microsoft-publisher.ru Open in urlscan Pro
85.119.149.127 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://microsoft-publisher.ru/
Submission Tags: @phishunt_io
Submission: On October 06 via api (October 6th 2021, 9:50:54 am UTC) from DE — Scanned from DE

Summary HTTP 187 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 31 domains to perform 187 HTTP transactions. The main IP is 85.119.149.127, located in Russian Federation and belongs to SELECTEL-MSK, RU. The main domain is microsoft-publisher.ru.
TLS certificate: Issued by R3 on October 4th 2021. Valid for: 3 months.

This is the only time microsoft-publisher.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
49	85.119.149.127 85.119.149.127	50340 (SELECTEL-MSK) (SELECTEL-MSK)
11	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
6	142.250.185.202 142.250.185.202	15169 (GOOGLE) (GOOGLE)
2	178.154.131.217 178.154.131.217	13238 (YANDEX) (YANDEX)
1 20	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 6	88.208.46.27 88.208.46.27	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
11	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
6	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
9	142.250.186.174 142.250.186.174	15169 (GOOGLE) (GOOGLE)
4 10	87.250.251.119 87.250.251.119	13238 (YANDEX) (YANDEX)
1 2	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
3 5	142.250.185.164 142.250.185.164	15169 (GOOGLE) (GOOGLE)
29	172.217.16.129 172.217.16.129	15169 (GOOGLE) (GOOGLE)
1	142.250.181.246 142.250.181.246	15169 (GOOGLE) (GOOGLE)
7	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
1 2	185.15.175.130 185.15.175.130	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	136.243.84.74 136.243.84.74	24940 (HETZNER-AS) (HETZNER-AS)
1	37.9.245.57 37.9.245.57	16345 (BEE-AS Ru...) (BEE-AS Russia)
1	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	195.201.152.110 195.201.152.110	24940 (HETZNER-AS) (HETZNER-AS)
1	37.18.16.16 37.18.16.16	205675 (HYBRID-AS) (HYBRID-AS)
2 3	31.172.81.159 31.172.81.159	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
4 4	217.65.2.150 217.65.2.150	29076 (CITYTELEC...) (CITYTELECOM-AS Filanco LTD)
3 6	77.88.21.90 77.88.21.90	13238 (YANDEX) (YANDEX)
2 3	81.163.17.245 81.163.17.245	49505 (SELECTEL) (SELECTEL)
1 1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	185.148.37.79 185.148.37.79	48347 (MTW-AS) (MTW-AS)
1 2	96.46.183.20 96.46.183.20	7979 (SERVERS-COM) (SERVERS-COM)
1	212.7.203.129 212.7.203.129	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
187	32

49 85.119.149.127 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: isp1.ru.fastfox.pro

microsoft-publisher.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.154.131.217 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: static.yandex.net

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 172.217.16.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 88.208.46.27 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

pushiti.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 87.250.251.119 (Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.164 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 172.217.16.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f1.1e100.net

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.246 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f22.1e100.net

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.130 (Russian Federation) 1 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.84.74 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.74.84.243.136.clients.your-server.de

recreativ.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.9.245.57 (Russian Federation)

ASN16345 (BEE-AS Russia, RU)

ssp1.rtb.beeline.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)

sync.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.201.152.110 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.110.152.201.195.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.16 (Russian Federation)

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.159 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.172 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.65.2.150 (Moscow, Russian Federation) 4 redirects

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 77.88.21.90 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 81.163.17.245 (Russian Federation) 2 redirects

ASN49505 (SELECTEL, RU)

mitdmp.whiteboxdigital.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
356c4fa1-0a1d-4363-9eac-525bbea67822.mitdmp.whiteboxdigital.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.148.37.79 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

fcgi.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.46.183.20 (United States) 1 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.7.203.129 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

z.cdn.adpool.bet	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

p4-fqqw2us4toa6s-tcvgclw72cs47wtf-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	microsoft-publisher.ru microsoft-publisher.ru	3 MB
39	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	496 KB
23	doubleclick.net 3 redirects googleads.g.doubleclick.net static.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net	164 KB
20	gstatic.com fonts.gstatic.com www.gstatic.com p4-fqqw2us4toa6s-tcvgclw72cs47wtf-if-v6exp3-v4.metric.gstatic.com	197 KB
9	youtube.com www.youtube.com	684 KB
8	yandex.com 3 redirects mc.yandex.com	4 KB
8	yandex.ru 4 redirects mc.yandex.ru an.yandex.ru	48 KB
7	google.com 3 redirects adservice.google.com www.google.com	14 KB
6	googletagservices.com www.googletagservices.com	213 KB
6	pushiti.info 1 redirects pushiti.info	20 KB
6	googleapis.com fonts.googleapis.com	4 KB
4	new-programmatic.com 4 redirects match.new-programmatic.com	1 KB
3	whiteboxdigital.ru 2 redirects mitdmp.whiteboxdigital.ru 356c4fa1-0a1d-4363-9eac-525bbea67822.mitdmp.whiteboxdigital.ru	2 KB
3	bumlam.com 2 redirects sync.bumlam.com	2 KB
2	betweendigital.com 1 redirects ads.betweendigital.com	1 KB
2	adsniper.ru 2 redirects sync3.adsniper.ru	1 KB
2	otm-r.com sync.dmp.otm-r.com	137 B
2	digitaltarget.ru 1 redirects dmg.digitaltarget.ru	1 KB
2	uuidksinc.net 1 redirects s.uuidksinc.net uuidksinc.net	2 KB
2	yastatic.net yastatic.net	40 KB
1	adpool.bet z.cdn.adpool.bet	369 B
1	gnezdo.ru fcgi.gnezdo.ru
1	hybrid.ai dm.hybrid.ai	238 B
1	mgid.com sync.mgid.com	813 B
1	beeline.ru ssp1.rtb.beeline.ru
1	recreativ.ru recreativ.ru	109 B
1	ytimg.com i.ytimg.com	33 KB
1	ggpht.com yt3.ggpht.com	3 KB
1	googleadservices.com partner.googleadservices.com	407 B
0	go2net.com.ua Failed ads.go2net.com.ua Failed
0	zefirgood1.ru Failed zefirgood1.ru Failed
187	31

	Domain	Requested by
49	microsoft-publisher.ru	microsoft-publisher.ru
28	tpc.googlesyndication.com	googleads.g.doubleclick.net microsoft-publisher.ru tpc.googlesyndication.com
19	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.youtube.com googleads.g.doubleclick.net microsoft-publisher.ru
11	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
11	pagead2.googlesyndication.com	microsoft-publisher.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	www.youtube.com	microsoft-publisher.ru www.youtube.com
8	mc.yandex.com	3 redirects microsoft-publisher.ru mc.yandex.ru
7	www.gstatic.com	www.youtube.com www.gstatic.com googleads.g.doubleclick.net
6	an.yandex.ru	3 redirects uuidksinc.net
6	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	pushiti.info	1 redirects microsoft-publisher.ru pushiti.info
6	fonts.googleapis.com	microsoft-publisher.ru googleads.g.doubleclick.net
5	www.google.com	3 redirects www.youtube.com googleads.g.doubleclick.net
4	match.new-programmatic.com	4 redirects
3	sync.bumlam.com	2 redirects uuidksinc.net
2	ad.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	p4-fqqw2us4toa6s-tcvgclw72cs47wtf-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-fqqw2us4toa6s-tcvgclw72cs47wtf-if-v6exp3-v4.metric.gstatic.com
2	ads.betweendigital.com	1 redirects uuidksinc.net
2	mitdmp.whiteboxdigital.ru	1 redirects uuidksinc.net
2	sync3.adsniper.ru	2 redirects
2	sync.dmp.otm-r.com	uuidksinc.net
2	dmg.digitaltarget.ru	1 redirects uuidksinc.net
2	mc.yandex.ru	1 redirects microsoft-publisher.ru
2	adservice.google.com	pagead2.googlesyndication.com
2	yastatic.net	microsoft-publisher.ru
1	z.cdn.adpool.bet	uuidksinc.net
1	fcgi.gnezdo.ru	uuidksinc.net
1	cm.g.doubleclick.net	1 redirects
1	356c4fa1-0a1d-4363-9eac-525bbea67822.mitdmp.whiteboxdigital.ru	1 redirects
1	dm.hybrid.ai	uuidksinc.net
1	sync.mgid.com	uuidksinc.net
1	ssp1.rtb.beeline.ru	uuidksinc.net
1	recreativ.ru	uuidksinc.net
1	uuidksinc.net	pushiti.info
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	s.uuidksinc.net	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
0	ads.go2net.com.ua Failed	uuidksinc.net
0	zefirgood1.ru Failed	uuidksinc.net
187	41

This site contains links to these domains. Also see Links.

Domain
go.click2bit.net
vk.com
www.facebook.com
connect.ok.ru
connect.mail.ru
twitter.com
ru.pngtree.com

Subject Issuer	Validity	Valid
microsoft-publisher.ru R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.yastatic.net Yandex CA	`2021-08-18` - `2022-02-16`	6 months	crt.sh
pushiti.info R3	`2021-09-23` - `2021-12-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
uuidksinc.net R3	`2021-08-17` - `2021-11-15`	3 months	crt.sh
dmg.digitaltarget.ru R3	`2021-08-17` - `2021-11-15`	3 months	crt.sh
*.recreativ.ru Thawte RSA CA 2018	`2021-08-23` - `2022-09-06`	a year	crt.sh
*.rtb.beeline.ru Sectigo RSA Domain Validation Secure Server CA	`2020-06-23` - `2022-06-24`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
sync.dmp.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-18` - `2022-06-18`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
*.bumlam.com R3	`2021-09-13` - `2021-12-12`	3 months	crt.sh
bs.yandex.ru Yandex CA	`2021-05-31` - `2021-11-29`	6 months	crt.sh
*.mitdmp.whiteboxdigital.ru Sectigo RSA Domain Validation Secure Server CA	`2020-02-19` - `2022-02-19`	2 years	crt.sh
fcgi5.gnezdo.ru R3	`2021-09-10` - `2021-12-09`	3 months	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-19` - `2021-12-20`	a year	crt.sh
*.cdn.adpool.bet Sectigo RSA Domain Validation Secure Server CA	`2021-04-16` - `2022-04-16`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://microsoft-publisher.ru/
Frame ID: 87182B8403BA2588EAC330CA6C31A8A5
Requests: 78 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20190131/zrt_lookup.html
Frame ID: F05FB99100A1EA0EDB502877D4E795B5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&adk=1812271804&adf=3025194257&lmt=1633513848&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513848574&bpp=53&bdt=135&idt=137&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3830334049277&frm=20&pv=2&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&pvsid=699467853742933&pem=345&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=153
Frame ID: 4DDD2486B303BEA0909CBB70D80843C8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=200&slotname=3433503542&adk=2905479100&adf=2814042660&pi=t.ma~as.3433503542&w=804&fwrn=4&lmt=1633513848&rafmt=11&psa=0&format=804x200&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513848654&bpp=2&bdt=215&idt=80&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&pvsid=699467853742933&pem=345&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k7ymnhlowA&p=https%3A//microsoft-publisher.ru&dtd=85
Frame ID: F23B962CE74800758C2B03A2E5ECEE76
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=200&slotname=3433503542&adk=2905479100&adf=651698199&pi=t.ma~as.3433503542&w=804&fwrn=4&lmt=1633513848&rafmt=11&psa=0&format=804x200&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513848764&bpp=1&bdt=325&idt=2&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C804x200&nras=1&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=3509&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&pvsid=699467853742933&pem=345&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rUtbhmrQ26&p=https%3A//microsoft-publisher.ru&dtd=30
Frame ID: 32DF80EEF3DC25FE9A818BE8F2FF561E
Requests: 15 HTTP requests in this frame

Frame: https://www.youtube.com/embed/cO1ynpysMXA?ecver=2
Frame ID: CF439B379DF004BC54A2E77243756153
Requests: 19 HTTP requests in this frame

Frame: https://pushiti.info/js/cs?uuid=9a1abded-9e33-4abf-b4fe-2200f98193c9&oid=jb3B2SI1wnbG0luKECgm
Frame ID: C9F530E4436BB3F8BC14B3E6C9C951A7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/y_GpSJCDeJUhy2edwqiqULXjheMgRVI09JfpD4O8H0g.js
Frame ID: B74D87DB8B9D9D9BA9DF626258AE9750
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 6004F8E85482FBC615E374257B0E809A
Requests: 2 HTTP requests in this frame

Frame: https://uuidksinc.net/matchx.html
Frame ID: 3F66AB6B66A75EC4A52DC8B1CC55264E
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/y_GpSJCDeJUhy2edwqiqULXjheMgRVI09JfpD4O8H0g.js
Frame ID: 897317AA0E2479189C2290CA0879104B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=280&adk=1717982147&adf=2675177840&pi=t.aa~a.1982158950~i.16~rp.4&w=804&fwrn=4&fwrnh=100&lmt=1633513849&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6754752948&psa=1&ad_type=text_image&format=804x280&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=803&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513849905&bpp=2&bdt=1466&idt=2&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1201cb0df8d32708-22ddf035e8ca0078%3AT%3D1633513848%3ART%3D1633513848%3AS%3DALNI_MbzgcJzVhMeTv55xxvL_-IxDDCszg&prev_fmts=0x0%2C804x200%2C804x200&nras=2&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=2743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&psts=AGkb-H8W0srugoIHBQKbB4jaTdsuPxzz13b26qC0BNx0r0cTATAjDnRLBfy9Vy0e9svMBOoWMRR0WsbFMmk%2CAGkb-H_aZ5lyr-TEiQ0HptUhYbkePNW2Nj8byS5d9SVfPMvDnMFwvBhtF-YUNlIN5Uz8QLbFGgPS5x-Z7i3OTA&pvsid=699467853742933&pem=345&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=eSfzqP9JZ0&p=https%3A//microsoft-publisher.ru&dtd=14
Frame ID: E0E9BBB95F2A4B2AAC8275DEFC5F759F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8AF5B5D70310FAB972256DFE66848AD9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1
Frame ID: A8EBE94393A005BF1BA3B99490DCBC8F
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 59E7DE72F437CE791A867BC1FE79DB11
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 2B5661487878420D916AAB76A6FD10B3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 23813F5A6C8A5B39F20C0F3FFE647FA3
Requests: 2 HTTP requests in this frame

Frame: https://p4-fqqw2us4toa6s-tcvgclw72cs47wtf-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 3DFE1B8BA3571067F70B0E3B7CEB6CF3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/index.html
Frame ID: 1E91446D6B8F7F933C4756B0EADDFA77
Requests: 6 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26466194.314208247;dc_pre=CODu8qbBtfMCFc9k4AodFCUFTw;dc_trk_aid=506904076;dc_trk_cid=157806424;ord=2585100895;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Frame ID: 8922D97322BBD2299F6DCD45DA467FA9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/y_GpSJCDeJUhy2edwqiqULXjheMgRVI09JfpD4O8H0g.js
Frame ID: EDF255B0EF6B8D3456EAA105162D722A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Microsoft office publisher скачать бесплатно

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

prettyPhoto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)

Page Statistics

187
Requests

99 %
HTTPS

0 %
IPv6

31
Domains

41
Subdomains

32
IPs

5
Countries

5371 kB
Transfer

9982 kB
Size

37
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://go.click2bit.net/r/aca203cab509bbe64795aa7ec426039f?dpl=https://microsoft-publisher.ru/wp-content/uploads/2018/01/Microsoft-Office-2016.zip&extra2=Microsoft%20Office
Title: Скачать Microsoft publisher

Search URL Search Domain Scan URL

URL: https://vk.com/share.php?url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&title=Microsoft%20office%20publisher%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&utm_source=share2
Title: ВКонтакте

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?src=sp&u=https%3A%2F%2Fmicrosoft-publisher.ru%2F&title=Microsoft%20office%20publisher%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&utm_source=share2
Title: Facebook

Search URL Search Domain Scan URL

URL: https://connect.ok.ru/offer?url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&title=Microsoft%20office%20publisher%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&utm_source=share2
Title: Одноклассники

Search URL Search Domain Scan URL

URL: https://connect.mail.ru/share?url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&title=Microsoft%20office%20publisher%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&utm_source=share2
Title: Мой Мир

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Microsoft%20office%20publisher%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&utm_source=share2
Title: Twitter

Search URL Search Domain Scan URL

URL: https://ru.pngtree.com/templates/publisher
Title: 260 бесплатных шаблонов для Microsoft publisher

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://pushiti.info/js/cs?uuid=9a1abded-9e33-4abf-b4fe-2200f98193c9 HTTP 302
https://s.uuidksinc.net/match/433/9a1abded-9e33-4abf-b4fe-2200f98193c9?cb_url=https%3A%2F%2Fpushiti.info%2Fjs%2Fcs%3Fuuid%3D9a1abded-9e33-4abf-b4fe-2200f98193c9%26oid%3D%5BUID%5D HTTP 302
https://pushiti.info/js/cs?uuid=9a1abded-9e33-4abf-b4fe-2200f98193c9&oid=jb3B2SI1wnbG0luKECgm

Request Chain 81

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9418.Fbr6uSohwu5MYsnC8ujRvz5uwHDWY-2j7p8alThPgck5kyNr5x6x4njoxKaHxFrv.8Ywfc_74IHTLtBvyZqJK-TdkUyA%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9418.lRoOAZNNb2LUNywPY3H_kvyK9BBAqFYzJRb1cAxAcWzh4sZDFEf--IGfhGxab5EYQNd-bgtiDC3mt7hxK5e9Xg%2C%2C.yDEWHRzAc1zbWy0VTxYXm8_fMBY%2C

Request Chain 83

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 92

https://mc.yandex.com/watch/26812653?wmode=7&page-url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22b%2Fh%2Fj%2Fk%2Fk%2Fk%2Fk%2Fl%2Ft%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A2%3Adp%3A1%3Als%3A725689648897%3Ahid%3A496143782%3Az%3A0%3Ai%3A202101006095049%3Aet%3A1633513849%3Ac%3A1%3Arn%3A2223990%3Arqn%3A1%3Au%3A1633513849110040230%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633513847997%3Ads%3A58%2C90%2C289%2C2%2C0%2C0%2C%2C387%2C29%2C%2C%2C%2C829%3Adsn%3A58%2C90%2C289%2C2%2C0%2C0%2C%2C389%2C29%2C%2C%2C%2C829%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633513849%3At%3AMicrosoft%20office%20publisher%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE HTTP 302
https://mc.yandex.com/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22b%2Fh%2Fj%2Fk%2Fk%2Fk%2Fk%2Fl%2Ft%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A2%3Adp%3A1%3Als%3A725689648897%3Ahid%3A496143782%3Az%3A0%3Ai%3A202101006095049%3Aet%3A1633513849%3Ac%3A1%3Arn%3A2223990%3Arqn%3A1%3Au%3A1633513849110040230%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633513847997%3Ads%3A58%2C90%2C289%2C2%2C0%2C0%2C%2C387%2C29%2C%2C%2C%2C829%3Adsn%3A58%2C90%2C289%2C2%2C0%2C0%2C%2C389%2C29%2C%2C%2C%2C829%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633513849%3At%3AMicrosoft%20office%20publisher%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE

