urlscan.io logo urlscan.io
SecurityTrails logo

poweruser.guru Open in urlscan Pro
199.247.10.181  Public Scan

Go To Rescan Add Verdict Report
URL: https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow...
Submission: On October 15 via manual from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 37 IPs in 7 countries across 44 domains to perform 96 HTTP transactions. The main IP is 199.247.10.181, located in Aubervilliers, France and belongs to AS-CHOOPA, US. The main domain is poweruser.guru.
TLS certificate: Issued by R3 on September 13th 2021. Valid for: 3 months.
This is the only time poweruser.guru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 199.247.10.181 20473 (AS-CHOOPA)
1 142.250.186.42 15169 (GOOGLE)
7 142.250.185.66 15169 (GOOGLE)
2 151.101.12.193 54113 (FASTLY)
1 95.211.222.167 60781 (LEASEWEB-...)
2 12 46.4.121.26 24940 (HETZNER-AS)
3 7 87.250.251.119 13238 (YANDEX)
1 2 88.212.201.204 39134 (UNITEDNET)
10 142.250.186.34 15169 (GOOGLE)
1 212.32.244.30 60781 (LEASEWEB-...)
1 142.250.185.130 15169 (GOOGLE)
2 3 23.111.200.118 7979 (SERVERS-COM)
1 1 157.90.3.2 24940 (HETZNER-AS)
3 195.201.243.71 24940 (HETZNER-AS)
2 2 194.190.76.38 48061 (UMA-TECH-AS)
1 94.100.180.197 47764 (MAILRU-AS...)
2 2 195.209.108.46 52007 (ADRIVER-AS)
2 81.222.128.213 20597 (ELTEL-AS)
1 104.26.4.219 13335 (CLOUDFLAR...)
2 2 194.190.117.93 204600 (REPUBLER-AS)
2 4 31.172.81.158 44066 (DE-FIRSTC...)
2 2 31.172.81.160 44066 (DE-FIRSTC...)
1 37.18.16.16 205675 (HYBRID-AS)
2 185.15.175.147 43226 (SAFEDATA ...)
1 138.201.65.66 24940 (HETZNER-AS)
1 1 142.250.185.226 15169 (GOOGLE)
1 1 109.248.237.37 201009 (SUPPORTIT-AS)
1 95.211.66.35 60781 (LEASEWEB-...)
1 95.163.37.253 47764 (MAILRU-AS...)
3 3 188.34.131.134 24940 (HETZNER-AS)
2 3 78.46.100.125 24940 (HETZNER-AS)
3 3 35.190.16.14 15169 (GOOGLE)
1 1 193.106.93.124 48614 (ITSOFT-AS)
2 4 89.108.119.28 197695 (AS-REG)
1 1 80.64.106.147 20764 (RASCOM-AS...)
1 1 37.9.245.57 16345 (BEE-AS Ru...)
1 2 89.108.97.2 197695 (AS-REG)
6 6 217.66.147.162 29209 (SPBMTS-AS...)
2 2 213.87.44.187 13174 (MTSNET Mo...)
3 4 87.250.250.90 13238 (YANDEX)
1 1 148.251.156.238 24940 (HETZNER-AS)
1 1 31.220.27.134 39572 (ADVANCEDH...)
1 217.65.2.150 3175 (CITYTELEC...)
1 93.95.102.105 48347 (MTW-AS)
2 104.22.5.87 13335 (CLOUDFLAR...)
1 188.42.29.80 7979 (SERVERS-COM)
1 2 185.15.175.134 ()
2 216.58.212.170 15169 (GOOGLE)
17 142.250.185.97 15169 (GOOGLE)
2 142.250.184.226 15169 (GOOGLE)
1 142.250.186.35 15169 (GOOGLE)
2 2 142.250.185.196 15169 (GOOGLE)
2 216.58.212.134 15169 (GOOGLE)
96 37
6    199.247.10.181 (Aubervilliers, France)

ASN20473 (AS-CHOOPA, US)
PTR: 199.247.10.181.vultr.com
poweruser.guru
1    142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
ajax.googleapis.com
7    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
pagead2.googlesyndication.com
partner.googleadservices.com
2    151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.stack.imgur.com
1    95.211.222.167 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
cizyix.gxxcbj.com
12    46.4.121.26 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1271109.aucourant.info
www.acint.net
7    87.250.251.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
2    88.212.201.204 (Russian Federation)

ASN39134 (UNITEDNET, RU)
counter.yadro.ru
10    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
googleads.g.doubleclick.net
1    212.32.244.30 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: visitweb.com
pus.qjudpxkisv.xyz
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
adservice.google.com
3    23.111.200.118 (Russian Federation)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    157.90.3.2 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1359721.sapientru.net
ssp-rtb.sape.ru
3    195.201.243.71 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ingolstadt.aucourant.info
acint.net
2    194.190.76.38 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp10.sender.ltmse.com
px.adhigh.net
1    94.100.180.197 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: r.mail.ru
ad.mail.ru
2    195.209.108.46 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)
ad.adriver.ru
2    81.222.128.213 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad13.adriver.ru
ssp.adriver.ru
1    104.26.4.219 (United States)

ASN13335 (CLOUDFLARENET, US)
a.utraff.com
2    194.190.117.93 (Russian Federation)

ASN204600 (REPUBLER-AS, RU)
PTR: carp.bspb1.kavanga.ru
sync.republer.com
4    31.172.81.158 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
2    31.172.81.160 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.adsniper.ru
1    37.18.16.16 (Russian Federation)

ASN205675 (HYBRID-AS, RU)
dm.hybrid.ai
2    185.15.175.147 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
tag.digitaltarget.ru
1    138.201.65.66 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.66.65.201.138.clients.your-server.de
sync.dmp.otm-r.com
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
1    109.248.237.37 (Moscow, Russian Federation)

ASN201009 (SUPPORTIT-AS, RU)
stat.adlabs.ru
1    95.211.66.35 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com
adlmerge.com
1    95.163.37.253 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: relap.io
relap.io
3    188.34.131.134 (Tann, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.134.131.34.188.clients.your-server.de
adx.com.ru
3    78.46.100.125 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.125.100.46.78.clients.your-server.de
sync.1dmp.io
3    35.190.16.14 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com
redirect.frontend.weborama.fr
1    193.106.93.124 (Russian Federation)

ASN48614 (ITSOFT-AS, RU)
prodmp.ru
4    89.108.119.28 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru
x01.aidata.io
1    80.64.106.147 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr2.rutarget.ru
sape-sync.rutarget.ru
1    37.9.245.57 (Russian Federation)

ASN16345 (BEE-AS Russia, RU)
0100007f0081696181061d36024b146d-sp.ops.beeline.ru
2    89.108.97.2 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru
ut.rktch.com
6    217.66.147.162 (St Petersburg, Russian Federation)

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-162-147-66-217.spbmts.ru
sm.rtb.mts.ru
2    213.87.44.187 (Moscow, Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru
tech.rtb.mts.ru
4    87.250.250.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru
an.yandex.ru
1    148.251.156.238 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.238.156.251.148.clients.your-server.de
exchange.buzzoola.com
1    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    217.65.2.150 (Moscow, Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)
match.new-programmatic.com
1    93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
fcgi4.gnezdo.ru
2    104.22.5.87 (None, )

ASN13335 (CLOUDFLARENET, US)
s3.advarkads.com
1    188.42.29.80 (Luxembourg)

ASN7979 (SERVERS-COM, US)
api.advarkads.com
2    185.15.175.134 (None, )

ASN- ()
dmg.digitaltarget.ru
2    216.58.212.170 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f10.1e100.net
fonts.googleapis.com
17    142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net
tpc.googlesyndication.com
2    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googletagservices.com
1    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com
2    142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net
www.google.com
2    216.58.212.134 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f134.1e100.net
static.doubleclick.net
Apex Domain
Subdomains		 Transfer
23 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
469 KB
15 acint.net
www.acint.net
acint.net
14 KB
13 doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
static.doubleclick.net
77 KB
8 mts.ru
sm.rtb.mts.ru
tech.rtb.mts.ru
5 KB
6 yandex.ru
mc.yandex.ru
an.yandex.ru
65 KB
6 poweruser.guru
poweruser.guru
123 KB
5 yandex.com
mc.yandex.com
2 KB
4 aidata.io
x01.aidata.io
2 KB
4 digitaltarget.ru
tag.digitaltarget.ru
dmg.digitaltarget.ru Failed
20 KB
4 bumlam.com
sync.bumlam.com
2 KB
4 adriver.ru
ad.adriver.ru
ssp.adriver.ru
2 KB
3 advarkads.com
s3.advarkads.com
api.advarkads.com
8 KB
3 weborama.fr
redirect.frontend.weborama.fr
950 B
3 1dmp.io
sync.1dmp.io
1 KB
3 com.ru
adx.com.ru
1 KB
3 betweendigital.com
ads.betweendigital.com
2 KB
3 google.com
adservice.google.com
www.google.com
908 B
3 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
36 KB
2 googletagservices.com
www.googletagservices.com
75 KB
2 rktch.com
ut.rktch.com
683 B
2 adsniper.ru
sync3.adsniper.ru
1 KB
2 republer.com
sync.republer.com
950 B
2 adhigh.net
px.adhigh.net
827 B
2 yadro.ru
counter.yadro.ru
2 KB
2 imgur.com
i.stack.imgur.com
233 KB
1 gstatic.com
fonts.gstatic.com
10 KB
1 gnezdo.ru
fcgi4.gnezdo.ru
188 B
1 new-programmatic.com
match.new-programmatic.com
215 B
1 uuidksinc.net
s.uuidksinc.net
327 B
1 buzzoola.com
exchange.buzzoola.com
176 B
1 beeline.ru
0100007f0081696181061d36024b146d-sp.ops.beeline.ru
636 B
1 rutarget.ru
sape-sync.rutarget.ru
416 B
1 prodmp.ru
prodmp.ru
278 B
1 relap.io
relap.io
984 B
1 adlmerge.com
adlmerge.com
117 B
1 adlabs.ru
stat.adlabs.ru
108 B
1 otm-r.com
sync.dmp.otm-r.com
69 B
1 hybrid.ai
dm.hybrid.ai
238 B
1 utraff.com
a.utraff.com
809 B
1 mail.ru
ad.mail.ru
545 B
1 sape.ru
ssp-rtb.sape.ru
566 B
1 googleadservices.com
partner.googleadservices.com
269 B
1 qjudpxkisv.xyz
pus.qjudpxkisv.xyz
1 KB
1 gxxcbj.com
cizyix.gxxcbj.com
1 KB
96 44
Domain Requested by
17 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
12 www.acint.net 2 redirects poweruser.guru
www.acint.net
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 sm.rtb.mts.ru 6 redirects
6 pagead2.googlesyndication.com poweruser.guru
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
6 poweruser.guru poweruser.guru
cizyix.gxxcbj.com
5 mc.yandex.com 2 redirects poweruser.guru
4 an.yandex.ru 3 redirects www.acint.net
4 x01.aidata.io 2 redirects www.acint.net
4 sync.bumlam.com 2 redirects www.acint.net
3 redirect.frontend.weborama.fr 3 redirects
3 sync.1dmp.io 2 redirects www.acint.net
3 adx.com.ru 3 redirects
3 acint.net www.acint.net
3 ads.betweendigital.com 2 redirects www.acint.net
2 static.doubleclick.net googleads.g.doubleclick.net
poweruser.guru
2 www.google.com 2 redirects
2 www.googletagservices.com googleads.g.doubleclick.net
2 fonts.googleapis.com googleads.g.doubleclick.net
tpc.googlesyndication.com
2 dmg.digitaltarget.ru www.acint.net
2 s3.advarkads.com www.acint.net
s3.advarkads.com
2 tech.rtb.mts.ru 2 redirects
2 ut.rktch.com 1 redirects www.acint.net
2 tag.digitaltarget.ru www.acint.net
tag.digitaltarget.ru
2 sync3.adsniper.ru 2 redirects
2 sync.republer.com 2 redirects
2 ssp.adriver.ru www.acint.net
2 ad.adriver.ru 2 redirects
2 px.adhigh.net 2 redirects
2 counter.yadro.ru 1 redirects poweruser.guru
2 mc.yandex.ru 1 redirects poweruser.guru
2 i.stack.imgur.com poweruser.guru
1 fonts.gstatic.com fonts.googleapis.com
1 api.advarkads.com s3.advarkads.com
1 fcgi4.gnezdo.ru www.acint.net
1 match.new-programmatic.com www.acint.net
1 s.uuidksinc.net 1 redirects
1 exchange.buzzoola.com 1 redirects
1 0100007f0081696181061d36024b146d-sp.ops.beeline.ru 1 redirects
1 sape-sync.rutarget.ru 1 redirects
1 prodmp.ru 1 redirects
1 relap.io www.acint.net
1 adlmerge.com www.acint.net
1 stat.adlabs.ru 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 sync.dmp.otm-r.com www.acint.net
1 dm.hybrid.ai www.acint.net
1 a.utraff.com www.acint.net
1 ad.mail.ru www.acint.net
1 ssp-rtb.sape.ru 1 redirects
1 adservice.google.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 pus.qjudpxkisv.xyz cizyix.gxxcbj.com
1 cizyix.gxxcbj.com poweruser.guru
1 ajax.googleapis.com poweruser.guru
96 55

This site contains links to these domains. Also see Links.

