office-guru.ru Open in urlscan Pro
2a03:f480:1:12::72 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://office-guru.ru/
Effective URL:
https://office-guru.ru/
Submission: On November 12 via manual (November 12th 2020, 6:38:32 am UTC) from RU

Summary HTTP 100 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 39 IPs in 9 countries across 33 domains to perform 100 HTTP transactions. The main IP is 2a03:f480:1:12::72, located in Estonia and belongs to PAGM-AS, EE. The main domain is office-guru.ru.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 10th 2020. Valid for: 3 months.

This is the only time office-guru.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	2a03:f480:1:1... 2a03:f480:1:12::72	198068 (PAGM-AS) (PAGM-AS)
4	84.201.175.104 84.201.175.104	200350 (YANDEXCLOUD) (YANDEXCLOUD)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:6000:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:219... 2600:9000:2190:6200:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
3	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
1	88.99.234.26 88.99.234.26	24940 (HETZNER-AS) (HETZNER-AS)
1	88.208.54.88 88.208.54.88	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
4	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3030::681b:a38b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:e45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:6b8::16b 2a02:6b8::16b	13238 (YANDEX) (YANDEX)
2 8	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
1 8	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
3	217.69.133.145 217.69.133.145	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200d	15169 (GOOGLE) (GOOGLE)
1	18.196.233.38 18.196.233.38	16509 (AMAZON-02) (AMAZON-02)
3	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
2	188.42.211.42 188.42.211.42	7979 (SERVERS-COM) (SERVERS-COM)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
3	88.99.167.101 88.99.167.101	24940 (HETZNER-AS) (HETZNER-AS)
2	3.224.156.224 3.224.156.224	14618 (AMAZON-AES) (AMAZON-AES)
1	148.251.9.22 148.251.9.22	24940 (HETZNER-AS) (HETZNER-AS)
1 2	193.232.148.151 193.232.148.151	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1 2	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
3	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	77.88.21.179 77.88.21.179	13238 (YANDEX) (YANDEX)
100	39

15 2a03:f480:1:12::72 (Estonia) 1 redirects

ASN198068 (PAGM-AS, EE)

office-guru.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.201.175.104 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)

nativerent.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:6000:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2190:6200:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8:20::215 (Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.234.26 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: digitalcaramel.com

ads.digitalcaramel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.208.54.88 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-88-208-54-88.ah-server.com

q5e40b17ii.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3030::681b:a38b (United States)

ASN13335 (CLOUDFLARENET, US)

files.jumpoutpopup.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:e45 (United States)

ASN13335 (CLOUDFLARENET, US)

w.likebtn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::16b (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::90 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.210 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.233.38 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-233-38.eu-central-1.compute.amazonaws.com

stat.optad360.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.22.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s17-in-f66.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.211.42 (Russian Federation)

ASN7979 (SERVERS-COM, US)

cdn.alfasense.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.99.167.101 (Germany)

ASN24940 (HETZNER-AS, DE)

cdn.alfadart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v.alfasrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.224.156.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

pa.rxthdr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.9.22 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.22.9.251.148.clients.your-server.de

pub-eu.p.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.151 (Russian Federation) 1 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: hosting.adhigh.net

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.196.115 (Luxembourg) 1 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.30 (Poland)

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.88.21.179 (Russian Federation)

ASN13238 (YANDEX, RU)

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	yandex.ru 3 redirects matchid.adfox.yandex.ru an.yandex.ru mc.yandex.ru	305 KB
15	office-guru.ru 1 redirects office-guru.ru	147 KB
7	gstatic.com fonts.gstatic.com ssl.gstatic.com	55 KB
6	google.com apis.google.com accounts.google.com adservice.google.com	110 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	145 KB
4	doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net	116 KB
4	mail.ru top-fwz1.mail.ru ad.mail.ru	25 KB
4	nativerent.ru nativerent.ru	13 KB
3	creativecdn.com prebid-eu.creativecdn.com ams.creativecdn.com	2 KB
3	jumpoutpopup.ru files.jumpoutpopup.ru	12 KB
3	yastatic.net yastatic.net	120 KB
3	optad360.io cmp.optad360.io get.optad360.io	218 KB
2	criteo.net static.criteo.net	48 KB
2	alfasrv.com v.alfasrv.com	792 B
2	criteo.com bidder.criteo.com gum.criteo.com	144 B
2	betweendigital.com 1 redirects ads.betweendigital.com	1 KB
2	adhigh.net 1 redirects px.adhigh.net	934 B
2	rxthdr.com pa.rxthdr.com	278 B
2	alfasense.net cdn.alfasense.net	55 KB
2	youtube.com www.youtube.com
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	likebtn.com w.likebtn.com	59 KB
1	adfox.ru ads.adfox.ru	107 B
1	otm-r.com pub-eu.p.otm-r.com	287 B
1	alfadart.com cdn.alfadart.com	240 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	169 B
1	googleadservices.com partner.googleadservices.com	665 B
1	consensu.org stat.optad360.mgr.consensu.org	286 B
1	q5e40b17ii.ru q5e40b17ii.ru	8 KB
1	digitalcaramel.com ads.digitalcaramel.com	986 B
1	googleapis.com fonts.googleapis.com	734 B
100	33

	Domain	Requested by
15	office-guru.ru	1 redirects office-guru.ru
8	mc.yandex.ru	1 redirects office-guru.ru mc.yandex.ru
8	an.yandex.ru	2 redirects yastatic.net office-guru.ru nativerent.ru
5	ssl.gstatic.com	office-guru.ru
4	apis.google.com	office-guru.ru apis.google.com
4	pagead2.googlesyndication.com	office-guru.ru pagead2.googlesyndication.com
4	nativerent.ru	office-guru.ru nativerent.ru
3	top-fwz1.mail.ru	office-guru.ru top-fwz1.mail.ru
3	files.jumpoutpopup.ru	office-guru.ru files.jumpoutpopup.ru
3	yastatic.net	office-guru.ru yastatic.net
2	tpc.googlesyndication.com	nativerent.ru tpc.googlesyndication.com
2	securepubads.g.doubleclick.net	nativerent.ru securepubads.g.doubleclick.net
2	static.criteo.net	nativerent.ru static.criteo.net
2	ams.creativecdn.com	cdn.alfadart.com office-guru.ru
2	v.alfasrv.com	office-guru.ru
2	ads.betweendigital.com	1 redirects
2	px.adhigh.net	1 redirects
2	pa.rxthdr.com	cdn.alfadart.com
2	cdn.alfasense.net	yastatic.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.youtube.com	apis.google.com
2	counter.yadro.ru	1 redirects office-guru.ru
2	fonts.gstatic.com	fonts.googleapis.com
2	matchid.adfox.yandex.ru	yastatic.net
2	w.likebtn.com	office-guru.ru w.likebtn.com
2	get.optad360.io	office-guru.ru get.optad360.io
1	ads.adfox.ru
1	gum.criteo.com	static.criteo.net
1	ad.mail.ru	nativerent.ru
1	bidder.criteo.com	cdn.alfadart.com
1	prebid-eu.creativecdn.com	cdn.alfadart.com
1	pub-eu.p.otm-r.com	cdn.alfadart.com
1	cdn.alfadart.com	cdn.alfasense.net
1	cdn.jsdelivr.net	get.optad360.io
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stat.optad360.mgr.consensu.org	get.optad360.io
1	accounts.google.com	apis.google.com
1	q5e40b17ii.ru	office-guru.ru
1	ads.digitalcaramel.com	office-guru.ru
1	cmp.optad360.io	office-guru.ru
1	fonts.googleapis.com	office-guru.ru
100	44

This site contains links to these domains. Also see Links.