Request Chain 93

https://mc.yandex.com/watch/46922646?wmode=7&page-url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A721342873758%3Ahid%3A496143782%3Az%3A0%3Ai%3A202101006095049%3Aet%3A1633513849%3Ac%3A1%3Arn%3A166232465%3Arqn%3A1%3Au%3A1633513849110040230%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633513847997%3Ads%3A58%2C90%2C289%2C2%2C0%2C0%2C%2C387%2C29%2C%2C%2C%2C829%3Adsn%3A58%2C90%2C289%2C2%2C0%2C0%2C%2C389%2C29%2C%2C%2C%2C829%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633513849%3At%3AMicrosoft%20office%20publisher%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE HTTP 302
https://mc.yandex.com/watch/46922646/1?wmode=7&page-url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A721342873758%3Ahid%3A496143782%3Az%3A0%3Ai%3A202101006095049%3Aet%3A1633513849%3Ac%3A1%3Arn%3A166232465%3Arqn%3A1%3Au%3A1633513849110040230%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633513847997%3Ads%3A58%2C90%2C289%2C2%2C0%2C0%2C%2C387%2C29%2C%2C%2C%2C829%3Adsn%3A58%2C90%2C289%2C2%2C0%2C0%2C%2C389%2C29%2C%2C%2C%2C829%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633513849%3At%3AMicrosoft%20office%20publisher%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE

Request Chain 122

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 129

https://dmg.digitaltarget.ru/1/6573/i/i?a=662&e=jb3B2SI1wnbG0luKECgm&i=0.6108726574325503 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&a=662&e=jb3B2SI1wnbG0luKECgm&i=0.6108726574325503

Request Chain 136

https://sync.bumlam.com/?src=bc2&uid=jb3B2SI1wnbG0luKECgm HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABj54vWKBlIFj9qG2QtiFGpiM0IyU0kxd25iRzBsdUtFQ2dt HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARj54vWKBlIFj9qG2QtiFGpiM0IyU0kxd25iRzBsdUtFQ2dtogEQ4w1M7CaKEeyG4AAlkMBkfA** HTTP 302
https://sync.bumlam.com/?src=bc2&s_data=CAIQABj54vWKBmIUamIzQjJTSTF3bmJHMGx1S0VDZ22iARDjDUzsJooR7IbgACWQwGR8 HTTP 302
https://sync.bumlam.com/?src=bc2&s_data=CAIQARj54vWKBmIUamIzQjJTSTF3bmJHMGx1S0VDZ22iARDjDUzsJooR7IbgACWQwGR8

Request Chain 137

https://match.new-programmatic.com/userbind?src=rtw&id=jb3B2SI1wnbG0luKECgm HTTP 302
https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
https://an.yandex.ru/setud/target_rtb/?sign=1456593635 HTTP 302
https://an.yandex.ru/setud/target_rtb/?redir-setuniq=1&sign=1456593635

Request Chain 138

https://match.new-programmatic.com/userbind?src=rtw_native&pbf=1&fid=rtw/jb3B2SI1wnbG0luKECgm HTTP 302
https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
https://an.yandex.ru/setud/target_rtb/?sign=1456593635 HTTP 302
https://an.yandex.ru/setud/target_rtb/?redir-setuniq=1&sign=1456593635

Request Chain 139

https://mitdmp.whiteboxdigital.ru/pixel?source=nttechnology&id=jb3B2SI1wnbG0luKECgm&redirect=true HTTP 302
https://356c4fa1-0a1d-4363-9eac-525bbea67822.mitdmp.whiteboxdigital.ru/redirect?miid=356c4fa1-0a1d-4363-9eac-525bbea67822 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediainstinctgroup&google_cm HTTP 302
https://mitdmp.whiteboxdigital.ru/pixel/google?google_gid=CAESEBq9I7iXevA6ipQGxzJ9zVY&google_cver=1&google_cver=1

Request Chain 141

https://ads.betweendigital.com/match?bidder_id=38&external_user_id=jb3B2SI1wnbG0luKECgm HTTP 302
https://ads.betweendigital.com/match?bidder_id=38&external_user_id=jb3B2SI1wnbG0luKECgm&crf=1

Request Chain 144

https://an.yandex.ru/mapuid/kadamis/jb3B2SI1wnbG0luKECgm HTTP 302
https://an.yandex.ru/mapuid/kadamis/jb3B2SI1wnbG0luKECgm?redir-setuniq=1

Request Chain 177

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26466194.314208247;dc_trk_aid=506904076;dc_trk_cid=157806424;ord=2585100895;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26466194.314208247;dc_pre=CODu8qbBtfMCFc9k4AodFCUFTw;dc_trk_aid=506904076;dc_trk_cid=157806424;ord=2585100895;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 185

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 186

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

187 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
microsoft-publisher.ru/ 90 KB
22 KB 438ms
290ms Document
text/html 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 / PHP/5.6.40

Resource Hash

e4b762f064899f992dda720bd996cd8ecbb9de279d479b48c7257b163c5d1c6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:method: GET
:authority: microsoft-publisher.ru
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx/1.20.1
date: Wed, 06 Oct 2021 09:50:48 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.6.40
strict-transport-security: max-age=31536000;
content-encoding: gzip

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 69ms
33ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

5e3678ae95d755c4dc95fc8870f3a1bfc1e40d365856a7492d975e47e916a165

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51224
x-xss-protection: 0
server: cafe
etag: 15549851665632246918
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 06 Oct 2021 09:50:48 GMT

GET
H2 200 fancybox.css
microsoft-publisher.ru/wp-content/plugins/fancybox-for-wordpress/fancybox/ 7 KB
2 KB 51ms
48ms Stylesheet
text/css 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-content/plugins/fancybox-for-wordpress/fancybox/fancybox.css?ver=4.8.17

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

b1730289ee994a39aaff1b676f8b5895396e6f4abf56e909c4f0fd5b5140a2f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/plugins/fancybox-for-wordpress/fancybox/fancybox.css?ver=4.8.17
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
last-modified: Mon, 02 Jul 2018 10:30:21 GMT
server: nginx/1.20.1
etag: W/"5b39febd-1a43"
strict-transport-security: max-age=31536000;
content-type: text/css

GET
H2 200 css.css
microsoft-publisher.ru/wp-content/plugins/kk-star-ratings/ 1 KB
635 B 55ms
52ms Stylesheet
text/css 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-content/plugins/kk-star-ratings/css.css?ver=2.6.1

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

82335d700be1c3a6d05a27a73f914d65c41a20f974c8e3dc5765f79ddfcadbb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/plugins/kk-star-ratings/css.css?ver=2.6.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
last-modified: Mon, 02 Jul 2018 10:30:21 GMT
server: nginx/1.20.1
etag: W/"5b39febd-582"
strict-transport-security: max-age=31536000;
content-type: text/css

GET
H2 200 style.css
microsoft-publisher.ru/wp-content/themes/pasyanskosinka/ 295 B
453 B 58ms
55ms Stylesheet
text/css 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-content/themes/pasyanskosinka/style.css?ver=17.1.1

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

113d1ca6113628771fa683b49d56df76975d5bdba84fe0d4b567f6587796b5fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/themes/pasyanskosinka/style.css?ver=17.1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
last-modified: Mon, 02 Jul 2018 10:30:21 GMT
server: nginx/1.20.1
etag: "5b39febd-127"
strict-transport-security: max-age=31536000;
content-type: text/css
accept-ranges: bytes
content-length: 295

GET
H2 200 base.css
microsoft-publisher.ru/wp-content/themes/pasyanskosinka/css/ 51 KB
12 KB 62ms
59ms Stylesheet
text/css 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-content/themes/pasyanskosinka/css/base.css?ver=17.1.1

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

4c35ff03fabb6d5bdc56adf3ced949eb10e0448ab0998b7e3af5ac6c0e566e45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/themes/pasyanskosinka/css/base.css?ver=17.1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
last-modified: Mon, 02 Jul 2018 10:30:22 GMT
server: nginx/1.20.1
etag: W/"5b39febe-cb49"
strict-transport-security: max-age=31536000;
content-type: text/css

GET
H2 200 layout.css
microsoft-publisher.ru/wp-content/themes/pasyanskosinka/css/ 111 KB
23 KB 94ms
91ms Stylesheet
text/css 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-content/themes/pasyanskosinka/css/layout.css?ver=17.1.1

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

d58c1d6840aa34046fd7a04a92ea81699e1c33dc0bfaf72e1159912f43679344

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/themes/pasyanskosinka/css/layout.css?ver=17.1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
last-modified: Mon, 02 Jul 2018 10:30:22 GMT
server: nginx/1.20.1
etag: W/"5b39febe-1bcdf"
strict-transport-security: max-age=31536000;
content-type: text/css

GET
H2 200 shortcodes.css
microsoft-publisher.ru/wp-content/themes/pasyanskosinka/css/ 134 KB
26 KB 105ms
102ms Stylesheet
text/css 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-content/themes/pasyanskosinka/css/shortcodes.css?ver=17.1.1

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

9728ed3ae3a88626b1ec71c41136534a713e37348b85a62bd2a4f16e01c44beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/themes/pasyanskosinka/css/shortcodes.css?ver=17.1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
last-modified: Mon, 02 Jul 2018 10:30:22 GMT
server: nginx/1.20.1
etag: W/"5b39febe-218bf"
strict-transport-security: max-age=31536000;
content-type: text/css

GET
H2 200 jquery.ui.all.css
microsoft-publisher.ru/wp-content/themes/pasyanskosinka/assets/ui/ 19 KB
4 KB 109ms
107ms Stylesheet
text/css 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-content/themes/pasyanskosinka/assets/ui/jquery.ui.all.css?ver=17.1.1

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

231da2e502aa3aff1a1cbbacc451848edcb3fe7db0901d407505a9a704a17720

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/themes/pasyanskosinka/assets/ui/jquery.ui.all.css?ver=17.1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
last-modified: Mon, 02 Jul 2018 10:30:23 GMT
server: nginx/1.20.1
etag: W/"5b39febf-4c90"
strict-transport-security: max-age=31536000;
content-type: text/css

GET
H2 200 prettyPhoto.css
microsoft-publisher.ru/wp-content/themes/pasyanskosinka/assets/prettyPhoto/ 18 KB
3 KB 110ms
107ms Stylesheet
text/css 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-content/themes/pasyanskosinka/assets/prettyPhoto/prettyPhoto.css?ver=17.1.1

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

43a19f940f46c4d62b4ebd581d263575a774143d9533c921164fc9f487542167

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/themes/pasyanskosinka/assets/prettyPhoto/prettyPhoto.css?ver=17.1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
last-modified: Mon, 02 Jul 2018 10:30:23 GMT
server: nginx/1.20.1
etag: W/"5b39febf-47d4"
strict-transport-security: max-age=31536000;
content-type: text/css

GET
H2 200 jplayer.blue.monday.css
microsoft-publisher.ru/wp-content/themes/pasyanskosinka/assets/jplayer/css/ 10 KB
3 KB 110ms
108ms Stylesheet
text/css 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-content/themes/pasyanskosinka/assets/jplayer/css/jplayer.blue.monday.css?ver=17.1.1

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

a1e683ed3c4b45135db0b27f0e206ccf3c819a014d00e2342278aa98b6f753bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/themes/pasyanskosinka/assets/jplayer/css/jplayer.blue.monday.css?ver=17.1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
last-modified: Mon, 02 Jul 2018 10:30:23 GMT
server: nginx/1.20.1
etag: W/"5b39febf-27a1"
strict-transport-security: max-age=31536000;
content-type: text/css

GET
H2 200 responsive.css
microsoft-publisher.ru/wp-content/themes/pasyanskosinka/css/ 53 KB
11 KB 110ms
108ms Stylesheet
text/css 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-content/themes/pasyanskosinka/css/responsive.css?ver=17.1.1

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

d78ec15b8edb36052c8e6ffa44b6e46b5b7ff45a25a5c80028d5aa1bfb48be6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/themes/pasyanskosinka/css/responsive.css?ver=17.1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
last-modified: Mon, 02 Jul 2018 10:30:22 GMT
server: nginx/1.20.1
etag: W/"5b39febe-d5a8"
strict-transport-security: max-age=31536000;
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 2 KB
588 B 40ms
17ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A1%2C200&ver=4.8.17

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 09:50:48 GMT
server: ESF
date: Wed, 06 Oct 2021 09:50:48 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 06 Oct 2021 09:50:48 GMT

GET
H2 200 css
fonts.googleapis.com/ 371 B
1 KB 39ms
16ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Patua+One%3A1%2C200&ver=4.8.17

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

665ae35d84b1a09363dc091ce0eae522216cf48ce0fdf5d9bab8378ab4b8e314

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 09:50:48 GMT
server: ESF
date: Wed, 06 Oct 2021 09:50:48 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 06 Oct 2021 09:50:48 GMT

GET
H2 200 jquery.js Show response
microsoft-publisher.ru/wp-includes/js/jquery/ 95 KB
36 KB 110ms
108ms Script
application/javascript 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-includes/js/jquery/jquery.js?ver=1.12.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
last-modified: Thu, 05 Sep 2019 11:17:43 GMT
server: nginx/1.20.1
etag: W/"5d70eed7-17a6a"
strict-transport-security: max-age=31536000;
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
microsoft-publisher.ru/wp-includes/js/jquery/ 10 KB
4 KB 110ms
108ms Script
application/javascript 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
last-modified: Mon, 02 Jul 2018 10:30:21 GMT
server: nginx/1.20.1
etag: W/"5b39febd-2748"
strict-transport-security: max-age=31536000;
content-type: application/javascript

GET
H2 200 jquery.fancybox.js Show response
microsoft-publisher.ru/wp-content/plugins/fancybox-for-wordpress/fancybox/ 16 KB
6 KB 110ms
109ms Script
application/javascript 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-content/plugins/fancybox-for-wordpress/fancybox/jquery.fancybox.js?ver=1.3.8

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

a95b8245eac029e48d83ca01f79dc362c3ab820fd87f3793a95776a18ce30878

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/plugins/fancybox-for-wordpress/fancybox/jquery.fancybox.js?ver=1.3.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
last-modified: Mon, 02 Jul 2018 10:30:21 GMT
server: nginx/1.20.1
etag: W/"5b39febd-3ff5"
strict-transport-security: max-age=31536000;
content-type: application/javascript

GET
H2 200 js.min.js Show response
microsoft-publisher.ru/wp-content/plugins/kk-star-ratings/ 4 KB
2 KB 110ms
109ms Script
application/javascript 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-content/plugins/kk-star-ratings/js.min.js?ver=2.6.1

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

a7882dd9f63b6bd7e72fe6ebea3a4b11abac664511c866fb56ed41856d249c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/plugins/kk-star-ratings/js.min.js?ver=2.6.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
last-modified: Mon, 02 Jul 2018 10:30:21 GMT
server: nginx/1.20.1
etag: W/"5b39febd-1133"
strict-transport-security: max-age=31536000;
content-type: application/javascript

GET
H2 200 pub-logo.jpg
microsoft-publisher.ru/wp-content/uploads/2017/11/ 8 KB
8 KB 124ms
121ms Image
image/jpeg 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoft-publisher.ru/wp-content/uploads/2017/11/pub-logo.jpg

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

3091999fa64e6d8628576b834438f485cd2fefdf74e6519bbfdeafb775bac2c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/uploads/2017/11/pub-logo.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
last-modified: Mon, 02 Jul 2018 10:30:23 GMT
server: nginx/1.20.1
etag: "5b39febf-2123"
strict-transport-security: max-age=31536000;
content-type: image/jpeg
accept-ranges: bytes
content-length: 8483

GET
H2 200 microsoft-publisher2013.png
microsoft-publisher.ru/wp-content/uploads/2017/11/ 21 KB
21 KB 129ms
126ms Image
image/png 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoft-publisher.ru/wp-content/uploads/2017/11/microsoft-publisher2013.png

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

796ed2b64cee3c702a05b293c92fd9547f5ced537ee6dd275ae193eb5778f432

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/uploads/2017/11/microsoft-publisher2013.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
last-modified: Fri, 05 Oct 2018 12:37:23 GMT
server: nginx/1.20.1
etag: "5bb75b03-5371"
strict-transport-security: max-age=31536000;
content-type: image/png
accept-ranges: bytes
content-length: 21361

GET
H2 200 microsoft-publisher2010.png
microsoft-publisher.ru/wp-content/uploads/2017/11/ 34 KB
35 KB 133ms
130ms Image
image/png 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoft-publisher.ru/wp-content/uploads/2017/11/microsoft-publisher2010.png

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

81b6bac43cdf676386eb730834a35e810178a31ebf861d100b50bd19cbbc57f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/uploads/2017/11/microsoft-publisher2010.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
last-modified: Fri, 05 Oct 2018 12:37:24 GMT
server: nginx/1.20.1
etag: "5bb75b04-8989"
strict-transport-security: max-age=31536000;
content-type: image/png
accept-ranges: bytes
content-length: 35209

GET
H2 200 microsoft-publisher2007.png
microsoft-publisher.ru/wp-content/uploads/2017/11/ 30 KB
31 KB 137ms
134ms Image
image/png 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoft-publisher.ru/wp-content/uploads/2017/11/microsoft-publisher2007.png

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

d8a4093a9b1419038de4552fe86958684693d62421ba9c5c0e029fea1acb99ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/uploads/2017/11/microsoft-publisher2007.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
last-modified: Fri, 05 Oct 2018 12:37:25 GMT
server: nginx/1.20.1
etag: "5bb75b05-79e3"
strict-transport-security: max-age=31536000;
content-type: image/png
accept-ranges: bytes
content-length: 31203

GET
H2 200 microsoft-publisher2003.png
microsoft-publisher.ru/wp-content/uploads/2017/11/ 26 KB
27 KB 141ms
139ms Image
image/png 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoft-publisher.ru/wp-content/uploads/2017/11/microsoft-publisher2003.png

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

5ca44547041e1ad24ca02317569838d34d272cb942ed73d70043cbb299564f3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/uploads/2017/11/microsoft-publisher2003.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
last-modified: Fri, 05 Oct 2018 12:37:25 GMT
server: nginx/1.20.1
etag: "5bb75b05-6975"
strict-transport-security: max-age=31536000;
content-type: image/png
accept-ranges: bytes
content-length: 26997

GET
H2 200 %D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D1%82%D1%8C-microsoft-publisher.png
microsoft-publisher.ru/wp-content/uploads/2017/11/ 249 KB
250 KB 146ms
143ms Image
image/png 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoft-publisher.ru/wp-content/uploads/2017/11/%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D1%82%D1%8C-microsoft-publisher.png

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

f72cfc97b81f9a7707772f0fde9be6b9ed9e82d4efc604ec3128d6be4be0d322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/uploads/2017/11/%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D1%82%D1%8C-microsoft-publisher.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
last-modified: Mon, 02 Jul 2018 10:30:23 GMT
server: nginx/1.20.1
etag: "5b39febf-3e47c"
strict-transport-security: max-age=31536000;
content-type: image/png
accept-ranges: bytes
content-length: 255100

GET
H2 200 %D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D1%82%D1%8C-microsoft-publisher2.png
microsoft-publisher.ru/wp-content/uploads/2017/11/ 192 KB
193 KB 180ms
178ms Image
image/png 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoft-publisher.ru/wp-content/uploads/2017/11/%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D1%82%D1%8C-microsoft-publisher2.png

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

afeb6fcf7ab613d220ecd3ceffbebba402177e82aac81ea3cb5bd98c15c59254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/uploads/2017/11/%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D1%82%D1%8C-microsoft-publisher2.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
last-modified: Mon, 02 Jul 2018 10:30:23 GMT
server: nginx/1.20.1
etag: "5b39febf-301af"
strict-transport-security: max-age=31536000;
content-type: image/png
accept-ranges: bytes
content-length: 197039