Domain
superuser.com
stackoverflow.com
i.stack.imgur.com
virustotal.com
en.wikipedia.org
www.stackoverflowbusiness.com
stackexchange.com
serverfault.com
webapps.stackexchange.com
askubuntu.com
webmasters.stackexchange.com
gamedev.stackexchange.com
tex.stackexchange.com
softwareengineering.stackexchange.com
unix.stackexchange.com
apple.stackexchange.com
wordpress.stackexchange.com
gis.stackexchange.com
electronics.stackexchange.com
android.stackexchange.com
security.stackexchange.com
dba.stackexchange.com
drupal.stackexchange.com
sharepoint.stackexchange.com
ux.stackexchange.com
mathematica.stackexchange.com
salesforce.stackexchange.com
expressionengine.stackexchange.com
pt.stackoverflow.com
blender.stackexchange.com
networkengineering.stackexchange.com
crypto.stackexchange.com
codereview.stackexchange.com
magento.stackexchange.com
softwarerecs.stackexchange.com
dsp.stackexchange.com
emacs.stackexchange.com
raspberrypi.stackexchange.com
ru.stackoverflow.com
codegolf.stackexchange.com
es.stackoverflow.com
ethereum.stackexchange.com
datascience.stackexchange.com
arduino.stackexchange.com
bitcoin.stackexchange.com
photo.stackexchange.com
scifi.stackexchange.com
graphicdesign.stackexchange.com
movies.stackexchange.com
music.stackexchange.com
worldbuilding.stackexchange.com
cooking.stackexchange.com
diy.stackexchange.com
money.stackexchange.com
academia.stackexchange.com
law.stackexchange.com
english.stackexchange.com
skeptics.stackexchange.com
judaism.stackexchange.com
travel.stackexchange.com
christianity.stackexchange.com
ell.stackexchange.com
japanese.stackexchange.com
gaming.stackexchange.com
bicycles.stackexchange.com
rpg.stackexchange.com
anime.stackexchange.com
puzzling.stackexchange.com
mechanics.stackexchange.com
mathoverflow.net
math.stackexchange.com
stats.stackexchange.com
cstheory.stackexchange.com
physics.stackexchange.com
chemistry.stackexchange.com
biology.stackexchange.com
cs.stackexchange.com
philosophy.stackexchange.com
meta.stackexchange.com
stackapps.com
api.stackexchange.com
data.stackexchange.com
creativecommons.org
stackoverflow.blog
Subject Issuer Validity Valid
poweruser.guru
R3		 2021-09-13 -
2021-12-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
i.stack.imgur.com
DigiCert SHA2 Secure Server CA		 2020-10-19 -
2021-11-19		 a year crt.sh
cizyix.gxxcbj.com
R3		 2021-09-06 -
2021-12-05		 3 months crt.sh
*.acint.net
R3		 2021-10-14 -
2022-01-12		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
counter.yadro.ru
GoGetSSL ECC DV CA		 2020-02-02 -
2022-05-02		 2 years crt.sh
pus.qjudpxkisv.xyz
R3		 2021-09-07 -
2021-12-06		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-19 -
2021-12-20		 a year crt.sh
*.mail.ru
GeoTrust ECC CA 2018		 2020-11-13 -
2021-11-17		 a year crt.sh
*.adriver.ru
RapidSSL RSA CA 2018		 2020-04-03 -
2022-04-24		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-18 -
2022-06-17		 a year crt.sh
*.bumlam.com
R3		 2021-09-13 -
2021-12-12		 3 months crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
tag.digitaltarget.ru
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
sync.dmp.otm-r.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-18 -
2022-06-18		 a year crt.sh
adlmerge.com
R3		 2021-10-10 -
2022-01-08		 3 months crt.sh
relap.io
GeoTrust RSA CA 2018		 2021-08-26 -
2022-09-26		 a year crt.sh
my.aidata.me
Sectigo RSA Domain Validation Secure Server CA		 2020-02-25 -
2022-02-25		 2 years crt.sh
sync.1dmp.io
R3		 2021-10-08 -
2022-01-06		 3 months crt.sh
ut.rktch.com
R3		 2021-09-02 -
2021-12-01		 3 months crt.sh
new-programmatic.com
R3		 2021-07-26 -
2021-10-24		 3 months crt.sh
fcgi4.gnezdo.ru
R3		 2021-09-09 -
2021-12-08		 3 months crt.sh
bs.yandex.ru
Yandex CA		 2021-05-31 -
2021-11-29		 6 months crt.sh
advarkads.com
Cloudflare Inc ECC CA-3		 2021-06-08 -
2022-06-07		 a year crt.sh
*.advarkads.com
GlobalSign GCC R3 DV TLS CA 2020		 2020-12-03 -
2022-01-04		 a year crt.sh
dmg.digitaltarget.ru
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 11 frames:

Primary Page: https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
Frame ID: 94F61BB0292253D9F28499928C18153E
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/zrt_lookup.html
Frame ID: 5F2EC313459F1DCCBA2F5E61A0EE17EC
Requests: 1 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=10&tc=1
Frame ID: 95E09F99ECEC264C157796FA780DDFDA
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&adk=1812271804&adf=3025194257&lmt=1634304256&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255891&bpp=4&bdt=229&idt=154&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4711675587746&frm=20&pv=2&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=185
Frame ID: 3EEB93102D374DFD07A5BDEA64EE0C94
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=184&slotname=9740033421&adk=1645359902&adf=1632581841&pi=t.ma~as.9740033421&w=726&lmt=1634304256&rafmt=11&psa=0&format=726x184&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255895&bpp=3&bdt=233&idt=208&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=357&ady=1166&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eAf3eZ9YHg&p=https%3A//poweruser.guru&dtd=215
Frame ID: C06EC7B7C2050FCDF6BC8E5A1E280548
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=600&slotname=8112284653&adk=3963576789&adf=2804389696&pi=t.ma~as.8112284653&w=300&fwrn=4&fwrnh=100&lmt=1634304256&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255898&bpp=2&bdt=236&idt=275&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C726x184&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1107&ady=772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ieJO7O57tk&p=https%3A//poweruser.guru&dtd=285
Frame ID: 21D640866A665DE16173CDDE4E457B89
Requests: 7 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F0081696181061D36024B146D
Frame ID: 4E1EABD8DBA7FEA166D28E4034F883A4
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1D7C2029D834898CA3977EB82E8AF35D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9177425597507305472/index.html
Frame ID: E608B327AE024EA0D17AF2AD53E3E62B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E6E3935EB75F8BD657B66B0CA715856C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js
Frame ID: 968C982F2868BE389E56257EAAEDB29D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

windows-10 - Является ли C:\Windows\syswow64\Explorer.exe вирусом? - PowerUser

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

96
Requests

99 %
HTTPS

0 %
IPv6

44
Domains

55
Subdomains

37
IPs

7
Countries

1138 kB
Transfer

2650 kB
Size

85
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://counter.yadro.ru/hit;superuser-com?t44.6;r;s1600*1200*24;uhttps%3A//poweruser.guru/questions/1167476/%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC;hwindows-10%20-%20%u042F%u0432%u043B%u044F%u0435%u0442%u0441%u044F%20%u043B%u0438%20C%3A%5CWindows%5Csyswow64%5CExplorer.exe%20%u0432%u0438%u0440%u0443%u0441%u043E%u043C%3F%20-%20PowerUser;0.9784476547503147 HTTP 302
  • https://counter.yadro.ru/hit;superuser-com?q;t44.6;r;s1600*1200*24;uhttps%3A//poweruser.guru/questions/1167476/%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC;hwindows-10%20-%20%u042F%u0432%u043B%u044F%u0435%u0442%u0441%u044F%20%u043B%u0438%20C%3A%5CWindows%5Csyswow64%5CExplorer.exe%20%u0432%u0438%u0440%u0443%u0441%u043E%u043C%3F%20-%20PowerUser;0.9784476547503147
Request Chain 16
  • https://www.acint.net/mc/?dp=10 HTTP 302
  • https://www.acint.net/mc/?dp=10&tc=1
Request Chain 24
  • https://mc.yandex.com/sync_cookie_image_check?t=ti(4) HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9427.L0EHdQ_xbdi6E5WteS-LGiajQJKR48p_125IH-sFTV3Er9rKykZvyrACXlxgCrx1.Y7nAbxI6Qm5j_JbrQ4a5TD-M47M%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9427._nLFQzGT0AntrvEowXclTCNTl4TDwvPRLEsLjVkLMeJKIux6eheelbMpOkHYKshxUzDX7JiAOnu21YcRf-4gbg%2C%2C.nlZFHMy29n0gE6Ey3pTEo7o9N28%2C
Request Chain 27
  • https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F0081696181061D36024B146D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F0081696181061D36024B146D&crf=1
Request Chain 28
  • https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
  • https://acint.net/match?dp=14&euid=0100007F008169612300D5A6028AF619
Request Chain 29
  • https://px.adhigh.net/p/cm/sape?u=0100007F0081696181061D36024B146D HTTP 302
  • https://px.adhigh.net/p/cm/sape?u=0100007F0081696181061D36024B146D&bounced=1 HTTP 302
  • https://acint.net/match?dp=17&euid=ugpTJWRGVGps.AikABlF8hB_pYw
Request Chain 31
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4396833335 HTTP 302
  • https://www.acint.net/rmatch?dp=45&euid=AkyxYiZJv_jd8UdHVm-MLzg&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F0081696181061D36024B146D
Request Chain 33
  • https://sync.republer.com/match?dsp=sape HTTP 307
  • https://sync.republer.com/match?dsp=sape&qset=1 HTTP 307
  • https://sync.bumlam.com/?src=rp1&uid=160c032a-877d-4fed-8e7c-9314b2574a29 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiAgqaLBlIEioaQK2IkMTYwYzAzMmEtODc3ZC00ZmVkLThlN2MtOTMxNGIyNTc0YTI5 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiAgqaLBlIEioaQK2IkMTYwYzAzMmEtODc3ZC00ZmVkLThlN2MtOTMxNGIyNTc0YTI5ogEQMirjUi27Eeym6QAlkMgkNw** HTTP 302
  • https://sync.bumlam.com/?src=rp1&s_data=CAIQABiAgqaLBmIkMTYwYzAzMmEtODc3ZC00ZmVkLThlN2MtOTMxNGIyNTc0YTI5ogEQMirjUi27Eeym6QAlkMgkNw** HTTP 302
  • https://sync.bumlam.com/?src=rp1&s_data=CAIQARiAgqaLBmIkMTYwYzAzMmEtODc3ZC00ZmVkLThlN2MtOTMxNGIyNTc0YTI5ogEQMirjUi27Eeym6QAlkMgkNw**
Request Chain 37
  • https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfwCBaWGBBh02AksUbQ HTTP 302
  • https://www.acint.net/match?dp=77&euid=
Request Chain 38
  • https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F0081696181061D36024B146D HTTP 302
  • https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F0081696181061D36024B146D
Request Chain 41
  • https://adx.com.ru/sape-sync?uid=0100007F0081696181061D36024B146D HTTP 302
  • https://adx.com.ru/sync?sspKey=25&sspUserID=0100007F0081696181061D36024B146D HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=61698100d41e066aa127d682&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru%252Fweborama-sync%253Furl%253Dhttps%25253A%25252F%25252Fprodmp.ru%25252Fyabbi.gif%25253Fuid%25253D61698100d41e066aa127d682%252526r%25253Dhttps%2525253A%2525252F%2525252Fx01.aidata.io%2525252F0.gif%2525253Fpid%2525253D9712851%25252526id%2525253D61698100d41e066aa127d682%25252526dest%2525253D%2526webouid%253D%7BWEBO_CID%7D HTTP 302
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D61698100d41e066aa127d682%2526r%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253D9712851%252526id%25253D61698100d41e066aa127d682%252526dest%25253D%26webouid%3D{WEBO_CID} HTTP 302
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D61698100d41e066aa127d682%2526r%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253D9712851%252526id%25253D61698100d41e066aa127d682%252526dest%25253D%26webouid%3D%7BWEBO_CID%7D&bounce=1&random=2539455328 HTTP 302
  • https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D61698100d41e066aa127d682%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D61698100d41e066aa127d682%2526dest%253D&webouid=cvYk9xTQLx/jESotoUqbme HTTP 302
  • https://prodmp.ru/yabbi.gif?uid=61698100d41e066aa127d682&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D61698100d41e066aa127d682%26dest%3D HTTP 302
  • https://x01.aidata.io/0.gif?pid=9712851&id=61698100d41e066aa127d682&dest=
Request Chain 42
  • https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F0081696181061D36024B146D HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F0081696181061D36024B146D&cs=1
Request Chain 43
  • https://sape-sync.rutarget.ru/sync HTTP 302
  • https://www.acint.net/match?dp=104&euid=rhaU-YBAxkGa
Request Chain 44
  • https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
  • https://acint.net/match?dp=107&euid=70a87997-d94b-5120-b385-e171d2ec6071
Request Chain 45
  • https://0100007f0081696181061d36024b146d-sp.ops.beeline.ru/p?ssp=sp&id=0100007F0081696181061D36024B146D HTTP 301
  • https://www.acint.net/match?dp=111&euid=3ca42b63-b7bf-49ff-96f1-74396b7165c7
Request Chain 46
  • https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F0081696181061D36024B146D HTTP 302
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP 302
  • https://ut.rktch.com/matchspm?pi=1000006&pui=cvYk9xTQLx/jESotoUqbme&noredirect
Request Chain 47
  • https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F0081696181061D36024B146D HTTP 301
  • https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F0081696181061D36024B146D HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=3cd7bd67-fad6-4dc2-b5e8-c7d7e80a1a36&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FPNe9Z_rWTcK16MfX6AoaNg%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D30%2526em%253D0%26sign%3D609491352 HTTP 302
  • https://an.yandex.ru/setud/mts_banner/PNe9Z_rWTcK16MfX6AoaNg?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=609491352 HTTP 302
  • https://sm.rtb.mts.ru/em?next=30&em=0 HTTP 301
  • https://www.acint.net/match?dp=125&euid=3cd7bd67-fad6-4dc2-b5e8-c7d7e80a1a36
Request Chain 48
  • https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
  • https://www.acint.net/match?dp=126&euid=3b27d159-9d03-4552-6e9a-6ebdb001e4cb
Request Chain 49
  • https://s.uuidksinc.net/match/396/0100007F0081696181061D36024B146D HTTP 302
  • https://www.acint.net/match?dp=127&euid=pmvjkj7CDOHT7E3mzqgc
Request Chain 52
  • https://x01.aidata.io/0.gif?pid=9401454&id=0100007F0081696181061D36024B146D HTTP 302
  • https://x01.aidata.io/0.gif?pid=9401454&id=0100007F0081696181061D36024B146D&bounce=1 HTTP 302
  • https://sm.rtb.mts.ru/p?ssp=aidata&id=Cpk5FpJP5oCyfRWuHUekLg HTTP 301
  • https://sm.rtb.mts.ru/match/second?ssp=51&exu=Cpk5FpJP5oCyfRWuHUekLg HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=3cd7bd67-fad6-4dc2-b5e8-c7d7e80a1a36&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FPNe9Z_rWTcK16MfX6AoaNg%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D51%2526em%253D0%2526exu%253DCpk5FpJP5oCyfRWuHUekLg%26sign%3D1764013287 HTTP 302
  • https://an.yandex.ru/setud/mts_banner/PNe9Z_rWTcK16MfX6AoaNg?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3DCpk5FpJP5oCyfRWuHUekLg&sign=1764013287 HTTP 302
  • https://sm.rtb.mts.ru/em?next=51&em=0&exu=Cpk5FpJP5oCyfRWuHUekLg HTTP 301
  • https://x01.aidata.io/0.gif?pid=9503528&uid=3cd7bd67-fad6-4dc2-b5e8-c7d7e80a1a36&exu=Cpk5FpJP5oCyfRWuHUekLg
Request Chain 54
  • https://an.yandex.ru/mapuid/sapeis/0100007F0081696181061D36024B146D HTTP 302
  • https://an.yandex.ru/mapuid/sapeis/0100007F0081696181061D36024B146D?redir-setuniq=1
Request Chain 56
  • https://mc.yandex.com/watch/56499298?wmode=7&page-url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A199%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A1553562134123%3Ahid%3A141621114%3Az%3A0%3Ai%3A202101015132416%3Aet%3A1634304256%3Ac%3A1%3Arn%3A662547496%3Arqn%3A1%3Au%3A1634304256639598226%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634304255579%3Adsn%3A6%2C33%2C39%2C1%2C1%2C0%2C%2C177%2C4%2C%2C%2C%2C259%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634304256%3At%3Awindows-10%20-%20%D0%AF%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F%20%D0%BB%D0%B8%20C%3A%5CWindows%5Csyswow64%5CExplorer.exe%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC%3F%20-%20PowerUser&t=gdpr(14)ti(2) HTTP 302
  • https://mc.yandex.com/watch/56499298/1?wmode=7&page-url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A199%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A1553562134123%3Ahid%3A141621114%3Az%3A0%3Ai%3A202101015132416%3Aet%3A1634304256%3Ac%3A1%3Arn%3A662547496%3Arqn%3A1%3Au%3A1634304256639598226%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634304255579%3Adsn%3A6%2C33%2C39%2C1%2C1%2C0%2C%2C177%2C4%2C%2C%2C%2C259%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634304256%3At%3Awindows-10%20-%20%D0%AF%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F%20%D0%BB%D0%B8%20C%3A%5CWindows%5Csyswow64%5CExplorer.exe%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC%3F%20-%20PowerUser&t=gdpr%2814%29ti%282%29
Request Chain 60
  • https://dmg.digitaltarget.ru/1/1093/i/i?i=37720981379382.400853805996375&a=77&e=0100007F0081696181061D36024B146D&pref=https%3A%2F%2Fpoweruser.guru%2F&c=ss:77.up:0100007F0081696181061D36024B146D.sync:up.xdua:dumsDWToX7ps5EZL4nQKi974.xps:xpszICaOjm6MryxDxHUYJjLFp.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=37720981379382.400853805996375&a=77&e=0100007F0081696181061D36024B146D&pref=https%3A%2F%2Fpoweruser.guru%2F&c=ss:77.up:0100007F0081696181061D36024B146D.sync:up.xdua:dumsDWToX7ps5EZL4nQKi974.xps:xpszICaOjm6MryxDxHUYJjLFp.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Request Chain 61
  • https://dmg.digitaltarget.ru/1/1093/i/i?i=37720981379382.326407000038279&a=77&e=0100007F0081696181061D36024B146D&pref=https%3A%2F%2Fpoweruser.guru%2F&c=ss:77.up:0100007F0081696181061D36024B146D.sync:up.xdua:dumsDWToX7ps5EZL4nQKi974.xps:xpszICaOjm6MryxDxHUYJjLFp.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=37720981379382.326407000038279&a=77&e=0100007F0081696181061D36024B146D&pref=https%3A%2F%2Fpoweruser.guru%2F&c=ss:77.up:0100007F0081696181061D36024B146D.sync:up.xdua:dumsDWToX7ps5EZL4nQKi974.xps:xpszICaOjm6MryxDxHUYJjLFp.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Request Chain 72
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 85
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

