Fri, 17 Nov 2023 06:18:47 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Max-Age: 86400
Location: https://dmg.digitaltarget.ru/awg/custom/7536/i/i?call_source=awg&ts=1700201927743&a=1051&e=N2E5YWJlM2RkOGU0MjI4Mw&i=1mi4jxdpc7l4k
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2 429 sape-sync
adx.com.ru/ Frame 260E 0
0 155ms
41ms Image
text/html 83.222.105.70
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.com.ru/sape-sync?uid=0100007FC6055765250DE39702F8A33F
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.222.105.70 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2

200

match
www.acint.net/ Frame 260E
Redirect Chain

https://kimberlite.io/rtb/sync/sape2?u=0100007FC6055765250DE39702F8A33F
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZVcFx0qEClc
https://vma.mts.ru/match/second?ssp=59&exu=ZVcFx0qEClc
https://tech.rtb.mts.ru/?dsp_uid=6bf619f2-596a-4a12-bdf7-612f95189f99&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253...
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D
https://vma.mts.ru/em?next=59&em=1&ssp=konnektu&id=
https://kimberlite.io/rtb/sync/mts?u=6bf619f2-596a-4a12-bdf7-612f95189f99
https://www.acint.net/match?dp=243&euid=ZVcFx0qEClc

43 B
269 B

9ms
8ms

Image
image/gif

142.132.138.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=243&euid=ZVcFx0qEClc
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 142.132.138.213 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Fri, 17 Nov 2023 06:18:48 GMT
referrer-policy: no-referrer
Server: nginx
access-control-allow-origin: *
location: https://www.acint.net/match?dp=243&euid=ZVcFx0qEClc
cache-control: no-store
access-control-allow-credentials: true
Connection: keep-alive
server-timing: app;srv=0;dur=0.0002
Content-Length: 0

GET
H2

200

match
www.acint.net/ Frame 260E
Redirect Chain

https://sync.dsp.solta.io/match/sape?id=0100007FC6055765250DE39702F8A33F
https://sync.dsp.solta.io/match/sape?id=0100007FC6055765250DE39702F8A33F&chk=1
https://www.acint.net/match?dp=260&euid=NWQ5MTc3YzdkYmJkZGQzMQ

43 B
269 B

8ms
7ms

Image
image/gif

142.132.138.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=260&euid=NWQ5MTc3YzdkYmJkZGQzMQ
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 142.132.138.213 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:47 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=260&euid=NWQ5MTc3YzdkYmJkZGQzMQ
date: Fri, 17 Nov 2023 06:18:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
content-length: 0

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame 260E 43 B
766 B 154ms
50ms Image
image/gif 2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=0100007FC6055765250DE39702F8A33F
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 06:18:47 GMT
Last-Modified: Fri, 17 Nov 2023 06:18:47 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Fri, 17 Nov 2023 12:18:47 GMT

GET
H2 200 set
sync.rambler.ru/ Frame 260E 0
172 B 199ms
96ms Image
text/plain 91.192.149.36
BEGUN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.rambler.ru/set?partner_id=1b87f89d-4fb1-4046-b5d4-1814eb9a34db&id=0100007FC6055765250DE39702F8A33F

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.149.36 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

sync.rambler.ru

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:47 GMT
strict-transport-security: max-age=0
x-passed: 1bal1
server: nginx
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

GET
H2

200

match
www.acint.net/ Frame 260E
Redirect Chain

https://ssp.afp.ai/api/sync/sape
https://www.acint.net/match?dp=261&euid=74338f1f-dd9d-4942-abb1-bce382a6fa56

43 B
269 B

7ms
6ms

Image
image/gif

142.132.138.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=261&euid=74338f1f-dd9d-4942-abb1-bce382a6fa56
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 142.132.138.213 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:47 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Fri, 17 Nov 2023 06:18:47 GMT
Server: nginx/1.20.1
Vary: Origin
Access-Control-Allow-Origin
Location: https://www.acint.net/match?dp=261&euid=74338f1f-dd9d-4942-abb1-bce382a6fa56
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK setcookies Show response
fingerprints.bablosoft.com/ Frame 2633 60 B
662 B 355ms
15ms Document
text/html 162.19.169.11
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://fingerprints.bablosoft.com/setcookies
Requested by: Host: customfingerprints.bablosoft.com
URL: https://customfingerprints.bablosoft.com/clientsafe.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.19.169.11 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3222241.ip-162-19-169.eu
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: b3ef8fb9c6e34c97443dbd6e549199301e2cd1e10ca41b024598c28f0ff82349

Request headers

Referer: https://kazus.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept-Datetime, Upgrade-Insecure-Requests, Authorization, Cache-Control, If-Match, If-Modified-Since, If-None-Match, If-Range, If-Unmodified-Since, Max-Forwards, Range, Pragma, X-Requested-With, DNT, X-HTTP-Method-Override, X-Csrf-Token, X-Request-ID
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 60
Date: Fri, 17 Nov 2023 06:18:46 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express

GET
H2 200 /
www.acint.net/oci/ 43 B
224 B 12ms
11ms Image
image/gif 142.132.138.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/oci/?v=0.6.0&uid=c7f3b1d8-7a0c-4423-a604-bf4e4c11dbed&dp=10&tz=%2B01%3A00&nc=496140&oid=2334f6a21f17cf16ed508db08c20f34b
Requested by: Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.213 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kazus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 17 Nov 2023 06:18:46 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8EFC 125 KB
41 KB 507ms
495ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1317160794948979&output=html&h=600&slotname=7998113593&adk=3289412158&adf=3456717570&pi=t.ma~as.7998113593&w=159&fwrn=4&fwrnh=100&lmt=1700201926&rafmt=1&format=159x600&url=https%3A%2F%2Fkazus.ru%2Fprograms%2Fdownload%2F16497%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700201926297&bpp=6&bdt=439&idt=466&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&correlator=4457092830913&frm=20&pv=2&ga_vid=24009785.1700201926&ga_sid=1700201926&ga_hid=1019080820&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=2201&ady=476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C31079517%2C44795921%2C31078297%2C31079757%2C44807764%2C44808148%2C44808284%2C44809057%2C21065724&oid=2&pvsid=2812712637081592&tmod=1476994647&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=496

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1317160794948979&plah=kazus.ru&bust=31079757

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89ca150824135faa6de124acdd435a0f5f92ca87a65f28e7dada3cb2a4d2a008

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kazus.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42235
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 06:18:47 GMT
expires: Fri, 17 Nov 2023 06:18:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6807 564 KB
105 KB 594ms
589ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1317160794948979&output=html&adk=1812271804&adf=3025194257&lmt=1700201926&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fkazus.ru%2Fprograms%2Fdownload%2F16497%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700201926355&bpp=6&bdt=497&idt=474&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=159x600&nras=1&correlator=4457092830913&frm=20&pv=1&ga_vid=24009785.1700201926&ga_sid=1700201926&ga_hid=1019080820&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C31079517%2C44795921%2C31078297%2C31079757%2C44807764%2C44808148%2C44808284%2C44809057%2C21065724&oid=2&pvsid=2812712637081592&tmod=1476994647&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=519

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

334d1611caf1855a0ed9f82c7a2c1b79d2ee2a803f251d2e9d1a8ddd69ba45f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kazus.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 106852
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 06:18:47 GMT
expires: Fri, 17 Nov 2023 06:18:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame 260E 16 KB
16 KB 80ms
80ms Script
application/javascript 185.15.175.132
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=610895832221924
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.132 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5e740b4c722831d9a6451a42a01ca2541e1a0c2af5718703a89bc9823c16099a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 06:18:47 GMT
Last-Modified: Tue, 14 Nov 2023 16:34:15 GMT
Server: nginx
ETag: "6553a187-3e23"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15907

GET
H2 200 css
fonts.googleapis.com/ Frame 8EFC 14 KB
2 KB 114ms
25ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1317160794948979&output=html&h=600&slotname=7998113593&adk=3289412158&adf=3456717570&pi=t.ma~as.7998113593&w=159&fwrn=4&fwrnh=100&lmt=1700201926&rafmt=1&format=159x600&url=https%3A%2F%2Fkazus.ru%2Fprograms%2Fdownload%2F16497%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700201926297&bpp=6&bdt=439&idt=466&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&correlator=4457092830913&frm=20&pv=2&ga_vid=24009785.1700201926&ga_sid=1700201926&ga_hid=1019080820&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=2201&ady=476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C31079517%2C44795921%2C31078297%2C31079757%2C44807764%2C44808148%2C44808284%2C44809057%2C21065724&oid=2&pvsid=2812712637081592&tmod=1476994647&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=496

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 06:18:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 04:47:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 06:18:47 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 8EFC 2 KB
903 B 86ms
11ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 15:51:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 8EFC 23 KB
9 KB 86ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 02:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14482
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 02:17:25 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A773 143 B
166 B 68ms
9ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1317160794948979&output=html&h=600&slotname=7998113593&adk=3289412158&adf=3456717570&pi=t.ma~as.7998113593&w=159&fwrn=4&fwrnh=100&lmt=1700201926&rafmt=1&format=159x600&url=https%3A%2F%2Fkazus.ru%2Fprograms%2Fdownload%2F16497%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700201926297&bpp=6&bdt=439&idt=466&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&correlator=4457092830913&frm=20&pv=2&ga_vid=24009785.1700201926&ga_sid=1700201926&ga_hid=1019080820&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=2201&ady=476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532605%2C31079517%2C44795921%2C31078297%2C31079757%2C44807764%2C44808148%2C44808284%2C44809057%2C21065724&oid=2&pvsid=2812712637081592&tmod=1476994647&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=496
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 416
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 06:11:51 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 8EFC 3 KB
1 KB 83ms
10ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:03:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 8EFC 20 KB
9 KB 81ms
9ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25309
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 23:16:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8EFC 203 KB
64 KB 126ms
24ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 06:18:47 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 8EFC 37 KB
16 KB 117ms
13ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 06:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 345255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 22:22:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 11 Feb 2024 06:24:32 GMT

GET
DATA 200
OK truncated
/ Frame 8EFC 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A773
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

30ms
23ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 06:18:47 GMT
expires: Fri, 17 Nov 2023 06:18:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 06:18:47 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8EFC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48bce9bd6f9d11c43b22a15deed5e6c1e69b27193228849babc6147c4b994ccf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 160 KB
55 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/reactive_library_fy2021.js?bust=31079757

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3e3d91c1049ef2c6fe0a210bc08b1a8f094c41687ace751adf3e5135220fefa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kazus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55853
x-xss-protection: 0
server: cafe
etag: 13388769084283554526
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 06:18:47 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 8EFC 33 KB
34 KB 37ms
10ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:01:51 GMT
x-content-type-options: nosniff
age: 119816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Nov 2024 21:01:51 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8EFC
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C5PjxxgVXZduKN5OlkwOf0aqoA-q38Ix0-5OqhY4RvLWY4bgoEAEgm8WVA2CVqp-CsAegAfjg9PoDyAEBqQJa24gxmjWyPqgDAcgDywSqBPcBT9DYrBOwx-2qRTMTIiR5MpgrAWAtH4bbYmN...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227290624164773379377%22,%22debug_reporting%22:true,%22destination%22:%22https://wago.com%22,%22event_report_window%22:%2225...