GET
H2 200 %D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D1%82%D1%8C-microsoft-publisher3.png
microsoft-publisher.ru/wp-content/uploads/2017/11/ 415 KB
416 KB 190ms
188ms Image
image/png 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoft-publisher.ru/wp-content/uploads/2017/11/%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D1%82%D1%8C-microsoft-publisher3.png

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

b511794d0b67ce04c130a35dee6d489b02b4354d53682b405079262aeae892af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/uploads/2017/11/%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D1%82%D1%8C-microsoft-publisher3.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
last-modified: Mon, 02 Jul 2018 10:30:23 GMT
server: nginx/1.20.1
etag: "5b39febf-67d3f"
strict-transport-security: max-age=31536000;
content-type: image/png
accept-ranges: bytes
content-length: 425279

GET
H2 200 %D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D1%82%D1%8C-microsoft-publisher4.png
microsoft-publisher.ru/wp-content/uploads/2017/11/ 370 KB
370 KB 229ms
226ms Image
image/png 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoft-publisher.ru/wp-content/uploads/2017/11/%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D1%82%D1%8C-microsoft-publisher4.png

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

d496d63500e496520260e577ff9381e8ac80b01b61c0156a31c60c50c9654492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/uploads/2017/11/%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D1%82%D1%8C-microsoft-publisher4.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
last-modified: Mon, 02 Jul 2018 10:30:23 GMT
server: nginx/1.20.1
etag: "5b39febf-5c72e"
strict-transport-security: max-age=31536000;
content-type: image/png
accept-ranges: bytes
content-length: 378670

GET
H2 200 %D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D1%82%D1%8C-microsoft-publisher5.png
microsoft-publisher.ru/wp-content/uploads/2017/11/ 316 KB
316 KB 229ms
227ms Image
image/png 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoft-publisher.ru/wp-content/uploads/2017/11/%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D1%82%D1%8C-microsoft-publisher5.png

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

0224aed555975db256c9aef36b242bb8b34cdcbe900fe393c3adf1ffd1b55f99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/uploads/2017/11/%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D1%82%D1%8C-microsoft-publisher5.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
last-modified: Mon, 02 Jul 2018 10:30:23 GMT
server: nginx/1.20.1
etag: "5b39febf-4ef91"
strict-transport-security: max-age=31536000;
content-type: image/png
accept-ranges: bytes
content-length: 323473

GET
H2 200 %D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D1%82%D1%8C-microsoft-publisher6.png
microsoft-publisher.ru/wp-content/uploads/2017/11/ 406 KB
406 KB 229ms
227ms Image
image/png 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoft-publisher.ru/wp-content/uploads/2017/11/%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D1%82%D1%8C-microsoft-publisher6.png

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

f2a535095575a1fd4884d65ffbd588dc51c83792ad39acd3ee2c2cf3e1fc9303

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/uploads/2017/11/%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D1%82%D1%8C-microsoft-publisher6.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
last-modified: Mon, 02 Jul 2018 10:30:23 GMT
server: nginx/1.20.1
etag: "5b39febf-65769"
strict-transport-security: max-age=31536000;
content-type: image/png
accept-ranges: bytes
content-length: 415593

GET
H2 200 %D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D1%82%D1%8C-microsoft-publisher7.png
microsoft-publisher.ru/wp-content/uploads/2017/11/ 618 KB
619 KB 229ms
227ms Image
image/png 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoft-publisher.ru/wp-content/uploads/2017/11/%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D1%82%D1%8C-microsoft-publisher7.png

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

64f0b22b216347eaefcb48559f9998af44bc1daae94bc122728c8b88e2f2704a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/uploads/2017/11/%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D1%82%D1%8C-microsoft-publisher7.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
last-modified: Mon, 02 Jul 2018 10:30:23 GMT
server: nginx/1.20.1
etag: "5b39febf-9a978"
strict-transport-security: max-age=31536000;
content-type: image/png
accept-ranges: bytes
content-length: 633208

GET
H2 200 %D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D1%82%D1%8C-microsoft-publisher8.png
microsoft-publisher.ru/wp-content/uploads/2017/11/ 353 KB
354 KB 229ms
227ms Image
image/png 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoft-publisher.ru/wp-content/uploads/2017/11/%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D1%82%D1%8C-microsoft-publisher8.png

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

e2b327e0f82b6ba38526888f99858bbec5f2063c12631c2fba5cad4dd0e14185

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/uploads/2017/11/%D1%83%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%D1%82%D1%8C-microsoft-publisher8.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
last-modified: Mon, 02 Jul 2018 10:30:23 GMT
server: nginx/1.20.1
etag: "5b39febf-58570"
strict-transport-security: max-age=31536000;
content-type: image/png
accept-ranges: bytes
content-length: 361840

GET
H2 200 %D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%B5%D0%BD%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC.png
microsoft-publisher.ru/wp-content/uploads/2017/11/ 34 KB
34 KB 230ms
228ms Image
image/png 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoft-publisher.ru/wp-content/uploads/2017/11/%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%B5%D0%BD%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC.png

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

0b16358c57c499f08bd3f6071863eb766b635dc054b795e4dc934816f4750449

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/uploads/2017/11/%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%B5%D0%BD%D0%BE-%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
last-modified: Mon, 02 Jul 2018 10:30:23 GMT
server: nginx/1.20.1
etag: "5b39febf-8821"
strict-transport-security: max-age=31536000;
content-type: image/png
accept-ranges: bytes
content-length: 34849

GET
H2 200 es5-shims.min.js Show response
yastatic.net/es5-shims/0.0.2/ 3 KB
2 KB 100ms
29ms Script
application/x-javascript 178.154.131.217
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/es5-shims/0.0.2/es5-shims.min.js

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

40f09dcdb226fb60428bfe107e02f6c50db1561694264b0144e0155f9f3e4140

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: br
last-modified: Thu, 25 Oct 2018 11:27:00 GMT
server: nginx/1.17.9
etag: W/"32e3b4f3a8f6048da9934fec1ca08cea"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/x-javascript
access-control-allow-origin: *
expires: Fri, 08 Oct 2021 21:50:36 GMT
cache-control: public, max-age=216013
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: cf0df59a0d432157

GET
H2 200 share.js Show response
yastatic.net/share2/ 144 KB
39 KB 129ms
59ms Script
application/javascript 178.154.131.217
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/share2/share.js

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

8e96268766735ae11a87d1e3bea4e681b0b05e3afa54d79806dc1f550597fa15

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 24 May 2021 12:18:35 GMT
server: nginx/1.17.9
etag: W/"bcd00e6750a3b5b8b79248b4c2e87b60"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=216009
timing-allow-origin: *
expires: Fri, 08 Oct 2021 21:50:40 GMT

GET
H2 200 Microsoft-publisher.png
microsoft-publisher.ru/wp-content/uploads/2018/04/ 21 KB
22 KB 230ms
228ms Image
image/png 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoft-publisher.ru/wp-content/uploads/2018/04/Microsoft-publisher.png

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

b1df692f70253fc460a068a9aa7da434fdbb5c760fa61ebc9f4dd9f246b06087

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/uploads/2018/04/Microsoft-publisher.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
last-modified: Mon, 02 Jul 2018 10:30:23 GMT
server: nginx/1.20.1
etag: "5b39febf-5565"
strict-transport-security: max-age=31536000;
content-type: image/png
accept-ranges: bytes
content-length: 21861

GET
H2 200 core.min.js Show response
microsoft-publisher.ru/wp-includes/js/jquery/ui/ 4 KB
2 KB 51ms
48ms Script
application/javascript 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 19:22:50 GMT
server: nginx/1.20.1
etag: W/"6078928a-f59"
strict-transport-security: max-age=31536000;
content-type: application/javascript

GET
H2 200 widget.min.js Show response
microsoft-publisher.ru/wp-includes/js/jquery/ui/ 7 KB
3 KB 55ms
51ms Script
application/javascript 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

99ada7e01817367027759ac452a1dd11eca7557272b8940d659c07adb6bc8cbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 19:22:50 GMT
server: nginx/1.20.1
etag: W/"6078928a-1ab0"
strict-transport-security: max-age=31536000;
content-type: application/javascript

GET
H2 200 mouse.min.js Show response
microsoft-publisher.ru/wp-includes/js/jquery/ui/ 3 KB
1 KB 58ms
54ms Script
application/javascript 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

7e8d54d6c6a4ebd0237786d41ff5d205096eda696f2a5b591e074fe94ba3b3af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 19:22:50 GMT
server: nginx/1.20.1
etag: W/"6078928a-c46"
strict-transport-security: max-age=31536000;
content-type: application/javascript

GET
H2 200 sortable.min.js Show response
microsoft-publisher.ru/wp-includes/js/jquery/ui/ 24 KB
7 KB 61ms
58ms Script
application/javascript 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

a663ab38c017ac585de1d6bad65eedf34ba69d2ab5a8e9e2b515ae559e9ed665

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 19:22:50 GMT
server: nginx/1.20.1
etag: W/"6078928a-6102"
strict-transport-security: max-age=31536000;
content-type: application/javascript

GET
H2 200 tabs.min.js Show response
microsoft-publisher.ru/wp-includes/js/jquery/ui/ 12 KB
4 KB 65ms
60ms Script
application/javascript 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

af6dd3662512bb4d13849eefd579d23ad8b28152aa6bf822fcf652412fd0cebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-includes/js/jquery/ui/tabs.min.js?ver=1.11.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 19:22:50 GMT
server: nginx/1.20.1
etag: W/"6078928a-2eee"
strict-transport-security: max-age=31536000;
content-type: application/javascript

GET
H2 200 accordion.min.js Show response
microsoft-publisher.ru/wp-includes/js/jquery/ui/ 8 KB
3 KB 68ms
64ms Script
application/javascript 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

96b656700f9b4784f69af925f46ecc91caa7f444b3168ecbb64afe06f8fc4c99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-includes/js/jquery/ui/accordion.min.js?ver=1.11.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 19:22:50 GMT
server: nginx/1.20.1
etag: W/"6078928a-2172"
strict-transport-security: max-age=31536000;
content-type: application/javascript

GET
H2 200 plugins.js Show response
microsoft-publisher.ru/wp-content/themes/pasyanskosinka/js/ 192 KB
58 KB 73ms
69ms Script
application/javascript 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-content/themes/pasyanskosinka/js/plugins.js?ver=17.1.1

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

df9c1b792fdbf7048b9e5c00841e54a527ffd3a5dc4b5370203390f1c762634c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/themes/pasyanskosinka/js/plugins.js?ver=17.1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
last-modified: Mon, 02 Jul 2018 10:30:23 GMT
server: nginx/1.20.1
etag: W/"5b39febf-3014a"
strict-transport-security: max-age=31536000;
content-type: application/javascript

GET
H2 200 menu.js Show response
microsoft-publisher.ru/wp-content/themes/pasyanskosinka/js/ 2 KB
1 KB 82ms
78ms Script
application/javascript 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-content/themes/pasyanskosinka/js/menu.js?ver=17.1.1

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

9d3d90f939789eee6791294614fa2472015f8d1b28aa77fd48b1f18415c6cd6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/themes/pasyanskosinka/js/menu.js?ver=17.1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
last-modified: Mon, 02 Jul 2018 10:30:23 GMT
server: nginx/1.20.1
etag: W/"5b39febf-991"
strict-transport-security: max-age=31536000;
content-type: application/javascript

GET
H2 200 animations.min.js Show response
microsoft-publisher.ru/wp-content/themes/pasyanskosinka/assets/animations/ 2 KB
810 B 88ms
85ms Script
application/javascript 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-content/themes/pasyanskosinka/assets/animations/animations.min.js?ver=17.1.1

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

20fbf71645de91c6368d758f878b980c72bce11166a26902bc3e9625eac51833

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/themes/pasyanskosinka/assets/animations/animations.min.js?ver=17.1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
last-modified: Mon, 02 Jul 2018 10:30:23 GMT
server: nginx/1.20.1
etag: W/"5b39febf-768"
strict-transport-security: max-age=31536000;
content-type: application/javascript

GET
H2 200 jplayer.min.js Show response
microsoft-publisher.ru/wp-content/themes/pasyanskosinka/assets/jplayer/ 51 KB
14 KB 94ms
91ms Script
application/javascript 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-content/themes/pasyanskosinka/assets/jplayer/jplayer.min.js?ver=17.1.1

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

552825b186d7451e0bf6df23e2b78b333e0ccc81aea2dd19055a8adf4b9fe329

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/themes/pasyanskosinka/assets/jplayer/jplayer.min.js?ver=17.1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
last-modified: Mon, 02 Jul 2018 10:30:23 GMT
server: nginx/1.20.1
etag: W/"5b39febf-cdde"
strict-transport-security: max-age=31536000;
content-type: application/javascript

GET
H2 200 translate3d.js Show response
microsoft-publisher.ru/wp-content/themes/pasyanskosinka/js/parallax/ 7 KB
2 KB 101ms
97ms Script
application/javascript 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-content/themes/pasyanskosinka/js/parallax/translate3d.js?ver=17.1.1

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

473fbe193000b252278e08104106331b16cd71d1d671d52062d98b283a95b94e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/themes/pasyanskosinka/js/parallax/translate3d.js?ver=17.1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
last-modified: Mon, 02 Jul 2018 10:30:23 GMT
server: nginx/1.20.1
etag: W/"5b39febf-1a30"
strict-transport-security: max-age=31536000;
content-type: application/javascript

GET
H2 200 scripts.js Show response
microsoft-publisher.ru/wp-content/themes/pasyanskosinka/js/ 66 KB
14 KB 108ms
105ms Script
application/javascript 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-content/themes/pasyanskosinka/js/scripts.js?ver=17.1.1

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

dd47dd0f4280cfac2f643ffc1d8569fda980b7d66d7b7173f47d748352b5ba5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/themes/pasyanskosinka/js/scripts.js?ver=17.1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
last-modified: Mon, 02 Jul 2018 10:30:23 GMT
server: nginx/1.20.1
etag: W/"5b39febf-1091b"
strict-transport-security: max-age=31536000;
content-type: application/javascript

GET
H2 200 comment-reply.min.js Show response
microsoft-publisher.ru/wp-includes/js/ 1 KB
1 KB 114ms
111ms Script
application/javascript 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-includes/js/comment-reply.min.js?ver=4.8.17

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

6b2e2d56e7b0e80d919bc65dd94f8cd95e57ad9298fc4fecc005301ea8339c9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-includes/js/comment-reply.min.js?ver=4.8.17
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
last-modified: Thu, 15 Apr 2021 19:22:50 GMT
server: nginx/1.20.1
etag: "6078928a-434"
strict-transport-security: max-age=31536000;
content-type: application/javascript
accept-ranges: bytes
content-length: 1076

GET
H2 200 wp-embed.min.js Show response
microsoft-publisher.ru/wp-includes/js/ 1 KB
913 B 119ms
116ms Script
application/javascript 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-includes/js/wp-embed.min.js?ver=4.8.17

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

57dd85466749e869c5958a2652e548673557a2390ec68490a353916353ecc74e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=4.8.17
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 19:22:50 GMT
server: nginx/1.20.1
etag: W/"6078928a-56a"
strict-transport-security: max-age=31536000;
content-type: application/javascript

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/ 257 KB
95 KB 59ms
58ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

f28eef56b80f199deadd51753addbbfe6ab731312d0daa09573de6c749960d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97173
x-xss-protection: 0
server: cafe
etag: 2721350736796222760
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Oct 2021 09:50:48 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211004/r20190131/ Frame F05F 10 KB
5 KB 28ms
6ms Document
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211004/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211004/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://microsoft-publisher.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 06 Oct 2021 03:55:03 GMT
expires: Wed, 20 Oct 2021 03:55:03 GMT
content-type: text/html; charset=UTF-8
etag: 10398570473303663775
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4601
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 21345
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK push.js Show response
pushiti.info/ 46 KB
18 KB 88ms
48ms Script
application/javascript 88.208.46.27
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pushiti.info/push.js?utm_source=og&utm_campaign=5486&utm_content=&domain=microsoft-publisher.ru&proto=https:
Requested by: Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.27 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: ba74c9a82c6c5d11cfa5f7957109cd1aac1018be132ea12272e306fd217e0e62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Oct 2021 09:50:48 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 box_shadow.png
microsoft-publisher.ru/wp-content/themes/pasyanskosinka/images/ 108 B
266 B 226ms
226ms Image
image/png 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoft-publisher.ru/wp-content/themes/pasyanskosinka/images/box_shadow.png

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/wp-content/themes/pasyanskosinka/css/layout.css?ver=17.1.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

3f10d52942270b9e2da36af3915028bd73dfab3703bc13f060234cb0aa5bae2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/themes/pasyanskosinka/images/box_shadow.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/wp-content/themes/pasyanskosinka/css/layout.css?ver=17.1.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/wp-content/themes/pasyanskosinka/css/layout.css?ver=17.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
last-modified: Mon, 02 Jul 2018 10:30:23 GMT
server: nginx/1.20.1
etag: "5b39febf-6c"
strict-transport-security: max-age=31536000;
content-type: image/png
accept-ranges: bytes
content-length: 108

GET
H2 200 ZXuke1cDvLCKLDcimxB44_lu.woff2
fonts.gstatic.com/s/patuaone/v11/ 13 KB
13 KB 28ms
7ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/patuaone/v11/ZXuke1cDvLCKLDcimxB44_lu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Patua+One%3A1%2C200&ver=4.8.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

dae61770df65eb497fd0b6642465723e12a816fbcd027456b51da09e9bc9d7a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://microsoft-publisher.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 20:45:10 GMT
x-content-type-options: nosniff
age: 219938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12888
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:44:27 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Oct 2022 20:45:10 GMT

GET
H2 200 gray.png
microsoft-publisher.ru/wp-content/plugins/kk-star-ratings/ 364 B
523 B 193ms
193ms Image
image/png 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoft-publisher.ru/wp-content/plugins/kk-star-ratings/gray.png

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/wp-content/plugins/kk-star-ratings/css.css?ver=2.6.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

81cfd348c73fc29458213c0f67e0d677ed2fc17704501e45b7723fb18eac8607

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/plugins/kk-star-ratings/gray.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/wp-content/plugins/kk-star-ratings/css.css?ver=2.6.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/wp-content/plugins/kk-star-ratings/css.css?ver=2.6.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
last-modified: Mon, 02 Jul 2018 10:30:21 GMT
server: nginx/1.20.1
etag: "5b39febd-16c"
strict-transport-security: max-age=31536000;
content-type: image/png
accept-ranges: bytes
content-length: 364

GET
H2 200 yellow.png
microsoft-publisher.ru/wp-content/plugins/kk-star-ratings/ 370 B
529 B 193ms
192ms Image
image/png 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://microsoft-publisher.ru/wp-content/plugins/kk-star-ratings/yellow.png

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/wp-content/plugins/kk-star-ratings/css.css?ver=2.6.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

aee7369e2fbce98abcdd369c0c5447f676246721a2c69a9be4ad4efce89e1fa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/plugins/kk-star-ratings/yellow.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/wp-content/plugins/kk-star-ratings/css.css?ver=2.6.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/wp-content/plugins/kk-star-ratings/css.css?ver=2.6.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
last-modified: Mon, 02 Jul 2018 10:30:21 GMT
server: nginx/1.20.1
etag: "5b39febd-172"
strict-transport-security: max-age=31536000;
content-type: image/png
accept-ranges: bytes
content-length: 370