96 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request %D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
poweruser.guru/questions/1167476/ 		55 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
199.247.10.181 Aubervilliers, France, ASN20473 (AS-CHOOPA, US),
Reverse DNS
199.247.10.181.vultr.com
Software
nginx /
Resource Hash
9594c1398e53b375581981f53adf26a02c11fd2ec051db00119154fbf71ceb79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block;

Request headers

Host
poweruser.guru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Fri, 15 Oct 2021 13:24:15 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Frame-Options
DENY
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block;
Content-Encoding
gzip
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: poweruser.guru
URL: https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 14:06:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83853
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Fri, 14 Oct 2022 14:06:42 GMT
stacks.css
poweruser.guru/sstatic/Shared/ 		204 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://poweruser.guru/sstatic/Shared/stacks.css
Requested by
Host: poweruser.guru
URL: https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
199.247.10.181 Aubervilliers, France, ASN20473 (AS-CHOOPA, US),
Reverse DNS
199.247.10.181.vultr.com
Software
nginx /
Resource Hash
95206ffe9023fec32f3c57430c6b01f2b134a351f839ab269d8cc34be46ccc62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block;

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
poweruser.guru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 13:24:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 25 Apr 2019 12:18:49 GMT
Server
nginx
ETag
"5cc1a5a9-5b85"
X-Frame-Options
DENY
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
23429
X-XSS-Protection
1; mode=block;
Expires
Thu, 31 Dec 2037 23:55:55 GMT
primary.css
poweruser.guru/sstatic/Sites/poweruser/ 		394 KB
81 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://poweruser.guru/sstatic/Sites/poweruser/primary.css
Requested by
Host: poweruser.guru
URL: https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
199.247.10.181 Aubervilliers, France, ASN20473 (AS-CHOOPA, US),
Reverse DNS
199.247.10.181.vultr.com
Software
nginx /
Resource Hash
7431e6bf7ec9476932bd78f5e7c4aacbe651ed5c1f3459be0dbfa7e6a1ac3b9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block;

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
poweruser.guru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 13:24:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 17 Dec 2019 14:07:03 GMT
Server
nginx
ETag
W/"5df8e107-629dd"
X-Frame-Options
DENY
Content-Type
text/css
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block;
Expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: poweruser.guru
URL: https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
669e4c1639ec2e02233bce2a81ea811ff91ad289c3ad0493844c8250c7a5ce8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:24:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51465
x-xss-protection
0
server
cafe
etag
18115768812565248095
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 15 Oct 2021 13:24:15 GMT
logo.png
poweruser.guru/sstatic/Sites/poweruser/img/ 		987 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://poweruser.guru/sstatic/Sites/poweruser/img/logo.png
Requested by
Host: poweruser.guru
URL: https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
199.247.10.181 Aubervilliers, France, ASN20473 (AS-CHOOPA, US),
Reverse DNS
199.247.10.181.vultr.com
Software
nginx /
Resource Hash
23cf258c8d8459bc03a53e50216d27952de94415fc096b54b5be5e061e3696c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block;

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
poweruser.guru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 13:24:15 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 25 Apr 2019 12:18:49 GMT
Server
nginx
ETag
"5cc1a5a9-3db"
X-Frame-Options
DENY
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
987
X-XSS-Protection
1; mode=block;
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Ubxky.png
i.stack.imgur.com/ 		145 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.stack.imgur.com/Ubxky.png
Requested by
Host: poweruser.guru
URL: https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
a005eee90de8938d4dc50e5f89a5af9e91e2210c3c16fe68ed08aaa69a1ce186

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:24:29 GMT
via
1.1 varnish, 1.1 varnish
last-modified
Sun, 15 Jan 2017 07:43:28 GMT
server
cat factory 1.0
age
1084222
etag
"f7cc9602346668d0fa301619902bd4ce"
x-cache
HIT, HIT
content-type
image/png
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
x-cache-hits
1, 1
accept-ranges
bytes
x-timer
S1634304269.009715,VS0,VE1
content-length
148326
x-served-by
cache-bwi5162-BWI, cache-fra19182-FRA
YHq7L.png
i.stack.imgur.com/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.stack.imgur.com/YHq7L.png
Requested by
Host: poweruser.guru
URL: https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
50782b53f2c0a3a58b7705e9728663d77bf13b04e9ff4c7ee18a3f76dc11bbc8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:24:29 GMT
via
1.1 varnish, 1.1 varnish
last-modified
Sun, 15 Jan 2017 08:19:03 GMT
server
cat factory 1.0
age
709616
etag
"b70ea6766b06e4835ebea74b9ce9af30"
x-cache
HIT, HIT
content-type
image/png
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
x-cache-hits
1, 1
accept-ranges
bytes
x-timer
S1634304269.009783,VS0,VE1
content-length
89221
x-served-by
cache-bwi5160-BWI, cache-fra19182-FRA
e.js
poweruser.guru/sstatic/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://poweruser.guru/sstatic/js/e.js
Requested by
Host: poweruser.guru
URL: https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
199.247.10.181 Aubervilliers, France, ASN20473 (AS-CHOOPA, US),
Reverse DNS
199.247.10.181.vultr.com
Software
nginx /
Resource Hash
a87447ba7715e54dd08bd184d143300f4ea2b8e93fec720d4bacac6f1b7de081
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block;

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
poweruser.guru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 13:24:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 26 Apr 2019 10:40:19 GMT
Server
nginx
ETag
"5cc2e013-832"
X-Frame-Options
DENY
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
2098
X-XSS-Protection
1; mode=block;
Expires
Thu, 31 Dec 2037 23:55:55 GMT
JW_KfO1_VZjpBv0e4XTRdNqWXORYCg
cizyix.gxxcbj.com/v/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cizyix.gxxcbj.com/v/JW_KfO1_VZjpBv0e4XTRdNqWXORYCg
Requested by
Host: poweruser.guru
URL: https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.222.167 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx / PHP/7.0.33-0+deb9u11
Resource Hash
0051ea5737735b550089fe83711bef0fcf85bd730d7e069100de255f1d344abe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

vw-charset
utf-8
date
Fri, 15 Oct 2021 13:24:15 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.0.33-0+deb9u11
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
no-transform
content-length
884
aci.js
www.acint.net/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.acint.net/aci.js
Requested by
Host: poweruser.guru
URL: https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:24:15 GMT
content-encoding
gzip
last-modified
Sat, 02 Jan 2021 18:29:12 GMT
server
openresty
etag
"5ff0bb78-1baf"
content-type
application/x-javascript
cache-control
max-age=43200
content-length
7087
expires
Sat, 16 Oct 2021 01:24:15 GMT
tag.js
mc.yandex.ru/metrika/ 		188 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: poweruser.guru
URL: https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
496077b8b09b43b1417ac4a8eb747b38b08e12a2dc9b65573c78dd2a44ac674d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:24:15 GMT
content-encoding
br
last-modified
Thu, 14 Oct 2021 16:17:22 GMT
etag
"61682de2-10040"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
65600
expires
Fri, 15 Oct 2021 14:24:15 GMT
hit;superuser-com
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;superuser-com?t44.6;r;s1600*1200*24;uhttps%3A//poweruser.guru/questions/1167476/%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%2...
  • https://counter.yadro.ru/hit;superuser-com?q;t44.6;r;s1600*1200*24;uhttps%3A//poweruser.guru/questions/1167476/%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0...
132 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;superuser-com?q;t44.6;r;s1600*1200*24;uhttps%3A//poweruser.guru/questions/1167476/%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC;hwindows-10%20-%20%u042F%u0432%u043B%u044F%u0435%u0442%u0441%u044F%20%u043B%u0438%20C%3A%5CWindows%5Csyswow64%5CExplorer.exe%20%u0432%u0438%u0440%u0443%u0441%u043E%u043C%3F%20-%20PowerUser;0.9784476547503147
Requested by
Host: poweruser.guru
URL: https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
fa523f248a332cb89ae3ad8cf51d840153e0f96bcc2a4c8db736e02a340dab48
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 13:24:25 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
132
Expires
Wed, 14 Oct 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 13:24:25 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit;superuser-com?q;t44.6;r;s1600*1200*24;uhttps%3A//poweruser.guru/questions/1167476/%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC;hwindows-10%20-%20%u042F%u0432%u043B%u044F%u0435%u0442%u0441%u044F%20%u043B%u0438%20C%3A%5CWindows%5Csyswow64%5CExplorer.exe%20%u0432%u0438%u0440%u0443%u0441%u043E%u043C%3F%20-%20PowerUser;0.9784476547503147
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Wed, 14 Oct 2020 21:00:00 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/ 		272 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
d0774e083ca23a9dc44142c5d4a74f78b2d3964939c3817f3d3de5fa361ca7b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:24:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99865
x-xss-protection
0
server
cafe
etag
17106483423883084388
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Oct 2021 13:24:15 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/ Frame 5F2E 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
8f297a42c731c5e6412ef47dff5d7697e142a28abe98d34b515951d40e5e9f7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211013/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://poweruser.guru/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 14 Oct 2021 21:22:20 GMT
expires
Thu, 28 Oct 2021 21:22:20 GMT
content-type
text/html; charset=UTF-8
etag
9069739545958607985
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4691
x-xss-protection
0
age
57715
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
vwsw.js
poweruser.guru/ 		0
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://poweruser.guru/vwsw.js
Requested by
Host: cizyix.gxxcbj.com
URL: https://cizyix.gxxcbj.com/v/JW_KfO1_VZjpBv0e4XTRdNqWXORYCg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
199.247.10.181 Aubervilliers, France, ASN20473 (AS-CHOOPA, US),
Reverse DNS
199.247.10.181.vultr.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block;

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
poweruser.guru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 13:24:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 19 Dec 2019 10:25:59 GMT
Server
nginx
ETag
W/"5dfb5037-4d1"
X-Frame-Options
DENY
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block;
Expires
Thu, 31 Dec 2037 23:55:55 GMT
app.js
pus.qjudpxkisv.xyz/pus2/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pus.qjudpxkisv.xyz/pus2/app.js
Requested by
Host: cizyix.gxxcbj.com
URL: https://cizyix.gxxcbj.com/v/JW_KfO1_VZjpBv0e4XTRdNqWXORYCg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.32.244.30 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
visitweb.com
Software
nginx /
Resource Hash
535cf4a35daf7954fddd2b6e79f2e1d9674316839a4a14d6baa71238c491ef15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 15 Oct 2021 13:24:16 GMT
content-encoding
gzip
last-modified
Wed, 10 Oct 2018 15:03:08 GMT
server
nginx
etag
W/"5bbe14ac-fe9"
content-type
application/javascript
/
www.acint.net/mc/ Frame 95E0
Redirect Chain
  • https://www.acint.net/mc/?dp=10
  • https://www.acint.net/mc/?dp=10&tc=1
3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.acint.net/mc/?dp=10&tc=1
Requested by
Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
099399b26fdccfcb50a72b78b14c6e028418913d4206d9f47af4e849f2ba2c0d