0
0

163ms
42ms

Fetch
text/css

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227290624164773379377%22,%22debug_reporting%22:true,%22destination%22:%22https://wago.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221063071864%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222507123330863791137%22}&andc=true

Requested by

Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:47 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"7290624164773379377","debug_reporting":true,"destination":"https://wago.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1063071864"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"2507123330863791137"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 06:18:47 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 06:18:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"7290624164773379377","debug_reporting":true,"destination":"https://wago.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1063071864"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"2507123330863791137"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js Show response
pagead2.googlesyndication.com/bg/ Frame 6506 38 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 03:55:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 354196
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14900
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 03:55:31 GMT

GET
H/1.1

200
OK

done
pix.bumlam.com/sync/amb4/ Frame 260E
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=71961808101990.767534424091913&a=77&e=0100007FC6055765250DE39702F8A33F&pref=https%3A%2F%2Fkazus.ru%2F&c=ss:77.up:0100007FC6055765250DE39702F8A33F.sync:up.x...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1700201927794&i=71961808101990.767534424091913&a=77&e=0100007FC6055765250DE39702F8A33F&pref=https%3A%2F%2Fkazus.ru%2F&c=ss:77.up:...
https://pix.bumlam.com/sync/amb4/check?uid=FSaXhnBZ9Brr4kF71915
https://2ab5eb26-8511-11ee-86e0-002590c0647c.n6.sync.bumlam.com/?src=amb4
https://pix.bumlam.com/sync/amb4/done

43 B
673 B

33ms
7ms

Image
image/gif

31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.bumlam.com/sync/amb4/done

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Server

31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 06:18:48 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.acint.net
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
X-Xss-Protection: 0
Expires: 05-Jun-2005 22:00:00 GMT

Redirect headers

location: https://pix.bumlam.com/sync/amb4/done
access-control-allow-origin: *
date: Fri, 17 Nov 2023 06:18:48 GMT
server: nginx/1.24.0
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

counter
top-fwz1.mail.ru/ Frame 260E
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=71961808101990.823126492303055&a=77&e=0100007FC6055765250DE39702F8A33F&pref=https%3A%2F%2Fkazus.ru%2F&c=ss:77.up:0100007FC6055765250DE39702F8A33F.sync:up.x...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1700201927794&i=71961808101990.823126492303055&a=77&e=0100007FC6055765250DE39702F8A33F&pref=https%3A%2F%2Fkazus.ru%2F&c=ss:77.up:...
https://top-fwz1.mail.ru/counter?id=3210372;pid=FSaXhnBZ9Brr4kF71915

43 B
879 B

308ms
22ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3210372;pid=FSaXhnBZ9Brr4kF71915

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:48 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

Date: Fri, 17 Nov 2023 06:18:47 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Max-Age: 86400
Location: https://top-fwz1.mail.ru/counter?id=3210372;pid=FSaXhnBZ9Brr4kF71915
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame EBD1 9 KB
4 KB 9ms
8ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kazus.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54265
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 15:14:22 GMT
etag: 16674218716276178799
expires: Thu, 30 Nov 2023 15:14:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame B424 9 KB
4 KB 9ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kazus.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54265
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 15:14:22 GMT
etag: 16674218716276178799
expires: Thu, 30 Nov 2023 15:14:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 96F3 9 KB
4 KB 10ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kazus.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54265
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 15:14:22 GMT
etag: 16674218716276178799
expires: Thu, 30 Nov 2023 15:14:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 256A 9 KB
4 KB 9ms
8ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kazus.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54265
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 15:14:22 GMT
etag: 16674218716276178799
expires: Thu, 30 Nov 2023 15:14:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 77ms
41ms Preflight
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 06:18:47 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame EBD1 4 KB
744 B 356ms
259ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 06:18:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 04:39:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 06:18:48 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EBD1 205 B
520 B 148ms
52ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 24712
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 15 Nov 2024 23:26:56 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EBD1 604 B
696 B 148ms
53ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:30:11 GMT
x-content-type-options: nosniff
age: 283717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 12 Nov 2024 23:30:11 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame EBD1 15 KB
7 KB 136ms
41ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:27:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24707
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6702
x-xss-protection: 0
server: cafe
etag: 11213825687312121238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 23:27:01 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame EBD1 21 KB
9 KB 136ms
42ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:59:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 03:59:33 GMT

GET
H2 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame B424 9 KB
4 KB 137ms
56ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:01:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 13 Feb 2024 21:01:41 GMT

GET
H2 200 78b00c21e40332afd18050ebd59c6b08.js Show response
www.gstatic.com/mysidia/ Frame B424 11 KB
5 KB 135ms
55ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/78b00c21e40332afd18050ebd59c6b08.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4753
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 00:13:52 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B424 14 KB
1 KB 339ms
259ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 06:18:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 04:42:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 06:18:48 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B424 2 KB
861 B 142ms
63ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52039
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 15:51:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame B424 23 KB
9 KB 143ms
64ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 02:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14483
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 02:17:25 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B424 3 KB
1 KB 143ms
65ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:03:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B424 20 KB
8 KB 119ms
43ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 23:16:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B424 203 KB
64 KB 102ms
25ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 06:18:47 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame B424 37 KB
15 KB 128ms
54ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 06:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 345256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 22:22:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 11 Feb 2024 06:24:32 GMT

GET
H2 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame 96F3 9 KB
4 KB 130ms
58ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:01:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 13 Feb 2024 21:01:41 GMT

GET
H2 200 78b00c21e40332afd18050ebd59c6b08.js Show response
www.gstatic.com/mysidia/ Frame 96F3 11 KB
5 KB 128ms
57ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/78b00c21e40332afd18050ebd59c6b08.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4753
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 00:13:52 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 96F3 14 KB
1 KB 331ms
260ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 06:18:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 04:43:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 06:18:48 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 96F3 2 KB
856 B 128ms
65ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52039
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 15:51:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 96F3 23 KB
9 KB 129ms
66ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 02:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14483
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 02:17:25 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 96F3 3 KB
1 KB 129ms
66ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:03:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 96F3 20 KB
8 KB 101ms
43ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 23:16:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 96F3 203 KB
64 KB 119ms
61ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 06:18:48 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 96F3 37 KB
15 KB 57ms
19ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 06:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 345255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 22:22:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 11 Feb 2024 06:24:32 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 31CA 624 B
242 B 97ms
53ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGJ-x-_0BMAE&v=APEucNVSlCXS1JFyO7vheKujqAG0Z9_baneH885wYzChv5UBecXjLzXOurjHCtnqTnu7UWWl5uyTzugy0wvyQ0cggvfM4Zw7WM_3y0Etzq-gQmOhoGhn27QsfPG5xCallBhdVUmnhZkcA1rZfsNV8PIEaXkcNze84kuVkAw_vsfVmZkUSLHmHjQ

Requested by

Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 06:18:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1109 89 KB
31 KB 140ms
103ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 06:18:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1109 3 KB
1 KB 122ms
67ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:03:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1109 20 KB
8 KB 99ms
44ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 23:16:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1109 203 KB
64 KB 138ms
83ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 06:18:48 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1109 42 B
63 B 78ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CI6Uo7c5BThLWDpeDF8H5TaxmSmuENqEBrij-HvTUpzJRELQxf8ioFzr-BYnfx7ZCo5aymbsxkYuIJ6cygu6xLqHzATsOfFoqsdJqP9I5cEOqQUjc

Requested by

Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1109 0
20 B 77ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16641858622201716679&x=1&ct=76

Requested by

Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 31CA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIzaW8gOhnNTTNV8xhwtag&google_cver=1

43 B
338 B

69ms
0ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIzaW8gOhnNTTNV8xhwtag&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGJ-x-_0BMAE&v=APEucNVSlCXS1JFyO7vheKujqAG0Z9_baneH885wYzChv5UBecXjLzXOurjHCtnqTnu7UWWl5uyTzugy0wvyQ0cggvfM4Zw7WM_3y0Etzq-gQmOhoGhn27QsfPG5xCallBhdVUmnhZkcA1rZfsNV8PIEaXkcNze84kuVkAw_vsfVmZkUSLHmHjQ
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UtziORAoZ3bKibwORx%2Be3aSUufWmyikgtKwY13QDIhRLC5F0dHT%2B6EYNFUF7g1XpGbIHBkUjdbA%2FEmm88mpjXx8dBRJ64aLCTjSw53pdNYmDsCgxNTsTzPxYXbETjeUsRnD62RpzElmzpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8275dbc40b179bcb-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIzaW8gOhnNTTNV8xhwtag&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 31CA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVcFyEvwLxCPOS18XortFQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIzaW8gOhnNTTNV8xhwtag&google_cver=1

43 B
767 B

59ms
40ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIzaW8gOhnNTTNV8xhwtag&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGJ-x-_0BMAE&v=APEucNVSlCXS1JFyO7vheKujqAG0Z9_baneH885wYzChv5UBecXjLzXOurjHCtnqTnu7UWWl5uyTzugy0wvyQ0cggvfM4Zw7WM_3y0Etzq-gQmOhoGhn27QsfPG5xCallBhdVUmnhZkcA1rZfsNV8PIEaXkcNze84kuVkAw_vsfVmZkUSLHmHjQ
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABF6i1EnnHYNdpC0AfKFvAfaAxD8V6Wm2jSbbWp7t%2B61tSLnj2DodXQvWCAm16cXlpRtyheYH4bBe69pP36X7%2BWpw2Kw48PUOalgpYDL5%2FYDirUWY1VPT1LSoOTK2a2pLevlGgrT7A5ngA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8275dbc53a4e65c9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIzaW8gOhnNTTNV8xhwtag&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 31CA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJOWWNlUQ7inMmGH_05B6mM&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJOWWNlUQ7inMmGH_05B6mM%26google_cver%3D1

43 B
893 B

90ms
0ms

Image
image/gif

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJOWWNlUQ7inMmGH_05B6mM%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGJ-x-_0BMAE&v=APEucNVSlCXS1JFyO7vheKujqAG0Z9_baneH885wYzChv5UBecXjLzXOurjHCtnqTnu7UWWl5uyTzugy0wvyQ0cggvfM4Zw7WM_3y0Etzq-gQmOhoGhn27QsfPG5xCallBhdVUmnhZkcA1rZfsNV8PIEaXkcNze84kuVkAw_vsfVmZkUSLHmHjQ

Protocol

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:48 GMT
an-x-request-uuid: 01c4ea1f-d791-4aa9-94a8-11912c698961
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.10.198; 80.255.10.198; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:48 GMT
an-x-request-uuid: 43250954-3e87-4a4e-af53-f27fdd283824
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJOWWNlUQ7inMmGH_05B6mM%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.10.198; 80.255.10.198; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 31CA
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc0NTY0MTI1NzQzOTQ0MzQ3OQ%3D%3D