GET
H2 200 mfn-icons.woff
microsoft-publisher.ru/wp-content/themes/pasyanskosinka/fonts/ 79 KB
79 KB 261ms
260ms Font
application/font-woff 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-content/themes/pasyanskosinka/fonts/mfn-icons.woff?23391439

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/wp-content/themes/pasyanskosinka/css/base.css?ver=17.1.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 /

Resource Hash

f6134456d89988ada75cfdf21df40c6abdccccf01b48a669add0223f3fa38ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

:path: /wp-content/themes/pasyanskosinka/fonts/mfn-icons.woff?23391439
pragma: no-cache
origin: https://microsoft-publisher.ru
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/wp-content/themes/pasyanskosinka/css/base.css?ver=17.1.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://microsoft-publisher.ru/wp-content/themes/pasyanskosinka/css/base.css?ver=17.1.1
Origin: https://microsoft-publisher.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
last-modified: Mon, 02 Jul 2018 10:30:21 GMT
server: nginx/1.20.1
etag: "13afc-57001af3f6940"
strict-transport-security: max-age=31536000;
content-type: application/font-woff
accept-ranges: bytes
content-length: 80636

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 9 KB
9 KB 38ms
18ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A1%2C200&ver=4.8.17

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://microsoft-publisher.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:38:41 GMT
x-content-type-options: nosniff
age: 580327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Sep 2022 16:38:41 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 33ms
13ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A1%2C200&ver=4.8.17

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://microsoft-publisher.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 17:27:37 GMT
x-content-type-options: nosniff
age: 145391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 04 Oct 2022 17:27:37 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 212 B
407 B 45ms
15ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=microsoft-publisher.ru&callback=_gfp_s_&client=ca-pub-4384462875279714

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

368d60365336c75832681f1628065fd64b6bf380b10fd287062d2bb9ef143c39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 58ms
23ms Script
application/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=microsoft-publisher.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4DDD 220 KB
50 KB 1133ms
1119ms Document
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&adk=1812271804&adf=3025194257&lmt=1633513848&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513848574&bpp=53&bdt=135&idt=137&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3830334049277&frm=20&pv=2&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&pvsid=699467853742933&pem=345&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=153

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

8c47502ee30e29977f03420d110803e6bb7f7f26e3f916b7c1f8621ebbc88602

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4384462875279714&output=html&adk=1812271804&adf=3025194257&lmt=1633513848&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513848574&bpp=53&bdt=135&idt=137&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3830334049277&frm=20&pv=2&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&pvsid=699467853742933&pem=345&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=153
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://microsoft-publisher.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 06 Oct 2021 09:50:49 GMT
server: cafe
content-length: 51590
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 06-Oct-2021 10:05:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 06 Oct 2021 09:50:49 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F23B 92 KB
30 KB 545ms
542ms Document
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=200&slotname=3433503542&adk=2905479100&adf=2814042660&pi=t.ma~as.3433503542&w=804&fwrn=4&lmt=1633513848&rafmt=11&psa=0&format=804x200&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513848654&bpp=2&bdt=215&idt=80&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&pvsid=699467853742933&pem=345&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k7ymnhlowA&p=https%3A//microsoft-publisher.ru&dtd=85

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

1a71f3c8e1ee1d34db22d4fb1e06b3ec5fa0193923e7d11ad9cb17571a74e635

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4384462875279714&output=html&h=200&slotname=3433503542&adk=2905479100&adf=2814042660&pi=t.ma~as.3433503542&w=804&fwrn=4&lmt=1633513848&rafmt=11&psa=0&format=804x200&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513848654&bpp=2&bdt=215&idt=80&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&pvsid=699467853742933&pem=345&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k7ymnhlowA&p=https%3A//microsoft-publisher.ru&dtd=85
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://microsoft-publisher.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 06 Oct 2021 09:50:49 GMT
server: cafe
content-length: 30212
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 06-Oct-2021 10:05:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 06 Oct 2021 09:50:49 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 36ms
15ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

c72976d3b4c427a85952b5cea1ad2efafcc4b2dc6fdd9ef5a505e5e582e62928

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27601
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1632957222552500"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Oct 2021 09:50:48 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 32DF 81 KB
27 KB 653ms
652ms Document
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=200&slotname=3433503542&adk=2905479100&adf=651698199&pi=t.ma~as.3433503542&w=804&fwrn=4&lmt=1633513848&rafmt=11&psa=0&format=804x200&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513848764&bpp=1&bdt=325&idt=2&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C804x200&nras=1&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=3509&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&pvsid=699467853742933&pem=345&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rUtbhmrQ26&p=https%3A//microsoft-publisher.ru&dtd=30

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

39c5efb570df3250f92407eee13710e7f459632dc55eb239ad14244808d6635e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4384462875279714&output=html&h=200&slotname=3433503542&adk=2905479100&adf=651698199&pi=t.ma~as.3433503542&w=804&fwrn=4&lmt=1633513848&rafmt=11&psa=0&format=804x200&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513848764&bpp=1&bdt=325&idt=2&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C804x200&nras=1&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=3509&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&pvsid=699467853742933&pem=345&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rUtbhmrQ26&p=https%3A//microsoft-publisher.ru&dtd=30
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://microsoft-publisher.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 06 Oct 2021 09:50:49 GMT
server: cafe
content-length: 28031
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 06-Oct-2021 10:05:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 06 Oct 2021 09:50:49 GMT
cache-control: private

GET
H2 200 cO1ynpysMXA Show response
www.youtube.com/embed/ Frame CF43 55 KB
24 KB 113ms
92ms Document
text/html 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/cO1ynpysMXA?ecver=2

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

20d265df6a17c4f455e3b9dece885574374494afa44197ebac9d6ff89282d7e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/cO1ynpysMXA?ecver=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://microsoft-publisher.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 06 Oct 2021 09:50:48 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=mKfY_ZxNstA; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=4_nGk1JcLZs; Domain=.youtube.com; Expires=Mon, 04-Apr-2022 09:50:48 GMT; Path=/; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 131 KB
47 KB 127ms
62ms Script
application/javascript 87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

d5c91393fc42ed4d1234c6180d0bd54ab46c10bcac71822415902d5cec48163f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:48 GMT
content-encoding: br
last-modified: Wed, 06 Oct 2021 08:41:01 GMT
etag: "615d36ed-b968"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 47464
expires: Wed, 06 Oct 2021 10:50:48 GMT

POST
H2 200 admin-ajax.php Show response
microsoft-publisher.ru/wp-admin/ 228 B
563 B 316ms
316ms XHR
application/json 85.119.149.127
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-publisher.ru/wp-admin/admin-ajax.php

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.119.149.127 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

isp1.ru.fastfox.pro

Software

nginx/1.20.1 / PHP/5.6.40

Resource Hash

96bdec9b9c8a38da7f666279d4a226797b13d7f65fe57a4aabc3bb62d6cf3399

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://microsoft-publisher.ru
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: pmvid=9a1abded-9e33-4abf-b4fe-2200f98193c9
content-length: 49
:path: /wp-admin/admin-ajax.php
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: microsoft-publisher.ru
referer: https://microsoft-publisher.ru/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://microsoft-publisher.ru/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 06 Oct 2021 09:50:49 GMT
x-content-type-options: nosniff
server: nginx/1.20.1
x-powered-by: PHP/5.6.40
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://microsoft-publisher.ru
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=31536000;
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
DATA 200
OK truncated
/ 799 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2751eb32e3720b540ff8210d70e6af4c916a255ff05d96130d0125576b14afa5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 285 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ea8ef6a20a2f7307560b9fee2788613b13492d30582c95b6f57bc53383b68bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 595 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7a754dc68b051e1b18bbf37fc0f5557196bc8db1c5f1c31ce5d242ea5c95ed6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 603 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9be7e931e5978b27a1428050d2045f7759ae34424b2a60a021d57a7af6d981f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 520 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb2b18ff7b82cdbab0ba5f095448f16c159526ff504699042f8069f1a70ae7f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1

200
OK

Cookie set cs Show response
pushiti.info/js/ Frame C9F5
Redirect Chain

https://pushiti.info/js/cs?uuid=9a1abded-9e33-4abf-b4fe-2200f98193c9
https://s.uuidksinc.net/match/433/9a1abded-9e33-4abf-b4fe-2200f98193c9?cb_url=https%3A%2F%2Fpushiti.info%2Fjs%2Fcs%3Fuuid%3D9a1abded-9e33-4abf-b4fe-2200f98193c9%26oid%3D%5BUID%5D
https://pushiti.info/js/cs?uuid=9a1abded-9e33-4abf-b4fe-2200f98193c9&oid=jb3B2SI1wnbG0luKECgm

43 B
332 B

16ms
16ms

Document
image/gif

88.208.46.27
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pushiti.info/js/cs?uuid=9a1abded-9e33-4abf-b4fe-2200f98193c9&oid=jb3B2SI1wnbG0luKECgm
Requested by: Host: pushiti.info
URL: https://pushiti.info/push.js?utm_source=og&utm_campaign=5486&utm_content=&domain=microsoft-publisher.ru&proto=https:
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.27 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host: pushiti.info
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://microsoft-publisher.ru/
Accept-Encoding: gzip, deflate, br
Cookie: userid=9a1abded-9e33-4abf-b4fe-2200f98193c9; uuid=9a1abded-9e33-4abf-b4fe-2200f98193c9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/

Response headers

Server: nginx
Date: Wed, 06 Oct 2021 09:50:48 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: oid=jb3B2SI1wnbG0luKECgm; expires=Fri, 05-Nov-2021 12:50:48 GMT; Path=/; domain=.pushiti.info; SameSite=None; Secure

Redirect headers

server: nginx/1.19.0
date: Wed, 06 Oct 2021 09:50:48 GMT
content-type: application/json; charset=utf-8
content-length: 0
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
set-cookie: jcsuuid=jb3B2SI1wnbG0luKECgm; Expires=Sat, 01 Oct 2022 12:50:48 GMT; Domain=uuidksinc.net; Path=/; SameSite=None; Secure
location: https://pushiti.info/js/cs?uuid=9a1abded-9e33-4abf-b4fe-2200f98193c9&oid=jb3B2SI1wnbG0luKECgm

POST
H/1.1 200
OK set
pushiti.info/event/ 0
0 17ms
17ms Fetch
text/html 88.208.46.27
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pushiti.info/event/set
Requested by: Host: pushiti.info
URL: https://pushiti.info/push.js?utm_source=og&utm_campaign=5486&utm_content=&domain=microsoft-publisher.ru&proto=https:
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.27 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://microsoft-publisher.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 06 Oct 2021 09:50:48 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://microsoft-publisher.ru
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control

POST
H/1.1 200
OK set
pushiti.info/event/ 0
693 B 17ms
16ms Ping
text/html 88.208.46.27
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pushiti.info/event/set
Requested by: Host: pushiti.info
URL: https://pushiti.info/push.js?utm_source=og&utm_campaign=5486&utm_content=&domain=microsoft-publisher.ru&proto=https:
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.27 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://microsoft-publisher.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 06 Oct 2021 09:50:48 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://microsoft-publisher.ru
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control

POST
H/1.1 200
OK set
pushiti.info/event/ 0
0 26ms
18ms Fetch
text/html 88.208.46.27
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pushiti.info/event/set
Requested by: Host: pushiti.info
URL: https://pushiti.info/push.js?utm_source=og&utm_campaign=5486&utm_content=&domain=microsoft-publisher.ru&proto=https:
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.27 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://microsoft-publisher.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 06 Oct 2021 09:50:48 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://microsoft-publisher.ru
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/9fd4fd09/ Frame CF43 330 KB
45 KB 22ms
7ms Stylesheet
text/css 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9fd4fd09/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cO1ynpysMXA?ecver=2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

sffe /

Resource Hash

cf16056ffbbab55d04406d0ff06aa2c75946356a8cbccd2864871e8e482d212e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cO1ynpysMXA?ecver=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 03:43:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22050
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46472
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 03:09:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 06 Oct 2022 03:43:18 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/9fd4fd09/www-embed-player.vflset/ Frame CF43 202 KB
66 KB 30ms
15ms Script
text/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9fd4fd09/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cO1ynpysMXA?ecver=2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

sffe /

Resource Hash

49ee00732bd14d9d15b9ddae44bb5ec3b7885ecd2748b7c61ffc22791bbb8d72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cO1ynpysMXA?ecver=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 18:10:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 142834
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67643
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 03:09:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 04 Oct 2022 18:10:14 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/9fd4fd09/player_ias.vflset/de_DE/ Frame CF43 2 MB
508 KB 21ms
6ms Script
text/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9fd4fd09/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cO1ynpysMXA?ecver=2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

sffe /

Resource Hash

d9a2a876db423eff2a6ae24782d0493ffa9fc3cdfccaf68033d0a2fb451d5b46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cO1ynpysMXA?ecver=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 05:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 534155
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 520425
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 03:09:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 30 Sep 2022 05:28:13 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/9fd4fd09/fetch-polyfill.vflset/ Frame CF43 8 KB
3 KB 29ms
14ms Script
text/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9fd4fd09/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cO1ynpysMXA?ecver=2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cO1ynpysMXA?ecver=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 13:47:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72199
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 03:09:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 05 Oct 2022 13:47:29 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CF43 15 KB
15 KB 15ms
15ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cO1ynpysMXA?ecver=2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 09:07:47 GMT
x-content-type-options: nosniff
age: 88981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Oct 2022 09:07:47 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9418.Fbr6uSohwu5MYsnC8ujRvz5uwHDWY-2j7p8alThPgck5kyNr5x6x4njoxKaHxFrv.8Ywfc_74IHTLtBvyZqJK-TdkUyA%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9418.lRoOAZNNb2LUNywPY3H_kvyK9BBAqFYzJRb1cAxAcWzh4sZDFEf--IGfhGxab5EYQNd-bgtiDC3mt7hxK5e9Xg%2C%2C.yDEWHRzAc1zbWy0VTxYXm8_fMBY%2C

75 B
75 B

32ms
32ms

Image
text/html

87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9418.lRoOAZNNb2LUNywPY3H_kvyK9BBAqFYzJRb1cAxAcWzh4sZDFEf--IGfhGxab5EYQNd-bgtiDC3mt7hxK5e9Xg%2C%2C.yDEWHRzAc1zbWy0VTxYXm8_fMBY%2C

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:49 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9418.lRoOAZNNb2LUNywPY3H_kvyK9BBAqFYzJRb1cAxAcWzh4sZDFEf--IGfhGxab5EYQNd-bgtiDC3mt7hxK5e9Xg%2C%2C.yDEWHRzAc1zbWy0VTxYXm8_fMBY%2C
date: Wed, 06 Oct 2021 09:50:49 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 31ms
31ms Image
image/gif 87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:49 GMT
last-modified: Wed, 06 Oct 2021 08:41:01 GMT
etag: "615d36ed-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 06 Oct 2021 10:50:49 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame CF43
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
161 B

27ms
27ms

XHR
application/json

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cO1ynpysMXA?ecver=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

5464ebf2ca205725fbc9a5026d6fac4b808effc871e7f05872482b59be3b550d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 06 Oct 2021 09:50:49 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame CF43 29 B
609 B 58ms
17ms Script
text/javascript 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9fd4fd09/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:38:00 GMT
x-content-type-options: nosniff
age: 769
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Oct 2021 09:53:00 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/9fd4fd09/player_ias.vflset/de_DE/ Frame CF43 95 KB
29 KB 7ms
6ms Script
text/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9fd4fd09/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9fd4fd09/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

sffe /

Resource Hash

c08411e6407550799a0e967563c6f7d3f3ef0acb628dd0087b1d7b56922d105d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cO1ynpysMXA?ecver=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:43:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 331618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29990
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 03:09:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 02 Oct 2022 13:43:51 GMT

GET
H2 200 ySIUQvk5GAKWp7RJKF5OyVe9ZkTQkmns_YoJWAMMFa4.js Show response
www.google.com/js/th/ Frame CF43 35 KB
14 KB 31ms
8ms Script
text/javascript 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/ySIUQvk5GAKWp7RJKF5OyVe9ZkTQkmns_YoJWAMMFa4.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9fd4fd09/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

sffe /

Resource Hash

c9221442f939180296a7b449285e4ec957bd6644d09269ecfd8a0958030c15ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 15:00:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13291
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 05 Oct 2022 15:00:18 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/9fd4fd09/player_ias.vflset/de_DE/ Frame CF43 25 KB
7 KB 8ms
7ms Script
text/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9fd4fd09/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9fd4fd09/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

sffe /

Resource Hash

bb3027f45e4ebb343a1e0e5d16015070aefb2e9dd3c7fb4165c65c49d90d02e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cO1ynpysMXA?ecver=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 05:37:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 533622
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7363
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 03:09:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 30 Sep 2022 05:37:07 GMT

GET
DATA 200
OK truncated
/ Frame CF43 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLT04-1bGonvG8MhZsav3-8BpTP2qNE9_fcNnUmhnQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame CF43 2 KB
3 KB 33ms
0ms Image
image/jpeg 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLT04-1bGonvG8MhZsav3-8BpTP2qNE9_fcNnUmhnQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cO1ynpysMXA?ecver=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

fife /

Resource Hash

6d6c4736e5ae673cb7d918e611a589d1e40d2671b3c7986ba718070cfd3447da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 08:02:37 GMT
x-content-type-options: nosniff
age: 6492
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2489
x-xss-protection: 0
server: fife
etag: "v188"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 07 Oct 2021 08:02:37 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/cO1ynpysMXA/ Frame CF43 32 KB
33 KB 43ms
11ms Image
image/jpeg 142.250.181.246
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/cO1ynpysMXA/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cO1ynpysMXA?ecver=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.246 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f22.1e100.net

Software

sffe /

Resource Hash

e9ae920206fca6574f0ed4cfca8cfd47ffc7c856aa2165b465a200f4e3406aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:49 GMT
x-content-type-options: nosniff
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33274
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 06 Oct 2021 11:50:49 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CF43 10 KB
10 KB 15ms
14ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cO1ynpysMXA?ecver=2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 13:29:54 GMT
x-content-type-options: nosniff
age: 591655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Sep 2022 13:29:54 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/26812653/
Redirect Chain

https://mc.yandex.com/watch/26812653?wmode=7&page-url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22b%2Fh%2Fj%2Fk%2Fk%2Fk%2Fk%2Fl%2...
https://mc.yandex.com/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22b%2Fh%2Fj%2Fk%2Fk%2Fk%2Fk%2Fl...