Request headers

:method
GET
:authority
www.acint.net
:scheme
https
:path
/mc/?dp=10&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://poweruser.guru/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission; aid=fwAAAWFpgQA2HQaBbRRLAiLYLsTcBPwh+4/0qJQ+ALVBWx86
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/

Response headers

server
openresty
date
Fri, 15 Oct 2021 13:24:16 GMT
content-type
text/html
set-cookie
cSyncDp7v2=1634304256; expires=Sun, 14-Nov-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp14v3=1634304256; expires=Sun, 14-Nov-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp17=1634304256; expires=Sun, 14-Nov-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp32=1634304256; expires=Sun, 14-Nov-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp45v3=1634304256; expires=Sat, 16-Oct-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp53=1634304256; expires=Sun, 14-Nov-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp54v2=1634304256; expires=Sun, 14-Nov-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp62=1634304256; expires=Sun, 14-Nov-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp67v2=1634304256; expires=Sun, 14-Nov-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp68=1634304256; expires=Sun, 14-Nov-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp77=1634304256; expires=Fri, 29-Oct-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp84=1634304256; expires=Sun, 14-Nov-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp85=1634304256; expires=Sun, 14-Nov-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp88=1634304256; expires=Sun, 14-Nov-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp95v2=1634304256; expires=Sun, 14-Nov-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp101=1634304256; expires=Sun, 14-Nov-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp104v2=1634304256; expires=Fri, 29-Oct-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp107=1634304256; expires=Sun, 14-Nov-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp111v2=1634304256; expires=Fri, 29-Oct-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp112v2=1634304256; expires=Sun, 14-Nov-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp125v2=1634304256; expires=Sat, 30-Oct-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp126=1634304256; expires=Sun, 14-Nov-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp127=1634304256; expires=Sun, 14-Nov-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp136=1634304256; expires=Sun, 14-Nov-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp138=1634304256; expires=Sun, 14-Nov-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp144=1634304256; expires=Sun, 14-Nov-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp146=1634304256; expires=Sun, 14-Nov-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp149=1634304256; expires=Sun, 14-Nov-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp151=1634304256; expires=Sun, 14-Nov-21 13:24:16 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding
gzip

Redirect headers

server
openresty
date
Fri, 15 Oct 2021 13:24:16 GMT
content-type
text/html
content-length
154
set-cookie
test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Fri, 15-Oct-21 13:34:16 GMT aid=fwAAAWFpgQA2HQaBbRRLAiLYLsTcBPwh+4/0qJQ+ALVBWx86; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
location
/mc/?dp=10&tc=1
/
www.acint.net/hit/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/hit/?v=0.3.0&uid=b90425c0-e6dc-4365-9e7e-c6b1f3787cbc&dp=10&tz=%2B00%3A00&nc=43493143&u=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&r=&rs=1600x1200&t=windows-10%20-%20%D0%AF%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F%20%D0%BB%D0%B8%20C%3A%5CWindows%5Csyswow64%5CExplorer.exe%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC%3F%20-%20PowerUser&oE=1&oP=1&dT=2021-10-15T13%3A24%3A15.983&fu=efce7e0f-3a57-4e54-aaca-5a5878f4a603
Requested by
Host: poweruser.guru
URL: https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:24:16 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		204 B
269 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=poweruser.guru&callback=_gfp_s_&client=ca-pub-2419112867793556
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
4dc3155984bcec227b19b8fb24e153dc29ccbd308d148896b4216153ed352410
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
194
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&tn=DIV&id=js-gdpr-consent-banner&cls=p16%20bg-black-700%20ff-sans%20fc-white%20ps-fixed%20b0%20l0%20r0%20z-banner&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: poweruser.guru
URL: https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 13:24:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&tn=HEADER&cls=top-bar%20js-top-bar%20top-bar__network%20_fixed&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: poweruser.guru
URL: https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 13:24:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=poweruser.guru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Oct 2021 13:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3EEB 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&adk=1812271804&adf=3025194257&lmt=1634304256&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255891&bpp=4&bdt=229&idt=154&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4711675587746&frm=20&pv=2&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=185
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2419112867793556&output=html&adk=1812271804&adf=3025194257&lmt=1634304256&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255891&bpp=4&bdt=229&idt=154&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4711675587746&frm=20&pv=2&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=185
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://poweruser.guru/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 15 Oct 2021 13:24:16 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 15-Oct-2021 13:39:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 15 Oct 2021 13:24:16 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame C06E 		100 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=184&slotname=9740033421&adk=1645359902&adf=1632581841&pi=t.ma~as.9740033421&w=726&lmt=1634304256&rafmt=11&psa=0&format=726x184&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255895&bpp=3&bdt=233&idt=208&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=357&ady=1166&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eAf3eZ9YHg&p=https%3A//poweruser.guru&dtd=215
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
67c4b40901dc312c6d97f1119d1d52429b2160f07dfecdfcf2615795c84c5837
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2419112867793556&output=html&h=184&slotname=9740033421&adk=1645359902&adf=1632581841&pi=t.ma~as.9740033421&w=726&lmt=1634304256&rafmt=11&psa=0&format=726x184&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255895&bpp=3&bdt=233&idt=208&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=357&ady=1166&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eAf3eZ9YHg&p=https%3A//poweruser.guru&dtd=215
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://poweruser.guru/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 15 Oct 2021 13:24:16 GMT
server
cafe
content-length
32023
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 15-Oct-2021 13:39:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 15 Oct 2021 13:24:16 GMT
cache-control
private
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check?t=ti(4)
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9427.L0EHdQ_xbdi6E5WteS-LGiajQJKR48p_125IH-sFTV3Er9rKykZvyrACXlxgCrx1.Y7nAbxI6Qm5j_JbrQ4a5TD-M47M%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9427._nLFQzGT0AntrvEowXclTCNTl4TDwvPRLEsLjVkLMeJKIux6eheelbMpOkHYKshxUzDX7JiAOnu21YcRf-4gbg%2C%2C.nlZFHMy29n0gE6Ey3pTEo7o9N28%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9427._nLFQzGT0AntrvEowXclTCNTl4TDwvPRLEsLjVkLMeJKIux6eheelbMpOkHYKshxUzDX7JiAOnu21YcRf-4gbg%2C%2C.nlZFHMy29n0gE6Ey3pTEo7o9N28%2C
Requested by
Host: poweruser.guru
URL: https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:24:16 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9427._nLFQzGT0AntrvEowXclTCNTl4TDwvPRLEsLjVkLMeJKIux6eheelbMpOkHYKshxUzDX7JiAOnu21YcRf-4gbg%2C%2C.nlZFHMy29n0gE6Ey3pTEo7o9N28%2C
date
Fri, 15 Oct 2021 13:24:16 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
ads
googleads.g.doubleclick.net/pagead/ Frame 21D6 		80 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=600&slotname=8112284653&adk=3963576789&adf=2804389696&pi=t.ma~as.8112284653&w=300&fwrn=4&fwrnh=100&lmt=1634304256&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255898&bpp=2&bdt=236&idt=275&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C726x184&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1107&ady=772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ieJO7O57tk&p=https%3A//poweruser.guru&dtd=285
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
c7d33f35f5703ad99e9909c82f88aaad005fcbbc733ac4605dce9ff7da8c6b4c
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9177425597507305472/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9177425597507305472/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJGIl-XBzPMCFXIy0wodJ9QO6w&gqi=AIFpYdaKDaLutge6womQDw&layout=/sadbundle/%24csp%253Der3%24/9177425597507305472/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2419112867793556&output=html&h=600&slotname=8112284653&adk=3963576789&adf=2804389696&pi=t.ma~as.8112284653&w=300&fwrn=4&fwrnh=100&lmt=1634304256&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255898&bpp=2&bdt=236&idt=275&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C726x184&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1107&ady=772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ieJO7O57tk&p=https%3A//poweruser.guru&dtd=285
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://poweruser.guru/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9177425597507305472/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9177425597507305472/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJGIl-XBzPMCFXIy0wodJ9QO6w&gqi=AIFpYdaKDaLutge6womQDw&layout=/sadbundle/%24csp%253Der3%24/9177425597507305472/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 15 Oct 2021 13:24:17 GMT
server
cafe
content-length
25758
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 15-Oct-2021 13:39:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 15 Oct 2021 13:24:17 GMT
cache-control
private
advert.gif
mc.yandex.com/metrika/ 		43 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif?t=ti(4)
Requested by
Host: poweruser.guru
URL: https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:24:16 GMT
last-modified
Wed, 13 Oct 2021 15:51:32 GMT
etag
"6166d654-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 15 Oct 2021 14:24:16 GMT
match
ads.betweendigital.com/ Frame 95E0
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F0081696181061D36024B146D
  • https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F0081696181061D36024B146D&crf=1
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F0081696181061D36024B146D&crf=1
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
/match?bidder_id=73&external_user_id=0100007F0081696181061D36024B146D&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
acint.net/ Frame 95E0
Redirect Chain
  • https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
  • https://acint.net/match?dp=14&euid=0100007F008169612300D5A6028AF619
43 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acint.net/match?dp=14&euid=0100007F008169612300D5A6028AF619
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:24:16 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date
Fri, 15 Oct 2021 13:24:16 GMT
Server
openresty
P3P
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Location
https://acint.net/match?dp=14&euid=0100007F008169612300D5A6028AF619
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
text/html
Content-Length
142
Expires
Wed, 19 Apr 2000 11:43:00 GMT
match
acint.net/ Frame 95E0
Redirect Chain
  • https://px.adhigh.net/p/cm/sape?u=0100007F0081696181061D36024B146D
  • https://px.adhigh.net/p/cm/sape?u=0100007F0081696181061D36024B146D&bounced=1
  • https://acint.net/match?dp=17&euid=ugpTJWRGVGps.AikABlF8hB_pYw
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acint.net/match?dp=17&euid=ugpTJWRGVGps.AikABlF8hB_pYw
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:24:16 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 13:24:16 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f10-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://acint.net/match?dp=17&euid=ugpTJWRGVGps.AikABlF8hB_pYw
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
cm.gif
ad.mail.ru/ Frame 95E0 		43 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mail.ru/cm.gif?p=48&id=0100007F0081696181061D36024B146D
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
94.100.180.197 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
r.mail.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:24:16 GMT
last-modified
Fri, 15 Oct 2021 13:24:16 GMT
server
nginx
cross-origin-opener-policy
same-origin
cross-origin-embedder-policy
require-corp
content-type
image/gif
cache-control
max-age=21600
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
43
expires
Fri, 15 Oct 2021 19:24:16 GMT
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 95E0
Redirect Chain
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4396833335
  • https://www.acint.net/rmatch?dp=45&euid=AkyxYiZJv_jd8UdHVm-MLzg&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F0081696181061D36024B146D
42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F0081696181061D36024B146D
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.213 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad13.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 13:24:16 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

date
Fri, 15 Oct 2021 13:24:16 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F0081696181061D36024B146D
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
sync
a.utraff.com/ Frame 95E0 		0
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.utraff.com/sync?ssp=sape
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:24:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JIC0uRzY%2F8R5DBz7Ehvj72kv2VVC36K8rzvTFFaIu6VyQ%2BkFznXnOYASlZ%2BcoccaLRLyqZCRmpZhmaWtIcdxvlk6Q7Zqz1yZKMWHDAB2EpOvzMTJ8k6l5RLP1QnPxA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
cf-ray
69e95de1c9c02794-PRG
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
/
sync.bumlam.com/ Frame 95E0
Redirect Chain
  • https://sync.republer.com/match?dsp=sape
  • https://sync.republer.com/match?dsp=sape&qset=1
  • https://sync.bumlam.com/?src=rp1&uid=160c032a-877d-4fed-8e7c-9314b2574a29
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiAgqaLBlIEioaQK2IkMTYwYzAzMmEtODc3ZC00ZmVkLThlN2MtOTMxNGIyNTc0YTI5
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiAgqaLBlIEioaQK2IkMTYwYzAzMmEtODc3ZC00ZmVkLThlN2MtOTMxNGIyNTc0YTI5ogEQMirjUi27Eeym6QAlkMgkNw**
  • https://sync.bumlam.com/?src=rp1&s_data=CAIQABiAgqaLBmIkMTYwYzAzMmEtODc3ZC00ZmVkLThlN2MtOTMxNGIyNTc0YTI5ogEQMirjUi27Eeym6QAlkMgkNw**
  • https://sync.bumlam.com/?src=rp1&s_data=CAIQARiAgqaLBmIkMTYwYzAzMmEtODc3ZC00ZmVkLThlN2MtOTMxNGIyNTc0YTI5ogEQMirjUi27Eeym6QAlkMgkNw**
43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bumlam.com/?src=rp1&s_data=CAIQARiAgqaLBmIkMTYwYzAzMmEtODc3ZC00ZmVkLThlN2MtOTMxNGIyNTc0YTI5ogEQMirjUi27Eeym6QAlkMgkNw**
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 13:24:16 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date
Fri, 15 Oct 2021 13:24:16 GMT
Server
nginx
ETag
322ae352-2dbb-11ec-a6e9-002590c82437
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
//sync.bumlam.com/?src=rp1&s_data=CAIQARiAgqaLBmIkMTYwYzAzMmEtODc3ZC00ZmVkLThlN2MtOTMxNGIyNTc0YTI5ogEQMirjUi27Eeym6QAlkMgkNw**
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
match
dm.hybrid.ai/ Frame 95E0 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=106&vid=0100007F0081696181061D36024B146D
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.16 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 13:24:16 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
113
x-xss-protection
1; mode=block
expires
-1
adcm.js
tag.digitaltarget.ru/ Frame 95E0 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.digitaltarget.ru/adcm.js
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.147 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 13:24:16 GMT
Last-Modified
Thu, 14 Oct 2021 23:50:04 GMT
Server
nginx
ETag
"6168c22c-beb"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3051
sape
sync.dmp.otm-r.com/match/ Frame 95E0 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/sape?id=0100007F0081696181061D36024B146D
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.65.66 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.66.65.201.138.clients.your-server.de
Software
nginx/1.19.7 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 15 Oct 2021 13:24:16 GMT
server
nginx/1.19.7
match
www.acint.net/ Frame 95E0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfwCBaWGBBh02AksUbQ
  • https://www.acint.net/match?dp=77&euid=
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=77&euid=
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:24:16 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 13:24:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.acint.net/match?dp=77&euid=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
240
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adlmerge.com/merge_gpsid/ Frame 95E0
Redirect Chain
  • https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F0081696181061D36024B146D
  • https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F0081696181061D36024B146D
43 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F0081696181061D36024B146D
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.16.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

iseu
noneu
server
nginx/1.16.0
date
Fri, 15 Oct 2021 13:24:16 GMT
content-type
image/gif