170 B
188 B

54ms
29ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc0NTY0MTI1NzQzOTQ0MzQ3OQ%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:48 GMT
an-x-request-uuid: 20820d17-be6a-406b-9b59-4b12e88b603c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc0NTY0MTI1NzQzOTQ0MzQ3OQ%3D%3D
x-proxy-origin: 80.255.10.198; 80.255.10.198; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8838 143 B
166 B 71ms
40ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 417
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 06:11:51 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5BC9 143 B
166 B 88ms
37ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 417
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 06:11:51 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1109 0
20 B 103ms
52ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3309280787940&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1109 0
20 B 119ms
75ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3309280787940&version=m202309260101&ct=76&x=1&cor=16641858622201717000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1109 109 KB
41 KB 100ms
75ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dlkr1qekmUtK3sVSSzsXWq5VcmYospHIYQX5WXNDOiOefI76cpYGiJXp71GvNcb9N4tPJ9WIkD3xNSNXsSoy8EpTZNcj0D7ST_dkCjsD9HE5KrzjcQwOBoxYzWfpa6FiYcyuKAzr2qsvOy5YXlorEOCl8j-VOXDDSe-qpJVGvuvURl_Q9dYTHlm6DgQNafDOKnUcZox30go4elSOfm7YvR9l7SQQ&dbm_d=AKAmf-ByomrTRxYhHStT1ymuybGsB-PBspKxOqZdk6xanUh029NhyeszntkSKiBWGZhEHvzaigMT1lPD7qs6vQLpPuzfhBV7jiVlGsEEfYiDln2_rdLkUR_ICnluplAcCZoAtA36zXvnsFgGnRLmGESz-nI4KLXK_vaQ2ZkWgwP-5cKjGDt0SLmA-OKlf0vnedXbatsJaALJoGoiPaPYIiwyiw7nlYVvqKIUBE9oX2NT2dwi9fPB9vj9Tde1f11cR_ku5ckAvtsP5qfU4MyR_pO3FsDU79ghOWM0gm_09bdmHcv7GFTKqeIMBKOK3QKaerbAZOf5q4KvN-7Glf1ftd3wfh07FN0ayHZ_9YfJy1JqkUBj2rFo49cgGc9wDKBzNaJ1KvEfHgCwvGHKOSMhHA7MspBhdP2qImsyJJV-lM2yQTc6qkyRjJN5Imz5WaWjxUftG6MKVFZsywXPfBb65Ti7ZAgj-8ZncCdWt1-kHaDwOnJ0ZRixZurSo-Zn56PKAHQq_7LpJoJv14jTqAo7TdW6nbzWjjzbtBY5130vMYVHrVuv6j91enhqQ2iZesWaBVkNOKTyOEc21ZTybVT-skkfHNymYlVPoSjidhO3VQYJmfpZ--e0hMugCXeOZ2xiiackC-__qyK0vKh4Dc5Igu7nGCZdqq3JWZp_Evo8BdYkgq_ouLlDXYRKVnklwGVzC28q6tszOti72EN6r8s2ZT1dQM9lyDjKNFMOYdHG-i4GJiX2bvo5ygg6VYokSF9oXudrtvk6Co9TZlatpWhx6eQvjHXZv6mZJLeJZCM4kU8Ae7rvTVfFteIP3N-ytEdOrvqKZ3Wkb5Is4qz_0DV9IDsbpyVO9Ps2ZnF4W96uIiQsKBJdSiPYSVeKUK0EHFvetZiPyIe4pukZT1jpjqqadktISsCaQWEEAHJToHWyuFiU9N_ZYv1f8HfziVJdyhPb8DatIw_X9bxdTcToBdHOwuo53mkYcHUIG13MYXisW5216pDX9lS7U_YtCz21BKiPavOsDx7RYdKmKqqxFS02fbBOu2RoOYXc5jjCmF0WHlJX6lY3Bi5T2FUf8yzOGsELHZbJSyki0SXXsOK-z-1uUJvtNBBR5Xh1whbJN5wrVYJJPljCYuNKHHzp97Ik7TCiybHonukH3QlMur0fWVjahoj1vrlnSqU-p1bezTqxtAOP9dE7Ek95v8twP6KPF9sf3hsgFzVJ_uHBtfB21wpAwpLec-oNZ_3-GKqNMJKOHV8kh7wSpihsXohD9DomJm2IrvQWfkIVv4coG7zr9qnw0eTHf9BRbWYX4ShhqfbBlNpNGYSn5KfqiqzasabQwoYt1HpoRiFeBBLae4p_L0E29bJ9rqaWkuv1mkYMcTwJlb1vwOnlhPK9GBsSSUl4GawQH7rKqed96P53dM4oktCggf1qkgYKPiQK5_nCKWwmsEJa7Wip3Si7aYlRCEdZIE80fAaqPk98vJduLOJnmWIMB1kZ7FLhHRi1dBuy3kXR3dxuvtzeI97IMcNgLkXzG4lUuEudHOr8Q5pxdqwK3LpxEtUXdQChucdQoigVKDcVtuSnfwW40bON5sKvSsZOKgABzkv3XHJtawuPDVPLwR-ZkGTLrjBPRGKJcoTtboWr4BVl5w28wxEjwGA8nIvQn62qzQ0c6kQjon-vCHixZ2FEguQ7tKGF70MZJvOI05hYnyUaL4nOT4JK6iD_g_Gra3KzJ2mnknqIEL0HZ-tP1v7hgWDCzMKMwqh-YkpeOTD46ZGPJvbPstBFsoiCj-50NSbKwlxSck356QLaSmIFk052u3LizUkei2Mx5BGWv9lj619R0W9ESDJsZ-0I2SsJ-6ebf56eVnghbTgFbZc3kK9ngp1j26wAd17QI87rsNd0Fr6BMxHjqP8u38CvxY0R255SChp2XcpG3upKgEldLSzexZNB1xGE74L9t8POom0bM-Z4ZJ19DorxQuG0lkdZQZRwi9xGyncFt2TTZgYNtG9wpXXMPMkBdhVyul2HxBt0wABxR9xxuGwD3YuT4TYumqUp8K64wD19Md4Mear2E2qflJYm1H0g9wQ_r3x8BJiJb3bWSRLIMDKtEBSau4Szb9qI9oYDTwasA7TJGx5tQEd7rv164zmfeta6sIzeHWVUsT0Wnu7BuHkpKwHAkUYBw5OcvmdCAosHWu451Z7BvKXT2EPNpEP4Bh9ZmICffkfFGuI_vPBp75EebeK7KFDwlBCm6SvIseroEV2wDTlIllSKohw16FNrlFatyejTj02meMuHyw5f5HV3LbIrla9296CR25tLqPJLXW7hY4eb7N3r_C6_V6FOp-QPDaVQpeoY0CK3OO1uCKlKzCg-dLCsoTF6PZOe2a7rLFW5bt_HOlGXEp1WpsZrcGiNfTkiKgRSllogQTQOqWRHNiYaqEeaR1YxW9qnW6qwcp6Dthdh0bhg9FJ2uN9inbZWupk93m66YWeq5lSRSCGg1qfMw45f4_q8Ul7WXWPwUuEUWWC5yq5HrZCPjhQ4VjB8mqEqRzkGniXjdZbS6y-6JD80tOgsQ1uyEJ2LHjwUN3SeaO9Hx2tNQRWRt9fsUIKOS31uhbGFweE5yQXznqfcz3Jltm_1vTDqrDrhD6or8bu6eJUgYJQGUWwCY1_8za8XCwY01zTba9LIrek2s1qOmvFn5pak1o0JhrsnunQu_rIhJcDwe-mgGsFjyhy9qFHctWf1OWOg8Fq07D1dc_2FwWuL71DwDmSrPOdspa8Bc-1zOOEA079s3ddhDoeCIep5lVMB5g_ZVQMZSwdlYJETz_TbA5K2PiZrT9HXcRRvbnpOPu0B6SNshAfezA2XRYsv1KwZMUcVHlhxCfpi8ZqEeuVC17RwsjYqBOECCStYLi9bs1LPCTH6PsOegn4781dWUk0jGZqYpIa2jofQ1E2BtW9jn38PS09gRHowtrSirm8_1tNcybapB44AWN2rYsBlz9FYw2hTqTj7vvdz5p2_rYKDXh1oGiHZZH9IxrYT7q6aOoAI1yV00QA7TuAFS9Lz7CKGdBAWarhXan7kJBAA7t6DNsb8C1DATS5fRUqqY46njTrP_RXW_2ty3rO8KYfp_od1O2ETus358S9koC0g67ZKhN42hpBbOnverLYZ4xsVr5REuJu1h3P4BAfc2pRxs5HX5oWuIoRKa3gertdvEsfC7kWIo8ZcpWyzamIi5DAxAFx6Y3WeeTg98-zC9ZYLkZmPjOheYOULxReKOUbO0zp5apzIYzTV36r7K7kAgDoZ0Pgl6BIa1eZ_PHYlXBaVxTbqr4hMbFR9uWvaXfBysQ_CHIE3x9yvRRLuMpj2Ejn4RYrP14vgqp0hPAl-tSaKjdq5i5KEwChRNrcdNHbHj9WnRFftg0NSGGTtGLxf9x_RZ7PleRcYDuZjb3INut_rX8fX66Qi1SfN1RM9tJbbK79xUkaWNzBddhq3JSyRt0HtYoSB2LtzlI-aVd82yzJWnp_jZ1hMXGvdju5tGMmEwSXVSnN-m4Mtylfk_BhfX-GgbKhuqu7LV9NYvQzb9QaDG-oUqTI8thFD-QACNAoh5OqL2cNynvxPH2t6d8zroqoMNlbZwY_S9zdPqaVojMpXLvFR_pkpQKi23Rl590uy2wuvigsky1y9Eq5AzhIZi2v0MWbSJp7FTUITl19pmZDP9pgitvFtJEkdvH0p8Qo0Vs40JvUDgrAyGp-GYstjyW9r6RrRs_r-0WR3bTItEeUPrTMCh008USxsqPGFIWQLlrf1zuD1HCat-ucky1HFGTTE8Ia6bgAgH0L-MfAIAk4x60sEl2vihoDn_whEmQMAVUuAJ5Jfv7s_r_AoPAaZ4C_NUb2sj_yWdAGEMv0NuV_BkHRrnEsNXVUVwpoCySveDrTW-ZA8CqGYDWjMf0AM5OoByWPvoPt2nrFiRf1eRzIAaWob-Jdaiw_R5Fy0wBbJW3HOJ3TodKcnQ8B4AanbvDdE4aTIUdZBQx36tRoJDUNa68eJSVh-9FDZTQNQOxH07qfnhyM4nCBaVsDbM77HpEs56fHpLuRaCOvPsP5dEli3Puoy1e2b-tVu7lZjC66VhBO8bgyor0RTjSm3hxTxKtbgffPg1yKpj7pu3a7DbZ7_EWP4kOLCwNXGI0sDjCQU6f72yk15ecylThr-doC9UgrH&cid=CAQSTwDICaaNPS34KfeAGbx4ldfJxaRfyjRhymCGeYNVS62s-hznkIg-mm6r984Nk6SFgGOHYBNEUbw4phL-3tuJufvpzs3igT4PTi6LlPVDKVsYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fkazus.ru%2F&ds=l&xdt=1&iif=1&cor=16641858622201717000&adk=2988274607&idt=194&cac=0&dtd=34

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

434324ab4ef18a8cad90356c52f0fc4ac45cba1489b451bb8c4839e0ef3ffc35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42235
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8838
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

59ms
47ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 06:18:48 GMT
expires: Fri, 17 Nov 2023 06:18:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 06:18:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 7398 14 KB
1 KB 61ms
47ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 06:18:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 04:46:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 06:18:48 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 7398 2 KB
822 B 67ms
32ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52039
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 15:51:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 7398 23 KB
9 KB 86ms
51ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 02:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14483
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 02:17:25 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2573 143 B
166 B 330ms
12ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 417
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 06:11:51 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 7398 3 KB
1 KB 88ms
54ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:03:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 7398 20 KB
8 KB 86ms
52ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 23:16:58 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7398 203 KB
64 KB 89ms
55ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 06:18:48 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 7398 37 KB
15 KB 86ms
52ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 06:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 345256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 22:22:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 11 Feb 2024 06:24:32 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/4502247047325849301/ Frame 96F3 6 KB
6 KB 67ms
40ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4502247047325849301/14763004658117789537?w=200&h=200&tw=1&q=75

Requested by

Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a048d788d4ab5c04d6c356c197e1256960a95748bbe4293374cf09b639728092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:37:53 GMT
x-content-type-options: nosniff
age: 16855
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5982
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 22:30:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 01:37:53 GMT

GET
DATA 200
OK truncated
/ Frame 96F3 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11964ae432aee9f03d60b895896e1e331890805a20e86b3ef779af7d73716607

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 96F3 33 KB
33 KB 83ms
0ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:01:51 GMT
x-content-type-options: nosniff
age: 119817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Nov 2024 21:01:51 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 96F3 15 KB
15 KB 104ms
0ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5825c88b68a498c8b3d8d34f0090a625f063a366c8f3cbebf51e7657623fb13b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:17:00 GMT
x-content-type-options: nosniff
age: 25308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15352
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:34:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 23:17:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5BC9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

22ms
22ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 06:18:48 GMT
expires: Fri, 17 Nov 2023 06:18:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 06:18:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js Show response
pagead2.googlesyndication.com/bg/ Frame 55A0 38 KB
15 KB 90ms
51ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 03:55:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 354197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14900
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 03:55:31 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 96F3
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CrDItxgVXZa-4OLK278EPp5SU4AyNksKGdIHhwuifEr2foPGXERABIJvFlQNglaqfgrAHoAGDrI2qKsgBAakCWtuIMZo1sj6oAwHIA8sEqgT1AU_QYYbI9GbmFNpmTMfXHN--31gEK-KDTTM...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223432220640041925595%22,%22debug_reporting%22:true,%22destination%22:%22https://novapost.com%22,%22event_report_window%22:%...

0
0

45ms
44ms

Fetch
text/css

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223432220640041925595%22,%22debug_reporting%22:true,%22destination%22:%22https://novapost.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211362588163%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223586066152348856017%22}&andc=true