Domain
ehhu.ru
w0o.ru
4-man.ru

Subject Issuer	Validity	Valid
office-guru.ru Let's Encrypt Authority X3	`2020-11-10` - `2021-02-08`	3 months	crt.sh
nativerent.ru Thawte RSA CA 2018	`2020-09-24` - `2021-10-19`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.optad360.io Amazon	`2020-01-14` - `2021-02-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.yastatic.net Yandex CA	`2020-09-29` - `2021-03-30`	6 months	crt.sh
caramel.am Let's Encrypt Authority X3	`2020-10-16` - `2021-01-14`	3 months	crt.sh
8eaxvlnxvq.xyz Let's Encrypt Authority X3	`2020-11-09` - `2021-02-07`	3 months	crt.sh
*.apis.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.jumpoutpopup.ru Let's Encrypt Authority X3	`2020-10-19` - `2021-01-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-01` - `2021-08-01`	a year	crt.sh
matchid.adfox.yandex.ru Yandex CA	`2020-09-29` - `2021-03-24`	6 months	crt.sh
an.yandex.by Yandex CA	`2020-10-01` - `2021-04-01`	6 months	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
counter.yadro.ru Let's Encrypt Authority X3	`2020-10-29` - `2021-01-27`	3 months	crt.sh
*.mail.ru GlobalSign Organization Validation CA - SHA256 - G2	`2019-01-18` - `2021-01-18`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
stat.optad360.mgr.consensu.org Let's Encrypt Authority X3	`2020-09-07` - `2020-12-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.alfasense.net AlphaSSL CA - SHA256 - G2	`2020-09-30` - `2021-11-01`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
*.alfadart.com AlphaSSL CA - SHA256 - G2	`2020-04-09` - `2021-04-10`	a year	crt.sh
pa.rxthdr.com Amazon	`2020-01-17` - `2021-02-17`	a year	crt.sh
*.p.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-27` - `2022-02-06`	2 years	crt.sh
*.adhigh.net Sectigo RSA Domain Validation Secure Server CA	`2020-06-19` - `2021-04-19`	10 months	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-06` - `2022-02-16`	2 years	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-09-04` - `2020-12-03`	3 months	crt.sh
v.alfasrv.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-26` - `2021-09-09`	a year	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-09-04` - `2020-12-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.adfox.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh

This page contains 11 frames:

Primary Page: https://office-guru.ru/
Frame ID: 0A3B6C3E9A53AE30DF8A21A461F2AE1F
Requests: 86 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCLAZCZAQmwCVaYsXrUT-Hjg&layout=default&count=default&origin=https%3A%2F%2Foffice-guru.ru&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__
Frame ID: E2FA1B887B2EA4201BA46389871D9D71
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201110/r20190131/zrt_lookup.html
Frame ID: 794B748A3CFCDFFBC8B8A11865FFE77F
Requests: 1 HTTP requests in this frame

Frame: https://files.jumpoutpopup.ru/5f835778e9f0e.html
Frame ID: 4D31C53D80030BD3A3720EEED792EA5B
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Foffice-guru.ru&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__
Frame ID: C46E8071C5A5454EB4FB7359AA54DDCB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4894759983606832&output=html&adk=1812271804&adf=1573534164&lmt=1584466821&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Foffice-guru.ru%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605163095172&bpp=14&bdt=355&idt=307&shv=r20201110&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2294507911647&frm=20&pv=2&ga_vid=349425306.1605163095&ga_sid=1605163095&ga_hid=884713947&ga_fc=0&iag=0&icsg=277214379641359&dssz=55&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428&oid=3&pvsid=2966986437810616&pem=894&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=326
Frame ID: 376560AAF7BE0B3D55B08DD2DB6B0E07
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCLAZCZAQmwCVaYsXrUT-Hjg&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__
Frame ID: 3A6137B499DB8E12CE4D8A5A0967D23D
Requests: 1 HTTP requests in this frame

Frame: https://ams.creativecdn.com/imp-delivery?tk=Pp8EJOD7PmqMlaAa9bbrBscVPOmvnIpkdf4DYZBKcyewEYYEOIzpa63zBp3iq07A5nrCUMnLRtcDgsBgcGf9FLPeL1Eufzj9DTSwEU9RxVm3EqQsx5XTrfzLndD09OeL0Jyg-QbymlZg_X6YarrYBMUbLIAizXd8swfNlfnS_o5IQ5OlOTqJCRIWChLfKdTwUBbcBYSosNuqBNxz4vvWtKBeHGHB0wtYLwIelT-pfNZc7FxLU3S0u0jAfR0V6d5rf7reYhuB_XOYHXOZxgr97qOY5YdIHnIyjcnGFwa3QvI&curl=https%3A%2F%2Fams.creativecdn.com%2Fclicks%3Fid%3D20201112_NjOKZqPJA4Bk41vqkwRg%26tdc%3Dams%26%7BEXTRA_CLICK_PARAMS%7D&tdc=ams
Frame ID: 3124EC0534FC25E65C8AC22281A6B8E4
Requests: 1 HTTP requests in this frame

Frame: https://ams.creativecdn.com/win-notify?tk=Pp8EJOD7PmqMlaAa9bbrBscVPOmvnIpkdf4DYZBKcyewEYYEOIzpa63zBp3iq07A5nrCUMnLRtcDgsBgcGf9FLPeL1Eufzj9DTSwEU9RxVm3EqQsx5XTrfzLndD09OeL0Jyg-QbymlZg_X6YarrYBMUbLIAizXd8swfNlfnS_o5IQ5OlOTqJCRIWChLfKdTwUBbcBYSosNuqBNxz4vvWtKBeHGHB0wtYLwIelT-pfNZc7FxLU3S0u0jAfR0V6d5rf7reYhuB_XOYHXOZxgr97qOY5YdIHnIyjcnGFwa3QvI&wp=0.009967557674434968&tdc=ams
Frame ID: B3E44853E719797DC79C48B65069E144
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 6EAC51B1998D27846FC4FEF29EDCB66F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=office-guru.ru
Frame ID: CD0480135E89DCC8324D97A4A89B41C0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://office-guru.ru/ HTTP 301
https://office-guru.ru/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /https?:\/\/an\.yandex\.ru\//i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