Redirect headers

location
//adlmerge.com/merge_gpsid/?sid=50&id=0100007F0081696181061D36024B146D
date
Fri, 15 Oct 2021 13:24:16 GMT
server
nginx
content-length
0
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 95E0 		42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F0081696181061D36024B146D
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.213 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad13.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 13:24:16 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
sprcs
relap.io/partners/ Frame 95E0 		43 B
984 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://relap.io/partners/sprcs?uid=0100007F0081696181061D36024B146D
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
relap.io
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 13:24:16 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=5184000; includeSubdomains;
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-server
back10
content-length
43
x-xss-protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
0.gif
x01.aidata.io/ Frame 95E0
Redirect Chain
  • https://adx.com.ru/sape-sync?uid=0100007F0081696181061D36024B146D
  • https://adx.com.ru/sync?sspKey=25&sspUserID=0100007F0081696181061D36024B146D
  • https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=61698100d41e066aa127d682&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru...
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D61698100d41e066aa127d682%2526r%253Dhttps%25253A...
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D61698100d41e066aa127d682%2526r%253Dhttps%25253A...
  • https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D61698100d41e066aa127d682%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D61698100d4...
  • https://prodmp.ru/yabbi.gif?uid=61698100d41e066aa127d682&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D61698100d41e066aa127d682%26dest%3D
  • https://x01.aidata.io/0.gif?pid=9712851&id=61698100d41e066aa127d682&dest=
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=9712851&id=61698100d41e066aa127d682&dest=
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51802.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 13:24:16 GMT
last-modified
Fri, 15 Oct 2021 13:24:15 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Fri, 15 Oct 2021 13:24:15 GMT

Redirect headers

location
https://x01.aidata.io/0.gif?pid=9712851&id=61698100d41e066aa127d682&dest=
date
Fri, 15 Oct 2021 13:24:16 GMT
access-control-allow-credentials
true
server
nginx
content-type
image/gif
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel.gif
sync.1dmp.io/ Frame 95E0
Redirect Chain
  • https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F0081696181061D36024B146D
  • https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F0081696181061D36024B146D&cs=1
35 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F0081696181061D36024B146D&cs=1
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.100.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.125.100.46.78.clients.your-server.de
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:24:16 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-type
image/gif
content-length
35
expires
0

Redirect headers

location
/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F0081696181061D36024B146D&cs=1
date
Fri, 15 Oct 2021 13:24:16 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-length
0
expires
0
match
www.acint.net/ Frame 95E0
Redirect Chain
  • https://sape-sync.rutarget.ru/sync
  • https://www.acint.net/match?dp=104&euid=rhaU-YBAxkGa
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=104&euid=rhaU-YBAxkGa
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:24:16 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location
https://www.acint.net/match?dp=104&euid=rhaU-YBAxkGa
Date
Fri, 15 Oct 2021 13:24:16 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
match
acint.net/ Frame 95E0
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
  • https://acint.net/match?dp=107&euid=70a87997-d94b-5120-b385-e171d2ec6071
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acint.net/match?dp=107&euid=70a87997-d94b-5120-b385-e171d2ec6071
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:24:16 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location
https://acint.net/match?dp=107&euid=70a87997-d94b-5120-b385-e171d2ec6071
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
www.acint.net/ Frame 95E0
Redirect Chain
  • https://0100007f0081696181061d36024b146d-sp.ops.beeline.ru/p?ssp=sp&id=0100007F0081696181061D36024B146D
  • https://www.acint.net/match?dp=111&euid=3ca42b63-b7bf-49ff-96f1-74396b7165c7
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=111&euid=3ca42b63-b7bf-49ff-96f1-74396b7165c7
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:24:16 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date
Fri, 15 Oct 2021 13:24:16 GMT
x-route
http://upstream_cookiesync
server
nginx
location
https://www.acint.net/match?dp=111&euid=3ca42b63-b7bf-49ff-96f1-74396b7165c7
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true, true
x-host
192.168.152.36
access-control-allow-headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
matchspm
ut.rktch.com/ Frame 95E0
Redirect Chain
  • https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F0081696181061D36024B146D
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
  • https://ut.rktch.com/matchspm?pi=1000006&pui=cvYk9xTQLx/jESotoUqbme&noredirect
88 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ut.rktch.com/matchspm?pi=1000006&pui=cvYk9xTQLx/jESotoUqbme&noredirect
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d50603.reg.regrucolo.ru
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 13:24:16 GMT
Server
nginx/1.18.0
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type
image/png
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Accept, Authorization
Content-Length
88

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 13:24:16 GMT
via
1.1 google
last-modified
Fri, 15 Oct 2021 13:24:16 GMT
server
nginx/1.12.0
location
https://ut.rktch.com/matchspm?pi=1000006&pui=cvYk9xTQLx/jESotoUqbme&noredirect
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
match
www.acint.net/ Frame 95E0
Redirect Chain
  • https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F0081696181061D36024B146D
  • https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F0081696181061D36024B146D
  • https://tech.rtb.mts.ru/?dsp_uid=3cd7bd67-fad6-4dc2-b5e8-c7d7e80a1a36&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FPNe9Z_rWTcK16MfX6AoaNg%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts...
  • https://an.yandex.ru/setud/mts_banner/PNe9Z_rWTcK16MfX6AoaNg?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=609491352
  • https://sm.rtb.mts.ru/em?next=30&em=0
  • https://www.acint.net/match?dp=125&euid=3cd7bd67-fad6-4dc2-b5e8-c7d7e80a1a36
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=125&euid=3cd7bd67-fad6-4dc2-b5e8-c7d7e80a1a36
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:24:16 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date
Fri, 15 Oct 2021 13:24:16 GMT
Server
nginx
Access-Control-Allow-Origin
*
Vary
Origin
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
Location
https://www.acint.net/match?dp=125&euid=3cd7bd67-fad6-4dc2-b5e8-c7d7e80a1a36
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
match
www.acint.net/ Frame 95E0
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
  • https://www.acint.net/match?dp=126&euid=3b27d159-9d03-4552-6e9a-6ebdb001e4cb
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=126&euid=3b27d159-9d03-4552-6e9a-6ebdb001e4cb
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:24:16 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location
https://www.acint.net/match?dp=126&euid=3b27d159-9d03-4552-6e9a-6ebdb001e4cb
date
Fri, 15 Oct 2021 13:24:16 GMT
server
nginx
content-length
115
serverid
TODO
content-type
text/html; charset=utf-8
match
www.acint.net/ Frame 95E0
Redirect Chain
  • https://s.uuidksinc.net/match/396/0100007F0081696181061D36024B146D
  • https://www.acint.net/match?dp=127&euid=pmvjkj7CDOHT7E3mzqgc
43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/match?dp=127&euid=pmvjkj7CDOHT7E3mzqgc
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:24:16 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date
Fri, 15 Oct 2021 13:24:16 GMT
server
nginx/1.19.0
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
location
https://www.acint.net/match?dp=127&euid=pmvjkj7CDOHT7E3mzqgc
access-control-allow-headers
Content-Type
content-length
0
userbind
match.new-programmatic.com/ Frame 95E0 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=sape&id=0100007F0081696181061D36024B146D
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Oct 2021 13:15:45 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
0100007F0081696181061D36024B146D
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame 95E0 		0
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F0081696181061D36024B146D
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:24:16 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
0.gif
x01.aidata.io/ Frame 95E0
Redirect Chain
  • https://x01.aidata.io/0.gif?pid=9401454&id=0100007F0081696181061D36024B146D
  • https://x01.aidata.io/0.gif?pid=9401454&id=0100007F0081696181061D36024B146D&bounce=1
  • https://sm.rtb.mts.ru/p?ssp=aidata&id=Cpk5FpJP5oCyfRWuHUekLg
  • https://sm.rtb.mts.ru/match/second?ssp=51&exu=Cpk5FpJP5oCyfRWuHUekLg
  • https://tech.rtb.mts.ru/?dsp_uid=3cd7bd67-fad6-4dc2-b5e8-c7d7e80a1a36&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FPNe9Z_rWTcK16MfX6AoaNg%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts...
  • https://an.yandex.ru/setud/mts_banner/PNe9Z_rWTcK16MfX6AoaNg?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3DCpk5FpJP5oCyfRWuHUekLg&sign=1764013287
  • https://sm.rtb.mts.ru/em?next=51&em=0&exu=Cpk5FpJP5oCyfRWuHUekLg
  • https://x01.aidata.io/0.gif?pid=9503528&uid=3cd7bd67-fad6-4dc2-b5e8-c7d7e80a1a36&exu=Cpk5FpJP5oCyfRWuHUekLg
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=9503528&uid=3cd7bd67-fad6-4dc2-b5e8-c7d7e80a1a36&exu=Cpk5FpJP5oCyfRWuHUekLg
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51802.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 13:24:17 GMT
last-modified
Fri, 15 Oct 2021 13:24:16 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Fri, 15 Oct 2021 13:24:16 GMT

Redirect headers

Date
Fri, 15 Oct 2021 13:24:16 GMT
Server
nginx
Access-Control-Allow-Origin
*
Vary
Origin
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
Location
https://x01.aidata.io/0.gif?pid=9503528&uid=3cd7bd67-fad6-4dc2-b5e8-c7d7e80a1a36&exu=Cpk5FpJP5oCyfRWuHUekLg
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
sync.bumlam.com/ Frame 95E0 		0
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bumlam.com/?src=sap1&uid=0100007F0081696181061D36024B146D
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 13:24:16 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
0100007F0081696181061D36024B146D
an.yandex.ru/mapuid/sapeis/ Frame 95E0
Redirect Chain
  • https://an.yandex.ru/mapuid/sapeis/0100007F0081696181061D36024B146D
  • https://an.yandex.ru/mapuid/sapeis/0100007F0081696181061D36024B146D?redir-setuniq=1
43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/sapeis/0100007F0081696181061D36024B146D?redir-setuniq=1
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
87.250.250.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 13:24:16 GMT
content-encoding
gzip
last-modified
Fri, 15 Oct 2021 13:24:16 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 15 Oct 2021 13:24:16 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 13:24:16 GMT
content-encoding
gzip
last-modified
Fri, 15 Oct 2021 13:24:16 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/sapeis/0100007F0081696181061D36024B146D?redir-setuniq=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 15 Oct 2021 13:24:16 GMT
frame.html
s3.advarkads.com/modules/match/ Frame 4E1E 		187 B
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F0081696181061D36024B146D
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106

Request headers

:method
GET
:authority
s3.advarkads.com
:scheme
https
:path
/modules/match/frame.html?id=8113-1-1&uid=0100007F0081696181061D36024B146D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.acint.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/

Response headers

date
Fri, 15 Oct 2021 13:24:16 GMT
content-type
text/html
cache-control
max-age=60
last-modified
Wed, 13 Oct 2021 12:55:49 GMT
vary
Accept-Encoding
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69e95de1cc224131-PRG
content-encoding
gzip
1
mc.yandex.com/watch/56499298/
Redirect Chain
  • https://mc.yandex.com/watch/56499298?wmode=7&page-url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25B...
  • https://mc.yandex.com/watch/56499298/1?wmode=7&page-url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%2...
350 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/56499298/1?wmode=7&page-url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A199%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A1553562134123%3Ahid%3A141621114%3Az%3A0%3Ai%3A202101015132416%3Aet%3A1634304256%3Ac%3A1%3Arn%3A662547496%3Arqn%3A1%3Au%3A1634304256639598226%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634304255579%3Adsn%3A6%2C33%2C39%2C1%2C1%2C0%2C%2C177%2C4%2C%2C%2C%2C259%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634304256%3At%3Awindows-10%20-%20%D0%AF%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F%20%D0%BB%D0%B8%20C%3A%5CWindows%5Csyswow64%5CExplorer.exe%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC%3F%20-%20PowerUser&t=gdpr%2814%29ti%282%29
Requested by
Host: poweruser.guru
URL: https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
5ad63c27519cba6231add81acf46b67655936d285cc45bae36b3d45bf5f2f77e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 13:24:16 GMT
x-content-type-options
nosniff
last-modified
Fri, 15-Oct-2021 13:24:16 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://poweruser.guru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Fri, 15-Oct-2021 13:24:16 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Oct 2021 13:24:16 GMT
last-modified
Fri, 15-Oct-2021 13:24:16 GMT
location
/watch/56499298/1?wmode=7&page-url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A199%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A1553562134123%3Ahid%3A141621114%3Az%3A0%3Ai%3A202101015132416%3Aet%3A1634304256%3Ac%3A1%3Arn%3A662547496%3Arqn%3A1%3Au%3A1634304256639598226%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634304255579%3Adsn%3A6%2C33%2C39%2C1%2C1%2C0%2C%2C177%2C4%2C%2C%2C%2C259%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634304256%3At%3Awindows-10%20-%20%D0%AF%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F%20%D0%BB%D0%B8%20C%3A%5CWindows%5Csyswow64%5CExplorer.exe%20%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC%3F%20-%20PowerUser&t=gdpr%2814%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://poweruser.guru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 15-Oct-2021 13:24:16 GMT
processor.js
tag.digitaltarget.ru/ Frame 95E0 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.digitaltarget.ru/processor.js?i=146878369357020
Requested by
Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.147 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
9a6b50131cc9b2e010aafa2e58d6a1672df5781ebee2120a2e80e04db9d89007

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 13:24:16 GMT
Last-Modified
Thu, 14 Oct 2021 23:50:04 GMT
Server
nginx
ETag
"6168c22c-3cc1"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15553
frame.js
s3.advarkads.com/modules/match/ Frame 4E1E 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.advarkads.com/modules/match/frame.js
Requested by
Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F0081696181061D36024B146D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.5.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0650d735f7f71e6069650bda7583d3830a1cd5f0bad8d9272f8ce5366ff4832