Requested by

Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:48 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"3432220640041925595","debug_reporting":true,"destination":"https://novapost.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11362588163"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"3586066152348856017"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 06:18:48 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 06:18:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3432220640041925595","debug_reporting":true,"destination":"https://novapost.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11362588163"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"3586066152348856017"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1350098/76506716/ Frame 1109 254 KB
76 KB 393ms
35ms Script
application/javascript 18.203.173.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1350098/76506716/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015034086&ias_pubId=pub-1317160794948979&ias_chanId=1&ias_placementId=20744673732&bidurl=https://kazus.ru/programs/download/16497/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hBNwlnWfIuxVs4TKKKODpQ
Requested by: Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.173.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-173-246.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8409be3c6700281345aa328acb9541c143f744963e5c8d171672b35757925d07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:48 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 1109 111 KB
39 KB 326ms
8ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 06:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 06:30:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 1109 11 KB
4 KB 69ms
43ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dlkr1qekmUtK3sVSSzsXWq5VcmYospHIYQX5WXNDOiOefI76cpYGiJXp71GvNcb9N4tPJ9WIkD3xNSNXsSoy8EpTZNcj0D7ST_dkCjsD9HE5KrzjcQwOBoxYzWfpa6FiYcyuKAzr2qsvOy5YXlorEOCl8j-VOXDDSe-qpJVGvuvURl_Q9dYTHlm6DgQNafDOKnUcZox30go4elSOfm7YvR9l7SQQ&dbm_d=AKAmf-ByomrTRxYhHStT1ymuybGsB-PBspKxOqZdk6xanUh029NhyeszntkSKiBWGZhEHvzaigMT1lPD7qs6vQLpPuzfhBV7jiVlGsEEfYiDln2_rdLkUR_ICnluplAcCZoAtA36zXvnsFgGnRLmGESz-nI4KLXK_vaQ2ZkWgwP-5cKjGDt0SLmA-OKlf0vnedXbatsJaALJoGoiPaPYIiwyiw7nlYVvqKIUBE9oX2NT2dwi9fPB9vj9Tde1f11cR_ku5ckAvtsP5qfU4MyR_pO3FsDU79ghOWM0gm_09bdmHcv7GFTKqeIMBKOK3QKaerbAZOf5q4KvN-7Glf1ftd3wfh07FN0ayHZ_9YfJy1JqkUBj2rFo49cgGc9wDKBzNaJ1KvEfHgCwvGHKOSMhHA7MspBhdP2qImsyJJV-lM2yQTc6qkyRjJN5Imz5WaWjxUftG6MKVFZsywXPfBb65Ti7ZAgj-8ZncCdWt1-kHaDwOnJ0ZRixZurSo-Zn56PKAHQq_7LpJoJv14jTqAo7TdW6nbzWjjzbtBY5130vMYVHrVuv6j91enhqQ2iZesWaBVkNOKTyOEc21ZTybVT-skkfHNymYlVPoSjidhO3VQYJmfpZ--e0hMugCXeOZ2xiiackC-__qyK0vKh4Dc5Igu7nGCZdqq3JWZp_Evo8BdYkgq_ouLlDXYRKVnklwGVzC28q6tszOti72EN6r8s2ZT1dQM9lyDjKNFMOYdHG-i4GJiX2bvo5ygg6VYokSF9oXudrtvk6Co9TZlatpWhx6eQvjHXZv6mZJLeJZCM4kU8Ae7rvTVfFteIP3N-ytEdOrvqKZ3Wkb5Is4qz_0DV9IDsbpyVO9Ps2ZnF4W96uIiQsKBJdSiPYSVeKUK0EHFvetZiPyIe4pukZT1jpjqqadktISsCaQWEEAHJToHWyuFiU9N_ZYv1f8HfziVJdyhPb8DatIw_X9bxdTcToBdHOwuo53mkYcHUIG13MYXisW5216pDX9lS7U_YtCz21BKiPavOsDx7RYdKmKqqxFS02fbBOu2RoOYXc5jjCmF0WHlJX6lY3Bi5T2FUf8yzOGsELHZbJSyki0SXXsOK-z-1uUJvtNBBR5Xh1whbJN5wrVYJJPljCYuNKHHzp97Ik7TCiybHonukH3QlMur0fWVjahoj1vrlnSqU-p1bezTqxtAOP9dE7Ek95v8twP6KPF9sf3hsgFzVJ_uHBtfB21wpAwpLec-oNZ_3-GKqNMJKOHV8kh7wSpihsXohD9DomJm2IrvQWfkIVv4coG7zr9qnw0eTHf9BRbWYX4ShhqfbBlNpNGYSn5KfqiqzasabQwoYt1HpoRiFeBBLae4p_L0E29bJ9rqaWkuv1mkYMcTwJlb1vwOnlhPK9GBsSSUl4GawQH7rKqed96P53dM4oktCggf1qkgYKPiQK5_nCKWwmsEJa7Wip3Si7aYlRCEdZIE80fAaqPk98vJduLOJnmWIMB1kZ7FLhHRi1dBuy3kXR3dxuvtzeI97IMcNgLkXzG4lUuEudHOr8Q5pxdqwK3LpxEtUXdQChucdQoigVKDcVtuSnfwW40bON5sKvSsZOKgABzkv3XHJtawuPDVPLwR-ZkGTLrjBPRGKJcoTtboWr4BVl5w28wxEjwGA8nIvQn62qzQ0c6kQjon-vCHixZ2FEguQ7tKGF70MZJvOI05hYnyUaL4nOT4JK6iD_g_Gra3KzJ2mnknqIEL0HZ-tP1v7hgWDCzMKMwqh-YkpeOTD46ZGPJvbPstBFsoiCj-50NSbKwlxSck356QLaSmIFk052u3LizUkei2Mx5BGWv9lj619R0W9ESDJsZ-0I2SsJ-6ebf56eVnghbTgFbZc3kK9ngp1j26wAd17QI87rsNd0Fr6BMxHjqP8u38CvxY0R255SChp2XcpG3upKgEldLSzexZNB1xGE74L9t8POom0bM-Z4ZJ19DorxQuG0lkdZQZRwi9xGyncFt2TTZgYNtG9wpXXMPMkBdhVyul2HxBt0wABxR9xxuGwD3YuT4TYumqUp8K64wD19Md4Mear2E2qflJYm1H0g9wQ_r3x8BJiJb3bWSRLIMDKtEBSau4Szb9qI9oYDTwasA7TJGx5tQEd7rv164zmfeta6sIzeHWVUsT0Wnu7BuHkpKwHAkUYBw5OcvmdCAosHWu451Z7BvKXT2EPNpEP4Bh9ZmICffkfFGuI_vPBp75EebeK7KFDwlBCm6SvIseroEV2wDTlIllSKohw16FNrlFatyejTj02meMuHyw5f5HV3LbIrla9296CR25tLqPJLXW7hY4eb7N3r_C6_V6FOp-QPDaVQpeoY0CK3OO1uCKlKzCg-dLCsoTF6PZOe2a7rLFW5bt_HOlGXEp1WpsZrcGiNfTkiKgRSllogQTQOqWRHNiYaqEeaR1YxW9qnW6qwcp6Dthdh0bhg9FJ2uN9inbZWupk93m66YWeq5lSRSCGg1qfMw45f4_q8Ul7WXWPwUuEUWWC5yq5HrZCPjhQ4VjB8mqEqRzkGniXjdZbS6y-6JD80tOgsQ1uyEJ2LHjwUN3SeaO9Hx2tNQRWRt9fsUIKOS31uhbGFweE5yQXznqfcz3Jltm_1vTDqrDrhD6or8bu6eJUgYJQGUWwCY1_8za8XCwY01zTba9LIrek2s1qOmvFn5pak1o0JhrsnunQu_rIhJcDwe-mgGsFjyhy9qFHctWf1OWOg8Fq07D1dc_2FwWuL71DwDmSrPOdspa8Bc-1zOOEA079s3ddhDoeCIep5lVMB5g_ZVQMZSwdlYJETz_TbA5K2PiZrT9HXcRRvbnpOPu0B6SNshAfezA2XRYsv1KwZMUcVHlhxCfpi8ZqEeuVC17RwsjYqBOECCStYLi9bs1LPCTH6PsOegn4781dWUk0jGZqYpIa2jofQ1E2BtW9jn38PS09gRHowtrSirm8_1tNcybapB44AWN2rYsBlz9FYw2hTqTj7vvdz5p2_rYKDXh1oGiHZZH9IxrYT7q6aOoAI1yV00QA7TuAFS9Lz7CKGdBAWarhXan7kJBAA7t6DNsb8C1DATS5fRUqqY46njTrP_RXW_2ty3rO8KYfp_od1O2ETus358S9koC0g67ZKhN42hpBbOnverLYZ4xsVr5REuJu1h3P4BAfc2pRxs5HX5oWuIoRKa3gertdvEsfC7kWIo8ZcpWyzamIi5DAxAFx6Y3WeeTg98-zC9ZYLkZmPjOheYOULxReKOUbO0zp5apzIYzTV36r7K7kAgDoZ0Pgl6BIa1eZ_PHYlXBaVxTbqr4hMbFR9uWvaXfBysQ_CHIE3x9yvRRLuMpj2Ejn4RYrP14vgqp0hPAl-tSaKjdq5i5KEwChRNrcdNHbHj9WnRFftg0NSGGTtGLxf9x_RZ7PleRcYDuZjb3INut_rX8fX66Qi1SfN1RM9tJbbK79xUkaWNzBddhq3JSyRt0HtYoSB2LtzlI-aVd82yzJWnp_jZ1hMXGvdju5tGMmEwSXVSnN-m4Mtylfk_BhfX-GgbKhuqu7LV9NYvQzb9QaDG-oUqTI8thFD-QACNAoh5OqL2cNynvxPH2t6d8zroqoMNlbZwY_S9zdPqaVojMpXLvFR_pkpQKi23Rl590uy2wuvigsky1y9Eq5AzhIZi2v0MWbSJp7FTUITl19pmZDP9pgitvFtJEkdvH0p8Qo0Vs40JvUDgrAyGp-GYstjyW9r6RrRs_r-0WR3bTItEeUPrTMCh008USxsqPGFIWQLlrf1zuD1HCat-ucky1HFGTTE8Ia6bgAgH0L-MfAIAk4x60sEl2vihoDn_whEmQMAVUuAJ5Jfv7s_r_AoPAaZ4C_NUb2sj_yWdAGEMv0NuV_BkHRrnEsNXVUVwpoCySveDrTW-ZA8CqGYDWjMf0AM5OoByWPvoPt2nrFiRf1eRzIAaWob-Jdaiw_R5Fy0wBbJW3HOJ3TodKcnQ8B4AanbvDdE4aTIUdZBQx36tRoJDUNa68eJSVh-9FDZTQNQOxH07qfnhyM4nCBaVsDbM77HpEs56fHpLuRaCOvPsP5dEli3Puoy1e2b-tVu7lZjC66VhBO8bgyor0RTjSm3hxTxKtbgffPg1yKpj7pu3a7DbZ7_EWP4kOLCwNXGI0sDjCQU6f72yk15ecylThr-doC9UgrH&cid=CAQSTwDICaaNPS34KfeAGbx4ldfJxaRfyjRhymCGeYNVS62s-hznkIg-mm6r984Nk6SFgGOHYBNEUbw4phL-3tuJufvpzs3igT4PTi6LlPVDKVsYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fkazus.ru%2F&ds=l&xdt=1&iif=1&cor=16641858622201717000&adk=2988274607&idt=194&cac=0&dtd=34

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 02:35:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13427
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 02:35:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 1109 31 KB
12 KB 67ms
25ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 04:49:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11874
x-xss-protection: 0
server: cafe
etag: 3876053170955424897
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 04:49:49 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 1109 41 KB
14 KB 65ms
24ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 352019
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 04:31:49 GMT

GET
DATA 200
OK truncated
/ Frame 1109 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80950e7b6b6a0d1600ed2b2f3b8f50fe39c244b07367fccf6582eb34cc7a954d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/4502247047325849301/ Frame B424 6 KB
6 KB 11ms
10ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4502247047325849301/14763004658117789537?w=200&h=200&tw=1&q=75

Requested by

Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a048d788d4ab5c04d6c356c197e1256960a95748bbe4293374cf09b639728092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 01:37:53 GMT
x-content-type-options: nosniff
age: 16855
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5982
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 22:30:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 01:37:53 GMT

GET
DATA 200
OK truncated
/ Frame B424 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c75b0c465cc069c60ac4b0dc269035536b6040da2d1d3f2219c5213d49979d8f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame B424 33 KB
33 KB 11ms
9ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:01:51 GMT
x-content-type-options: nosniff
age: 119817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Nov 2024 21:01:51 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame B424 15 KB
15 KB 13ms
11ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5825c88b68a498c8b3d8d34f0090a625f063a366c8f3cbebf51e7657623fb13b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:17:00 GMT
x-content-type-options: nosniff
age: 25308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15352
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:34:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 23:17:00 GMT

GET
H3 200 Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js Show response
pagead2.googlesyndication.com/bg/ Frame 7B3C 38 KB
15 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 03:55:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 354197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14900
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 03:55:31 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 82ms
26ms Preflight
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 06:18:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B424
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CEo56xgVXZa64OLK278EPp5SU4AyNksKGdIHhwuifEr2foPGXERABIJvFlQNglaqfgrAHoAGDrI2qKsgBAakCWtuIMZo1sj6oAwHIA8sEqgT1AU_Q7EPqzyUUJz0AKErywzGo-4El7tcgwui...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212584199203626093587%22,%22debug_reporting%22:true,%22destination%22:%22https://novapost.com%22,%22event_report_window%22:...