100
Requests

100 %
HTTPS

59 %
IPv6

33
Domains

44
Subdomains

39
IPs

9
Countries

1706 kB
Transfer

4884 kB
Size

13
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://ehhu.ru/
Title: ehhu.ru

Search URL Search Domain Scan URL

URL: https://w0o.ru/
Title: w0o.ru

Search URL Search Domain Scan URL

URL: https://4-man.ru/
Title: 4-man.ru

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://office-guru.ru/ HTTP 301
https://office-guru.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://an.yandex.ru/adfox/332443/getBulk/v2?dl=https%3A%2F%2Foffice-guru.ru%2F&date=2020-11-12T07%3A38%3A15.042%2B01%3A00&pd=12&pdh=1200&pdw=1600&pr1=2290706494&pr=993290586&prr=&pv=7&pw=4&extid_loader=&extid_tag_loader=office-guru.ru&ylv=0.1912&ybv=0.1910&ytt=487083681515541&is-turbo=0&skip-token=&ad-session-id=319871605163095046&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1170%2C%22h%22%3A0%2C%22width%22%3A1170%2C%22height%22%3A0%2C%22left%22%3A215%2C%22top%22%3A181%2C%22visible%22%3A1%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&p1=cmauj&p2=gxnc&slotNumber=1&bids=W10%3D&grab=dNCU0L7QsdGA0L4g0L_QvtC20LDQu9C-0LLQsNGC0Ywg0LIg0LzQuNGAINGD0YDQvtC60L7QsiDQv9C-IE1pY3Jvc29mdCBPZmZpY2UhIC0g0JjQvdGE0L7RgNC80LDRhtC40L7QvdC90YvQtSDRgtC10YXQvdC-0LvQvtCz0LjQuAo%3D&utf8=%E2%9C%93 HTTP 302
https://an.yandex.ru/adfox/332443/getBulk/v2?redir-setuniq=1&dl=https%3A%2F%2Foffice-guru.ru%2F&date=2020-11-12T07%3A38%3A15.042%2B01%3A00&pd=12&pdh=1200&pdw=1600&pr1=2290706494&pr=993290586&prr=&pv=7&pw=4&extid_loader=&extid_tag_loader=office-guru.ru&ylv=0.1912&ybv=0.1910&ytt=487083681515541&is-turbo=0&skip-token=&ad-session-id=319871605163095046&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1170%2C%22h%22%3A0%2C%22width%22%3A1170%2C%22height%22%3A0%2C%22left%22%3A215%2C%22top%22%3A181%2C%22visible%22%3A1%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&p1=cmauj&p2=gxnc&slotNumber=1&bids=W10%3D&grab=dNCU0L7QsdGA0L4g0L_QvtC20LDQu9C-0LLQsNGC0Ywg0LIg0LzQuNGAINGD0YDQvtC60L7QsiDQv9C-IE1pY3Jvc29mdCBPZmZpY2UhIC0g0JjQvdGE0L7RgNC80LDRhtC40L7QvdC90YvQtSDRgtC10YXQvdC-0LvQvtCz0LjQuAo%3D&utf8=%E2%9C%93

Request Chain 33

https://an.yandex.ru/adfox/332443/getBulk/v2?dl=https%3A%2F%2Foffice-guru.ru%2F&date=2020-11-12T07%3A38%3A15.106%2B01%3A00&pd=12&pdh=1200&pdw=1600&pr1=1622358717&pr=993290586&prr=&pv=7&pw=4&extid_loader=&extid_tag_loader=office-guru.ru&ylv=0.1912&ybv=0.1910&ytt=487083681515541&is-turbo=0&skip-token=&ad-session-id=319871605163095046&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22left%22%3A1045%2C%22top%22%3A616%2C%22visible%22%3A1%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&p1=clzny&p2=gxna&slotNumber=3&bids=W10%3D&grab=dNCU0L7QsdGA0L4g0L_QvtC20LDQu9C-0LLQsNGC0Ywg0LIg0LzQuNGAINGD0YDQvtC60L7QsiDQv9C-IE1pY3Jvc29mdCBPZmZpY2UhIC0g0JjQvdGE0L7RgNC80LDRhtC40L7QvdC90YvQtSDRgtC10YXQvdC-0LvQvtCz0LjQuAox0JTQvtCx0YDQviDQv9C-0LbQsNC70L7QstCw0YLRjCDQsiDQvNC40YAg0YPRgNC-0LrQvtCyINC_0L4gTWljcm9zb2Z0IE9mZmljZSEgCjLQp9GC0L4g0YLQsNC60L7QtSBNaWNyb3NvZnQgT2ZmaWNlPyAK&utf8=%E2%9C%93 HTTP 302
https://an.yandex.ru/adfox/332443/getBulk/v2?redir-setuniq=1&dl=https%3A%2F%2Foffice-guru.ru%2F&date=2020-11-12T07%3A38%3A15.106%2B01%3A00&pd=12&pdh=1200&pdw=1600&pr1=1622358717&pr=993290586&prr=&pv=7&pw=4&extid_loader=&extid_tag_loader=office-guru.ru&ylv=0.1912&ybv=0.1910&ytt=487083681515541&is-turbo=0&skip-token=&ad-session-id=319871605163095046&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22left%22%3A1045%2C%22top%22%3A616%2C%22visible%22%3A1%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&p1=clzny&p2=gxna&slotNumber=3&bids=W10%3D&grab=dNCU0L7QsdGA0L4g0L_QvtC20LDQu9C-0LLQsNGC0Ywg0LIg0LzQuNGAINGD0YDQvtC60L7QsiDQv9C-IE1pY3Jvc29mdCBPZmZpY2UhIC0g0JjQvdGE0L7RgNC80LDRhtC40L7QvdC90YvQtSDRgtC10YXQvdC-0LvQvtCz0LjQuAox0JTQvtCx0YDQviDQv9C-0LbQsNC70L7QstCw0YLRjCDQsiDQvNC40YAg0YPRgNC-0LrQvtCyINC_0L4gTWljcm9zb2Z0IE9mZmljZSEgCjLQp9GC0L4g0YLQsNC60L7QtSBNaWNyb3NvZnQgT2ZmaWNlPyAK&utf8=%E2%9C%93