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F0081696181061D36024B146D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:24:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 14 Oct 2021 14:10:41 GMT
server
cloudflare
age
54
etag
"808628455c1d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
cf-ray
69e95de2ee884131-PRG
content-length
7433
match
api.advarkads.com/api/statistic/ Frame 4E1E 		43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.advarkads.com/api/statistic/match?id=8113-1-1&uid=0100007F0081696181061D36024B146D
Requested by
Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F0081696181061D36024B146D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.29.80 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.18.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s3.advarkads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Oct 2021 13:24:16 GMT
Server
nginx/1.18.0
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
-1
i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 95E0
Redirect Chain
  • https://dmg.digitaltarget.ru/1/1093/i/i?i=37720981379382.400853805996375&a=77&e=0100007F0081696181061D36024B146D&pref=https%3A%2F%2Fpoweruser.guru%2F&c=ss:77.up:0100007F0081696181061D36024B146D.syn...
  • https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=37720981379382.400853805996375&a=77&e=0100007F0081696181061D36024B146D&pref=https%3A%2F%2Fpoweruser.guru%2F&c=ss:77.up:0100007F008...
0
0
i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 95E0
Redirect Chain
  • https://dmg.digitaltarget.ru/1/1093/i/i?i=37720981379382.326407000038279&a=77&e=0100007F0081696181061D36024B146D&pref=https%3A%2F%2Fpoweruser.guru%2F&c=ss:77.up:0100007F0081696181061D36024B146D.syn...
  • https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=37720981379382.326407000038279&a=77&e=0100007F0081696181061D36024B146D&pref=https%3A%2F%2Fpoweruser.guru%2F&c=ss:77.up:0100007F008...
49 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=37720981379382.326407000038279&a=77&e=0100007F0081696181061D36024B146D&pref=https%3A%2F%2Fpoweruser.guru%2F&c=ss:77.up:0100007F0081696181061D36024B146D.sync:up.xdua:dumsDWToX7ps5EZL4nQKi974.xps:xpszICaOjm6MryxDxHUYJjLFp.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Requested by
Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.134 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.acint.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 15 Oct 2021 13:24:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
27
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Credentials
true

Redirect headers

Date
Fri, 15 Oct 2021 13:24:19 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=37720981379382.326407000038279&a=77&e=0100007F0081696181061D36024B146D&pref=https%3A%2F%2Fpoweruser.guru%2F&c=ss:77.up:0100007F0081696181061D36024B146D.sync:up.xdua:dumsDWToX7ps5EZL4nQKi974.xps:xpszICaOjm6MryxDxHUYJjLFp.dn:acint__net.adcm:hit.tg:adcmjs_noorient
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
master-only
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
86400
Connection
keep-alive
Request-Time
0
Content-Length
0
X-Content-Type-Options
nosniff
css
fonts.googleapis.com/ Frame C06E 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400&lang=en
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=184&slotname=9740033421&adk=1645359902&adf=1632581841&pi=t.ma~as.9740033421&w=726&lmt=1634304256&rafmt=11&psa=0&format=726x184&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255895&bpp=3&bdt=233&idt=208&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=357&ady=1166&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eAf3eZ9YHg&p=https%3A//poweruser.guru&dtd=215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f10.1e100.net
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 12:27:12 GMT
server
ESF
date
Fri, 15 Oct 2021 13:24:16 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Fri, 15 Oct 2021 13:24:16 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame C06E 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=184&slotname=9740033421&adk=1645359902&adf=1632581841&pi=t.ma~as.9740033421&w=726&lmt=1634304256&rafmt=11&psa=0&format=726x184&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255895&bpp=3&bdt=233&idt=208&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=357&ady=1166&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eAf3eZ9YHg&p=https%3A//poweruser.guru&dtd=215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
f6bde1ecec9ad90f8c99ba8e179e083ac62f64679c264a9b10a71fe52c7289e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 12:36:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2868
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12898
x-xss-protection
0
server
cafe
etag
10770391770327730900
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Oct 2021 12:36:28 GMT
10202401269253263052
tpc.googlesyndication.com/daca_images/simgad/ Frame C06E 		165 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/10202401269253263052
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=184&slotname=9740033421&adk=1645359902&adf=1632581841&pi=t.ma~as.9740033421&w=726&lmt=1634304256&rafmt=11&psa=0&format=726x184&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255895&bpp=3&bdt=233&idt=208&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=357&ady=1166&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eAf3eZ9YHg&p=https%3A//poweruser.guru&dtd=215
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
29d871bfafd416f498118e9bbba120c15eb0f9910d98f763aa24f9e85f9d7709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 09:10:30 GMT
x-content-type-options
nosniff
age
274426
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
169454
x-xss-protection
0
last-modified
Tue, 29 Aug 2017 18:25:51 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Oct 2022 09:10:30 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame C06E 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=184&slotname=9740033421&adk=1645359902&adf=1632581841&pi=t.ma~as.9740033421&w=726&lmt=1634304256&rafmt=11&psa=0&format=726x184&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255895&bpp=3&bdt=233&idt=208&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=357&ady=1166&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eAf3eZ9YHg&p=https%3A//poweruser.guru&dtd=215
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:18:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7691
x-xss-protection
0
server
cafe
etag
14402072889669646931
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Oct 2021 13:18:58 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame C06E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=184&slotname=9740033421&adk=1645359902&adf=1632581841&pi=t.ma~as.9740033421&w=726&lmt=1634304256&rafmt=11&psa=0&format=726x184&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255895&bpp=3&bdt=233&idt=208&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=357&ady=1166&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eAf3eZ9YHg&p=https%3A//poweruser.guru&dtd=215
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:17:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
425
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Oct 2021 13:17:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C06E 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=184&slotname=9740033421&adk=1645359902&adf=1632581841&pi=t.ma~as.9740033421&w=726&lmt=1634304256&rafmt=11&psa=0&format=726x184&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255895&bpp=3&bdt=233&idt=208&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=357&ady=1166&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eAf3eZ9YHg&p=https%3A//poweruser.guru&dtd=215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37919
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634125446224599"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Oct 2021 13:24:16 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame C06E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=184&slotname=9740033421&adk=1645359902&adf=1632581841&pi=t.ma~as.9740033421&w=726&lmt=1634304256&rafmt=11&psa=0&format=726x184&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255895&bpp=3&bdt=233&idt=208&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=357&ady=1166&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eAf3eZ9YHg&p=https%3A//poweruser.guru&dtd=215
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:20:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6281
x-xss-protection
0
server
cafe
etag
18349783599053866072
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Oct 2021 13:20:04 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ Frame C06E 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 03:41:26 GMT
x-content-type-options
nosniff
age
207770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Oct 2022 03:41:26 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame C06E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CacRCAIFpYZbpCZeD2fcP3aGQiAicjY_JZb32y96yDtLh0uCyARABINOas3xgyQagAYWfh7wByAEBqAMByAPDBKoEjgNP0LjT5yebuN8dyQXo3E30TFo79i64DTClE3G0PrvFivufy4AqvfFvIh0acUH_Q5Z9oyLs95yJCsL3iQp-pPYRlIuKI_xHSoHucGtPQaMN27qa11X0-yxr9BZGM9r2puNzf4zLEbGbd36WlVJGV9_3QaXQl7bcE9kq6rZ4VGmD7IKLtU1ovGYUGoSc0jBnqiIyyQyRwdp4_Ti-fy_zSpTzi_CKrZjd2qgybltjcnrsvgh1WDkKZgdCmqJc3W1rauTY3pPMMPfH_cK21o8gCV-wz4B-xdHvHeb83kWBEzIyBJzPKb5B6nPkhJO5KY0jfQZtzoTgEwCrdVzcHrzvgyNTiq2OryZZuTUjSdX8ETg1Nrgy26GHopHB67aS_TSANi-MzoIftYTT83_ZAX6fWFoWE0kik9Xkbz2i5oQVJ52Wr8nt_uS1302KGI93tYmNScAmQo7GA4OwvA6R3PqBzOl4Upcwh3zleK17UfdchsMW7PvCfvjrq8zf2XVjzBm_xQV1NkfcjsJmlAyCQ5VLTsAEz7K849gDkgUECAQYAZIFBAgFGASgBlGAB-Pg-MMCqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAfIHBBDF1BfSCAcIgGEQARhfgAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTI0MTkxMTI4Njc3OTM1NTYYAA&sigh=VpgVLmNNen0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=184&slotname=9740033421&adk=1645359902&adf=1632581841&pi=t.ma~as.9740033421&w=726&lmt=1634304256&rafmt=11&psa=0&format=726x184&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255895&bpp=3&bdt=233&idt=208&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=357&ady=1166&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eAf3eZ9YHg&p=https%3A//poweruser.guru&dtd=215
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=184&slotname=9740033421&adk=1645359902&adf=1632581841&pi=t.ma~as.9740033421&w=726&lmt=1634304256&rafmt=11&psa=0&format=726x184&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255895&bpp=3&bdt=233&idt=208&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=357&ady=1166&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eAf3eZ9YHg&p=https%3A//poweruser.guru&dtd=215
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 15 Oct 2021 13:24:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1D7C 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=184&slotname=9740033421&adk=1645359902&adf=1632581841&pi=t.ma~as.9740033421&w=726&lmt=1634304256&rafmt=11&psa=0&format=726x184&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255895&bpp=3&bdt=233&idt=208&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=357&ady=1166&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eAf3eZ9YHg&p=https%3A//poweruser.guru&dtd=215
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=184&slotname=9740033421&adk=1645359902&adf=1632581841&pi=t.ma~as.9740033421&w=726&lmt=1634304256&rafmt=11&psa=0&format=726x184&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255895&bpp=3&bdt=233&idt=208&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=357&ady=1166&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eAf3eZ9YHg&p=https%3A//poweruser.guru&dtd=215
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnxZ3SklO_Bpj2p8vrAEEeNUsaUG_3xPiKM9STYLK6NrsULsFGhplOmdcVE1Ao; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=184&slotname=9740033421&adk=1645359902&adf=1632581841&pi=t.ma~as.9740033421&w=726&lmt=1634304256&rafmt=11&psa=0&format=726x184&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255895&bpp=3&bdt=233&idt=208&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=357&ady=1166&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eAf3eZ9YHg&p=https%3A//poweruser.guru&dtd=215

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 15 Oct 2021 13:00:15 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1441
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1D7C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=184&slotname=9740033421&adk=1645359902&adf=1632581841&pi=t.ma~as.9740033421&w=726&lmt=1634304256&rafmt=11&psa=0&format=726x184&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255895&bpp=3&bdt=233&idt=208&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=357&ady=1166&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eAf3eZ9YHg&p=https%3A//poweruser.guru&dtd=215
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnxZ3SklO_Bpj2p8vrAEEeNUsaUG_3xPiKM9STYLK6NrsULsFGhplOmdcVE1Ao; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 15 Oct 2021 13:24:17 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Fri, 15-Oct-2021 14:24:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 15 Oct 2021 13:24:17 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 15 Oct 2021 13:24:17 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame C06E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c28d497de525c239422779bab42399dd111a7eff4e689470a49721b655ab8ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 21D6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=600&slotname=8112284653&adk=3963576789&adf=2804389696&pi=t.ma~as.8112284653&w=300&fwrn=4&fwrnh=100&lmt=1634304256&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255898&bpp=2&bdt=236&idt=275&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C726x184&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1107&ady=772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ieJO7O57tk&p=https%3A//poweruser.guru&dtd=285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:17:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
426
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Oct 2021 13:17:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 21D6 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=600&slotname=8112284653&adk=3963576789&adf=2804389696&pi=t.ma~as.8112284653&w=300&fwrn=4&fwrnh=100&lmt=1634304256&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255898&bpp=2&bdt=236&idt=275&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C726x184&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1107&ady=772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ieJO7O57tk&p=https%3A//poweruser.guru&dtd=285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:24:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37919
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634125446224599"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Oct 2021 13:24:17 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 21D6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=600&slotname=8112284653&adk=3963576789&adf=2804389696&pi=t.ma~as.8112284653&w=300&fwrn=4&fwrnh=100&lmt=1634304256&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255898&bpp=2&bdt=236&idt=275&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C726x184&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1107&ady=772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ieJO7O57tk&p=https%3A//poweruser.guru&dtd=285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:20:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6281
x-xss-protection
0
server
cafe
etag
18349783599053866072
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Oct 2021 13:20:04 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9177425597507305472/ Frame E608 		127 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9177425597507305472/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=600&slotname=8112284653&adk=3963576789&adf=2804389696&pi=t.ma~as.8112284653&w=300&fwrn=4&fwrnh=100&lmt=1634304256&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255898&bpp=2&bdt=236&idt=275&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C726x184&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1107&ady=772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ieJO7O57tk&p=https%3A//poweruser.guru&dtd=285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
689b25634cb0d84e592e43cc1e3f1a43589cacd8f8faa3dfb582a200b1109246
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/9177425597507305472/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin
*
date
Tue, 12 Oct 2021 18:24:29 GMT
expires
Wed, 12 Oct 2022 18:24:29 GMT
last-modified
Thu, 12 Nov 2020 01:42:25 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
32975
age
241188
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 21D6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CefRAAIFpYZGIDvLkzAanqLvYDubRvNRluZW6wIUN29keEAEg05qzfGDJBqABqOTa_gLIAQmpAjjntH2J5ag-qAMByAMCqgSBA0_Qn6G3NONASZhb7mwe4rN1QZnQjSQfaYIGJ7iJQCRpzEJy0OFotpBZOKyH_gF7NRLNxW5RYojmBn04JVQvZcC4zOKF9cMDUIdlABNWUt3hrC45RleKrZp3O0zWnAE1mdkrUvA4iwtEj5ztHqF81HHsg28WBHkKSQ1ZAsMTa6YuYGZOXzQl3h4Ole6mDsuzMxiNkfDDisgFevwUVL9ALG5oi2wO2Q24ND56DdEkbq6I9qUEZkIUvU9Vh35XehiOLZ-MTpYlfbjrhMdH351YlxP3fySHcco29FSQxjxWxn23-iXUML0XZTywKg7qvMKhhs8amS-RlG0dFrAZd4ft05fT-naC-6XTsobLUwK2NTxj2PcZcR49TPgK_bPnQ99MWI09LBBhg1Sj08HOBOl-X30sUtrDlMvSavGK2SIkcnOfSES2WbkJncke93HiKXINDjYARYO7QehYRhQP3AWi1ZC723ttuuh2lwbS-8vwVXsA8KwXIaNBTKXdBvD-eKGvKDPABNqn9Zq1A5IFBAgEGAGSBQQIBRgEoAZrgAfAm6WBAagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH_p6xAqgHpr4b2AcB8gcEELjkOtIIBwiAYRABGF-ACgHICwHYEw2IFALQFQGYFgGAFwGyFxwKGggAEhRwdWItMjQxOTExMjg2Nzc5MzU1NhgA&sigh=wP0jyefNphM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=600&slotname=8112284653&adk=3963576789&adf=2804389696&pi=t.ma~as.8112284653&w=300&fwrn=4&fwrnh=100&lmt=1634304256&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255898&bpp=2&bdt=236&idt=275&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C726x184&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1107&ady=772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ieJO7O57tk&p=https%3A//poweruser.guru&dtd=285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=600&slotname=8112284653&adk=3963576789&adf=2804389696&pi=t.ma~as.8112284653&w=300&fwrn=4&fwrnh=100&lmt=1634304256&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255898&bpp=2&bdt=236&idt=275&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C726x184&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1107&ady=772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ieJO7O57tk&p=https%3A//poweruser.guru&dtd=285
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 15 Oct 2021 13:24:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame E6E3 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=600&slotname=8112284653&adk=3963576789&adf=2804389696&pi=t.ma~as.8112284653&w=300&fwrn=4&fwrnh=100&lmt=1634304256&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255898&bpp=2&bdt=236&idt=275&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C726x184&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1107&ady=772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ieJO7O57tk&p=https%3A//poweruser.guru&dtd=285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=600&slotname=8112284653&adk=3963576789&adf=2804389696&pi=t.ma~as.8112284653&w=300&fwrn=4&fwrnh=100&lmt=1634304256&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255898&bpp=2&bdt=236&idt=275&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C726x184&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1107&ady=772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ieJO7O57tk&p=https%3A//poweruser.guru&dtd=285
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnxZ3SklO_Bpj2p8vrAEEeNUsaUG_3xPiKM9STYLK6NrsULsFGhplOmdcVE1Ao; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=600&slotname=8112284653&adk=3963576789&adf=2804389696&pi=t.ma~as.8112284653&w=300&fwrn=4&fwrnh=100&lmt=1634304256&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255898&bpp=2&bdt=236&idt=275&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C726x184&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1107&ady=772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ieJO7O57tk&p=https%3A//poweruser.guru&dtd=285