0
0

78ms
76ms

Fetch
text/css

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212584199203626093587%22,%22debug_reporting%22:true,%22destination%22:%22https://novapost.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211362588163%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224557429558477121153%22}&andc=true

Requested by

Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:48 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12584199203626093587","debug_reporting":true,"destination":"https://novapost.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11362588163"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"4557429558477121153"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Nov 2023 06:18:48 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 06:18:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12584199203626093587","debug_reporting":true,"destination":"https://novapost.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11362588163"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"4557429558477121153"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 48ms
44ms Preflight
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 06:18:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3365586212222314499/728x90/ Frame 5F98 101 KB
21 KB 40ms
9ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3365586212222314499/728x90/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c54adef7b2fe9465b19cd573e5a8761e1c9ff6071358884c7eb0257a813c0fff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 306925
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 21589
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 17:03:23 GMT
expires: Tue, 12 Nov 2024 17:03:23 GMT
last-modified: Mon, 13 Nov 2023 13:33:34 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1109 0
0 156ms
62ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvFbBSMt-zRAnP_FpvUCaBSooH1WUIo5bEginb4SfhTzrmkvi-zCgdOJ-RdFBFO5jLTkLkxOkSd4G9pOcM_WpRU08LQAFRBuglVMG14DEQApoH5uRLB4SvpsVdaJM1kWQbs98mIVDGGYXyhmCd77vQLhYW5oQpNnZiNjAYYAlDJCjGCEzJnvEMK7HE30uO8A4alvIJFzPhW87VSGcPC7KgI3EH3NSh9onyiaYzSgJJ7lEuOd8KHcAcGLtVdnpp2cu1BWF4Ut6aMIfkm9RRjUC5QQsNYo4Ojyyc_hIZ_Lff5BhhFHCAPk2XUqMPgVdeuRjTpcMTpOEkE7V6aYqsy-wZ3x4FhcRtrILJI3h5Jn5bRdbP_uNyxcL8kWZrifdqcwniQ3pUWJgz7yEUWoRQb0mpaLNSbvctf6zfD2QBgcze-UX8WrK1HTpYMznFdcw-rgBbAj8xW3OxtWgA9-JrA0ad_9CMk41UakZNk6LtFa2uReJPo6JDNtJYrwVpiMeNJT9qNAAFh6WMwKWd6T8NH_UiOgAZ6WOKDNixLIV9GLMfIho-Fhn0GfwkRYI5UcepKaM2pLDQN1teHG36fY7bo4K4YLvdYTS6VpIcRVppdcYllsGkbkVjqE6KU6tQ5y1lmmwE4km0vcP9hc5yUxz98cTtyB0TqLrpPa6yjMSSJ2KvHz_e2sTLTxtWylTgB9iUUoi-z5Jnjcw3BacsyPQTQ09RM8vDNCEzDJBFlUdhZZpnQ4tXY9dSnohNHk39ykx4UKjyX6lr26KPzd2N569CO6lJkfrcU9RCKZukA6CADFRJ1V0k17E6ezdWHfRopIAIR2vqIrlssghIzW8HwDd3QMoESTBn4ZQw8tTcHtTrfUkIKqpcNByYPavFvVHKS570_zDyIfPVHCBSKR0uwA6GZWmLwwtXcnLwxAG3WL9kb_25hFYKI0Hynw9B6B9vyiYdn6xJEiHEz0v7njrauciilII6N-o3ce89gQo9l-AOzfXY29KTjMw9-akZ7S1L7Ef_9uqNnXAZKCb66vCJ1PDohiXbcBJPyfyAhaPoLMfRY1P1-2jVZnis0G03R_B0VShym34buceRL5vIXcoiaJWH5fIotWqHA2SZTspXoftIPDaIwvmaiB2GqAFmdEeZZScwsf7QZYzbLhHcLc9jiz05onBSfCLRyrNV34u05LiHT842eQrLi-lOTBXIQ5Ftvt2wExs87FKJ4LPS28pK_yodrLN93ttMCx7BPERb-0DVdel76gy8ahANHZCCuc4cnKnFvZw7nddZifP_2YULW9E67PXFuacZM_x7SFQ6_6NDO0uMMoA&sai=AMfl-YRFArGy0Jgule8BO5pRsmvlwJlidBxzn2vwcZSJF8g_qNcGqmz0zwBfCb215Fjrs57P3qciKF3Cqr3TJ6zlZrEaEJd-OonObrBbZGIYz_8AH5R5HULqgF6Fzfn1U972octxmbb2KFItHFIosSTGy8_4EeNZdCIwRYmxvwSAbVrlZGOthm_vJ974sgAp5wLaLCjzWchW5v8mov_DhqBp-Ldjm0cJMXYfIqVfK0RQx2yy-YMcEbjWqDt9ig0ERxj9sVvpVHt-BXeDod0WuifNv_5XSlidESxFkN9WlKKm5A&sig=Cg0ArKJSzC0fuaLXFvDwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=431&cbvp=1&cstd=426&cisv=r20231109.42333&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 06:18:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 93656
tags.bluekai.com/site/ Frame 1109 62 B
574 B 278ms
186ms Image
image/gif 2.18.160.221
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/93656?limit=0&phint=event%3Dimp&phint=aid%3D6531095&phint=cid%3D29364893&phint=crid%3D204727466&phint=pid%3D381100879
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.160.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-160-221.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 17 Nov 2023 06:18:49 GMT
content-length: 62
bk-server: ad02
content-type: image/gif

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2573
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

53ms
50ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 06:18:48 GMT
expires: Fri, 17 Nov 2023 06:18:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 06:18:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js Show response
pagead2.googlesyndication.com/bg/ Frame 5286 38 KB
15 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js

Requested by

Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 03:55:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 354197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14900
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 03:55:31 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 40B2 38 KB
13 KB 17ms
10ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2069
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 05:44:20 GMT
expires: Sat, 16 Nov 2024 05:44:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 5F98 32 KB
11 KB 37ms
25ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3365586212222314499/728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3365586212222314499/728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31144
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 21:39:45 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 1109
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1350098/76506716/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015034086&ias_pubId=pub-1317160794948979&ias_chanId=1&ias_placementId=20744673732&bi...
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&ias_xappb=

17 B
473 B

10ms
9ms

Script
application/javascript

2600:9000:2127:fa00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&ias_xappb=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Server: 2600:9000:2127:fa00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 03:21:19 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 4417051
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: nIiyIxFATnawx5zGbE4V8c3OQkuAC_Vu0_Fsaj41-HRwJrqXGM5zMA==

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:49 GMT
server: nginx
x-server-name: app04.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&ias_xappb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 43C4 91 KB
23 KB 78ms
7ms Script
application/javascript 2600:9000:2127:fa00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:fa00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 4946979
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: Ir_lICZjOdJak0b8dqQJ9zqeBRMKXhbixZZTCdanZIHE-SeQK-VOjA==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1109 43 B
215 B 748ms
347ms Image
image/gif 2600:1f13:800:7780:5f47:a114:af1e:1176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=375f6e9f-d337-3437-9bed-06c49e9b175b&tv=%7Bc:ucSFfO,pingTime:-3,time:186,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:46%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:187,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:45,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B175~0%5D,as:%5B175~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVQu1FI+11%7C12%7C13%7C14%7C151%7C152%7C16%7C1711%7C1712%7C181%7C182%7C191%7C192%7C1a1*.1350098-76506716%7C1a11%7C1a12%7C1a13,idMap:1a1*,rmeas:1,rend:0,renddet:na,siq:48%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:5f47:a114:af1e:1176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:49 GMT
server: nginx
x-server-name: dt18.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1109 43 B
215 B 574ms
181ms Image
image/gif 2600:1f13:800:7780:5f47:a114:af1e:1176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=375f6e9f-d337-3437-9bed-06c49e9b175b&tv=%7Bc:ucSFfQ,pingTime:-6,time:188,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:188,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:45,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B176~0%5D,as:%5B176~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVQu1FI+11%7C12%7C13%7C14%7C151%7C152%7C16%7C1711%7C1712%7C181%7C182%7C191%7C192%7C1a1*.1350098-76506716%7C1a11%7C1a12%7C1a13,idMap:1a1*,rmeas:1,rend:0,renddet:na,siq:48%7D&tpiLookup=ao:kazus.ru*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:5f47:a114:af1e:1176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:49 GMT
server: nginx
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 /
www.acint.net/ping/ 43 B
224 B 9ms
8ms Image
image/gif 142.132.138.213
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.6.0&uid=c7f3b1d8-7a0c-4423-a604-bf4e4c11dbed&dp=10&tz=%2B01%3A00&nc=472287&dT=2023-11-17T07%3A18%3A49.300
Requested by: Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.213 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kazus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 17 Nov 2023 06:18:49 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1109 43 B
216 B 563ms
179ms Image
image/gif 2600:1f13:800:7780:5f47:a114:af1e:1176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=375f6e9f-d337-3437-9bed-06c49e9b175b&tv=%7Bc:ucSFg4,pingTime:-2,time:202,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1198,beZ:1200,mfA:1206,cmA:1207,inA:1208,inZ:1213,prA:1213,prZ:1235,si:1245,poA:1247,poZ:1279,cmZ:1279,mfZ:1279,loA:1386,loZ:1389,ltA:1399,ltZ:1400%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:46%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:202,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:45,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B190~0%5D,as:%5B190~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVQu1FI+11%7C12%7C13%7C14%7C151%7C152%7C16%7C1711%7C1712%7C181%7C182%7C191%7C192%7C1a1*.1350098-76506716%7C1a11%7C1a12%7C1a13,idMap:1a1*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:48,sinceFw:152,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:5f47:a114:af1e:1176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:49 GMT
server: nginx
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 40B2 39 KB
15 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 18:01:04 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1109 0
0 49ms
47ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvFbBSMt-zRAnP_FpvUCaBSooH1WUIo5bEginb4SfhTzrmkvi-zCgdOJ-RdFBFO5jLTkLkxOkSd4G9pOcM_WpRU08LQAFRBuglVMG14DEQApoH5uRLB4SvpsVdaJM1kWQbs98mIVDGGYXyhmCd77vQLhYW5oQpNnZiNjAYYAlDJCjGCEzJnvEMK7HE30uO8A4alvIJFzPhW87VSGcPC7KgI3EH3NSh9onyiaYzSgJJ7lEuOd8KHcAcGLtVdnpp2cu1BWF4Ut6aMIfkm9RRjUC5QQsNYo4Ojyyc_hIZ_Lff5BhhFHCAPk2XUqMPgVdeuRjTpcMTpOEkE7V6aYqsy-wZ3x4FhcRtrILJI3h5Jn5bRdbP_uNyxcL8kWZrifdqcwniQ3pUWJgz7yEUWoRQb0mpaLNSbvctf6zfD2QBgcze-UX8WrK1HTpYMznFdcw-rgBbAj8xW3OxtWgA9-JrA0ad_9CMk41UakZNk6LtFa2uReJPo6JDNtJYrwVpiMeNJT9qNAAFh6WMwKWd6T8NH_UiOgAZ6WOKDNixLIV9GLMfIho-Fhn0GfwkRYI5UcepKaM2pLDQN1teHG36fY7bo4K4YLvdYTS6VpIcRVppdcYllsGkbkVjqE6KU6tQ5y1lmmwE4km0vcP9hc5yUxz98cTtyB0TqLrpPa6yjMSSJ2KvHz_e2sTLTxtWylTgB9iUUoi-z5Jnjcw3BacsyPQTQ09RM8vDNCEzDJBFlUdhZZpnQ4tXY9dSnohNHk39ykx4UKjyX6lr26KPzd2N569CO6lJkfrcU9RCKZukA6CADFRJ1V0k17E6ezdWHfRopIAIR2vqIrlssghIzW8HwDd3QMoESTBn4ZQw8tTcHtTrfUkIKqpcNByYPavFvVHKS570_zDyIfPVHCBSKR0uwA6GZWmLwwtXcnLwxAG3WL9kb_25hFYKI0Hynw9B6B9vyiYdn6xJEiHEz0v7njrauciilII6N-o3ce89gQo9l-AOzfXY29KTjMw9-akZ7S1L7Ef_9uqNnXAZKCb66vCJ1PDohiXbcBJPyfyAhaPoLMfRY1P1-2jVZnis0G03R_B0VShym34buceRL5vIXcoiaJWH5fIotWqHA2SZTspXoftIPDaIwvmaiB2GqAFmdEeZZScwsf7QZYzbLhHcLc9jiz05onBSfCLRyrNV34u05LiHT842eQrLi-lOTBXIQ5Ftvt2wExs87FKJ4LPS28pK_yodrLN93ttMCx7BPERb-0DVdel76gy8ahANHZCCuc4cnKnFvZw7nddZifP_2YULW9E67PXFuacZM_x7SFQ6_6NDO0uMMoA&sai=AMfl-YRFArGy0Jgule8BO5pRsmvlwJlidBxzn2vwcZSJF8g_qNcGqmz0zwBfCb215Fjrs57P3qciKF3Cqr3TJ6zlZrEaEJd-OonObrBbZGIYz_8AH5R5HULqgF6Fzfn1U972octxmbb2KFItHFIosSTGy8_4EeNZdCIwRYmxvwSAbVrlZGOthm_vJ974sgAp5wLaLCjzWchW5v8mov_DhqBp-Ldjm0cJMXYfIqVfK0RQx2yy-YMcEbjWqDt9ig0ERxj9sVvpVHt-BXeDod0WuifNv_5XSlidESxFkN9WlKKm5A&sig=Cg0ArKJSzC0fuaLXFvDwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=899&vt=11&dtpt=468&dett=3&cstd=426&cisv=r20231109.42333&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: kazus.ru
URL: https://kazus.ru/programs/download/16497/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/3365586212222314499/728x90/ Frame 5F98 3 KB
3 KB 19ms
10ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3365586212222314499/728x90/logo.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