Request Chain 34

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//office-guru.ru/;h%u0414%u043E%u0431%u0440%u043E%20%u043F%u043E%u0436%u0430%u043B%u043E%u0432%u0430%u0442%u044C%20%u0432%20%u043C%u0438%u0440%20%u0443%u0440%u043E%u043A%u043E%u0432%20%u043F%u043E%20Microsoft%20Office%21%20-%20%u0418%u043D%u0444%u043E%u0440%u043C%u0430%u0446%u0438%u043E%u043D%u043D%u044B%u0435%20%u0442%u0435%u0445%u043D%u043E%u043B%u043E%u0433%u0438%u0438;0.04880294747473024 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//office-guru.ru/;h%u0414%u043E%u0431%u0440%u043E%20%u043F%u043E%u0436%u0430%u043B%u043E%u0432%u0430%u0442%u044C%20%u0432%20%u043C%u0438%u0440%20%u0443%u0440%u043E%u043A%u043E%u0432%20%u043F%u043E%20Microsoft%20Office%21%20-%20%u0418%u043D%u0444%u043E%u0440%u043C%u0430%u0446%u0438%u043E%u043D%u043D%u044B%u0435%20%u0442%u0435%u0445%u043D%u043E%u043B%u043E%u0433%u0438%u0438;0.04880294747473024

Request Chain 50

https://mc.yandex.ru/watch/26013990?wmode=7&page-url=https%3A%2F%2Foffice-guru.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605163094331%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201112073815%3Aet%3A1605163095%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A775297407280%3Arqn%3A1%3Arn%3A203065242%3Ahid%3A332536088%3Ads%3A0%2C64%2C227%2C2%2C189%2C0%2C0%2C294%2C27%2C%2C%2C%2C781%3Afp%3A712%3Agdpr%3A14%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605163095%3Au%3A1605163095756595676%3At%3A%D0%94%D0%BE%D0%B1%D1%80%D0%BE%20%D0%BF%D0%BE%D0%B6%D0%B0%D0%BB%D0%BE%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B2%20%D0%BC%D0%B8%D1%80%20%D1%83%D1%80%D0%BE%D0%BA%D0%BE%D0%B2%20%D0%BF%D0%BE%20Microsoft%20Office!%20-%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%82%D0%B5%D1%85%D0%BD%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D0%B8 HTTP 302
https://mc.yandex.ru/watch/26013990/1?wmode=7&page-url=https%3A%2F%2Foffice-guru.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605163094331%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201112073815%3Aet%3A1605163095%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A775297407280%3Arqn%3A1%3Arn%3A203065242%3Ahid%3A332536088%3Ads%3A0%2C64%2C227%2C2%2C189%2C0%2C0%2C294%2C27%2C%2C%2C%2C781%3Afp%3A712%3Agdpr%3A14%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605163095%3Au%3A1605163095756595676%3At%3A%D0%94%D0%BE%D0%B1%D1%80%D0%BE%20%D0%BF%D0%BE%D0%B6%D0%B0%D0%BB%D0%BE%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B2%20%D0%BC%D0%B8%D1%80%20%D1%83%D1%80%D0%BE%D0%BA%D0%BE%D0%B2%20%D0%BF%D0%BE%20Microsoft%20Office%21%20-%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%82%D0%B5%D1%85%D0%BD%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D0%B8

Request Chain 77

https://px.adhigh.net/rtb/direct_banner?bid_id=4d06b147cb256&pid=66&tid=970x250_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=970x250&cur=RUB&floor=0.1& HTTP 302
https://px.adhigh.net/rtb/direct_banner?bid_id=4d06b147cb256&pid=66&tid=970x250_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=970x250&cur=RUB&floor=0.1&&bounced=1

Request Chain 78

https://ads.betweendigital.com/adjson?jst=hb&ord=7463649712359517&tz=-60&fl=0&rr=direct&w=970&h=250&s=3930264&bidid=6cc013a43d3504&transactionid=3fe4cfb5-547e-440e-8ecb-e5c325373ba3&auctionid=ab6478c6-866a-4a37-a478-c43c104c6c31& HTTP 302
https://ads.betweendigital.com/adjson?jst=hb&ord=7463649712359517&tz=-60&fl=0&rr=direct&w=970&h=250&s=3930264&bidid=6cc013a43d3504&transactionid=3fe4cfb5-547e-440e-8ecb-e5c325373ba3&auctionid=ab6478c6-866a-4a37-a478-c43c104c6c31&crf=1

100 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
office-guru.ru/
Redirect Chain

http://office-guru.ru/
https://office-guru.ru/

70 KB
20 KB

291ms
226ms

Document
text/html

2a03:f480:1:12::72
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://office-guru.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:12::72 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 04af4f0786ab988f143eb097f17759515b6aa8223d81d4f7b9106d1d2317b244

Request headers

:method: GET
:authority: office-guru.ru
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: nginx/1.16.1
date: Thu, 12 Nov 2020 06:38:14 GMT
content-type: text/html; charset=UTF-8
content-length: 19941
x-robots-tag: index, follow
last-modified: Tue, 17 Mar 2020 17:40:21 GMT
vary: Accept-Encoding
content-encoding: gzip

Redirect headers

Server: nginx/1.16.1
Date: Thu, 12 Nov 2020 06:38:14 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://office-guru.ru/

GET
H2 200 nativerent.v2.js Show response
nativerent.ru/js/codes/ 41 KB
12 KB 272ms
98ms Script
application/javascript 84.201.175.104
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://nativerent.ru/js/codes/nativerent.v2.js
Requested by: Host: office-guru.ru
URL: https://office-guru.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.201.175.104 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: /
Resource Hash: d714e1a99b7a924c0d2c35d4ee08b1812a299728dc581baac49cb50cc725e9ba

Request headers

Origin: https://office-guru.ru
Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:15 GMT
content-encoding: gzip
last-modified: Wed, 11 Nov 2020 09:04:14 GMT
status: 200
etag: W/"5faba90e-a22b"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://office-guru.ru
cache-control: max-age=3600
expires: Thu, 12 Nov 2020 07:38:15 GMT

GET
H2 200 style.css
office-guru.ru/wp-content/plugins/likebtn-like-button/public/css/ 2 KB
1 KB 36ms
31ms Stylesheet
text/css 2a03:f480:1:12::72
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://office-guru.ru/wp-content/plugins/likebtn-like-button/public/css/style.css
Requested by: Host: office-guru.ru
URL: https://office-guru.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:12::72 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: a80d027b0e4a91f0e678978754d20a136bdfd7c881b9d6e603ea62d839664e05

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 12 Nov 2020 06:38:14 GMT
content-encoding: gzip
last-modified: Mon, 13 Jul 2020 04:51:35 GMT
server: nginx/1.16.1
etag: W/"5f0be857-9ac"
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 6 KB
734 B 20ms
15ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora%3A400%2C400i%2C700%2C700i&subset=cyrillic