331 B
413 B

35ms
33ms

XHR
application/json

87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22b%2Fh%2Fj%2Fk%2Fk%2Fk%2Fk%2Fl%2Ft%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A2%3Adp%3A1%3Als%3A725689648897%3Ahid%3A496143782%3Az%3A0%3Ai%3A202101006095049%3Aet%3A1633513849%3Ac%3A1%3Arn%3A2223990%3Arqn%3A1%3Au%3A1633513849110040230%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633513847997%3Ads%3A58%2C90%2C289%2C2%2C0%2C0%2C%2C387%2C29%2C%2C%2C%2C829%3Adsn%3A58%2C90%2C289%2C2%2C0%2C0%2C%2C389%2C29%2C%2C%2C%2C829%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633513849%3At%3AMicrosoft%20office%20publisher%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

4cb7bc1d3887715d37967353ecf1e87809cdc6865a7c634f19ff5ec89bff01c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 09:50:49 GMT
x-content-type-options: nosniff
last-modified: Wed, 06-Oct-2021 09:50:49 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://microsoft-publisher.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Wed, 06-Oct-2021 09:50:49 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Oct 2021 09:50:49 GMT
last-modified: Wed, 06-Oct-2021 09:50:49 GMT
location: /watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22b%2Fh%2Fj%2Fk%2Fk%2Fk%2Fk%2Fl%2Ft%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A2%3Adp%3A1%3Als%3A725689648897%3Ahid%3A496143782%3Az%3A0%3Ai%3A202101006095049%3Aet%3A1633513849%3Ac%3A1%3Arn%3A2223990%3Arqn%3A1%3Au%3A1633513849110040230%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633513847997%3Ads%3A58%2C90%2C289%2C2%2C0%2C0%2C%2C387%2C29%2C%2C%2C%2C829%3Adsn%3A58%2C90%2C289%2C2%2C0%2C0%2C%2C389%2C29%2C%2C%2C%2C829%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633513849%3At%3AMicrosoft%20office%20publisher%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE
strict-transport-security: max-age=31536000
access-control-allow-origin: https://microsoft-publisher.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 06-Oct-2021 09:50:49 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/46922646/
Redirect Chain

https://mc.yandex.com/watch/46922646?wmode=7&page-url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8...
https://mc.yandex.com/watch/46922646/1?wmode=7&page-url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A638%3Afu%3A0%3Aen%3Autf...

350 B
385 B

35ms
34ms

XHR
application/json

87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/46922646/1?wmode=7&page-url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A721342873758%3Ahid%3A496143782%3Az%3A0%3Ai%3A202101006095049%3Aet%3A1633513849%3Ac%3A1%3Arn%3A166232465%3Arqn%3A1%3Au%3A1633513849110040230%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633513847997%3Ads%3A58%2C90%2C289%2C2%2C0%2C0%2C%2C387%2C29%2C%2C%2C%2C829%3Adsn%3A58%2C90%2C289%2C2%2C0%2C0%2C%2C389%2C29%2C%2C%2C%2C829%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633513849%3At%3AMicrosoft%20office%20publisher%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

ad59c91acf95ec01e07579ba958738ec967846f683e316613fcc7204f45d8908

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 09:50:49 GMT
x-content-type-options: nosniff
last-modified: Wed, 06-Oct-2021 09:50:49 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://microsoft-publisher.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Wed, 06-Oct-2021 09:50:49 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Oct 2021 09:50:49 GMT
last-modified: Wed, 06-Oct-2021 09:50:49 GMT
location: /watch/46922646/1?wmode=7&page-url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A638%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A721342873758%3Ahid%3A496143782%3Az%3A0%3Ai%3A202101006095049%3Aet%3A1633513849%3Ac%3A1%3Arn%3A166232465%3Arqn%3A1%3Au%3A1633513849110040230%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633513847997%3Ads%3A58%2C90%2C289%2C2%2C0%2C0%2C%2C387%2C29%2C%2C%2C%2C829%3Adsn%3A58%2C90%2C289%2C2%2C0%2C0%2C%2C389%2C29%2C%2C%2C%2C829%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633513849%3At%3AMicrosoft%20office%20publisher%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE
strict-transport-security: max-age=31536000
access-control-allow-origin: https://microsoft-publisher.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 06-Oct-2021 09:50:49 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame CF43 4 KB
3 KB 39ms
18ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9fd4fd09/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Oct 2021 09:50:49 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame CF43 0
9 B 7ms
6ms Image
text/plain 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?gzcIFw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/cO1ynpysMXA?ecver=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cO1ynpysMXA?ecver=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/93/ Frame CF43 52 KB
15 KB 22ms
8ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/93/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

66b3a50b1f61027459efda3192f4265a316f43a8d770a7135c956bea688fe4d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 07:39:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15346
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 17:05:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Thu, 07 Oct 2021 07:39:49 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F23B 4 KB
619 B 30ms
17ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=200&slotname=3433503542&adk=2905479100&adf=2814042660&pi=t.ma~as.3433503542&w=804&fwrn=4&lmt=1633513848&rafmt=11&psa=0&format=804x200&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513848654&bpp=2&bdt=215&idt=80&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&pvsid=699467853742933&pem=345&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k7ymnhlowA&p=https%3A//microsoft-publisher.ru&dtd=85

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 09:39:19 GMT
server: ESF
date: Wed, 06 Oct 2021 09:50:49 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 06 Oct 2021 09:50:49 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame F23B 1 KB
944 B 24ms
8ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

cafe /

Resource Hash

6500bd4cd278cdd0e00b473891ec40860e4dde8e5a7f02ab1d2ad6e30dfb0ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:43:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 427
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 837
x-xss-protection: 0
server: cafe
etag: 7640065535275194769
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 09:43:42 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/ Frame F23B 18 KB
8 KB 18ms
6ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

cafe /

Resource Hash

2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 740
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7605
x-xss-protection: 0
server: cafe
etag: 4152153861754824712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 09:38:29 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame F23B 3 KB
1 KB 20ms
9ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

cafe /

Resource Hash

5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:32:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1344
x-xss-protection: 0
server: cafe
etag: 10107448882299530629
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 09:32:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F23B 122 KB
37 KB 39ms
25ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37846
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1632957210746890"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Oct 2021 09:50:49 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame F23B 14 KB
6 KB 18ms
7ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

cafe /

Resource Hash

85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:38:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 717
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6206
x-xss-protection: 0
server: cafe
etag: 15755272758842173338
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 09:38:52 GMT

GET
H3 200 8400539943eb1c96fa551c508d61e34e.js Show response
www.gstatic.com/mysidia/ Frame F23B 26 KB
11 KB 13ms
6ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8400539943eb1c96fa551c508d61e34e.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11136
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 18:59:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Mon, 03 Jan 2022 08:07:21 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F23B 0
0 30ms
30ms Fetch
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1a1ReHFdYa6vLpOHgAf3sYe4A4u-5qtl2qSk7NkO2ITTiOslEAEgu97SX2DJhoCA3KPwEaAB_7CkowPIAQaoAwHIA8sEqgTQAU_QWxog_XUVC_TrpCA8O8AcGjPSwBqYQOmGX_vdwuLj4vyxakkMj7XVczffi-uMrt5w9dSV7RO1X-WicX2IfQ-FKbgLU88F2rAz_vr5myZu3453H3t71pD8dp0SlAaXGK_tKRw8RovJ_gWcIcS-n0Aku8p54o6Tu9Tq9F0WRr7mOKXpKcdNlxbaUhdwe-MznfWVUYFlrk_0ASmZ5sDV-29psVbhyR0XfE9iufOl2Y9IyCoRfcwrjCbIIzM1lCqi6IxQTBFoFdbVE5PC3lbyTzfABPP29P7LA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAff7rg1qAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAfIHBBDgtSDSCAcIgGEQARhfgAoByAsB2BMMiBQC0BUBgBcBshccChoIABIUcHViLTQzODQ0NjI4NzUyNzk3MTQYAA&sigh=Kn-P6DpruJo&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=200&slotname=3433503542&adk=2905479100&adf=2814042660&pi=t.ma~as.3433503542&w=804&fwrn=4&lmt=1633513848&rafmt=11&psa=0&format=804x200&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513848654&bpp=2&bdt=215&idt=80&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=205&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&pvsid=699467853742933&pem=345&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=k7ymnhlowA&p=https%3A//microsoft-publisher.ru&dtd=85
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 06 Oct 2021 09:50:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H2 200 1 Show response
mc.yandex.com/watch/26812653/ 43 B
85 B 31ms
31ms XHR
image/gif 87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26812653/1?page-url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A2%3Adp%3A1%3Als%3A725689648897%3Ahid%3A496143782%3Az%3A0%3Ai%3A202101006095049%3Aet%3A1633513849%3Ac%3A1%3Arn%3A180596438%3Arqn%3A2%3Au%3A1633513849110040230%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1633513847997%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633513849

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://microsoft-publisher.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 09:50:49 GMT
last-modified: Wed, 06-Oct-2021 09:50:49 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://microsoft-publisher.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 06-Oct-2021 09:50:49 GMT

GET
DATA 200
OK truncated
/ Frame F23B 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1f8d9245b6120ce0af1f58a37dcd366c5ec7e5b884a49af0933c786ca4c39d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame F23B 15 KB
15 KB 13ms
13ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 17:27:37 GMT
x-content-type-options: nosniff
age: 145392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 04 Oct 2022 17:27:37 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ Frame F23B 9 KB
9 KB 13ms
13ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:38:41 GMT
x-content-type-options: nosniff
age: 580328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Sep 2022 16:38:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame F23B 16 KB
16 KB 16ms
16ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:31:43 GMT
x-content-type-options: nosniff
age: 580746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Sep 2022 16:31:43 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5831515622793845058/ Frame F23B 12 KB
12 KB 23ms
7ms Image
image/jpeg 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5831515622793845058/downsize_200k_v1?w=400&h=209

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

sffe /

Resource Hash

d87a0e50118323251e5d47f3e299b12d38e54a36f081816663bd1bb6489a1d3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:25:39 GMT
x-content-type-options: nosniff
age: 573910
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11905
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 11:08:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Sep 2022 18:25:39 GMT

GET
H3 200 y_GpSJCDeJUhy2edwqiqULXjheMgRVI09JfpD4O8H0g.js Show response
pagead2.googlesyndication.com/bg/ Frame B74D 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/y_GpSJCDeJUhy2edwqiqULXjheMgRVI09JfpD4O8H0g.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

cbf1a9489083789521cb679dc2a8aa50b5e385e320455234f497e90f83bc1f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 13:10:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13365
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 10:18:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 05 Oct 2022 13:10:11 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 32DF 4 KB
619 B 17ms
17ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=200&slotname=3433503542&adk=2905479100&adf=651698199&pi=t.ma~as.3433503542&w=804&fwrn=4&lmt=1633513848&rafmt=11&psa=0&format=804x200&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513848764&bpp=1&bdt=325&idt=2&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C804x200&nras=1&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=3509&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&pvsid=699467853742933&pem=345&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rUtbhmrQ26&p=https%3A//microsoft-publisher.ru&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 08:34:44 GMT
server: ESF
date: Wed, 06 Oct 2021 09:50:49 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 06 Oct 2021 09:50:49 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 32DF 1 KB
864 B 7ms
6ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=200&slotname=3433503542&adk=2905479100&adf=651698199&pi=t.ma~as.3433503542&w=804&fwrn=4&lmt=1633513848&rafmt=11&psa=0&format=804x200&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513848764&bpp=1&bdt=325&idt=2&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C804x200&nras=1&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=3509&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&pvsid=699467853742933&pem=345&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rUtbhmrQ26&p=https%3A//microsoft-publisher.ru&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

cafe /

Resource Hash

6500bd4cd278cdd0e00b473891ec40860e4dde8e5a7f02ab1d2ad6e30dfb0ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 976
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 837
x-xss-protection: 0
server: cafe
etag: 7640065535275194769
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 09:34:33 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/ Frame 32DF 18 KB
7 KB 7ms
6ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=200&slotname=3433503542&adk=2905479100&adf=651698199&pi=t.ma~as.3433503542&w=804&fwrn=4&lmt=1633513848&rafmt=11&psa=0&format=804x200&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513848764&bpp=1&bdt=325&idt=2&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C804x200&nras=1&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=3509&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&pvsid=699467853742933&pem=345&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rUtbhmrQ26&p=https%3A//microsoft-publisher.ru&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

cafe /

Resource Hash

2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 740
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7605
x-xss-protection: 0
server: cafe
etag: 4152153861754824712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 09:38:29 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 32DF 3 KB
1 KB 7ms
6ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=200&slotname=3433503542&adk=2905479100&adf=651698199&pi=t.ma~as.3433503542&w=804&fwrn=4&lmt=1633513848&rafmt=11&psa=0&format=804x200&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513848764&bpp=1&bdt=325&idt=2&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C804x200&nras=1&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=3509&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&pvsid=699467853742933&pem=345&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rUtbhmrQ26&p=https%3A//microsoft-publisher.ru&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

cafe /

Resource Hash

5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:39:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1344
x-xss-protection: 0
server: cafe
etag: 10107448882299530629
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 09:39:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 32DF 122 KB
37 KB 16ms
15ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=200&slotname=3433503542&adk=2905479100&adf=651698199&pi=t.ma~as.3433503542&w=804&fwrn=4&lmt=1633513848&rafmt=11&psa=0&format=804x200&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513848764&bpp=1&bdt=325&idt=2&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C804x200&nras=1&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=3509&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&pvsid=699467853742933&pem=345&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rUtbhmrQ26&p=https%3A//microsoft-publisher.ru&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37846
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1632957210746890"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Oct 2021 09:50:49 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 32DF 14 KB
6 KB 8ms
7ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=200&slotname=3433503542&adk=2905479100&adf=651698199&pi=t.ma~as.3433503542&w=804&fwrn=4&lmt=1633513848&rafmt=11&psa=0&format=804x200&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513848764&bpp=1&bdt=325&idt=2&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C804x200&nras=1&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=3509&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&pvsid=699467853742933&pem=345&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rUtbhmrQ26&p=https%3A//microsoft-publisher.ru&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

cafe /

Resource Hash

85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:40:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6206
x-xss-protection: 0
server: cafe
etag: 15755272758842173338
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 09:40:31 GMT

GET
H3 200 8400539943eb1c96fa551c508d61e34e.js Show response
www.gstatic.com/mysidia/ Frame 32DF 26 KB
11 KB 9ms
8ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8400539943eb1c96fa551c508d61e34e.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=200&slotname=3433503542&adk=2905479100&adf=651698199&pi=t.ma~as.3433503542&w=804&fwrn=4&lmt=1633513848&rafmt=11&psa=0&format=804x200&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513848764&bpp=1&bdt=325&idt=2&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C804x200&nras=1&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=3509&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&pvsid=699467853742933&pem=345&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rUtbhmrQ26&p=https%3A//microsoft-publisher.ru&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11136
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 18:59:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Mon, 03 Jan 2022 08:07:21 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 32DF 0
0 30ms
30ms Fetch
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cuaz_eHFdYZrZMZul-gaS67ygDvLBn9dj9dPcx_oNwI23ARABILve0l9gyYaAgNyj8BGgAcbzyaEByAEBqAMByAPDBKoE3wFP0Jg6SnLySB623mGetS4RJq9IjB7JkXt1zynIkWN3BX6uHpirx-r77JHkBXb5I9LskZ99QJWe-03_iAyTGE8i089Ek_ktNGhotjM3Z2FlYboS-D96oq94dTrGW3u7HjxHyCgEK4paq8Z0ClDbglaEGptK8VKnaL9MeghCIJh3Ylyr7x6LpS9duorOSpaHDxGyxtmqxrAgZkFSEYRKqVbJaNbTB7jW6FI3_yospWW-9H8QhmU4_U3jq3b-QGO3DNwikjdgzUO19sjkgxIcCkz9KHblkbGTqI3Te4bT9oycwASPk8ns3QOSBQQIBBgBkgUECAUYBKAGUYAHooy23gKoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcB8gcEEPH6EdIIBwiAYRABGF-ACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItNDM4NDQ2Mjg3NTI3OTcxNBgA&sigh=X2R77jwb6dU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=200&slotname=3433503542&adk=2905479100&adf=651698199&pi=t.ma~as.3433503542&w=804&fwrn=4&lmt=1633513848&rafmt=11&psa=0&format=804x200&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513848764&bpp=1&bdt=325&idt=2&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C804x200&nras=1&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=3509&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&pvsid=699467853742933&pem=345&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rUtbhmrQ26&p=https%3A//microsoft-publisher.ru&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=200&slotname=3433503542&adk=2905479100&adf=651698199&pi=t.ma~as.3433503542&w=804&fwrn=4&lmt=1633513848&rafmt=11&psa=0&format=804x200&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513848764&bpp=1&bdt=325&idt=2&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C804x200&nras=1&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=3509&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&pvsid=699467853742933&pem=345&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rUtbhmrQ26&p=https%3A//microsoft-publisher.ru&dtd=30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 06 Oct 2021 09:50:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 10593947558085463805
tpc.googlesyndication.com/daca_images/simgad/ Frame 32DF 10 KB
10 KB 9ms
8ms Image
image/jpeg 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/10593947558085463805?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=200&slotname=3433503542&adk=2905479100&adf=651698199&pi=t.ma~as.3433503542&w=804&fwrn=4&lmt=1633513848&rafmt=11&psa=0&format=804x200&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513848764&bpp=1&bdt=325&idt=2&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C804x200&nras=1&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=3509&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&pvsid=699467853742933&pem=345&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rUtbhmrQ26&p=https%3A//microsoft-publisher.ru&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

sffe /

Resource Hash

11c8fa78f44dc145ac3b164412ce283e2605db1c7d66f1faf6c31ce3676d6dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:54:31 GMT
x-content-type-options: nosniff
age: 330978
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10393
x-xss-protection: 0
last-modified: Sat, 30 Apr 2016 00:44:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Oct 2021 13:54:31 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6004 143 B
163 B 8ms
6ms Document
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=200&slotname=3433503542&adk=2905479100&adf=651698199&pi=t.ma~as.3433503542&w=804&fwrn=4&lmt=1633513848&rafmt=11&psa=0&format=804x200&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513848764&bpp=1&bdt=325&idt=2&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C804x200&nras=1&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=3509&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&pvsid=699467853742933&pem=345&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rUtbhmrQ26&p=https%3A//microsoft-publisher.ru&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=200&slotname=3433503542&adk=2905479100&adf=651698199&pi=t.ma~as.3433503542&w=804&fwrn=4&lmt=1633513848&rafmt=11&psa=0&format=804x200&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513848764&bpp=1&bdt=325&idt=2&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C804x200&nras=1&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=3509&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&pvsid=699467853742933&pem=345&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rUtbhmrQ26&p=https%3A//microsoft-publisher.ru&dtd=30
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlvGDlnrBkO1e2DOVpSyXJNrxU5C4I0CuIOSNlLEAuGHP9IR0mEuTD-RZk1; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=200&slotname=3433503542&adk=2905479100&adf=651698199&pi=t.ma~as.3433503542&w=804&fwrn=4&lmt=1633513848&rafmt=11&psa=0&format=804x200&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513848764&bpp=1&bdt=325&idt=2&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C804x200&nras=1&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=3509&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&pvsid=699467853742933&pem=345&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rUtbhmrQ26&p=https%3A//microsoft-publisher.ru&dtd=30

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 06 Oct 2021 09:00:15 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3034
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6004
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=200&slotname=3433503542&adk=2905479100&adf=651698199&pi=t.ma~as.3433503542&w=804&fwrn=4&lmt=1633513848&rafmt=11&psa=0&format=804x200&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513848764&bpp=1&bdt=325&idt=2&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C804x200&nras=1&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=3509&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&pvsid=699467853742933&pem=345&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rUtbhmrQ26&p=https%3A//microsoft-publisher.ru&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlvGDlnrBkO1e2DOVpSyXJNrxU5C4I0CuIOSNlLEAuGHP9IR0mEuTD-RZk1; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 06 Oct 2021 09:50:49 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 06-Oct-2021 10:50:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 06 Oct 2021 09:50:49 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 06 Oct 2021 09:50:49 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 32DF 0
20 B 40ms
39ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=26&version=r20211004&sample=0.01

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/load_preloaded_resource_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 09:50:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 32DF 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2412e53a38ece1f43acee1f64a7bdf5745397187994973487bb51c944138f03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 32DF 15 KB
15 KB 13ms
13ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 17:27:37 GMT
x-content-type-options: nosniff
age: 145392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 04 Oct 2022 17:27:37 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 32DF 9 KB
9 KB 14ms
13ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:38:41 GMT
x-content-type-options: nosniff
age: 580328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Sep 2022 16:38:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 32DF 16 KB
16 KB 15ms
15ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:31:43 GMT
x-content-type-options: nosniff
age: 580746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Sep 2022 16:31:43 GMT