039cadbc2c89cd46e36607bf201a3168858a2d5dfcc7abc19e61329aa6b71ad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3365586212222314499/728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:09:12 GMT
x-content-type-options: nosniff
age: 58177
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3148
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 13:33:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Nov 2024 14:09:12 GMT

GET
H3 200 prise.png
s0.2mdn.net/sadbundle/3365586212222314499/728x90/ Frame 5F98 2 KB
2 KB 18ms
10ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3365586212222314499/728x90/prise.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f16f81511acf73d1ca45a9ecae42c9aa548263d44311230d0b5b9636ce488a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3365586212222314499/728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:30:15 GMT
x-content-type-options: nosniff
age: 283714
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1798
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 13:33:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 23:30:15 GMT

GET
H3 200 prod.png
s0.2mdn.net/sadbundle/3365586212222314499/728x90/ Frame 5F98 5 KB
5 KB 24ms
16ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3365586212222314499/728x90/prod.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9efea8dc34ec1a448027fe1ac2fdfd688f5cef974b9aca6a9c2f42675adc88b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3365586212222314499/728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 17:03:23 GMT
x-content-type-options: nosniff
age: 306926
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4842
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 13:33:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 17:03:23 GMT

GET
H3 200 kv.png
s0.2mdn.net/sadbundle/3365586212222314499/728x90/ Frame 5F98 8 KB
8 KB 23ms
16ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3365586212222314499/728x90/kv.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0c24a367b2d010e2e0684df4f82cd06b59a276b52b34d858d6337e5755e76ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3365586212222314499/728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 17:03:23 GMT
x-content-type-options: nosniff
age: 306926
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7844
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 13:33:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 17:03:23 GMT

GET
H3 200 text1.png
s0.2mdn.net/sadbundle/3365586212222314499/728x90/ Frame 5F98 3 KB
3 KB 26ms
20ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3365586212222314499/728x90/text1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8085a7f714183281103ccf81da0bff2cacbbb8ea0b76b4ddb54506a32852250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3365586212222314499/728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 17:03:23 GMT
x-content-type-options: nosniff
age: 306926
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2823
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 13:33:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 17:03:23 GMT

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/3365586212222314499/728x90/ Frame 5F98 4 KB
4 KB 26ms
20ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3365586212222314499/728x90/bg.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e98a282485a91e2e2ad3b2aa5c8698ee5771ea34fe341552aee1e3095727fe45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3365586212222314499/728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:43:00 GMT
x-content-type-options: nosniff
age: 282949
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4262
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 13:33:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 23:43:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1109 43 B
215 B 499ms
179ms Image
image/gif 2600:1f13:800:7780:5f47:a114:af1e:1176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=375f6e9f-d337-3437-9bed-06c49e9b175b&tv=%7Bc:ucSFh7,time:267,type:e,im:%7Bpci:%7Btdr:184%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:267,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:45,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B255~0%5D,as:%5B255~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tVQu1FI+11%7C12%7C13%7C14%7C151%7C152%7C16%7C1711%7C1712%7C181%7C182%7C191%7C192%7C1a1*.1350098-76506716%7C1a11%7C1a12%7C1a13,idMap:1a1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:48,sis:233%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:5f47:a114:af1e:1176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:49 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 96F3 42 B
64 B 67ms
45ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTcXfU6T48qkJ6qR1TItp94yjZWWhkCiPQBx970kUBZ_xiDwO2ZPwhj20XwIbKeV34pWbJTuVOlI7m6gCwV_8cUTqAEQPcBu-ZcAkloG9MR5riMfF2lRvF5pOxh23U8So2ZDrBZgTnz5kd&sai=AMfl-YTtSQrbmmH6x3-B7944d3i8aZH8b9rHlCTg7BXW1jg9UqMtB2WfGRfNix9Hl8V_QN4rnj6egYA5gKKD6I2-2uXQmzJBXGf_q4uyv7ijEqP0XG5XmDlTMo5-Db8lEs8ZJal6xWyleQIzsh8WU7ITjg&sig=Cg0ArKJSzNpaKvZr8E7cEAE&cid=CAQSTwDICaaNPS34KfeAGbx4ldfJxaRfyjRhymCGeYNVS62s-hznkIg-mm6r984Nk6SFgGOHYBNEUbw4phL-3tuJufvpzs3igT4PTi6LlPVDKVsYAQ&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700201927739&rpt=628&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1109 43 B
215 B 234ms
184ms Image
image/gif 2600:1f13:800:7780:5f47:a114:af1e:1176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=375f6e9f-d337-3437-9bed-06c49e9b175b&tv=%7Bc:ucSFlr,pingTime:-10,time:535,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE1OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1700201929636%7C%7C01419211c2f8d977b0a82137b641a287%7C%7C1b7de7e82db1163ab7a1342e5def95a8%7C%7C8bd55c1c5f2bb511c52efa85a98df2eb%7C%7Cdb30a69c9a7426306e5779d3ef65ce65%7C%7C7248883dbb93fda4891949bc213f1124%7C%7Cc1e0b9dbd2288363855f660a399cda1c%7C%7C85ee268c02737ca75652638f728064fb%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:5f47:a114:af1e:1176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:49 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1109 42 B
64 B 46ms
45ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqYj3YFtQFIKxc9CS-NmWfYC_GnpSn_zBAx8yx6kg10BZGCCcyzX9gkor9IxoqkzwvRCzeGULqG0Y_MqFvk48VogMXt67Dje5PvPdVKE8Cb14z00YPnjNlCXIPG1XPPAErDneaU81wL74d&sai=AMfl-YRyttjdNkgm6JyJ04TckZH6k5_vpDbFPaCJSW8bSfBHH06l2oh01ieK0soDtY3oOjapJK6Ni_p1PXbPllKmNtsx_NSYoFF7K-dQNNT1RtDKQzh4ruhF1TSgXiLKzOnwJ440_RoFkTbYCe4fQ1mZ1A&sig=Cg0ArKJSzC47SnETHMGQEAE&cid=CAQSTwDICaaNPS34KfeAGbx4ldfJxaRfyjRhymCGeYNVS62s-hznkIg-mm6r984Nk6SFgGOHYBNEUbw4phL-3tuJufvpzs3igT4PTi6LlPVDKVsYAQ&id=lidar2&mcvt=1003&p=0,0,90,728&mtos=850,1003,1003,1003,1003&tos=850,153,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700201927906&rpt=722&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B424 42 B
64 B 46ms
45ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss2bu4FjLUmJIHAsOWUv0j-foHN-Nopxyohor5hSFMb7nkSYVqpe4B_DELlqcoD92v36Mxlpk-daYb1wS7IOhJrvyux92zAWQoHxp98_xE22sArpKE1mRqBm6luTxSeLUO8SK0o2UEANxKs&sai=AMfl-YSgs6N2Cat7_ZXSN0oayI6QsLOoEWUcyyR1gTHRjm0pMBKTIyWBZyIOSEi7Gk2hwFxtzC3st_mG9RtSIBPxYYw6VLMevRdEwhLz7I3gnpfnWM9nJvNvLMJ5ElVU2g4OCSLTj9X4qMv-v9NVu_WDEA&sig=Cg0ArKJSzHxYX54eA12WEAE&cid=CAQSTwDICaaNPS34KfeAGbx4ldfJxaRfyjRhymCGeYNVS62s-hznkIg-mm6r984Nk6SFgGOHYBNEUbw4phL-3tuJufvpzs3igT4PTi6LlPVDKVsYAQ&id=lidar2&mcvt=1003&p=0,0,600,200&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700201927736&rpt=950&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 40B2 0
20 B 46ms
46ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BH5q2yAVXZcO5D7K-9u8P2NypSAAAAAA4AeAEAg&bg=!f3ylfDPNAAZxrfrxUa07ADQBe5WfOJQh30zZ6FjBKkGg3DLRLMrx-53-Nen6_87ryrjOjIxnmmVri1hg2j0v18OE2nG1AgAAAJVSAAAABmgBB5kDE_1S7MsygPEvDT5ZP8cM4AGDp6NAjM6MvyB0dmxngTwwS-ARr4ijVop3eZ2sTvtfONCvrAZgSDxyNFFkHZNJltoQUmZ_kSCpfkxBrawnsthY4dAk5caxGWwfwfZiCwMlY1ZzUVuGSSJxOEx7ZxMQGYjh0lKSF1aG0et6PniTIugaqZT3uLe1mAvpA7n4HfgDzh_dB1bys-gQkEXslpPJy_RZ_KAn06u1E5DiyteSRg6cF3qR_i4myTAY89Q1LQX2uEMLoamdLPtQmW_ynad8iB-QfPv72UOEluT3tc7ILi2Jv1GJK8142y5iSb8xugaooYtcuaqitGnO-K9Fa1ATdkCZ2_GidGogoWx954ER9l8NhlCW3eUXZ6VBIcDY86_m8xB3qzjhfJB4IG8UputfxHGy4wPuFokkO_N_DCSu6Ud4ZEUsOu0tcTGeCX9n-iuK2Hk0GOM5NW9gNmfriiOYJWzES_eZGPCGI-n-TxwLDcf_DeX1pbC5xjr2BXiKrtBe5Vkmp5-Zlca2v8tQbjCrpMIE3pkQ78CGa-HyPog-J_u_AymmdlmmPrWaYGzw-Wfv8F34teVnaEcAgMyKGwrwt8R1rDxE6E4gJABUfMbtTXvzjgE7rXUOCfMi7B9lA2aiirqioHihPaRyTwL3hVeafYujMe9vqkwQrWSsJ2F78ThUXFbUjHpAXsSbXn_pW1blN0dvVggSTiqgRXn5xRfbdp8HhfZocagw4fziJWW_5fCFeQcUZO8XFL1pLomEmpoeI-x7honhsJ711961N24huSpAtpQrdC-DQ3YnoMTirZbrhV9J8jQ_hasyMoIYfJL39qkFc1ztTO2EpLUgV06dsRAgiFov49_85W5t5GO0PNUFyD7i2fq63pjBIuv9I8X4zvmgO2rJCG6bwYtfcDgsd6-DSWzDnbwHn6AG-7enmpHzCyYgPTEGeJKWK-uHMLJa97uv06z7op3zN8VXLUmw-4KqJh2z1__2KHz05hfF4R83Kz6Rg-YGScUQCNn8UtetZqrOW-2f5YqI1QlIfRcr7ZrRF0Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 112ms
112ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74406f2d5499b1de9404997224691f6f2c6c7f5b832b4c84283c76644fb45e28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kazus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12592
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kazus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 06:18:50 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6106 13 KB
5 KB 10ms
7ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kazus.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 59756
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 13:42:54 GMT
expires: Fri, 15 Nov 2024 13:42:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5833 829 B
560 B 23ms
18ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9d495c60347293f439090b6260ab3801ffbdb409085d7c6ebb194fdabfa52a41