Requested by

Host: office-guru.ru
URL: https://office-guru.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e46b148fc456754e7377bc0f6c08be769b8f7fd8014c5fd2212be4a46d085199

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 06:38:14 GMT
server: ESF
date: Thu, 12 Nov 2020 06:38:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Nov 2020 06:38:14 GMT

GET
H2 200 style.min.css
office-guru.ru/wp-content/themes/root/css/ 110 KB
29 KB 38ms
34ms Stylesheet
text/css 2a03:f480:1:12::72
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://office-guru.ru/wp-content/themes/root/css/style.min.css
Requested by: Host: office-guru.ru
URL: https://office-guru.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:12::72 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 62749b9d033f7d2e4fd5444bbe6cc39f0245ca6d726ac6b8ce49c4876db39e75

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 12 Nov 2020 06:38:14 GMT
content-encoding: gzip
last-modified: Fri, 13 Jul 2018 07:22:04 GMT
server: nginx/1.16.1
etag: W/"5b48531c-1b89a"
content-type: text/css

GET
H2 200 arpw-frontend.css
office-guru.ru/wp-content/plugins/advanced-random-posts-widget/assets/css/ 275 B
300 B 69ms
65ms Stylesheet
text/css 2a03:f480:1:12::72
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://office-guru.ru/wp-content/plugins/advanced-random-posts-widget/assets/css/arpw-frontend.css
Requested by: Host: office-guru.ru
URL: https://office-guru.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:12::72 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: c097810c5c2818c403e04fffc03a639cde42bdecb0c53323119cd7f77f8394fa

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 12 Nov 2020 06:38:14 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 04:29:29 GMT
server: nginx/1.16.1
etag: W/"5ee061a9-113"
content-type: text/css

GET
H2 200 frontend.js Show response
office-guru.ru/wp-content/plugins/likebtn-like-button/public/js/ 7 KB
3 KB 69ms
66ms Script
application/javascript 2a03:f480:1:12::72
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://office-guru.ru/wp-content/plugins/likebtn-like-button/public/js/frontend.js
Requested by: Host: office-guru.ru
URL: https://office-guru.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:12::72 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 8c293bdd1e561a2efc5c35edb0c3133141b3ffd18eda5377960f84f406b5dfc4

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 12 Nov 2020 06:38:14 GMT
content-encoding: gzip
last-modified: Mon, 13 Jul 2020 04:51:35 GMT
server: nginx/1.16.1
etag: W/"5f0be857-1bca"
content-type: application/javascript; charset=utf-8

GET
H2 200 jquery.js Show response
office-guru.ru/wp-includes/js/jquery/ 95 KB
39 KB 153ms
150ms Script
application/javascript 2a03:f480:1:12::72
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://office-guru.ru/wp-includes/js/jquery/jquery.js
Requested by: Host: office-guru.ru
URL: https://office-guru.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:12::72 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 12 Nov 2020 06:38:14 GMT
content-encoding: gzip
last-modified: Thu, 05 Sep 2019 10:38:17 GMT
server: nginx/1.16.1
etag: W/"5d70e599-17a6a"
content-type: application/javascript; charset=utf-8

GET
H2 200 jquery-migrate.min.js Show response
office-guru.ru/wp-includes/js/jquery/ 10 KB
4 KB 153ms
150ms Script
application/javascript 2a03:f480:1:12::72
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://office-guru.ru/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: office-guru.ru
URL: https://office-guru.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:12::72 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 12 Nov 2020 06:38:14 GMT
content-encoding: gzip
last-modified: Fri, 13 Jul 2018 07:32:04 GMT
server: nginx/1.16.1
etag: W/"5b485574-2748"
content-type: application/javascript; charset=utf-8

GET
H2 200 64114588-667d-4abb-9cf0-1c575b21d705.min.js Show response
cmp.optad360.io/items/ 2 B
368 B 52ms
21ms Script
application/javascript 2600:9000:2156:6000:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/64114588-667d-4abb-9cf0-1c575b21d705.min.js
Requested by: Host: office-guru.ru
URL: https://office-guru.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6000:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 02:56:48 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jul 2020 06:54:13 GMT
server: AmazonS3
age: 186088
etag: "99914b932bd37a50b983c5e7c90ae93b"
x-cache: Error from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=360000000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 2
x-amz-cf-id: xq3wJQ3yRQoQshXCww2kI7fFVRThOtYxjMLD9K0JFE2aP_Bz89AtgQ==

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/86314e2d-6eff-47fc-ba39-cc8adf4bff3d/ 344 KB
98 KB 92ms
53ms Script
application/javascript 2600:9000:2190:6200:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/86314e2d-6eff-47fc-ba39-cc8adf4bff3d/plugin.min.js
Requested by: Host: office-guru.ru
URL: https://office-guru.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:6200:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 837b58a7c27b848bf95136bcab10f0b2ec31f38bcd43a731db669a412240c747

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:16 GMT
content-encoding: gzip
last-modified: Sun, 25 Oct 2020 14:07:30 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "8b7371725aebc8daa4677a09bac2c7b6"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=3600
x-amz-cf-id: 7ILYJYcxRUxWTMrr132KkRsPdY5JdwkiUwtTk0eBel4otx9XJsycWw==
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 130 KB
45 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: office-guru.ru
URL: https://office-guru.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc66320adb9b1a19a4a8408a2a27e99df9849cb79cd496b3c000eb149123b25f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45507
x-xss-protection: 0
server: cafe
etag: 12263823122649076092
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 12 Nov 2020 06:38:15 GMT

GET
H2 200 header-bidding.js Show response
yastatic.net/pcode/adfox/ 177 KB
41 KB 101ms
32ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/header-bidding.js

Requested by

Host: office-guru.ru
URL: https://office-guru.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0da8e781a7f69be2d0cfdc48649fe9c8c08be7fceffb644d05db2baf0c6fc7ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:15 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
status: 200
content-length: 41755
timing-allow-origin: *
last-modified: Wed, 11 Nov 2020 09:35:53 GMT
server: nginx/1.17.9
etag: "de50bd6cc23af53e0e720f030aea41c0"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 12 Nov 2020 07:34:30 GMT

GET
H2 200 office-guru.ru.js Show response
ads.digitalcaramel.com/js/ 8 KB
986 B 150ms
47ms Script
application/javascript 88.99.234.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.digitalcaramel.com/js/office-guru.ru.js

Requested by

Host: office-guru.ru
URL: https://office-guru.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.99.234.26 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

digitalcaramel.com

Software

nginx /

Resource Hash

7ebbf35ca9c954a972a57c781c5ea1af414ff561450800e31165c4ba4d44009c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Oct 2020 08:12:14 GMT
server: nginx
etag: W/"5f8955de-1f56"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=315360000
strict-transport-security: max-age=15724800; includeSubdomains; preload
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loader.js Show response
yastatic.net/pcode/adfox/ 193 KB
46 KB 133ms
63ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/loader.js