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 15 Oct 2021 13:00:15 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1442
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 21D6 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2b55c803ffff8325c28c8a4f695ecdcced2434cfeb24b4e17997496124cea1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame E608 		11 KB
848 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:700,regular,600|Montserrat:700,regular
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9177425597507305472/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f10.1e100.net
Software
ESF /
Resource Hash
ba90f0e2d002e79ab68c8924c78d1ecea2433a0942adc560f70d5b20acddc5bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 13:24:17 GMT
server
ESF
date
Fri, 15 Oct 2021 13:24:17 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Fri, 15 Oct 2021 13:24:17 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E608 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9177425597507305472/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 18:00:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69800
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 15 Oct 2021 18:00:57 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E608 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9177425597507305472/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 13:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85048
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 15 Oct 2021 13:46:49 GMT
CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js
pagead2.googlesyndication.com/bg/ Frame 968C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CtfsWAsRe2m3N424Qc1nuWYtSGM1BvOIuby86xg17sc.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=184&slotname=9740033421&adk=1645359902&adf=1632581841&pi=t.ma~as.9740033421&w=726&lmt=1634304256&rafmt=11&psa=0&format=726x184&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255895&bpp=3&bdt=233&idt=208&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=357&ady=1166&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eAf3eZ9YHg&p=https%3A//poweruser.guru&dtd=215
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
0ad7ec580b117b69b7378db841cd67b9662d48633506f388b9bcbceb1835eec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 11:58:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
5126
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13341
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 15 Oct 2022 11:58:51 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame E6E3
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=600&slotname=8112284653&adk=3963576789&adf=2804389696&pi=t.ma~as.8112284653&w=300&fwrn=4&fwrnh=100&lmt=1634304256&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255898&bpp=2&bdt=236&idt=275&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C726x184&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1107&ady=772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ieJO7O57tk&p=https%3A//poweruser.guru&dtd=285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnxZ3SklO_Bpj2p8vrAEEeNUsaUG_3xPiKM9STYLK6NrsULsFGhplOmdcVE1Ao; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 15 Oct 2021 13:24:17 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Fri, 15-Oct-2021 14:24:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 15 Oct 2021 13:24:17 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 15 Oct 2021 13:24:17 GMT
server
safe
content-length
257
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame E608 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
7699512122820532843_18144691266145537734.png
static.doubleclick.net/dynamic/5/192230406/ Frame E608 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/192230406/7699512122820532843_18144691266145537734.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=600&slotname=8112284653&adk=3963576789&adf=2804389696&pi=t.ma~as.8112284653&w=300&fwrn=4&fwrnh=100&lmt=1634304256&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255898&bpp=2&bdt=236&idt=275&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C726x184&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1107&ady=772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ieJO7O57tk&p=https%3A//poweruser.guru&dtd=285
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.134 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f134.1e100.net
Software
sffe /
Resource Hash
2677cdd9eee51f292190773ff4f05ca89502e07e945ee42116f86b0e8906d33d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 04:32:21 GMT
x-content-type-options
nosniff
age
31916
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6917
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 16:19:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Oct 2022 04:32:21 GMT
_Google_Dynamic_Display_Ad_160_x_600_1_.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9177425597507305472/ Frame E608 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9177425597507305472/_Google_Dynamic_Display_Ad_160_x_600_1_.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=600&slotname=8112284653&adk=3963576789&adf=2804389696&pi=t.ma~as.8112284653&w=300&fwrn=4&fwrnh=100&lmt=1634304256&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255898&bpp=2&bdt=236&idt=275&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C726x184&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1107&ady=772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ieJO7O57tk&p=https%3A//poweruser.guru&dtd=285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
2fc6b7b81c4f68e12b4c2e30e5027499a62f604a40ce524ddd37ca4b5b51fa0a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
239821
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6999
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 01:42:25 GMT
server
sffe
date
Tue, 12 Oct 2021 18:47:16 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 12 Oct 2022 18:47:16 GMT
Google_Dynamic_Display_Ad_728_x_90_1_.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9177425597507305472/ Frame E608 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9177425597507305472/Google_Dynamic_Display_Ad_728_x_90_1_.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=600&slotname=8112284653&adk=3963576789&adf=2804389696&pi=t.ma~as.8112284653&w=300&fwrn=4&fwrnh=100&lmt=1634304256&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255898&bpp=2&bdt=236&idt=275&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C726x184&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1107&ady=772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ieJO7O57tk&p=https%3A//poweruser.guru&dtd=285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
c366c2607202adba86c9859c759f1840703ac157360248f5bb71987868dd270b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
34627
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8097
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 01:42:25 GMT
server
sffe
date
Fri, 15 Oct 2021 03:47:10 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 15 Oct 2022 03:47:10 GMT
Google_Dynamic_Display_Ad_468_x_60_2_.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9177425597507305472/ Frame E608 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9177425597507305472/Google_Dynamic_Display_Ad_468_x_60_2_.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=600&slotname=8112284653&adk=3963576789&adf=2804389696&pi=t.ma~as.8112284653&w=300&fwrn=4&fwrnh=100&lmt=1634304256&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255898&bpp=2&bdt=236&idt=275&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C726x184&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1107&ady=772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ieJO7O57tk&p=https%3A//poweruser.guru&dtd=285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
3c764a032b92ca26c29a916fafd3f9a0c31a4b4bf9f5ce6ec2fe54f916a912e5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
34627
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5101
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 01:42:25 GMT
server
sffe
date
Fri, 15 Oct 2021 03:47:10 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 15 Oct 2022 03:47:10 GMT
Google_Dynamic_Display_Ad_336_x_280_1_.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9177425597507305472/ Frame E608 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9177425597507305472/Google_Dynamic_Display_Ad_336_x_280_1_.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=600&slotname=8112284653&adk=3963576789&adf=2804389696&pi=t.ma~as.8112284653&w=300&fwrn=4&fwrnh=100&lmt=1634304256&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255898&bpp=2&bdt=236&idt=275&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C726x184&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1107&ady=772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ieJO7O57tk&p=https%3A//poweruser.guru&dtd=285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
6a58f5012ac311a63cec9b7ec64bed5cd95b85bec8c887658de0fedd7121515c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
34627
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10096
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 01:42:25 GMT
server
sffe
date
Fri, 15 Oct 2021 03:47:10 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 15 Oct 2022 03:47:10 GMT
Google_Dynamic_Display_Ad_300_x_600_1_.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9177425597507305472/ Frame E608 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9177425597507305472/Google_Dynamic_Display_Ad_300_x_600_1_.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=600&slotname=8112284653&adk=3963576789&adf=2804389696&pi=t.ma~as.8112284653&w=300&fwrn=4&fwrnh=100&lmt=1634304256&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255898&bpp=2&bdt=236&idt=275&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C726x184&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1107&ady=772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ieJO7O57tk&p=https%3A//poweruser.guru&dtd=285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
b1bd8279cdd86c374c92e8bc61ad52b9dea7afb69d7e8ffba7b13bb28c3fcd72
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
239821
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13870
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 01:42:25 GMT
server
sffe
date
Tue, 12 Oct 2021 18:47:16 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 12 Oct 2022 18:47:16 GMT
Google_Dynamic_Display_Ad_300_x_250_1_.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9177425597507305472/ Frame E608 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9177425597507305472/Google_Dynamic_Display_Ad_300_x_250_1_.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=600&slotname=8112284653&adk=3963576789&adf=2804389696&pi=t.ma~as.8112284653&w=300&fwrn=4&fwrnh=100&lmt=1634304256&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255898&bpp=2&bdt=236&idt=275&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C726x184&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1107&ady=772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ieJO7O57tk&p=https%3A//poweruser.guru&dtd=285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
5c8cc85f7ce109c357d903d6ce6ced65b2a8137e177cacd0c42b77ea328407f8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
239518
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8646
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 01:42:25 GMT
server
sffe
date
Tue, 12 Oct 2021 18:52:19 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 12 Oct 2022 18:52:19 GMT
Google_Dynamic_Display_Ad_180_x_150_1_.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9177425597507305472/ Frame E608 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9177425597507305472/Google_Dynamic_Display_Ad_180_x_150_1_.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2419112867793556&output=html&h=600&slotname=8112284653&adk=3963576789&adf=2804389696&pi=t.ma~as.8112284653&w=300&fwrn=4&fwrnh=100&lmt=1634304256&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpoweruser.guru%2Fquestions%2F1167476%2F%25D1%258F%25D0%25B2%25D0%25BB%25D1%258F%25D0%25B5%25D1%2582%25D1%2581%25D1%258F-%25D0%25BB%25D0%25B8-c-windows-syswow64-explorer-exe-%25D0%25B2%25D0%25B8%25D1%2580%25D1%2583%25D1%2581%25D0%25BE%25D0%25BC&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634304255898&bpp=2&bdt=236&idt=275&shv=r20211013&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C726x184&nras=1&correlator=4711675587746&frm=20&pv=1&ga_vid=865865853.1634304256&ga_sid=1634304256&ga_hid=588656549&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1107&ady=772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751036%2C31062524&oid=2&pvsid=3426096986937634&pem=132&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=ieJO7O57tk&p=https%3A//poweruser.guru&dtd=285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
1d8bed03cbf7fcb49bdbf150b1a0f8579a6469c36de41b7a790da906c83c620c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
353939
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6502
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 01:42:25 GMT
server
sffe
date
Mon, 11 Oct 2021 11:05:18 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 11 Oct 2022 11:05:18 GMT
7699512122820532843_18144691266145537734.png
static.doubleclick.net/dynamic/5/192230406/ Frame E608 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/192230406/7699512122820532843_18144691266145537734.png
Requested by
Host: poweruser.guru
URL: https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.134 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f134.1e100.net
Software
sffe /
Resource Hash
2677cdd9eee51f292190773ff4f05ca89502e07e945ee42116f86b0e8906d33d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 04:32:21 GMT
x-content-type-options
nosniff
age
31916
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6917
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 16:19:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Oct 2022 04:32:21 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 21D6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssD46-VQic6jFdZ8Ic_MWB-ETd1OpFx83Azad8NFXa5_Wfsy-guA-5Iw0Z1lcm1NuMQnHTtr7drEBEM_xVql2o8VQ3tOeZiICcep4xWf0S4BBfuUxg&sai=AMfl-YQMXV4eMQxUU7K42ySPT3FyFRtx2M991j68pSqVESVXdmEh6kWtBkyYyUXWhEeSlwXlw2i7azK2KCIs&sig=Cg0ArKJSzOS8XNJcwvTJEAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20211013&bin=7&avms=nio&bs=0,0&mc=0.71&if=1&app=0&itpl=2&adk=3963576789&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634304256185&rpt=939&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Oct 2021 13:24:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.acint.net/ping/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.acint.net/ping/?v=0.3.0&uid=b90425c0-e6dc-4365-9e7e-c6b1f3787cbc&dp=10&tz=%2B00%3A00&nc=30590846&dT=2021-10-15T13%3A24%3A18.988
Requested by
Host: poweruser.guru
URL: https://poweruser.guru/questions/1167476/%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F-%D0%BB%D0%B8-c-windows-syswow64-explorer-exe-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz1271109.aucourant.info
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://poweruser.guru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 13:24:19 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-type
image/gif
content-length
43
expires
Wed, 19 Apr 2000 11:43:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dmg.digitaltarget.ru
URL
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=37720981379382.400853805996375&a=77&e=0100007F0081696181061D36024B146D&pref=https%3A%2F%2Fpoweruser.guru%2F&c=ss:77.up:0100007F0081696181061D36024B146D.sync:up.xdua:dumsDWToX7ps5EZL4nQKi974.xps:xpszICaOjm6MryxDxHUYJjLFp.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery object| adsbygoogle object| _acic function| ym object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| google_user_agent_client_hint number| vw_bid string| vw_pusjs function| doesFileExist function| cbPushTokenVW undefined| sendTokenToServer object| _acil function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| Ya object| yaCounter56499298 object| googletag