GET
H2 200 matchx.html Show response
uuidksinc.net/ Frame 3F66 6 KB
2 KB 22ms
12ms Document
text/html 31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://uuidksinc.net/matchx.html
Requested by: Host: pushiti.info
URL: https://pushiti.info/push.js?utm_source=og&utm_campaign=5486&utm_content=&domain=microsoft-publisher.ru&proto=https:
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: c531eb2baeaef34843e9785bc63435f6a7a73f5540dd244071b491f8efc0e803

Request headers

:method: GET
:authority: uuidksinc.net
:scheme: https
:path: /matchx.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://microsoft-publisher.ru/
accept-encoding: gzip, deflate, br
cookie: jcsuuid=jb3B2SI1wnbG0luKECgm
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/

Response headers

server: nginx/1.19.0
date: Wed, 06 Oct 2021 09:50:49 GMT
content-type: text/html
last-modified: Wed, 06 Oct 2021 07:34:47 GMT
vary: Accept-Encoding
etag: W/"615d5197-172a"
expires: Wed, 06 Oct 2021 10:05:49 GMT
cache-control: max-age=900 public
content-encoding: gzip

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/6573/i/ Frame 3F66
Redirect Chain

https://dmg.digitaltarget.ru/1/6573/i/i?a=662&e=jb3B2SI1wnbG0luKECgm&i=0.6108726574325503
https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&a=662&e=jb3B2SI1wnbG0luKECgm&i=0.6108726574325503

49 B
603 B

86ms
86ms

Image
image/gif

185.15.175.130
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&a=662&e=jb3B2SI1wnbG0luKECgm&i=0.6108726574325503

Requested by

Host: uuidksinc.net
URL: https://uuidksinc.net/matchx.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.15.175.130 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 06 Oct 2021 09:50:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 32
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Wed, 06 Oct 2021 09:50:49 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&a=662&e=jb3B2SI1wnbG0luKECgm&i=0.6108726574325503
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H2 200 jb3B2SI1wnbG0luKECgm
recreativ.ru/mtch/17/ Frame 3F66 43 B
109 B 49ms
11ms Image
image/gif 136.243.84.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://recreativ.ru/mtch/17/jb3B2SI1wnbG0luKECgm
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

hn: b12
date: Wed, 06 Oct 2021 09:50:49 GMT
server: nginx
content-type: image/gif

GET
H2 403 userbind
ssp1.rtb.beeline.ru/ Frame 3F66 0
0 202ms
48ms Image
text/html 37.9.245.57
BEE-AS Russia

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp1.rtb.beeline.ru/userbind?src=rtw&pbf=1&id=jb3B2SI1wnbG0luKECgm
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.9.245.57 , Russian Federation, ASN16345 (BEE-AS Russia, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
access-control-allow-credentials: true
access-control-allow-methods: GET, HEAD, POST, OPTIONS, PUT, DELETE

GET
H2 200 m
sync.mgid.com/ Frame 3F66 43 B
813 B 144ms
118ms Image
image/gif 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mgid.com/m?cdsp=117798&c=jb3B2SI1wnbG0luKECgm
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 09:50:49 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 699dfcd8f90fd70d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 204 kadam
sync.dmp.otm-r.com/match/ Frame 3F66 0
69 B 47ms
11ms Image
text/plain 195.201.152.110
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/kadam
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.152.110 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.110.152.201.195.clients.your-server.de
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 06 Oct 2021 09:50:49 GMT
server: nginx/1.17.6

GET
H2 204 match
dm.hybrid.ai/ Frame 3F66 0
238 B 147ms
44ms Image
text/plain 37.18.16.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=158&vid=jb3B2SI1wnbG0luKECgm

Requested by

Host: uuidksinc.net
URL: https://uuidksinc.net/matchx.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.16 , Russian Federation, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 09:50:49 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 104
x-xss-protection: 1; mode=block
expires: -1

GET kadam.gif
zefirgood1.ru/trb/ Frame 3F66 0
0

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame 3F66
Redirect Chain

https://sync.bumlam.com/?src=bc2&uid=jb3B2SI1wnbG0luKECgm
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABj54vWKBlIFj9qG2QtiFGpiM0IyU0kxd25iRzBsdUtFQ2dt
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARj54vWKBlIFj9qG2QtiFGpiM0IyU0kxd25iRzBsdUtFQ2dtogEQ4w1M7CaKEeyG4AAlkMBkfA**
https://sync.bumlam.com/?src=bc2&s_data=CAIQABj54vWKBmIUamIzQjJTSTF3bmJHMGx1S0VDZ22iARDjDUzsJooR7IbgACWQwGR8
https://sync.bumlam.com/?src=bc2&s_data=CAIQARj54vWKBmIUamIzQjJTSTF3bmJHMGx1S0VDZ22iARDjDUzsJooR7IbgACWQwGR8

43 B
552 B

6ms
6ms

Image
image/gif

31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=bc2&s_data=CAIQARj54vWKBmIUamIzQjJTSTF3bmJHMGx1S0VDZ22iARDjDUzsJooR7IbgACWQwGR8
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.159 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 06 Oct 2021 09:50:49 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Wed, 06 Oct 2021 09:50:49 GMT
Server: nginx
ETag: e30d4cec-268a-11ec-86e0-002590c0647c
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=bc2&s_data=CAIQARj54vWKBmIUamIzQjJTSTF3bmJHMGx1S0VDZ22iARDjDUzsJooR7IbgACWQwGR8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2

200

/
an.yandex.ru/setud/target_rtb/ Frame 3F66
Redirect Chain

https://match.new-programmatic.com/userbind?src=rtw&id=jb3B2SI1wnbG0luKECgm
https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1
https://an.yandex.ru/setud/target_rtb/?sign=1456593635
https://an.yandex.ru/setud/target_rtb/?redir-setuniq=1&sign=1456593635

43 B
81 B

81ms
76ms

Image
image/gif

77.88.21.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/target_rtb/?redir-setuniq=1&sign=1456593635

Requested by

Host: uuidksinc.net
URL: https://uuidksinc.net/matchx.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

77.88.21.90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 09:50:51 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 09:50:51 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 06 Oct 2021 09:50:51 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Oct 2021 09:50:49 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 09:50:49 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/setud/target_rtb/?redir-setuniq=1&sign=1456593635
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 06 Oct 2021 09:50:49 GMT

GET
H2

200

/
an.yandex.ru/setud/target_rtb/ Frame 3F66
Redirect Chain

https://match.new-programmatic.com/userbind?src=rtw_native&pbf=1&fid=rtw/jb3B2SI1wnbG0luKECgm
https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1
https://an.yandex.ru/setud/target_rtb/?sign=1456593635
https://an.yandex.ru/setud/target_rtb/?redir-setuniq=1&sign=1456593635

43 B
137 B

81ms
75ms

Image
image/gif

77.88.21.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/target_rtb/?redir-setuniq=1&sign=1456593635

Requested by

Host: uuidksinc.net
URL: https://uuidksinc.net/matchx.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

77.88.21.90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 09:50:51 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 09:50:51 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 06 Oct 2021 09:50:51 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Oct 2021 09:50:49 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 09:50:49 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/setud/target_rtb/?redir-setuniq=1&sign=1456593635
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 06 Oct 2021 09:50:49 GMT

GET
H/1.1

200
Ok

google
mitdmp.whiteboxdigital.ru/pixel/ Frame 3F66
Redirect Chain

https://mitdmp.whiteboxdigital.ru/pixel?source=nttechnology&id=jb3B2SI1wnbG0luKECgm&redirect=true
https://356c4fa1-0a1d-4363-9eac-525bbea67822.mitdmp.whiteboxdigital.ru/redirect?miid=356c4fa1-0a1d-4363-9eac-525bbea67822
https://cm.g.doubleclick.net/pixel?google_nid=mediainstinctgroup&google_cm
https://mitdmp.whiteboxdigital.ru/pixel/google?google_gid=CAESEBq9I7iXevA6ipQGxzJ9zVY&google_cver=1&google_cver=1

807 B
648 B

129ms
44ms

Image
image/gif

81.163.17.245
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mitdmp.whiteboxdigital.ru/pixel/google?google_gid=CAESEBq9I7iXevA6ipQGxzJ9zVY&google_cver=1&google_cver=1
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.163.17.245 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: nginx/1.21.0 /
Resource Hash: 3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 06 Oct 2021 09:50:51 GMT
Content-Encoding: gzip
Server: nginx/1.21.0
Access-Control-Max-Age: 3628800
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Content-Type: image/gif
Access-Control-Allow-Origin
Access-Control-Expose-Headers: Content-Length,Content-Range
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
Content-Length: 60

Redirect headers

pragma: no-cache
date: Wed, 06 Oct 2021 09:50:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mitdmp.whiteboxdigital.ru/pixel/google?google_gid=CAESEBq9I7iXevA6ipQGxzJ9zVY&google_cver=1&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 jb3B2SI1wnbG0luKECgm
fcgi.gnezdo.ru/cookie_matching_ssp/kadam/ Frame 3F66 0
0 146ms
45ms Image
text/html 185.148.37.79
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcgi.gnezdo.ru/cookie_matching_ssp/kadam/jb3B2SI1wnbG0luKECgm
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2

200

match
ads.betweendigital.com/ Frame 3F66
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=38&external_user_id=jb3B2SI1wnbG0luKECgm
https://ads.betweendigital.com/match?bidder_id=38&external_user_id=jb3B2SI1wnbG0luKECgm&crf=1

68 B
607 B

112ms
106ms

Image
image/png

96.46.183.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=38&external_user_id=jb3B2SI1wnbG0luKECgm&crf=1
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=38&external_user_id=jb3B2SI1wnbG0luKECgm&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 204 kadam
sync.dmp.otm-r.com/match/ Frame 3F66 0
68 B 11ms
11ms Image
text/plain 195.201.152.110
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/kadam?id=jb3B2SI1wnbG0luKECgm
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.152.110 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.110.152.201.195.clients.your-server.de
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 06 Oct 2021 09:50:49 GMT
server: nginx/1.17.6

GET adxcm.aspx
ads.go2net.com.ua/ Frame 3F66 0
0

GET
H2

200

jb3B2SI1wnbG0luKECgm
an.yandex.ru/mapuid/kadamis/ Frame 3F66
Redirect Chain

https://an.yandex.ru/mapuid/kadamis/jb3B2SI1wnbG0luKECgm
https://an.yandex.ru/mapuid/kadamis/jb3B2SI1wnbG0luKECgm?redir-setuniq=1

43 B
180 B

55ms
50ms

Image
image/gif

77.88.21.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/kadamis/jb3B2SI1wnbG0luKECgm?redir-setuniq=1

Requested by

Host: uuidksinc.net
URL: https://uuidksinc.net/matchx.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

77.88.21.90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 09:50:51 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 09:50:51 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 06 Oct 2021 09:50:51 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Oct 2021 09:50:49 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 09:50:49 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/kadamis/jb3B2SI1wnbG0luKECgm?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 06 Oct 2021 09:50:49 GMT

GET
H/1.1 200
OK smc
z.cdn.adpool.bet/ Frame 3F66 0
369 B 57ms
13ms Image
text/plain 212.7.203.129
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z.cdn.adpool.bet/smc?s=22&u=jb3B2SI1wnbG0luKECgm
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 212.7.203.129 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 06 Oct 2021 09:50:49 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://z.cdn.adpool.bet/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H3 200 y_GpSJCDeJUhy2edwqiqULXjheMgRVI09JfpD4O8H0g.js Show response
pagead2.googlesyndication.com/bg/ Frame 8973 35 KB
13 KB 7ms
6ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/y_GpSJCDeJUhy2edwqiqULXjheMgRVI09JfpD4O8H0g.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=200&slotname=3433503542&adk=2905479100&adf=651698199&pi=t.ma~as.3433503542&w=804&fwrn=4&lmt=1633513848&rafmt=11&psa=0&format=804x200&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513848764&bpp=1&bdt=325&idt=2&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C804x200&nras=1&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=3509&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&pvsid=699467853742933&pem=345&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rUtbhmrQ26&p=https%3A//microsoft-publisher.ru&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

cbf1a9489083789521cb679dc2a8aa50b5e385e320455234f497e90f83bc1f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 13:10:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13365
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 10:18:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 05 Oct 2022 13:10:11 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/ 142 KB
51 KB 25ms
25ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

91a9bda9ebd1c39121a6e8e071d3a9ce622015d573dd35a9199bbbef5ef5a5f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52293
x-xss-protection: 0
server: cafe
etag: 11199002608663141945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Oct 2021 09:50:49 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=microsoft-publisher.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Oct 2021 09:50:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E0E9 130 KB
40 KB 1553ms
1553ms Document
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=280&adk=1717982147&adf=2675177840&pi=t.aa~a.1982158950~i.16~rp.4&w=804&fwrn=4&fwrnh=100&lmt=1633513849&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6754752948&psa=1&ad_type=text_image&format=804x280&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=803&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513849905&bpp=2&bdt=1466&idt=2&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1201cb0df8d32708-22ddf035e8ca0078%3AT%3D1633513848%3ART%3D1633513848%3AS%3DALNI_MbzgcJzVhMeTv55xxvL_-IxDDCszg&prev_fmts=0x0%2C804x200%2C804x200&nras=2&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=2743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&psts=AGkb-H8W0srugoIHBQKbB4jaTdsuPxzz13b26qC0BNx0r0cTATAjDnRLBfy9Vy0e9svMBOoWMRR0WsbFMmk%2CAGkb-H_aZ5lyr-TEiQ0HptUhYbkePNW2Nj8byS5d9SVfPMvDnMFwvBhtF-YUNlIN5Uz8QLbFGgPS5x-Z7i3OTA&pvsid=699467853742933&pem=345&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=eSfzqP9JZ0&p=https%3A//microsoft-publisher.ru&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

9519559a592c26bc9eec4814d37da4d15ed60bcd164376d6f2e20437d399e2b0

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLyojKbBtfMCFXbjEQgd5iMIBA&gqi=eXFdYer6OImS3wOuxbboBg&layout=/sadbundle/%24csp%253Der3%24/9984326474548969993/970x250/banner/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4384462875279714&output=html&h=280&adk=1717982147&adf=2675177840&pi=t.aa~a.1982158950~i.16~rp.4&w=804&fwrn=4&fwrnh=100&lmt=1633513849&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6754752948&psa=1&ad_type=text_image&format=804x280&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=803&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513849905&bpp=2&bdt=1466&idt=2&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1201cb0df8d32708-22ddf035e8ca0078%3AT%3D1633513848%3ART%3D1633513848%3AS%3DALNI_MbzgcJzVhMeTv55xxvL_-IxDDCszg&prev_fmts=0x0%2C804x200%2C804x200&nras=2&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=2743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&psts=AGkb-H8W0srugoIHBQKbB4jaTdsuPxzz13b26qC0BNx0r0cTATAjDnRLBfy9Vy0e9svMBOoWMRR0WsbFMmk%2CAGkb-H_aZ5lyr-TEiQ0HptUhYbkePNW2Nj8byS5d9SVfPMvDnMFwvBhtF-YUNlIN5Uz8QLbFGgPS5x-Z7i3OTA&pvsid=699467853742933&pem=345&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=eSfzqP9JZ0&p=https%3A//microsoft-publisher.ru&dtd=14
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://microsoft-publisher.ru/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlvGDlnrBkO1e2DOVpSyXJNrxU5C4I0CuIOSNlLEAuGHP9IR0mEuTD-RZk1; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLyojKbBtfMCFXbjEQgd5iMIBA&gqi=eXFdYer6OImS3wOuxbboBg&layout=/sadbundle/%24csp%253Der3%24/9984326474548969993/970x250/banner/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 06 Oct 2021 09:50:50 GMT
server: cafe
content-length: 41236
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/ Frame 8AF5 10 KB
5 KB 7ms
7ms Document
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://microsoft-publisher.ru/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlvGDlnrBkO1e2DOVpSyXJNrxU5C4I0CuIOSNlLEAuGHP9IR0mEuTD-RZk1; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 05 Oct 2021 15:49:37 GMT
expires: Tue, 19 Oct 2021 15:49:37 GMT
content-type: text/html; charset=UTF-8
etag: 10398570473303663775
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4601
x-xss-protection: 0
age: 64872
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/ Frame A8EB 10 KB
5 KB 7ms
6ms Document
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://microsoft-publisher.ru/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlvGDlnrBkO1e2DOVpSyXJNrxU5C4I0CuIOSNlLEAuGHP9IR0mEuTD-RZk1; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoft-publisher.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 05 Oct 2021 15:49:37 GMT
expires: Tue, 19 Oct 2021 15:49:37 GMT
content-type: text/html; charset=UTF-8
etag: 10398570473303663775
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4601
x-xss-protection: 0
age: 64872
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css2
fonts.googleapis.com/ Frame 8AF5 4 KB
635 B 17ms
17ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 08:31:42 GMT
server: ESF
date: Wed, 06 Oct 2021 09:50:49 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 06 Oct 2021 09:50:49 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8AF5 205 B
229 B 1493ms
1493ms Image
image/png 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 08:19:39 GMT
x-content-type-options: nosniff
age: 5470
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 06 Oct 2022 08:19:39 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8AF5 604 B
628 B 1493ms
1493ms Image
image/png 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:15:21 GMT
x-content-type-options: nosniff
age: 322528
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 02 Oct 2022 16:15:21 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/elements/html/ Frame 8AF5 17 KB
7 KB 1488ms
1488ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

cafe /

Resource Hash

9d4b879e7fb9539f59e30a0c8b0fe2fa020c99e58caa9a7e616d459a5e017e03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 08:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7627
x-xss-protection: 0
server: cafe
etag: 14532344818667626787
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 08:58:17 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/ Frame A8EB 18 KB
7 KB 1483ms
1483ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

cafe /

Resource Hash

2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 740
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7605
x-xss-protection: 0
server: cafe
etag: 4152153861754824712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 09:38:29 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame A8EB 3 KB
1 KB 1483ms
1482ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

cafe /

Resource Hash

5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:39:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1344
x-xss-protection: 0
server: cafe
etag: 10107448882299530629
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 09:39:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A8EB 122 KB
37 KB 1485ms
1484ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37846
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1632957210746890"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Oct 2021 09:50:50 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame A8EB 14 KB
6 KB 1484ms
1483ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

cafe /

Resource Hash

85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:40:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6206
x-xss-protection: 0
server: cafe
etag: 15755272758842173338
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 09:40:31 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame A8EB 27 KB
11 KB 1484ms
1483ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

cafe /

Resource Hash

c64142df3928b731aa5af334d6e576444774b97d6cbc0c08f4732dc30f211bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56584
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11124
x-xss-protection: 0
server: cafe
etag: 12881321802504011032
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Oct 2021 18:07:45 GMT