Requested by

Host: office-guru.ru
URL: https://office-guru.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a10586e2b5e534d34964cf76c28351525460e16fb39622b2f026da8367b7411b

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://office-guru.ru
Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:14 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
status: 200
content-length: 46357
timing-allow-origin: *
last-modified: Wed, 11 Nov 2020 09:35:53 GMT
server: nginx/1.17.9
etag: "3e1a410f3ea21f6da06cf739aff80d62"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 12 Nov 2020 07:33:39 GMT

GET
H/1.1 200
OK script.js Show response
q5e40b17ii.ru/ 8 KB
8 KB 191ms
44ms Script
text/javascript 88.208.54.88
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://q5e40b17ii.ru/script.js
Requested by: Host: office-guru.ru
URL: https://office-guru.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.54.88 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS: ip-88-208-54-88.ah-server.com
Software: nginx/1.16.1 /
Resource Hash: 4e3bd7b2b6cc441c273947cee8467c6d78e474fd9be1be74c4677ddd107ab743

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Thu, 12 Nov 2020 06:38:14 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 7780
Content-Type: application/javascript, text/javascript

GET
H2 200 iconfinder_-52_3057642-4.png
office-guru.ru/wp-content/uploads/2020/10/ 977 B
1 KB 36ms
33ms Image
image/png 2a03:f480:1:12::72
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://office-guru.ru/wp-content/uploads/2020/10/iconfinder_-52_3057642-4.png
Requested by: Host: office-guru.ru
URL: https://office-guru.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:12::72 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: cbfae477875af029336920c1e51193e3b4b981076657e6e0fafa2444cade996c

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:15 GMT
last-modified: Thu, 22 Oct 2020 13:53:09 GMT
server: nginx/1.16.1
etag: "5f918ec5-3d1"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 977

GET
H2 200 oshibki-excel-vba-3-330x140.png
office-guru.ru/wp-content/uploads/2015/12/ 10 KB
10 KB 71ms
67ms Image
image/png 2a03:f480:1:12::72
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://office-guru.ru/wp-content/uploads/2015/12/oshibki-excel-vba-3-330x140.png
Requested by: Host: office-guru.ru
URL: https://office-guru.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:12::72 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 7717ece3820780ffed6d2ae0f0662abdc9efbf47aee3584cb512b8536a574ee6

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:15 GMT
last-modified: Fri, 13 Jul 2018 07:23:45 GMT
server: nginx/1.16.1
etag: "5b485381-28de"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 10462

GET
H2 200 formuly-massiva-excel-4-330x140.png
office-guru.ru/wp-content/uploads/2016/05/ 13 KB
13 KB 214ms
210ms Image
image/png 2a03:f480:1:12::72
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://office-guru.ru/wp-content/uploads/2016/05/formuly-massiva-excel-4-330x140.png
Requested by: Host: office-guru.ru
URL: https://office-guru.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:12::72 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 25c8595459f1938a91138b875bab7a8af803e0c389c9fb94336d646264bfac1e

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:15 GMT
last-modified: Fri, 13 Jul 2018 07:24:11 GMT
server: nginx/1.16.1
etag: "5b48539b-32b0"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 12976

GET
H2 200 nastraivaemyy-spisok-excel-1-330x140.png
office-guru.ru/wp-content/uploads/2015/05/ 11 KB
11 KB 344ms
341ms Image
image/png 2a03:f480:1:12::72
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://office-guru.ru/wp-content/uploads/2015/05/nastraivaemyy-spisok-excel-1-330x140.png
Requested by: Host: office-guru.ru
URL: https://office-guru.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:12::72 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: fc6d61e2c1138a1f7d8d3021c495298e67d63a3c6a3066560795c4336974d8ec

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:15 GMT
last-modified: Fri, 13 Jul 2018 13:06:08 GMT
server: nginx/1.16.1
etag: "5b48a3c0-2a28"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 10792

GET
H2 200 bezopasnost-macros-excel-1-330x140.png
office-guru.ru/wp-content/uploads/2015/11/ 11 KB
11 KB 365ms
362ms Image
image/png 2a03:f480:1:12::72
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://office-guru.ru/wp-content/uploads/2015/11/bezopasnost-macros-excel-1-330x140.png
Requested by: Host: office-guru.ru
URL: https://office-guru.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:12::72 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 74a99e6557e9167502f9a38ce992c8d1c00e66a6b6a5bfd7c1545b250dd27b5f

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:15 GMT
last-modified: Fri, 13 Jul 2018 07:23:36 GMT
server: nginx/1.16.1
etag: "5b485378-2d65"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 11621

GET
H2 200 platform.js Show response
apis.google.com/js/ 49 KB
19 KB 33ms
28ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: office-guru.ru
URL: https://office-guru.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c564509a50ce9ef93a1776a41576d7dd965955bf216655bf76ecd145317bae39

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PIm3VqcqxRHnjGhJbuSY6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "478becd38df1f23e8f5a6406e5f41416"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-PIm3VqcqxRHnjGhJbuSY6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 12 Nov 2020 06:38:15 GMT

GET
H2 200 aa2a8b53fdc42c3962f3.js Show response
files.jumpoutpopup.ru/ 28 KB
8 KB 32ms
13ms Script
application/javascript 2606:4700:3030::681b:a38b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://files.jumpoutpopup.ru/aa2a8b53fdc42c3962f3.js
Requested by: Host: office-guru.ru
URL: https://office-guru.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:a38b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2feaace2a38877159676cd57a89741e9c2acbf8e72d536165851dab461712a2a

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 36484
status: 200
cf-request-id: 065cc62c0400002bd24181c000000001
pragma: public
last-modified: Wed, 11 Nov 2020 08:30:08 GMT
server: cloudflare
etag: W/"5faba110-6e91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q4j7p0sOSiIyrFYG9XKRTr0lMRyqLTyjq0Y6d9OF%2FteXHhJ2z%2B5qJzimxiMQXAYCdIcPUIfYwSN5ybU53Dv9xUPd6ae%2Fl3Y%2F9F5FAqQ%2BSS20Fs%2FJ8WUw4lUkEyjy8wJfko8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200, public, must-revalidate, proxy-revalidate
cf-ray: 5f0e3fc00b6c2bd2-FRA
expires: Thu, 12 Nov 2020 08:30:11 GMT

GET
H2 200 scripts.min.js Show response
office-guru.ru/wp-content/themes/root/js/ 6 KB
2 KB 37ms
32ms Script
application/javascript 2a03:f480:1:12::72
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://office-guru.ru/wp-content/themes/root/js/scripts.min.js
Requested by: Host: office-guru.ru
URL: https://office-guru.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:12::72 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4eb67ccaa39879544315ccf4a6da86570f7668769c2d8d99f6ea6f44e2076f44