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kuqxZOaFfleNaknN5QM9bQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kazus.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-kuqxZOaFfleNaknN5QM9bQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 06:18:50 GMT
expires: Fri, 17 Nov 2023 06:18:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 6106 39 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 18:01:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5833 0
0 41ms
41ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=2812712637081592&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6106 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Y4Q3AA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 06:18:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=2812712637081592&bg=!3t2l3ZLNAAZxrfrxUa07ADQBe5WfOPDEC_TIbONNkhJ8KAZ1jCAHdIFduvpRWDqT79saDihAMetM6PuQ_L5HCZw3Lt7MAgAAAI9SAAAABGgBBwoAaBEdDxUPeRsrhO8AZK-7Uez9Asomzk6HLVJkN--0UPbPak3VqiCmQQ0oHZXc-7HCk_P1JDv6CHps8y184M9sTS_0sh1MaCeGmUIcOEMwu7Y6NskyKBdmVaTnzQ4gbTXX4juxtP1NeuxRmQK0P35hlaEQmhreO5Jm-lE7wwzVj9yM2gb1lgxR0SIqtaFhtfR0NCkdz7JzxFLnKlosL1SaRdSTqw6W0ohDwuLVt34C48q0o9xssTjxPifFyVmHSVNt77yWa4GrAbEsr6eum7TbBWsl3HRfSCcAoRs0hjJuKK8IaIKiPWK8MsWwGS89JvjA6gYgo-gCY0XXlPo679LsxYScqUskrxeAVoT3IZcNHBYBr9rjER2eQyfo9plbyiQuAlczsCohtdG9BcTRvylEpSQNw_cYv55cbMZqJFwZ6gnIsVQRUJ3u0HRckhm-JPp62G8NL5SHhPsoOiRqf9l-XBLlyS88NbPPX3o6UrZfrUE4pHBLR3ojGlW7L83O3YzHrfWHwpSVtybhwd99CQkeAeLFc1vRdneWA1QlSIpJBf8L0OBMhzVs0hugK8haksbRcvi92_w6zp4ZLexLRB-oYgzpC6pjiaaKXYfvD-j5DQEF8CIML8ywB9093vgcR6aAOAGWK0VxzVPXrLK5p2EF32QoYDyYziQW3dT5hDI0LgxocPKgArYp9EB05I6c1wNG9EFTQy8SsId4k0_acCvI9hnYI749TSXaCsao8cqMbo3e0csC0h0jDItj-UoJtPBcIPq2z1TKRim96T2SBY4HeSVAFN7DT2kHlvxfH70HpuqYCOLbfF_39QqAFafZ4DLv6lMzIL_1UzBAkz7rnRjoCIkU_9rVI3odSvFRzX_uDaQzB5gQPiE7VS2gsLPIgoOKqjICLUqQb3jGpHNIwsN1ztt2zfxd2BOUh3466MnRPPfmigg8JXeC9fgV2RmQMnhSX5aGae2pJsjf5R5BHfWqM3x5IT2q-b_cc1ZEesdH4MS3c1udJArrCAC_Ptlf9tJXu9ZeKrA-wBmYLTKtw_rd4pOJEVYaz6H7H1VbUpa1xcQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kazus.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1109 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3309280787940&version=m202309260101&ct=76&x=1&cor=16641858622201717000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1109 43 B
215 B 174ms
173ms Image
image/gif 2600:1f13:800:7780:5f47:a114:af1e:1176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=375f6e9f-d337-3437-9bed-06c49e9b175b&tv=%7Bc:ucSFMt,pingTime:1,time:2211,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:46%7D,%7Bpiv:100,vs:i,r:,t:1210%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1210,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:45,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1198~0,0~100%5D,as:%5B1198~728.90%5D%7D%7D,%7Bsl:i,t:1210,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:751,fm:tVQu1FI+11%7C12%7C13%7C14%7C151%7C152%7C16%7C1711%7C1712%7C181%7C182%7C191%7C192%7C1a1*.1350098-76506716%7C1a11%7C1a12%7C1a13,idMap:1a1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:48,sis:233%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:5f47:a114:af1e:1176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:51 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 1109 43 B
215 B 173ms
173ms Image
image/gif 2600:1f13:800:7780:5f47:a114:af1e:1176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=375f6e9f-d337-3437-9bed-06c49e9b175b&tv=%7Bc:ucSFMt,pingTime:1,time:2211,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:46%7D,%7Bpiv:100,vs:i,r:,t:1210%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1210,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:45,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1198~0,0~100%5D,as:%5B1198~728.90%5D%7D%7D,%7Bsl:i,t:1210,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:751,fm:tVQu1FI+11%7C12%7C13%7C14%7C151%7C152%7C16%7C1711%7C1712%7C181%7C182%7C191%7C192%7C1a1*.1350098-76506716%7C1a11%7C1a12%7C1a13,idMap:1a1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:48,sis:233%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:5f47:a114:af1e:1176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 06:18:51 GMT
server: nginx
x-server-name: dt20.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
application/x-font-opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27fbd06b5bd4a0614388b6cb6b248701f6df33e4c0543b05d7e2d9a924e63158

Request headers

Referer
Origin: https://kazus.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: application/x-font-opentype

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
application/x-font-opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a76f1147b09c120462ef25f81b0875c31d8e40dbf3603175385134d004db1e0

Request headers

Referer
Origin: https://kazus.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: application/x-font-opentype

GET
DATA 200
OK truncated
/ 1 KB
1 KB Font
application/x-font-opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4057a63ff95205bd3cb00654259691379f43010727bfc23645fb7435e320b9e

Request headers

Referer
Origin: https://kazus.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: application/x-font-opentype

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: kazus.ru
URL: https://kazus.ru/js/stat-testdata/log_trackjs.htm

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

97 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kimberlite.io/rtb/sync	1970-01-20 16:26:46	Name: as Value: OFrH4WVXBcc
.kazus.ru/	1970-01-21 01:52:41	Name: __utma Value: 77877902.24009785.1700201926.1700201926.1700201926.1
.kazus.ru/	1969-12-31 23:59:59	Name: __utmc Value: 77877902
.kazus.ru/	1970-01-20 20:39:29	Name: __utmz Value: 77877902.1700201926.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.kazus.ru/	1970-01-20 16:16:42	Name: __utmt Value: 1
.kazus.ru/	1970-01-20 16:16:43	Name: __utmb Value: 77877902.1.10.1700201926
.yadro.ru/	1970-01-21 01:01:44	Name: FTID Value: 1bLmN62K84ug1bLmN60027l2
kazus.ru/	1970-01-21 01:52:41	Name: fid Value: 353cabd9-18e3-4af6-a48b-f3e1f8ee4926
.acint.net/	1970-01-20 16:16:42	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-21 01:52:41	Name: aid Value: fwAAAWVXBcaXeQ0gWsvzArMVXIxO4KlwZv7nkEgjPsPdPhf7
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp14v5 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp17v2 Value: 1700201926
.acint.net/	1970-01-20 16:18:08	Name: cSyncDp45v5 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp53v5 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp62v2 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp67v3 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp68v2 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp71v2 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp80v2 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp85v2 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp95v4 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp98v3 Value: 1700201926
.acint.net/	1970-01-20 16:36:51	Name: cSyncDp104v2 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp107v2 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp110v3 Value: 1700201926
.acint.net/	1970-01-20 16:38:17	Name: cSyncDp125v4 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp126v2 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp127v2 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp129v2 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp136v3 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp146v2 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp148v2 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp149v3 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp151v2 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp178v2 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp186v2 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp217v2 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp221v2 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp235v2 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp239v2 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp243v2 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp260v2 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp244v2 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp248v2 Value: 1700201926
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp261v1 Value: 1700201926
.yadro.ru/	1970-01-21 01:01:44	Name: VID Value: 3273Js3tTsOg1bLmN6002JTo
kazus.ru/	1970-01-20 16:19:34	Name: __intstat_tracktest Value: 0
kazus.ru/	1970-01-20 16:19:34	Name: __intstat_tracktest_data Value: 524e3770452b6668773538322b6a303374524330443364504a735a4d34683358787077317159646d484658516e5973374534474b34564a6759566246413948494f714c3836334a527337366d6c533575446c634349644e7767666773645a393570475475434d2f614d366258446747356e51474977692b386243792f49476850422b33546570435935543034776e6e6f57716a794f374d54536166785063696a733663694d667161496e4c6f4d374c3554536966374f454630782f72386e6561564f6f54304b6b4d6d435545784274534d7673647263516d55336a45365142414b2b444434364c5a5a6b6f613342776a42717637306a44716e42725a486e67354967596233446c626570696b7445436f363374647441436a4d523545796b4a43776d537972564c77656871425567547444384549486737464a6b4f6e355436755943725a33665849767046744f4835595a39644b5a4f3532494f41697265622b42646b57302b3341637549624550362f707a486436646f75796c623347776c74524e3770452b666877352b67784938354f55366e645349474739773557337159486a45486457367364476b416f7a4565524d704351734a6b7371315338486f616756494537512f424342344f78535a44702b552b726d417132643331794c36522f4478454666516d7843757059325678383363614443696d496f642b4442716c612b34696977376e43697a676735516e6a3465784449444b51434a314d304e4563412f3771465a63726f56504c5169454b694979474d586d6d2b556d75332b7934494f554a342b48735177412b3755513350736730717374453342477a45762b534a7a3072757445777a4132396f7a68366a45576d3379636945414a6c642b5349502f4831434b69455156774a6a5733653244464f72713470367a563379436f707358376d696f33524d516b324654734b54436e334c666e51447a6136466657732f6d38442b6333713636387269316b4a495134726641696d2b4c61523866792b665871344d4f3265616b752f546371465638307243595a6a37492b476279644a544e6d374230555a7a5042476a5062772b7739696534726665336266416633473170433078395473425a2b3637666f3362436e7a742b39514a6c4458715356386575667270612b7172684b696c636d3531615a3476723865444f726b4975647a484d3767774e763658456363594669786479447951454a573675714466645143726179786c4b2f6e4c345575514c50506e2b384b6b4c2f63476675694f3373664c34724a33356558484c6e2f302f723666697551306c58676e30397777714b56477431325a38394954546b4f6a453959756d4b5a2f73667963435574497839706e6a35456a712b4b614446424d765272426b7a397543446c4365506837454d2f524b646e364745422f77656c6631474c795636332b51364d5431693659706e2b782f4a774a53306a48326d65506b534f7234706f4d5545793947734754503234494f554a342b4873517853444b5376544256646f666e4e30665769467352734559444d467455634734336f564d317633326554444d7074585962654e394c796a592b6b6f524c446334564a464e4c3641496355332f524a6e6e77546c5666784e7a776b70624371594e7934316c724f585941565533693454744779656b6a5658325641676450703154646f5a2f78483177477862624f3756796d4968716572
kazus.ru/	1970-01-21 01:52:41	Name: _ac_oid Value: 2334f6a21f17cf16ed508db08c20f34b%3A1700205526755
.upravel.com/	1970-01-20 16:16:42	Name: session_tptc Value: 1700201926768
.utraff.com/	1970-01-20 17:00:04	Name: preutid Value: 1
.adhigh.net/	1970-01-21 01:02:17	Name: gi_u Value: 7GjLngOGrGi.AikABlGL2-6QfA
.ssp-rtb.sape.ru/	1970-01-21 01:52:41	Name: sspuid Value: CkIDFmVXBcYLXAAuBN8nArV73PdcIEBX1YI3FvTSpxSsh2aP
.upravel.com/	1970-01-21 01:52:41	Name: user_id Value: 85227423-fb2d-4bc7-befe-5e4a36fde488
.adriver.ru/	1970-01-21 01:52:41	Name: cid Value: A6WA8Kc5186JFSFwEu9DzkA
.acint.net/	1970-01-20 16:59:53	Name: cSyncDp14v4 Value: 1700201926
.adhigh.net/	1970-01-21 01:02:17	Name: sape_sync Value: LLsq
.rutarget.ru/	1970-01-20 20:35:53	Name: userId Value: aHGb4au2sinP
.uuidksinc.net/	1970-01-21 01:02:17	Name: jcsuuid Value: 0lcREzpDBIQxFs0b67bV
.mts.ru/	1970-01-21 00:49:20	Name: dspid Value: 6bf619f2-596a-4a12-bdf7-612f95189f99
.ccsyncuuid.net/	1970-01-21 01:02:17	Name: jcsuuid Value: IIPKcWfuJGhjLEh2uLrO
.bidvol.com/	1970-01-21 01:52:41	Name: bvuid Value: y3go26gdpn
.bumlam.com/	1970-01-21 01:52:41	Name: suuid3 Value: IiQyYWI1ZWIyNi04NTExLTExZWUtODZlMC0wMDI1OTBjMDY0N2M*
.aidata.io/	1970-01-21 01:52:41	Name: __upin Value: 6yUggwZNia82M6mw7+V3Vw
.aidata.io/	1970-01-21 01:52:41	Name: __upints Value: 1700201927
ads.adlook.me/	1970-01-21 01:01:44	Name: adlm_userId Value: 48dc84904c504131936fd03568965507
ads.adlook.me/	1970-01-21 01:52:41	Name: adlk_cmatch Value: sape%3A0100007FC6055765250DE39702F8A33F
.ohmy.bid/	1970-01-20 16:59:53	Name: uid Value: edc3c37d-3f1f-45ad-9ad4-f130aca7d6ce.655705c7.cebd777073d4e295
x01.aidata.io/	1970-01-20 16:21:01	Name: livin Value: 1
.yandex.ru/	1970-01-21 01:52:41	Name: yuidss Value: 6869032991700201927
.yandex.ru/	1970-01-21 01:52:41	Name: yandexuid Value: 6869032991700201927
.agency2.ru/	1970-01-21 00:49:20	Name: uuid Value: c57c710a-9ef8-46d0-a2d6-0557b6c627c8
.kazus.ru/	1970-01-21 01:38:17	Name: __gads Value: ID=c1f7f36a953cc013:T=1700201926:RT=1700201926:S=ALNI_MZYaSnih9MO6ePlRvadlsnEa2Zfpw
.kazus.ru/	1970-01-21 01:38:17	Name: __gpi Value: UID=00000cca374675f4:T=1700201926:RT=1700201926:S=ALNI_MYHFYsR6nThw_cYi1XPmIZl-G43Jg
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
sync.programmatica.com/	1969-12-31 23:59:59	Name: chk Value: 1
.programmatica.com/	1970-01-21 01:52:41	Name: pid Value: N2E5YWJlM2RkOGU0MjI4Mw
.gonet-ads.com/	1970-01-21 01:03:44	Name: pid Value: MjdkYzlkNTcxOWEyNWViOQ
.doubleclick.net/	1970-01-20 16:16:45	Name: DSID Value: NO_DATA
.mts.ru/	1970-01-21 01:52:41	Name: mts_id Value: f23240f8-a46c-4efa-bc59-321f74c58a2f
.mts.ru/	1970-01-21 01:52:41	Name: mts_id_last_sync Value: 1700201927
kimberlite.io/	1970-01-20 18:26:17	Name: u Value: ZVcFx0qEClc~VDDBrR_cGpLSX3hQYAbLfyYT5Gs
sync.dsp.solta.io/	1969-12-31 23:59:59	Name: chk Value: 1
.dsp.solta.io/	1970-01-21 01:52:41	Name: pid Value: NWQ5MTc3YzdkYmJkZGQzMQ
.doubleclick.net/	1970-01-21 01:38:17	Name: IDE Value: AHWqTUkUCX4DdNUH87uV4RimVBw6ZAV6ek7JI26yofXcuRNstvcMTU_rkjvmh08yQKA
.dmg.digitaltarget.ru/	1970-01-21 01:52:41	Name: viuserid Value: FSaXhnBZ9Brr4kF71915
.googleadservices.com/	1970-01-20 18:26:17	Name: ar_debug Value: 1
.casalemedia.com/	1970-01-21 01:02:17	Name: CMID Value: ZVcFyEvwLxCPOS18XortFQAA
.casalemedia.com/	1970-01-20 18:26:17	Name: CMPS Value: 5221
.casalemedia.com/	1970-01-20 18:26:17	Name: CMPRO Value: 5221
.mail.ru/	1970-01-21 01:03:44	Name: VID Value: 146rCR0p2EoL0029bQ2z8DYL:::0-0-0-a715e87-0:CAASEFHBnw36boto3szUCrIv-3QaYKorZZUuBTwMBPypKbXKTkMtYJNHA89dh3sLNbbCAqL5yoSJCH4OZh1frM5Wdz1ZQ4fI9ZCtH_EPXMYfNzBLwLqv1qofpuQg-GogPd_klWZ9XQZoYhG-y64V_1b839PMng
.doubleclick.net/	1970-01-20 20:35:53	Name: APC Value: AfxxVi5LD52SqSCXFZXlMNOCKiymhoWhv1NASGk8wo4KhHCbpPi5iw
.adnxs.com/	1970-01-20 18:26:17	Name: uuid2 Value: 2745641257439443479
.adnxs.com/	1970-01-20 18:26:17	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$GvQvYA!]tbPl1M>e)ZlrFUfJ+tGXxp.MxEN4>5%?KEyIvHb4=Qg[OYNk^NC#d731!_bpRzqF1`*b^H6)nT+7
.bluekai.com/	1970-01-20 20:35:53	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 20:35:53	Name: bkpa Value: KJyNpWWvQY9xxBcENnqH6PWU63SnH9ABoWCJ86d1kFX+d7HpYjBe6Mu4cnkTswwO34MyCaxsUeMZniFF+DZM9vKfqzNAcuMgX14gDNOssAUDmE5avyu9BKTajVzAdy==
.bluekai.com/	1970-01-20 20:35:53	Name: bku Value: ts6O91AaPtPlUL/b