GET
H3 200 16123179771189968404
tpc.googlesyndication.com/simgad/ Frame A8EB 50 KB
50 KB 1489ms
1489ms Image
image/png 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16123179771189968404?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnaPiqrZ8L4fKO0s2EpmGpdfVZ3jQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

sffe /

Resource Hash

18ed10cbec0aa12a0811cfd2c24d140ca951ad5e2978a909576da156541fefc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 09:12:42 GMT
x-content-type-options: nosniff
age: 261487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51503
x-xss-protection: 0
last-modified: Fri, 05 Mar 2021 17:48:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 03 Oct 2022 09:12:42 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A8EB 0
0 1483ms
1483ms Fetch
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVgKeeHFdYb6-Loj4gAeQgIuYAuuJ1vNSzrjjhKUN0Iyim8wiEAEgu97SX2DJhoCA3KPwEaAB--LO_gPIAQKoAwHIA8kEqgTtAU_Qm6ahBv58vcbO85htPcqUvRQUEnMA1AJLe4JvuGPgnBaDRikcHtBZj3aEFdlj6VubVzf6nnKV-rdWSFYN8xMCZ0IqlD9xMEDchsBZ1shtg32UXWvi6jY5GfVA5gv3DtuyuUlYSofJAgScdzRnV2BuGfcFF-V6sXX5m77p877iYhytFq1cMYbqoF_pBCTtyNj4rGJD8FPdNau0WspPsniMVY3PgE4HSqu6yH3_69GqH3IW_f01er407H1XFtXIHlTVJ5Uc47sDVEEvmu8lXuZ_U4AysEwGVmWSaxaTxH-bH9I130GiQfb8VHUIxcAEr_jQ37sDkgUECAQYAZIFBAgFGASgBgKAB-2csQGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcB8gcFEP2fngLSCAcIgGEQARhfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTQzODQ0NjI4NzUyNzk3MTQYAA&sigh=8VRxFWO7v3Y&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 06 Oct 2021 09:50:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 59E7 3 KB
580 B 1460ms
1459ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 08:33:50 GMT
server: ESF
date: Wed, 06 Oct 2021 09:50:51 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 06 Oct 2021 09:50:51 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 59E7 1 KB
864 B 1462ms
1461ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

cafe /

Resource Hash

6500bd4cd278cdd0e00b473891ec40860e4dde8e5a7f02ab1d2ad6e30dfb0ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 978
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 837
x-xss-protection: 0
server: cafe
etag: 7640065535275194769
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 09:34:33 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/ Frame 59E7 18 KB
7 KB 1461ms
1460ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

cafe /

Resource Hash

2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7605
x-xss-protection: 0
server: cafe
etag: 4152153861754824712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 09:38:29 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 59E7 3 KB
1 KB 1462ms
1461ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

cafe /

Resource Hash

5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:39:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 654
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1344
x-xss-protection: 0
server: cafe
etag: 10107448882299530629
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 09:39:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 59E7 122 KB
37 KB 1459ms
1458ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37846
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1632957210746890"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Oct 2021 09:50:51 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 59E7 14 KB
6 KB 1461ms
1460ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

cafe /

Resource Hash

85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:40:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 620
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6206
x-xss-protection: 0
server: cafe
etag: 15755272758842173338
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 09:40:31 GMT

GET
H3 200 8400539943eb1c96fa551c508d61e34e.js Show response
www.gstatic.com/mysidia/ Frame 59E7 26 KB
11 KB 1454ms
1453ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8400539943eb1c96fa551c508d61e34e.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11136
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 18:59:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Mon, 03 Jan 2022 08:07:21 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F23B 42 B
64 B 1094ms
28ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsua2yg4p9WhHvkJit2wg6Z8GLcgcsROi6gqNiCW4qrupOkSd4De88XozxN6RdHzvxzJz25Cls1c8AkafIAsslxFPW93Gc9T_UEEEBvfLOsKgr5Eb2A&sai=AMfl-YQKFj4rDHTlWoWEU8td7PPNd3an2z_ie8lSUc64mlryRkunv6cQslJu2uNVps9Se_DauqMts7ej51SE&sig=Cg0ArKJSzH_bT89Edf2cEAE&id=lidar2&mcvt=1001&p=205,258,405,1062&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210929&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2905479100&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633513848739&rpt=663

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 09:50:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame CF43 28 B
50 B 127ms
126ms XHR
application/json 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9fd4fd09/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/cO1ynpysMXA?ecver=2
X-YouTube-Client-Version: 1.20210928.1.1
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs0X25HazFKY0xacyj44vWKBg%3D%3D
X-YouTube-Ad-Signals: dt=1633513849003&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java&u_nplug=3&u_nmime=4&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C640%2C360&vis=1&wgl=true&ca_type=image&bid=ANyPxKqWHanbByUXgrCUwjneNr2Yv1ZwG59RGSLDp5iCGuNhYTFJexozGllljxCbCxvKg4Bwtc11iTfwmcnrk5SVyI6uM_SPrg

Response headers

date: Wed, 06 Oct 2021 09:50:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2B56 143 B
163 B 7ms
6ms Document
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlvGDlnrBkO1e2DOVpSyXJNrxU5C4I0CuIOSNlLEAuGHP9IR0mEuTD-RZk1; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 06 Oct 2021 09:00:15 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3036
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2381 143 B
163 B 6ms
6ms Document
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlvGDlnrBkO1e2DOVpSyXJNrxU5C4I0CuIOSNlLEAuGHP9IR0mEuTD-RZk1; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 06 Oct 2021 09:00:15 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3036
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 redir.html Show response
p4-fqqw2us4toa6s-tcvgclw72cs47wtf-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 3DFE 247 B
983 B 63ms
15ms Document
text/html 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-fqqw2us4toa6s-tcvgclw72cs47wtf-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

7cb248d7ea5c48e563c69077da0c062ecbcba6f6d9cf66cec545d3150a07212e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-fqqw2us4toa6s-tcvgclw72cs47wtf-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/redir.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-WI7Tl6mk2MKiW2HsQoLZ5g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 204
date: Wed, 06 Oct 2021 09:50:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame A8EB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2bc45a5b9b74499e53bcdc6f71df7320924dac543d03fb251a00e7af2b6f718

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/ Frame 1E91 2 KB
915 B 7ms
7ms Document
text/html 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/index.html

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

sffe /

Resource Hash

6d432a9d7fadd1e54f7291cd96edbfb984c442ff6223c88a2896c7d0d24d1403

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
content-length: 881
date: Fri, 01 Oct 2021 11:44:48 GMT
expires: Sat, 01 Oct 2022 11:44:48 GMT
last-modified: Fri, 17 Sep 2021 10:17:17 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 425163
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

B26466194.314208247;dc_pre=CODu8qbBtfMCFc9k4AodFCUFTw;dc_trk_aid=506904076;dc_trk_cid=157806424;ord=2585100895;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame 8922
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26466194.314208247;dc_trk_aid=506904076;dc_trk_cid=157806424;ord=2585100895;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26466194.314208247;dc_pre=CODu8qbBtfMCFc9k4AodFCUFTw;dc_trk_aid=506904076;dc_trk_cid=157806424;ord=2585100895;dc_lat=;dc_rdid=;tag...

42 B
63 B

45ms
32ms

Fetch
image/gif

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26466194.314208247;dc_pre=CODu8qbBtfMCFc9k4AodFCUFTw;dc_trk_aid=506904076;dc_trk_cid=157806424;ord=2585100895;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=280&adk=1717982147&adf=2675177840&pi=t.aa~a.1982158950~i.16~rp.4&w=804&fwrn=4&fwrnh=100&lmt=1633513849&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6754752948&psa=1&ad_type=text_image&format=804x280&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=803&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513849905&bpp=2&bdt=1466&idt=2&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1201cb0df8d32708-22ddf035e8ca0078%3AT%3D1633513848%3ART%3D1633513848%3AS%3DALNI_MbzgcJzVhMeTv55xxvL_-IxDDCszg&prev_fmts=0x0%2C804x200%2C804x200&nras=2&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=2743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&psts=AGkb-H8W0srugoIHBQKbB4jaTdsuPxzz13b26qC0BNx0r0cTATAjDnRLBfy9Vy0e9svMBOoWMRR0WsbFMmk%2CAGkb-H_aZ5lyr-TEiQ0HptUhYbkePNW2Nj8byS5d9SVfPMvDnMFwvBhtF-YUNlIN5Uz8QLbFGgPS5x-Z7i3OTA&pvsid=699467853742933&pem=345&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=eSfzqP9JZ0&p=https%3A//microsoft-publisher.ru&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 09:50:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Oct 2021 09:50:51 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26466194.314208247;dc_pre=CODu8qbBtfMCFc9k4AodFCUFTw;dc_trk_aid=506904076;dc_trk_cid=157806424;ord=2585100895;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8922 0
0 30ms
30ms Fetch
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHFOUeXFdYfyHOvbGx_AP5segIKzWh8NlxqLz6NEO2dkeEAEgu97SX2DJhoCA3KPwEaAB9Li_xQPIAQmoAwHIA0iqBNwBT9BCJ6CGzAedOBeffTsRefTfaH4-HnPyWbLKHaTrwn6TWQDelfo2LprUHCRTXKBU2bXC-Fvb9LqqKfFjbqLz9cwJy2sbkEeiLMv6OHOqHEtEaikJ3JhHX1-jea1XCtSu8erOhPbgoAQexsk5cHmjJIMIEM7e8UT9eW3PF2lSZMzco7bTLxCiszPa_DVXK_UQt6NHjbfqVofMFTOY-a9w0v7ZphMLbDG8FNhQQe8SH7hIMXp87qpkuLqh_x2jlthtQ_zE9Zl_hrwN0G1pHv_Dq03UdjzADSVAq8nK-MAEnsWqo9QDkgUECAQYAZIFBAgFGASgBi6AB5nqkaMBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHBBCYkBXSCAcIgGEQARhfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTQzODQ0NjI4NzUyNzk3MTQYAA&sigh=cXAM2W-ZEwA&template_id=419

Requested by

Host: microsoft-publisher.ru
URL: https://microsoft-publisher.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=280&adk=1717982147&adf=2675177840&pi=t.aa~a.1982158950~i.16~rp.4&w=804&fwrn=4&fwrnh=100&lmt=1633513849&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6754752948&psa=1&ad_type=text_image&format=804x280&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=803&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513849905&bpp=2&bdt=1466&idt=2&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1201cb0df8d32708-22ddf035e8ca0078%3AT%3D1633513848%3ART%3D1633513848%3AS%3DALNI_MbzgcJzVhMeTv55xxvL_-IxDDCszg&prev_fmts=0x0%2C804x200%2C804x200&nras=2&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=2743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&psts=AGkb-H8W0srugoIHBQKbB4jaTdsuPxzz13b26qC0BNx0r0cTATAjDnRLBfy9Vy0e9svMBOoWMRR0WsbFMmk%2CAGkb-H_aZ5lyr-TEiQ0HptUhYbkePNW2Nj8byS5d9SVfPMvDnMFwvBhtF-YUNlIN5Uz8QLbFGgPS5x-Z7i3OTA&pvsid=699467853742933&pem=345&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=eSfzqP9JZ0&p=https%3A//microsoft-publisher.ru&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 06 Oct 2021 09:50:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/ Frame 8922 18 KB
7 KB 7ms
6ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

cafe /

Resource Hash

2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:38:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7605
x-xss-protection: 0
server: cafe
etag: 4152153861754824712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 09:38:29 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 8922 3 KB
1 KB 8ms
7ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

cafe /

Resource Hash

5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:39:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 654
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1344
x-xss-protection: 0
server: cafe
etag: 10107448882299530629
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 09:39:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8922 122 KB
37 KB 24ms
23ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:50:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37846
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1632957210746890"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Oct 2021 09:50:51 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 8922 14 KB
6 KB 7ms
7ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

cafe /

Resource Hash

85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:40:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 620
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6206
x-xss-protection: 0
server: cafe
etag: 15755272758842173338
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 09:40:31 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8922 0
0 16ms
15ms Image
text/html 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRBQAvEh0gOBqv94yoywKADOgA3FAxkgA4GZDkQhqouDEqqDJAAx2booJwsjlTykIoq9JwFrDugix1i1Mfll0Cn4MJvNQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=280&adk=1717982147&adf=2675177840&pi=t.aa~a.1982158950~i.16~rp.4&w=804&fwrn=4&fwrnh=100&lmt=1633513849&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6754752948&psa=1&ad_type=text_image&format=804x280&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=803&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513849905&bpp=2&bdt=1466&idt=2&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1201cb0df8d32708-22ddf035e8ca0078%3AT%3D1633513848%3ART%3D1633513848%3AS%3DALNI_MbzgcJzVhMeTv55xxvL_-IxDDCszg&prev_fmts=0x0%2C804x200%2C804x200&nras=2&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=2743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&psts=AGkb-H8W0srugoIHBQKbB4jaTdsuPxzz13b26qC0BNx0r0cTATAjDnRLBfy9Vy0e9svMBOoWMRR0WsbFMmk%2CAGkb-H_aZ5lyr-TEiQ0HptUhYbkePNW2Nj8byS5d9SVfPMvDnMFwvBhtF-YUNlIN5Uz8QLbFGgPS5x-Z7i3OTA&pvsid=699467853742933&pem=345&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=eSfzqP9JZ0&p=https%3A//microsoft-publisher.ru&dtd=14
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 iframe.html Show response
p4-fqqw2us4toa6s-tcvgclw72cs47wtf-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 3DFE 4 KB
2 KB 43ms
22ms Document
text/html 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-fqqw2us4toa6s-tcvgclw72cs47wtf-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-fqqw2us4toa6s-tcvgclw72cs47wtf-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-fqqw2us4toa6s-tcvgclw72cs47wtf-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

2f87889182ce270b0a7992c2a2bb6a160929937d8d9a33bdf954224d8dc7f404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-fqqw2us4toa6s-tcvgclw72cs47wtf-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://p4-fqqw2us4toa6s-tcvgclw72cs47wtf-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://p4-fqqw2us4toa6s-tcvgclw72cs47wtf-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-wS7IbuXlJ3GzvidDu5ouLA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1862
date: Wed, 06 Oct 2021 09:50:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2B56
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

41ms
40ms

Document
text/html

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlvGDlnrBkO1e2DOVpSyXJNrxU5C4I0CuIOSNlLEAuGHP9IR0mEuTD-RZk1; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 06 Oct 2021 09:50:51 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 06-Oct-2021 10:50:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 06 Oct 2021 09:50:51 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 06 Oct 2021 09:50:51 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2381
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
38ms

Document
text/html

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlvGDlnrBkO1e2DOVpSyXJNrxU5C4I0CuIOSNlLEAuGHP9IR0mEuTD-RZk1; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 06 Oct 2021 09:50:51 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 06-Oct-2021 10:50:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 06 Oct 2021 09:50:51 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 06 Oct 2021 09:50:51 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 1E91 9 KB
3 KB 7ms
6ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 01:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30373
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 07 Oct 2021 01:24:38 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 1E91 26 KB
10 KB 7ms
7ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 23:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 06 Oct 2021 23:30:30 GMT

GET
H3 200 lottie_light.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/ Frame 1E91 143 KB
40 KB 9ms
8ms Script
application/x-javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/lottie_light.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

sffe /

Resource Hash

cf904fd2211866586cb256a696153a1f72e1f020f782486feff507727c9b92e7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 425161
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40854
x-xss-protection: 0
last-modified: Fri, 17 Sep 2021 10:17:17 GMT
server: sffe
date: Fri, 01 Oct 2021 11:44:50 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 01 Oct 2022 11:44:50 GMT

POST
H3 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 8922 0
20 B 43ms
42ms Other
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLyojKbBtfMCFXbjEQgd5iMIBA&gqi=eXFdYer6OImS3wOuxbboBg&layout=/sadbundle/%24csp%253Der3%24/9984326474548969993/970x250/banner/index.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 09:50:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 data.json Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/ Frame 1E91 208 KB
24 KB 21ms
8ms XHR
application/json 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/data.json

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/lottie_light.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

sffe /

Resource Hash

6856571223ea65394170de3bac959140d7eca67d79a11565ab013bc24b8cc0cb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 9336
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24692
x-xss-protection: 0
last-modified: Fri, 17 Sep 2021 10:17:17 GMT
server: sffe
date: Wed, 06 Oct 2021 07:15:15 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Oct 2022 07:15:15 GMT

GET
DATA 200
OK truncated
/ Frame 8922 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f7caaef2f4c5e9d63cf0a142cd0ccbe38aefd676826e1fb53472cc94540ab03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 y_GpSJCDeJUhy2edwqiqULXjheMgRVI09JfpD4O8H0g.js Show response
pagead2.googlesyndication.com/bg/ Frame 1E91 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/y_GpSJCDeJUhy2edwqiqULXjheMgRVI09JfpD4O8H0g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

cbf1a9489083789521cb679dc2a8aa50b5e385e320455234f497e90f83bc1f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 13:10:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13365
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 10:18:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 05 Oct 2022 13:10:11 GMT

GET
H3 200 y_GpSJCDeJUhy2edwqiqULXjheMgRVI09JfpD4O8H0g.js Show response
pagead2.googlesyndication.com/bg/ Frame EDF2 35 KB
13 KB 8ms
7ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/y_GpSJCDeJUhy2edwqiqULXjheMgRVI09JfpD4O8H0g.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

cbf1a9489083789521cb679dc2a8aa50b5e385e320455234f497e90f83bc1f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 13:10:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13365
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 10:18:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 05 Oct 2022 13:10:11 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A8EB 42 B
64 B 29ms
29ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBTtxTns_Z1p1OGHsVjWEOZAVMztbHBF60vH43WU_2__I6re85iJXRMDjbEy8NZNt5mRIsCKA4udLG4n6SvfjzVDdy06gU_fgfXrUVKYtGvjLRBQ8&sai=AMfl-YR6UQBJadgwnrS39IR4UW1YPTPvEVEK5ar8oljWEdFGpScOwYFbDwIu2cTsyus2BDknT3-2DZKlU58Q&sig=Cg0ArKJSzCjb-AENp4FXEAE&id=lidar2&mcvt=1000&p=1076,298,1200,1303&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210929&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1812271801&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633513849950&rpt=1568

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 09:50:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: zefirgood1.ru
URL: https://zefirgood1.ru/trb/kadam.gif?id=jb3B2SI1wnbG0luKECgm

Domain: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/adxcm.aspx?ssp=cf718592-a39d-4545-9d43-d632e2426981&redir=1