85 Cookies

Domain/Path Name / Value
.yadro.ru/ Name: FTID
Value: 1XQO4903xeOB1XQO490026CC
poweruser.guru/ Name: fid
Value: efce7e0f-3a57-4e54-aaca-5a5878f4a603
.acint.net/ Name: test_cookie
Value: CheckForPermission
.acint.net/ Name: aid
Value: fwAAAWFpgQA2HQaBbRRLAiLYLsTcBPwh+4/0qJQ+ALVBWx86
.acint.net/ Name: cSyncDp7v2
Value: 1634304256
.acint.net/ Name: cSyncDp14v3
Value: 1634304256
.acint.net/ Name: cSyncDp17
Value: 1634304256
.acint.net/ Name: cSyncDp32
Value: 1634304256
.acint.net/ Name: cSyncDp45v3
Value: 1634304256
.acint.net/ Name: cSyncDp53
Value: 1634304256
.acint.net/ Name: cSyncDp54v2
Value: 1634304256
.acint.net/ Name: cSyncDp62
Value: 1634304256
.acint.net/ Name: cSyncDp67v2
Value: 1634304256
.acint.net/ Name: cSyncDp68
Value: 1634304256
.acint.net/ Name: cSyncDp77
Value: 1634304256
.acint.net/ Name: cSyncDp84
Value: 1634304256
.acint.net/ Name: cSyncDp85
Value: 1634304256
.acint.net/ Name: cSyncDp88
Value: 1634304256
.acint.net/ Name: cSyncDp95v2
Value: 1634304256
.acint.net/ Name: cSyncDp101
Value: 1634304256
.acint.net/ Name: cSyncDp104v2
Value: 1634304256
.acint.net/ Name: cSyncDp107
Value: 1634304256
.acint.net/ Name: cSyncDp111v2
Value: 1634304256
.acint.net/ Name: cSyncDp112v2
Value: 1634304256
.acint.net/ Name: cSyncDp125v2
Value: 1634304256
.acint.net/ Name: cSyncDp126
Value: 1634304256
.acint.net/ Name: cSyncDp127
Value: 1634304256
.acint.net/ Name: cSyncDp136
Value: 1634304256
.acint.net/ Name: cSyncDp138
Value: 1634304256
.acint.net/ Name: cSyncDp144
Value: 1634304256
.acint.net/ Name: cSyncDp146
Value: 1634304256
.acint.net/ Name: cSyncDp149
Value: 1634304256
.acint.net/ Name: cSyncDp151
Value: 1634304256
.yadro.ru/ Name: VID
Value: 0qUNO80EbwOB1XQO490026GA
.poweruser.guru/ Name: _ym_uid
Value: 1634304256639598226
.poweruser.guru/ Name: _ym_d
Value: 1634304256
.poweruser.guru/ Name: __gads
Value: ID=abd75f9511aac9a5-2200cbe3f3ca0034:T=1634304256:RT=1634304256:S=ALNI_MZ4Kz2UwCdsRTCP9NOaAACIYoPm-A
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1283313706fake
.poweruser.guru/ Name: _ym_isad
Value: 2
.ssp-rtb.sape.ru/ Name: sspuid
Value: fwAAAWFpgQCm1QAjGfaKAs4j98J3AS+m+0ZTO07dU8R2fvdU
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3446829885fake
.utraff.com/ Name: preutid
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUnxZ3SklO_Bpj2p8vrAEEeNUsaUG_3xPiKM9STYLK6NrsULsFGhplOmdcVE1Ao
.yandex.com/ Name: yandexuid
Value: 5137133211634304256
.yandex.com/ Name: yuidss
Value: 5137133211634304256
mc.yandex.com/ Name: yabs-sid
Value: 430838421634304256
.yandex.com/ Name: i
Value: Vio1tg1meab2PVln2hexKqzbF311OL8cltWdmqCmZ9myfURz18vmdDYrXJwHbWe/rY7zksfoADV8LJb/3o+MR4hbRIk=
.yandex.com/ Name: ymex
Value: 1665840256.yrts.1634304256#1665840256.yrtsi.1634304256
.betweendigital.com/ Name: dc
Value: mow1
.betweendigital.com/ Name: tuuid
Value: 70a87997-d94b-5120-b385-e171d2ec6071
.betweendigital.com/ Name: ss
Value: 1
.adhigh.net/ Name: gi_u
Value: ugpTJWRGVGps.AikABlF8hB_pYw
.republer.com/ Name: ruid
Value: 160c032a-877d-4fed-8e7c-9314b2574a29
.adhigh.net/ Name: sape_sync
Value: ItS
.mail.ru/ Name: VID
Value: 2h2RQa128mY500000W10H425:::0-0-0-683d9c0:CAASEELhXTyo9GTQN0lQEX5uRDcaYB_y0AfuX1TqWN7mvPImtFDIm9Jd30Q-faZlqlMNwxFhSs30F5XKqIz7FnLuDMQfUAN7DJ53ALzSG2MM5MfyeOV7H_nFAvWARiPgJGjuLF68C1LNlq60jemQDhUuKswRhQ
.1dmp.io/ Name: uid
Value: 321b0a92-2dbb-11ec-8677-901b0e934d81
adx.com.ru/ Name: yabbi-user
Value: 61698100d41e066aa127d682
.adriver.ru/ Name: cid
Value: AkyxYiZJv_jd8UdHVm-MLzg
.betweendigital.com/ Name: ut
Value: YWmBAAAHblgpvP4pUr8fXmSejRHPF6p4c6hRuA==
.adsniper.ru/ Name: uuid3
Value: IiQzMjJhZTM1Mi0yZGJiLTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.weborama.fr/ Name: AFFICHE_W
Value: uXSP@CwEOo6585
.relap.io/ Name: unique
Value: OLFLdVmm
.relap.io/ Name: fsts
Value: 1634304256
.relap.io/ Name: lsts
Value: 1634304256
.relap.io/ Name: suid
Value: c6fda7d9095cc1cc5e0ff0a43939eb86593f08b6--ba6e5b9a5c52a8d162bb9851b1804fd67e67cd4d
.relap.io/ Name: hllc
Value: 1
.relap.io/ Name: rlpsprcs
Value: eyJ0cyI6MTYzNDMwNDI1NiwidWlkIjoiMDEwMDAwN0YwMDgxNjk2MTgxMDYxRDM2MDI0QjE0NkQifQ--c1e07b18d562608d4afd1db47ce948d818079127
.bumlam.com/ Name: suuid3
Value: IiQzMjJhZTM1Mi0yZGJiLTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.rktch.com/ Name: b_uid
Value: 129c4546f768df8463a91f7d6c242894afba
.mts.ru/ Name: dspid
Value: 3cd7bd67-fad6-4dc2-b5e8-c7d7e80a1a36
.uuidksinc.net/ Name: jcsuuid
Value: pmvjkj7CDOHT7E3mzqgc
.advarkads.com/ Name: u
Value: EAJFPWTqtka2N-QnLQFMlQ
.rutarget.ru/ Name: userId
Value: rhaU-YBAxkGa
.aidata.io/ Name: __upin
Value: Cpk5FpJP5oCyfRWuHUekLg
.aidata.io/ Name: __upints
Value: 1634304256
.gnezdo.ru/ Name: uid
Value: XV9maWFpgQAHuAn6tASiAg==
.yandex.ru/ Name: yuidss
Value: 850809381634304256
.yandex.ru/ Name: yandexuid
Value: 850809381634304256
prodmp.ru/ Name: rai
Value: 0dc4904585a570d060365f08ee69b175
.mts.ru/ Name: mts_id
Value: 6836b20b-9931-4cb4-8e96-3906be57ba6b
.mts.ru/ Name: mts_id_last_sync
Value: 1634304256
x01.aidata.io/ Name: mts
Value: 1
.ops.beeline.ru/ Name: BeeAID
Value: 3ca42b63-b7bf-49ff-96f1-74396b7165c7
.an.yandex.ru/ Name: yabs-dsp
Value: mts_banner.UE5lOVpfcldUY0sxNk1mWDZBb2FOZw==
.doubleclick.net/ Name: DSID
Value: NO_DATA

2 Console Messages

Source Level URL
Text
deprecation warning URL: https://cizyix.gxxcbj.com/v/JW_KfO1_VZjpBv0e4XTRdNqWXORYCg(Line 3)
Message:
Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9427._nLFQzGT0AntrvEowXclTCNTl4TDwvPRLEsLjVkLMeJKIux6eheelbMpOkHYKshxUzDX7JiAOnu21YcRf-4gbg%2C%2C.nlZFHMy29n0gE6Ey3pTEo7o9N28%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0100007f0081696181061d36024b146d-sp.ops.beeline.ru
a.utraff.com
acint.net
ad.adriver.ru
ad.mail.ru
adlmerge.com
ads.betweendigital.com
adservice.google.com
adx.com.ru
ajax.googleapis.com
an.yandex.ru
api.advarkads.com
cizyix.gxxcbj.com
cm.g.doubleclick.net
counter.yadro.ru
dm.hybrid.ai
dmg.digitaltarget.ru
exchange.buzzoola.com
fcgi4.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.stack.imgur.com
match.new-programmatic.com
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
poweruser.guru
prodmp.ru
pus.qjudpxkisv.xyz
px.adhigh.net
redirect.frontend.weborama.fr
relap.io
s.uuidksinc.net
s3.advarkads.com
sape-sync.rutarget.ru
sm.rtb.mts.ru
ssp-rtb.sape.ru
ssp.adriver.ru
stat.adlabs.ru
static.doubleclick.net
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.republer.com
sync3.adsniper.ru
tag.digitaltarget.ru
tech.rtb.mts.ru
tpc.googlesyndication.com
ut.rktch.com
www.acint.net
www.google.com
www.googletagservices.com
x01.aidata.io
dmg.digitaltarget.ru
104.22.5.87
104.26.4.219
109.248.237.37
138.201.65.66
142.250.184.226
142.250.185.130
142.250.185.196
142.250.185.226
142.250.185.66
142.250.185.97
142.250.186.34
142.250.186.35
142.250.186.42
148.251.156.238
151.101.12.193
157.90.3.2
185.15.175.134
185.15.175.147
188.34.131.134
188.42.29.80
193.106.93.124
194.190.117.93
194.190.76.38
195.201.243.71
195.209.108.46
199.247.10.181
212.32.244.30
213.87.44.187
216.58.212.134
216.58.212.170
217.65.2.150
217.66.147.162
23.111.200.118
31.172.81.158
31.172.81.160
31.220.27.134
35.190.16.14
37.18.16.16
37.9.245.57
46.4.121.26
78.46.100.125
80.64.106.147
81.222.128.213
87.250.250.90
87.250.251.119
88.212.201.204
89.108.119.28
89.108.97.2
93.95.102.105
94.100.180.197
95.163.37.253
95.211.222.167
95.211.66.35
0051ea5737735b550089fe83711bef0fcf85bd730d7e069100de255f1d344abe
099399b26fdccfcb50a72b78b14c6e028418913d4206d9f47af4e849f2ba2c0d
0ad7ec580b117b69b7378db841cd67b9662d48633506f388b9bcbceb1835eec7
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d8bed03cbf7fcb49bdbf150b1a0f8579a6469c36de41b7a790da906c83c620c
23cf258c8d8459bc03a53e50216d27952de94415fc096b54b5be5e061e3696c4
2677cdd9eee51f292190773ff4f05ca89502e07e945ee42116f86b0e8906d33d
29d871bfafd416f498118e9bbba120c15eb0f9910d98f763aa24f9e85f9d7709
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2fc6b7b81c4f68e12b4c2e30e5027499a62f604a40ce524ddd37ca4b5b51fa0a
3c28d497de525c239422779bab42399dd111a7eff4e689470a49721b655ab8ec
3c764a032b92ca26c29a916fafd3f9a0c31a4b4bf9f5ce6ec2fe54f916a912e5
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
496077b8b09b43b1417ac4a8eb747b38b08e12a2dc9b65573c78dd2a44ac674d
4dc3155984bcec227b19b8fb24e153dc29ccbd308d148896b4216153ed352410
50782b53f2c0a3a58b7705e9728663d77bf13b04e9ff4c7ee18a3f76dc11bbc8
535cf4a35daf7954fddd2b6e79f2e1d9674316839a4a14d6baa71238c491ef15
53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5ad63c27519cba6231add81acf46b67655936d285cc45bae36b3d45bf5f2f77e
5c8cc85f7ce109c357d903d6ce6ced65b2a8137e177cacd0c42b77ea328407f8
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
669e4c1639ec2e02233bce2a81ea811ff91ad289c3ad0493844c8250c7a5ce8b
67c4b40901dc312c6d97f1119d1d52429b2160f07dfecdfcf2615795c84c5837
689b25634cb0d84e592e43cc1e3f1a43589cacd8f8faa3dfb582a200b1109246
6a58f5012ac311a63cec9b7ec64bed5cd95b85bec8c887658de0fedd7121515c
7431e6bf7ec9476932bd78f5e7c4aacbe651ed5c1f3459be0dbfa7e6a1ac3b9e
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b
8f297a42c731c5e6412ef47dff5d7697e142a28abe98d34b515951d40e5e9f7d
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
95206ffe9023fec32f3c57430c6b01f2b134a351f839ab269d8cc34be46ccc62
9594c1398e53b375581981f53adf26a02c11fd2ec051db00119154fbf71ceb79
9a6b50131cc9b2e010aafa2e58d6a1672df5781ebee2120a2e80e04db9d89007
a005eee90de8938d4dc50e5f89a5af9e91e2210c3c16fe68ed08aaa69a1ce186
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a87447ba7715e54dd08bd184d143300f4ea2b8e93fec720d4bacac6f1b7de081
b0650d735f7f71e6069650bda7583d3830a1cd5f0bad8d9272f8ce5366ff4832
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1bd8279cdd86c374c92e8bc61ad52b9dea7afb69d7e8ffba7b13bb28c3fcd72
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
ba90f0e2d002e79ab68c8924c78d1ecea2433a0942adc560f70d5b20acddc5bf
c2b55c803ffff8325c28c8a4f695ecdcced2434cfeb24b4e17997496124cea1e
c366c2607202adba86c9859c759f1840703ac157360248f5bb71987868dd270b
c7d33f35f5703ad99e9909c82f88aaad005fcbbc733ac4605dce9ff7da8c6b4c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0774e083ca23a9dc44142c5d4a74f78b2d3964939c3817f3d3de5fa361ca7b4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
f6bde1ecec9ad90f8c99ba8e179e083ac62f64679c264a9b10a71fe52c7289e2
fa523f248a332cb89ae3ad8cf51d840153e0f96bcc2a4c8db736e02a340dab48