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://kazus.ru/programs/download/16497/(Line 59) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://kazus.ru/programs/download/16497/(Line 59) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://kazus.ru/programs/download/16497/(Line 88) Message: Mixed Content: The page at 'https://kazus.ru/programs/download/16497/' was loaded over HTTPS, but requested an insecure frame 'http://alipromo.com/redirect/product/ogo7evdem9x7kfuhu3acr51veuf9ldu0/1005005796848007/en'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=0100007FC6055765250DE39702F8A33F&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://adx.com.ru/sape-sync?uid=0100007FC6055765250DE39702F8A33F Message: Failed to load resource: the server responded with a status of 429 ()
javascript	info	URL: https://customfingerprints.bablosoft.com/clientsafe.js Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://customfingerprints.bablosoft.com/clientsafe.js Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://customfingerprints.bablosoft.com/clientsafe.js Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://customfingerprints.bablosoft.com/clientsafe.js Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://customfingerprints.bablosoft.com/clientsafe.js Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://customfingerprints.bablosoft.com/clientsafe.js Message: Failed to create WebGPU Context Provider

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2ab5eb26-8511-11ee-86e0-002590c0647c.n6.sync.bumlam.com
a.utraff.com
acint.net
ad.mail.ru
ads.adlook.me
ads.betweendigital.com
adx.com.ru
ajax.googleapis.com
an.yandex.ru
cm.g.doubleclick.net
counter.yadro.ru
cs.agency2.ru
customfingerprints.bablosoft.com
dm-eu.hybrid.ai
dmg.digitaltarget.ru
dsum-sec.casalemedia.com
dt.adsafeprotected.com
ev.adriver.ru
exchange.buzzoola.com
fingerprints.bablosoft.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
kazus.ru
kimberlite.io
match.new-programmatic.com
match.ohmy.bid
mts-dsp-sync.rutarget.ru
nr.bidderstack.com
pagead2.googlesyndication.com
pix.bumlam.com
pixel.konnektu.ru
px.adhigh.net
s.ccsyncuuid.net
s.uuidksinc.net
s0.2mdn.net
sape-sync.rutarget.ru
sm.rtb.mts.ru
ssl.google-analytics.com
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.afp.ai
ssp.bestssp.com
ssp.bidvol.com
static.adsafeprotected.com
sync.adkernel.com
sync.adspend.space
sync.bumlam.com
sync.dmp.otm-r.com
sync.dsp.solta.io
sync.gonet-ads.com
sync.programmatica.com
sync.rambler.ru
sync.upravel.com
tag.digitaltarget.ru
tags.bluekai.com
tech.rtb.mts.ru
top-fwz1.mail.ru
tpc.googlesyndication.com
vma.mts.ru
www.acint.net
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
x01.aidata.io
kazus.ru
104.18.36.155
116.202.236.228
130.193.58.13
142.132.138.213
142.250.184.194
142.250.186.162
142.250.186.66
143.198.242.75
162.19.169.11
162.55.144.211
167.235.117.41
167.235.14.51
176.122.21.139
176.9.81.69
178.63.75.168
18.203.173.246
185.15.175.132
185.15.175.159
185.40.31.213
185.89.210.20
188.42.105.236
188.42.191.196
193.232.150.46
193.3.184.218
195.201.86.197
195.209.108.55
2.18.160.221
213.87.44.187
217.199.220.43
217.65.2.150
217.66.147.33
217.66.147.34
23.111.107.44
2600:1f13:800:7780:5f47:a114:af1e:1176
2600:9000:2127:fa00:8:48e:53c0:93a1
2606:4700:e2::ac40:8924
2a00:1148:db00::17
2a00:1450:4001:800::2001
2a00:1450:4001:802::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:811::2006
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2008
2a00:1450:4001:829::200a
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a02:6b8::90
31.172.81.160
31.172.81.172
31.220.27.155
37.230.131.16
45.139.25.125
46.243.142.239
5.189.234.229
65.109.65.187
77.245.57.72
78.40.218.117
80.87.198.24
81.222.128.214
83.222.105.70
83.222.96.170
87.242.95.200
88.212.201.204
89.108.119.43
91.192.149.36
95.163.52.67
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01d2a50e8bc78a26b95a9a4eb53ed68bf05afa355126854b6f0a0434f0096dcb
039cadbc2c89cd46e36607bf201a3168858a2d5dfcc7abc19e61329aa6b71ad5
0a76f1147b09c120462ef25f81b0875c31d8e40dbf3603175385134d004db1e0
0a92226bb4bc03cf419e9b5ddfd82f1cf50232e8dd28b973c30dcfa73b7668cb
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0dc9f91f6e0f6ce3999b741d6c7bf51a19b9415b29d9df5f0a40d3cf84180c87
11964ae432aee9f03d60b895896e1e331890805a20e86b3ef779af7d73716607
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
248a488bb0b6e81f058952c0d358d7cca8a6b18b99553b37694bb1831ee7a0e7
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
27fbd06b5bd4a0614388b6cb6b248701f6df33e4c0543b05d7e2d9a924e63158
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
334d1611caf1855a0ed9f82c7a2c1b79d2ee2a803f251d2e9d1a8ddd69ba45f4
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
434324ab4ef18a8cad90356c52f0fc4ac45cba1489b451bb8c4839e0ef3ffc35
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43b3fe345a2ddddbb3b29f1207b8bdf941d8e1406883dde24b20a18cb8b7f63b
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48bce9bd6f9d11c43b22a15deed5e6c1e69b27193228849babc6147c4b994ccf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7a641911ec167f9bb0e5fad77703342ebadb9d28f15c2da7a2cef024725a8b
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e9af23d1db66ede07fb04c501e640c3d43c22b11ed43a4ea7776c7085214fb8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5825c88b68a498c8b3d8d34f0090a625f063a366c8f3cbebf51e7657623fb13b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e740b4c722831d9a6451a42a01ca2541e1a0c2af5718703a89bc9823c16099a
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
74406f2d5499b1de9404997224691f6f2c6c7f5b832b4c84283c76644fb45e28
80950e7b6b6a0d1600ed2b2f3b8f50fe39c244b07367fccf6582eb34cc7a954d
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8409be3c6700281345aa328acb9541c143f744963e5c8d171672b35757925d07
89ca150824135faa6de124acdd435a0f5f92ca87a65f28e7dada3cb2a4d2a008
8bc041ed96e8d1b67dc6cc02fc4bf15311b8394667dc48ab1982ad897ee08320
8c0301b3dba5061632d7321cd8bb7bd527f48288d5cb15ff614ea0c1dcc1ad69
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
92e96595262098fc17b472c80c55115e55f28835b6087fd96539cd67f3e0cfcc
9a4d4b0095f5dfd9adf1a509029b110a24bfc96c1cf3273c6d59718563e4c7db
9d495c60347293f439090b6260ab3801ffbdb409085d7c6ebb194fdabfa52a41
9efea8dc34ec1a448027fe1ac2fdfd688f5cef974b9aca6a9c2f42675adc88b4
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048d788d4ab5c04d6c356c197e1256960a95748bbe4293374cf09b639728092
a4be8eff3a015d4675ff7dbe89c948fe5a209d358421f33907ca59898b05ea68
a76a6f1152ca71f176eca74f86d2e36b94f3a53d2c5748b6944ae2a49aefb0a9
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3ef8fb9c6e34c97443dbd6e549199301e2cd1e10ca41b024598c28f0ff82349
b4057a63ff95205bd3cb00654259691379f43010727bfc23645fb7435e320b9e
b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c0c24a367b2d010e2e0684df4f82cd06b59a276b52b34d858d6337e5755e76ec
c54adef7b2fe9465b19cd573e5a8761e1c9ff6071358884c7eb0257a813c0fff
c75b0c465cc069c60ac4b0dc269035536b6040da2d1d3f2219c5213d49979d8f
c8085a7f714183281103ccf81da0bff2cacbbb8ea0b76b4ddb54506a32852250
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d3e3d91c1049ef2c6fe0a210bc08b1a8f094c41687ace751adf3e5135220fefa
e379385ae4acb3695c5485334b9ad40a4c9b46d38436734978d1c11ba6d34d52
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e98a282485a91e2e2ad3b2aa5c8698ee5771ea34fe341552aee1e3095727fe45
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
edfd028de4817cff0700d86229b8805ef9f010f065df957c6b8a07832e73781a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16f81511acf73d1ca45a9ecae42c9aa548263d44311230d0b5b9636ce488a63
f240778515a8dbd3a8205d2a81d2b64dc367593d6698e6878d1510a81a6c46ac
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fd8c465acc815fd7f23f973c2de10bd5cb42e6440663977b44f952277f2588cb

kazus.ru Open in urlscan Pro 195.201.86.197 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

192 Requests

81 %HTTPS

24 %IPv6

52 Domains

69 Subdomains

46 IPs

12 Countries

2365 kBTransfer

5418 kBSize

97 Cookies

3 Outgoing links

Page URL History

Redirected requests

192 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kazus.ru Open in urlscan Pro
195.201.86.197 Public Scan

Screenshot
Live screenshot

Full Image

192
Requests

81 %
HTTPS

24 %
IPv6

52
Domains

69
Subdomains

46
IPs

12
Countries

2365 kB
Transfer

5418 kB
Size

97
Cookies

192 HTTP transactions
8 data transactions