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pushiti.info/	1970-01-21 17:34:51	Name: userid Value: 9a1abded-9e33-4abf-b4fe-2200f98193c9
.microsoft-publisher.ru/	1970-01-20 06:30:49	Name: pmvid Value: 9a1abded-9e33-4abf-b4fe-2200f98193c9
.microsoft-publisher.ru/	1970-01-20 07:06:49	Name: __gads Value: ID=1201cb0df8d32708-22ddf035e8ca0078:T=1633513848:RT=1633513848:S=ALNI_MbzgcJzVhMeTv55xxvL_-IxDDCszg
.pushiti.info/	1970-01-19 22:28:36	Name: uuid Value: 9a1abded-9e33-4abf-b4fe-2200f98193c9
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: mKfY_ZxNstA
.youtube.com/	1970-01-20 02:04:25	Name: VISITOR_INFO1_LIVE Value: 4_nGk1JcLZs
.uuidksinc.net/	1970-01-20 06:23:48	Name: jcsuuid Value: jb3B2SI1wnbG0luKECgm
.pushiti.info/	1970-01-19 22:28:36	Name: oid Value: jb3B2SI1wnbG0luKECgm
.microsoft-publisher.ru/	1970-01-20 06:30:49	Name: _ym_uid Value: 1633513849110040230
.microsoft-publisher.ru/	1970-01-20 06:30:49	Name: _ym_d Value: 1633513849
.mc.yandex.com/	1970-01-19 21:45:14	Name: sync_cookie_csrf Value: 2113544769fake
.mc.yandex.ru/	1970-01-19 21:45:14	Name: sync_cookie_csrf Value: 307211174fake
.microsoft-publisher.ru/	1970-01-19 21:46:25	Name: _ym_isad Value: 2
.doubleclick.net/	1970-01-20 15:16:25	Name: IDE Value: AHWqTUlvGDlnrBkO1e2DOVpSyXJNrxU5C4I0CuIOSNlLEAuGHP9IR0mEuTD-RZk1
.yandex.com/	1970-01-20 06:30:49	Name: ymex Value: 1665049849.yrts.1633513849#1665049849.yrtsi.1633513849
.yandex.com/	1970-01-20 06:30:49	Name: yandexuid Value: 3161190171633513849
.yandex.com/	1970-01-20 06:30:49	Name: yuidss Value: 3161190171633513849
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 563649971633513849
.yandex.com/	1970-01-23 13:21:13	Name: i Value: diDLbJgkB8JfoB43LXfgAt787oxS7yfMtpNGYygx5pkTnnlWR6g4UVwOdrEk4CMxDT8t2UfJN5S+RbvlNMIJGqY1rds=
.doubleclick.net/	1970-01-19 21:45:14	Name: test_cookie Value: CheckForPermission
.microsoft-publisher.ru/	1970-01-19 21:45:15	Name: _ym_visorc Value: w
.doubleclick.net/	1970-01-19 21:45:17	Name: DSID Value: NO_DATA
.adsniper.ru/	1970-01-27 04:57:13	Name: uuid3 Value: IiRlMzBkNGNlYy0yNjhhLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.bumlam.com/	1970-01-27 04:57:13	Name: suuid3 Value: IiRlMzBkNGNlYy0yNjhhLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
sync.mgid.com/	1970-01-19 22:28:25	Name: mg_sync Value: {"117798":1633513849}
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: l96NLUDnbuO2
.mgid.com/	1970-01-19 21:45:15	Name: __cf_bm Value: 8FAZ8QYLqBK6ZpuwfVXlU3eSZl70wc55vw3Lmj7iarU-1633513849-0-AV2xnMyhWU/xjIEFImCJv39Fu/QOqBA49tmeOLDmhW+P5SD5wxWegktQqMgpd7LzX6T8YVBq0uZxsAZ6aAg3Tsg=
.dmg.digitaltarget.ru/	1970-01-20 23:40:25	Name: viuserid Value: 42E.1flmw4gFOZK7FpuX
.whiteboxdigital.ru/	1970-01-20 15:15:50	Name: MiId Value: 356c4fa1-0a1d-4363-9eac-525bbea67822
.gnezdo.ru/	1970-01-25 20:05:16	Name: uid Value: uZQlT2FdcXka7DmY+3TaAg==
.yandex.ru/	1970-01-23 13:21:13	Name: yuidss Value: 3975625061633513849
.yandex.ru/	1970-01-23 13:21:13	Name: yandexuid Value: 3975625061633513849
.betweendigital.com/	1970-01-20 06:30:49	Name: dc Value: was1
.betweendigital.com/	1970-01-20 06:30:49	Name: tuuid Value: 3e789fd1-d417-5317-afca-3721ce97465b
.betweendigital.com/	1970-01-20 06:30:49	Name: ss Value: 1
.an.yandex.ru/	1969-12-31 23:59:59	Name: yabs-dsp Value:
.betweendigital.com/	1970-01-20 06:30:49	Name: ut Value: YV1xewAIIgiY7fu-nY69P313sNixXs8hKxqAPA==

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://microsoft-publisher.ru/(Line 65) Message: <iframe gesture="media"> is not supported. Use <iframe allow="autoplay">, https://goo.gl/ximf56
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9418.lRoOAZNNb2LUNywPY3H_kvyK9BBAqFYzJRb1cAxAcWzh4sZDFEf--IGfhGxab5EYQNd-bgtiDC3mt7hxK5e9Xg%2C%2C.yDEWHRzAc1zbWy0VTxYXm8_fMBY%2C Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://zefirgood1.ru/trb/kadam.gif?id=jb3B2SI1wnbG0luKECgm Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://fcgi.gnezdo.ru/cookie_matching_ssp/kadam/jb3B2SI1wnbG0luKECgm Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ssp1.rtb.beeline.ru/userbind?src=rtw&pbf=1&id=jb3B2SI1wnbG0luKECgm Message: Failed to load resource: the server responded with a status of 403 ()
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=280&adk=1717982147&adf=2675177840&pi=t.aa~a.1982158950~i.16~rp.4&w=804&fwrn=4&fwrnh=100&lmt=1633513849&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6754752948&psa=1&ad_type=text_image&format=804x280&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=803&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513849905&bpp=2&bdt=1466&idt=2&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1201cb0df8d32708-22ddf035e8ca0078%3AT%3D1633513848%3ART%3D1633513848%3AS%3DALNI_MbzgcJzVhMeTv55xxvL_-IxDDCszg&prev_fmts=0x0%2C804x200%2C804x200&nras=2&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=2743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&psts=AGkb-H8W0srugoIHBQKbB4jaTdsuPxzz13b26qC0BNx0r0cTATAjDnRLBfy9Vy0e9svMBOoWMRR0WsbFMmk%2CAGkb-H_aZ5lyr-TEiQ0HptUhYbkePNW2Nj8byS5d9SVfPMvDnMFwvBhtF-YUNlIN5Uz8QLbFGgPS5x-Z7i3OTA&pvsid=699467853742933&pem=345&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=eSfzqP9JZ0&p=https%3A//microsoft-publisher.ru&dtd=14 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/9984326474548969993/970x250/banner/index.html".
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4384462875279714&output=html&h=280&adk=1717982147&adf=2675177840&pi=t.aa~a.1982158950~i.16~rp.4&w=804&fwrn=4&fwrnh=100&lmt=1633513849&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6754752948&psa=1&ad_type=text_image&format=804x280&url=https%3A%2F%2Fmicrosoft-publisher.ru%2F&flash=0&fwr=0&pra=3&rh=200&rw=803&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633513849905&bpp=2&bdt=1466&idt=2&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1201cb0df8d32708-22ddf035e8ca0078%3AT%3D1633513848%3ART%3D1633513848%3AS%3DALNI_MbzgcJzVhMeTv55xxvL_-IxDDCszg&prev_fmts=0x0%2C804x200%2C804x200&nras=2&correlator=3830334049277&frm=20&pv=1&ga_vid=1633946526.1633513849&ga_sid=1633513849&ga_hid=1235887407&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=258&ady=2743&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062949&oid=2&psts=AGkb-H8W0srugoIHBQKbB4jaTdsuPxzz13b26qC0BNx0r0cTATAjDnRLBfy9Vy0e9svMBOoWMRR0WsbFMmk%2CAGkb-H_aZ5lyr-TEiQ0HptUhYbkePNW2Nj8byS5d9SVfPMvDnMFwvBhtF-YUNlIN5Uz8QLbFGgPS5x-Z7i3OTA&pvsid=699467853742933&pem=345&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=eSfzqP9JZ0&p=https%3A//microsoft-publisher.ru&dtd=14 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/9984326474548969993/970x250/banner/index.html".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

356c4fa1-0a1d-4363-9eac-525bbea67822.mitdmp.whiteboxdigital.ru
ad.doubleclick.net
ads.betweendigital.com
ads.go2net.com.ua
adservice.google.com
an.yandex.ru
cm.g.doubleclick.net
dm.hybrid.ai
dmg.digitaltarget.ru
fcgi.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
match.new-programmatic.com
mc.yandex.com
mc.yandex.ru
microsoft-publisher.ru
mitdmp.whiteboxdigital.ru
p4-fqqw2us4toa6s-tcvgclw72cs47wtf-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pushiti.info
recreativ.ru
s.uuidksinc.net
ssp1.rtb.beeline.ru
static.doubleclick.net
sync.bumlam.com
sync.dmp.otm-r.com
sync.mgid.com
sync3.adsniper.ru
tpc.googlesyndication.com
uuidksinc.net
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yastatic.net
yt3.ggpht.com
z.cdn.adpool.bet
zefirgood1.ru
ads.go2net.com.ua
zefirgood1.ru
104.19.132.78
136.243.84.74
142.250.181.227
142.250.181.246
142.250.185.164
142.250.185.195
142.250.185.202
142.250.185.70
142.250.185.99
142.250.186.174
142.250.186.34
142.250.186.70
142.250.186.98
142.250.74.194
172.217.16.129
172.217.16.130
178.154.131.217
185.148.37.79
185.15.175.130
195.201.152.110
212.7.203.129
216.58.212.162
217.65.2.150
31.172.81.159
31.172.81.172
31.220.27.134
37.18.16.16
37.9.245.57
77.88.21.90
81.163.17.245
85.119.149.127
87.250.251.119
88.208.46.27
96.46.183.20
0224aed555975db256c9aef36b242bb8b34cdcbe900fe393c3adf1ffd1b55f99
0b16358c57c499f08bd3f6071863eb766b635dc054b795e4dc934816f4750449
113d1ca6113628771fa683b49d56df76975d5bdba84fe0d4b567f6587796b5fe
11c8fa78f44dc145ac3b164412ce283e2605db1c7d66f1faf6c31ce3676d6dc2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18ed10cbec0aa12a0811cfd2c24d140ca951ad5e2978a909576da156541fefc7
194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17
1a71f3c8e1ee1d34db22d4fb1e06b3ec5fa0193923e7d11ad9cb17571a74e635
20d265df6a17c4f455e3b9dece885574374494afa44197ebac9d6ff89282d7e0
20fbf71645de91c6368d758f878b980c72bce11166a26902bc3e9625eac51833
231da2e502aa3aff1a1cbbacc451848edcb3fe7db0901d407505a9a704a17720
2751eb32e3720b540ff8210d70e6af4c916a255ff05d96130d0125576b14afa5
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
2f87889182ce270b0a7992c2a2bb6a160929937d8d9a33bdf954224d8dc7f404
3091999fa64e6d8628576b834438f485cd2fefdf74e6519bbfdeafb775bac2c8
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
368d60365336c75832681f1628065fd64b6bf380b10fd287062d2bb9ef143c39
39c5efb570df3250f92407eee13710e7f459632dc55eb239ad14244808d6635e
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f10d52942270b9e2da36af3915028bd73dfab3703bc13f060234cb0aa5bae2f
3f7caaef2f4c5e9d63cf0a142cd0ccbe38aefd676826e1fb53472cc94540ab03
40f09dcdb226fb60428bfe107e02f6c50db1561694264b0144e0155f9f3e4140
43a19f940f46c4d62b4ebd581d263575a774143d9533c921164fc9f487542167
473fbe193000b252278e08104106331b16cd71d1d671d52062d98b283a95b94e
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49ee00732bd14d9d15b9ddae44bb5ec3b7885ecd2748b7c61ffc22791bbb8d72
4c35ff03fabb6d5bdc56adf3ced949eb10e0448ab0998b7e3af5ac6c0e566e45
4cb7bc1d3887715d37967353ecf1e87809cdc6865a7c634f19ff5ec89bff01c1
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
5464ebf2ca205725fbc9a5026d6fac4b808effc871e7f05872482b59be3b550d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
552825b186d7451e0bf6df23e2b78b333e0ccc81aea2dd19055a8adf4b9fe329
57dd85466749e869c5958a2652e548673557a2390ec68490a353916353ecc74e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ca44547041e1ad24ca02317569838d34d272cb942ed73d70043cbb299564f3b
5e3678ae95d755c4dc95fc8870f3a1bfc1e40d365856a7492d975e47e916a165
64f0b22b216347eaefcb48559f9998af44bc1daae94bc122728c8b88e2f2704a
6500bd4cd278cdd0e00b473891ec40860e4dde8e5a7f02ab1d2ad6e30dfb0ce4
665ae35d84b1a09363dc091ce0eae522216cf48ce0fdf5d9bab8378ab4b8e314
66b3a50b1f61027459efda3192f4265a316f43a8d770a7135c956bea688fe4d8
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6856571223ea65394170de3bac959140d7eca67d79a11565ab013bc24b8cc0cb
6b2e2d56e7b0e80d919bc65dd94f8cd95e57ad9298fc4fecc005301ea8339c9f
6d432a9d7fadd1e54f7291cd96edbfb984c442ff6223c88a2896c7d0d24d1403
6d6c4736e5ae673cb7d918e611a589d1e40d2671b3c7986ba718070cfd3447da
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
796ed2b64cee3c702a05b293c92fd9547f5ced537ee6dd275ae193eb5778f432
7cb248d7ea5c48e563c69077da0c062ecbcba6f6d9cf66cec545d3150a07212e
7e8d54d6c6a4ebd0237786d41ff5d205096eda696f2a5b591e074fe94ba3b3af
81b6bac43cdf676386eb730834a35e810178a31ebf861d100b50bd19cbbc57f5
81cfd348c73fc29458213c0f67e0d677ed2fc17704501e45b7723fb18eac8607
82335d700be1c3a6d05a27a73f914d65c41a20f974c8e3dc5765f79ddfcadbb6
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace
8c47502ee30e29977f03420d110803e6bb7f7f26e3f916b7c1f8621ebbc88602
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
8e96268766735ae11a87d1e3bea4e681b0b05e3afa54d79806dc1f550597fa15
8ea8ef6a20a2f7307560b9fee2788613b13492d30582c95b6f57bc53383b68bd
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
91a9bda9ebd1c39121a6e8e071d3a9ce622015d573dd35a9199bbbef5ef5a5f7
9519559a592c26bc9eec4814d37da4d15ed60bcd164376d6f2e20437d399e2b0
96b656700f9b4784f69af925f46ecc91caa7f444b3168ecbb64afe06f8fc4c99
96bdec9b9c8a38da7f666279d4a226797b13d7f65fe57a4aabc3bb62d6cf3399
9728ed3ae3a88626b1ec71c41136534a713e37348b85a62bd2a4f16e01c44beb
99ada7e01817367027759ac452a1dd11eca7557272b8940d659c07adb6bc8cbe
9be7e931e5978b27a1428050d2045f7759ae34424b2a60a021d57a7af6d981f6
9d3d90f939789eee6791294614fa2472015f8d1b28aa77fd48b1f18415c6cd6c
9d4b879e7fb9539f59e30a0c8b0fe2fa020c99e58caa9a7e616d459a5e017e03
a1e683ed3c4b45135db0b27f0e206ccf3c819a014d00e2342278aa98b6f753bf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a663ab38c017ac585de1d6bad65eedf34ba69d2ab5a8e9e2b515ae559e9ed665
a7882dd9f63b6bd7e72fe6ebea3a4b11abac664511c866fb56ed41856d249c11
a95b8245eac029e48d83ca01f79dc362c3ab820fd87f3793a95776a18ce30878
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ad59c91acf95ec01e07579ba958738ec967846f683e316613fcc7204f45d8908
aee7369e2fbce98abcdd369c0c5447f676246721a2c69a9be4ad4efce89e1fa3
af6dd3662512bb4d13849eefd579d23ad8b28152aa6bf822fcf652412fd0cebf
afeb6fcf7ab613d220ecd3ceffbebba402177e82aac81ea3cb5bd98c15c59254
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1730289ee994a39aaff1b676f8b5895396e6f4abf56e909c4f0fd5b5140a2f1
b1df692f70253fc460a068a9aa7da434fdbb5c760fa61ebc9f4dd9f246b06087
b2bc45a5b9b74499e53bcdc6f71df7320924dac543d03fb251a00e7af2b6f718
b511794d0b67ce04c130a35dee6d489b02b4354d53682b405079262aeae892af
ba74c9a82c6c5d11cfa5f7957109cd1aac1018be132ea12272e306fd217e0e62
bb3027f45e4ebb343a1e0e5d16015070aefb2e9dd3c7fb4165c65c49d90d02e7
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c08411e6407550799a0e967563c6f7d3f3ef0acb628dd0087b1d7b56922d105d
c531eb2baeaef34843e9785bc63435f6a7a73f5540dd244071b491f8efc0e803
c64142df3928b731aa5af334d6e576444774b97d6cbc0c08f4732dc30f211bee
c72976d3b4c427a85952b5cea1ad2efafcc4b2dc6fdd9ef5a505e5e582e62928
c9221442f939180296a7b449285e4ec957bd6644d09269ecfd8a0958030c15ae
cb2b18ff7b82cdbab0ba5f095448f16c159526ff504699042f8069f1a70ae7f4
cbf1a9489083789521cb679dc2a8aa50b5e385e320455234f497e90f83bc1f48
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2
cf16056ffbbab55d04406d0ff06aa2c75946356a8cbccd2864871e8e482d212e
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
cf904fd2211866586cb256a696153a1f72e1f020f782486feff507727c9b92e7
d496d63500e496520260e577ff9381e8ac80b01b61c0156a31c60c50c9654492
d58c1d6840aa34046fd7a04a92ea81699e1c33dc0bfaf72e1159912f43679344
d5c91393fc42ed4d1234c6180d0bd54ab46c10bcac71822415902d5cec48163f
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d78ec15b8edb36052c8e6ffa44b6e46b5b7ff45a25a5c80028d5aa1bfb48be6f
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d87a0e50118323251e5d47f3e299b12d38e54a36f081816663bd1bb6489a1d3a
d8a4093a9b1419038de4552fe86958684693d62421ba9c5c0e029fea1acb99ef
d9a2a876db423eff2a6ae24782d0493ffa9fc3cdfccaf68033d0a2fb451d5b46
dae61770df65eb497fd0b6642465723e12a816fbcd027456b51da09e9bc9d7a7
dd47dd0f4280cfac2f643ffc1d8569fda980b7d66d7b7173f47d748352b5ba5e
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
df9c1b792fdbf7048b9e5c00841e54a527ffd3a5dc4b5370203390f1c762634c
e1f8d9245b6120ce0af1f58a37dcd366c5ec7e5b884a49af0933c786ca4c39d8
e2b327e0f82b6ba38526888f99858bbec5f2063c12631c2fba5cad4dd0e14185
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b762f064899f992dda720bd996cd8ecbb9de279d479b48c7257b163c5d1c6f
e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac
e7a754dc68b051e1b18bbf37fc0f5557196bc8db1c5f1c31ce5d242ea5c95ed6
e9ae920206fca6574f0ed4cfca8cfd47ffc7c856aa2165b465a200f4e3406aef
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2412e53a38ece1f43acee1f64a7bdf5745397187994973487bb51c944138f03
f28eef56b80f199deadd51753addbbfe6ab731312d0daa09573de6c749960d74
f2a535095575a1fd4884d65ffbd588dc51c83792ad39acd3ee2c2cf3e1fc9303
f6134456d89988ada75cfdf21df40c6abdccccf01b48a669add0223f3fa38ec4
f72cfc97b81f9a7707772f0fde9be6b9ed9e82d4efc604ec3128d6be4be0d322

microsoft-publisher.ru Open in urlscan Pro 85.119.149.127 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

187 Requests

99 %HTTPS

0 %IPv6

31 Domains

41 Subdomains

32 IPs

5 Countries

5371 kBTransfer

9982 kBSize

37 Cookies

7 Outgoing links

Redirected requests

187 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

microsoft-publisher.ru Open in urlscan Pro
85.119.149.127 Public Scan

Screenshot
Live screenshot

Full Image

187
Requests

99 %
HTTPS

0 %
IPv6

31
Domains

41
Subdomains

32
IPs

5
Countries

5371 kB
Transfer

9982 kB
Size

37
Cookies

187 HTTP transactions
10 data transactions