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 12 Nov 2020 06:38:15 GMT
content-encoding: gzip
last-modified: Fri, 13 Jul 2018 07:22:12 GMT
server: nginx/1.16.1
etag: W/"5b485324-1768"
content-type: application/javascript; charset=utf-8

GET
H2 200 q2w3-fixed-widget.min.js Show response
office-guru.ru/wp-content/plugins/q2w3-fixed-widget/js/ 4 KB
2 KB 37ms
32ms Script
application/javascript 2a03:f480:1:12::72
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://office-guru.ru/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js
Requested by: Host: office-guru.ru
URL: https://office-guru.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:12::72 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 12 Nov 2020 06:38:15 GMT
content-encoding: gzip
last-modified: Sat, 11 Apr 2020 13:20:31 GMT
server: nginx/1.16.1
etag: W/"5e91c41f-1108"
content-type: application/javascript; charset=utf-8

GET
H2 200 widget.js Show response
w.likebtn.com/js/w/ 124 KB
32 KB 53ms
27ms Script
application/javascript 2606:4700:20::681a:e45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w.likebtn.com/js/w/widget.js
Requested by: Host: office-guru.ru
URL: https://office-guru.ru/wp-content/plugins/likebtn-like-button/public/js/frontend.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / HHVM/3.15.4
Resource Hash: c1083ad7c7d6ab19f07c9c9ad108450cbdc50adf5c95c94bdf5b26590acf87d1

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 42624
x-powered-by: HHVM/3.15.4
status: 200
cf-request-id: 065cc62c0b0000c2c24284a000000001
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AER8kD1VwBm6NMuUUK6dKZH9oc9IPAFLpczKErS%2FtBErCPcMzWjz3rZQaWILmVCKGeqfhSLa6dZddTKgaR2rUIkDiLwoH8QNZUwJv1ZJBe6392xrev1CuoRh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=691200, s-maxage=57600
cf-polished: origSize=126890
cf-ray: 5f0e3fc01904c2c2-FRA

OPTIONS
H2 200 getcookie
matchid.adfox.yandex.ru/ Frame 0
0 149ms
47ms Other 2a02:6b8::16b
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Protocol

Server

2a02:6b8::16b Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://office-guru.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
content-length: 0
access-control-allow-headers: accept, accept-encoding, accept-language, cache-control, content-type, dnt, origin, x-requested-with
access-control-allow-credentials: true
date: Thu, 12 Nov 2020 06:38:15 GMT
timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://office-guru.ru
x-content-type-options: nosniff

POST
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 112 B
396 B 148ms
53ms XHR
application/json 2a02:6b8::16b
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

3a848f431a88df1d8decd2ffbffca48d6aa554bbc16ec7dc5a43e6ee9c60eeb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 12 Nov 2020 06:38:15 GMT
x-content-type-options: nosniff
status: 200
content-type: application/json
access-control-allow-origin: https://office-guru.ru
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 112

GET
H2 200 banners.js Show response
yastatic.net/pcode-bundles/0.1910/ 133 KB
33 KB 38ms
37ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode-bundles/0.1910/banners.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

15605049332bb9670f47c66ac05c9b1a119219e1a467139ec33f77037fda598e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://office-guru.ru
Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:15 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
status: 200
content-length: 32777
timing-allow-origin: *
last-modified: Tue, 10 Nov 2020 09:29:35 GMT
server: nginx/1.17.9
etag: "b70645c343f35361006e51770808bd80"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 12 Nov 2050 13:09:53 GMT

GET
H2 200 context.js Show response
an.yandex.ru/system/ 133 KB
39 KB 190ms
102ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

7a599ecb233caafa7dfa2fb6b473773da2e045a42efc7d13e1839913de756bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 Nov 2020 06:38:15 GMT
content-encoding: br
server: nginx/1.12.2
status: 200
etag: 4255692883
x-yandex-req-id: 1605163095130186-1121874828412346589700109-production-app-host-sas-pcode-15
strict-transport-security: max-age=31536000
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 12 Nov 2020 07:38:15 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 368 KB
94 KB 137ms
46ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: office-guru.ru
URL: https://office-guru.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

b890c68ff8bd5d94cba364f4bf535c981905c011e66b911cfadcf25b0a34ebbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:15 GMT
content-encoding: br
last-modified: Tue, 10 Nov 2020 08:20:59 GMT
status: 200
etag: "5faa4d6b-17683"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 95875
expires: Thu, 12 Nov 2020 07:38:15 GMT

GET
H2 200 0QIvMX1D_JOuMw77I_FMl_GW8g.woff2
fonts.gstatic.com/s/lora/v16/ 20 KB
20 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v16/0QIvMX1D_JOuMw77I_FMl_GW8g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora%3A400%2C400i%2C700%2C700i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b44e5b9fee146d0ce2c344cd59ded262f33d25f28e0c842e33d6502d97f9a94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://office-guru.ru
Referer: https://fonts.googleapis.com/css?family=Lora%3A400%2C400i%2C700%2C700i&subset=cyrillic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 09:17:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:11:00 GMT
server: sffe
age: 336058
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20432
x-xss-protection: 0
expires: Mon, 08 Nov 2021 09:17:17 GMT

GET
H2 200 0QIvMX1D_JOuMwr7I_FMl_E.woff2
fonts.gstatic.com/s/lora/v16/ 33 KB
34 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v16/0QIvMX1D_JOuMwr7I_FMl_E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora%3A400%2C400i%2C700%2C700i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9504635ce463f19888209acf89dc32831964d8dee1b4c22aa70f564c208061d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://office-guru.ru
Referer: https://fonts.googleapis.com/css?family=Lora%3A400%2C400i%2C700%2C700i&subset=cyrillic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 00:16:50 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:28:09 GMT
server: sffe
age: 368485
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34172
x-xss-protection: 0
expires: Mon, 08 Nov 2021 00:16:50 GMT

GET
H2

200

v2 Show response
an.yandex.ru/adfox/332443/getBulk/
Redirect Chain

https://an.yandex.ru/adfox/332443/getBulk/v2?dl=https%3A%2F%2Foffice-guru.ru%2F&date=2020-11-12T07%3A38%3A15.042%2B01%3A00&pd=12&pdh=1200&pdw=1600&pr1=2290706494&pr=993290586&prr=&pv=7&pw=4&extid_l...
https://an.yandex.ru/adfox/332443/getBulk/v2?redir-setuniq=1&dl=https%3A%2F%2Foffice-guru.ru%2F&date=2020-11-12T07%3A38%3A15.042%2B01%3A00&pd=12&pdh=1200&pdw=1600&pr1=2290706494&pr=993290586&prr=&p...

1 KB
1 KB

106ms
105ms

XHR
application/json

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/332443/getBulk/v2?redir-setuniq=1&dl=https%3A%2F%2Foffice-guru.ru%2F&date=2020-11-12T07%3A38%3A15.042%2B01%3A00&pd=12&pdh=1200&pdw=1600&pr1=2290706494&pr=993290586&prr=&pv=7&pw=4&extid_loader=&extid_tag_loader=office-guru.ru&ylv=0.1912&ybv=0.1910&ytt=487083681515541&is-turbo=0&skip-token=&ad-session-id=319871605163095046&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1170%2C%22h%22%3A0%2C%22width%22%3A1170%2C%22height%22%3A0%2C%22left%22%3A215%2C%22top%22%3A181%2C%22visible%22%3A1%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&p1=cmauj&p2=gxnc&slotNumber=1&bids=W10%3D&grab=dNCU0L7QsdGA0L4g0L_QvtC20LDQu9C-0LLQsNGC0Ywg0LIg0LzQuNGAINGD0YDQvtC60L7QsiDQv9C-IE1pY3Jvc29mdCBPZmZpY2UhIC0g0JjQvdGE0L7RgNC80LDRhtC40L7QvdC90YvQtSDRgtC10YXQvdC-0LvQvtCz0LjQuAo%3D&utf8=%E2%9C%93

Requested by

Host: office-guru.ru
URL: https://office-guru.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

35495fec0447f4b973eb95e7024ba63721fb0cf35b33bec16b7db9239e79caf9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Nov 2020 06:38:15 GMT
content-encoding: gzip
last-modified: Thu, 12 Nov 2020 06:38:15 GMT
server: nginx/1.12.2
timing-allow-origin: *
status: 200
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://office-guru.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json
x-xss-protection: 1; mode=block
expires: Thu, 12 Nov 2020 06:38:15 GMT

Redirect headers

pragma: no-cache
date: Thu, 12 Nov 2020 06:38:15 GMT
last-modified: Thu, 12 Nov 2020 06:38:15 GMT
server: nginx/1.12.2
status: 302
location: https://an.yandex.ru/adfox/332443/getBulk/v2?redir-setuniq=1&dl=https%3A%2F%2Foffice-guru.ru%2F&date=2020-11-12T07%3A38%3A15.042%2B01%3A00&pd=12&pdh=1200&pdw=1600&pr1=2290706494&pr=993290586&prr=&pv=7&pw=4&extid_loader=&extid_tag_loader=office-guru.ru&ylv=0.1912&ybv=0.1910&ytt=487083681515541&is-turbo=0&skip-token=&ad-session-id=319871605163095046&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1170%2C%22h%22%3A0%2C%22width%22%3A1170%2C%22height%22%3A0%2C%22left%22%3A215%2C%22top%22%3A181%2C%22visible%22%3A1%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&p1=cmauj&p2=gxnc&slotNumber=1&bids=W10%3D&grab=dNCU0L7QsdGA0L4g0L_QvtC20LDQu9C-0LLQsNGC0Ywg0LIg0LzQuNGAINGD0YDQvtC60L7QsiDQv9C-IE1pY3Jvc29mdCBPZmZpY2UhIC0g0JjQvdGE0L7RgNC80LDRhtC40L7QvdC90YvQtSDRgtC10YXQvdC-0LvQvtCz0LjQuAo%3D&utf8=%E2%9C%93
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://office-guru.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 12 Nov 2020 06:38:15 GMT

GET
H2

200

v2 Show response
an.yandex.ru/adfox/332443/getBulk/
Redirect Chain

https://an.yandex.ru/adfox/332443/getBulk/v2?dl=https%3A%2F%2Foffice-guru.ru%2F&date=2020-11-12T07%3A38%3A15.106%2B01%3A00&pd=12&pdh=1200&pdw=1600&pr1=1622358717&pr=993290586&prr=&pv=7&pw=4&extid_l...
https://an.yandex.ru/adfox/332443/getBulk/v2?redir-setuniq=1&dl=https%3A%2F%2Foffice-guru.ru%2F&date=2020-11-12T07%3A38%3A15.106%2B01%3A00&pd=12&pdh=1200&pdw=1600&pr1=1622358717&pr=993290586&prr=&p...

1 KB
1 KB

110ms
110ms

XHR
application/json

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/332443/getBulk/v2?redir-setuniq=1&dl=https%3A%2F%2Foffice-guru.ru%2F&date=2020-11-12T07%3A38%3A15.106%2B01%3A00&pd=12&pdh=1200&pdw=1600&pr1=1622358717&pr=993290586&prr=&pv=7&pw=4&extid_loader=&extid_tag_loader=office-guru.ru&ylv=0.1912&ybv=0.1910&ytt=487083681515541&is-turbo=0&skip-token=&ad-session-id=319871605163095046&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22left%22%3A1045%2C%22top%22%3A616%2C%22visible%22%3A1%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&p1=clzny&p2=gxna&slotNumber=3&bids=W10%3D&grab=dNCU0L7QsdGA0L4g0L_QvtC20LDQu9C-0LLQsNGC0Ywg0LIg0LzQuNGAINGD0YDQvtC60L7QsiDQv9C-IE1pY3Jvc29mdCBPZmZpY2UhIC0g0JjQvdGE0L7RgNC80LDRhtC40L7QvdC90YvQtSDRgtC10YXQvdC-0LvQvtCz0LjQuAox0JTQvtCx0YDQviDQv9C-0LbQsNC70L7QstCw0YLRjCDQsiDQvNC40YAg0YPRgNC-0LrQvtCyINC_0L4gTWljcm9zb2Z0IE9mZmljZSEgCjLQp9GC0L4g0YLQsNC60L7QtSBNaWNyb3NvZnQgT2ZmaWNlPyAK&utf8=%E2%9C%93

Requested by

Host: office-guru.ru
URL: https://office-guru.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

a8cf19ca1500beea786eb4bbe9749598a6358a5c94cc39484aac1291946b8150

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Nov 2020 06:38:15 GMT
content-encoding: gzip
last-modified: Thu, 12 Nov 2020 06:38:15 GMT
server: nginx/1.12.2
timing-allow-origin: *
status: 200
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://office-guru.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json
x-xss-protection: 1; mode=block
expires: Thu, 12 Nov 2020 06:38:15 GMT

Redirect headers

pragma: no-cache
date: Thu, 12 Nov 2020 06:38:15 GMT
last-modified: Thu, 12 Nov 2020 06:38:15 GMT
server: nginx/1.12.2
status: 302
location: https://an.yandex.ru/adfox/332443/getBulk/v2?redir-setuniq=1&dl=https%3A%2F%2Foffice-guru.ru%2F&date=2020-11-12T07%3A38%3A15.106%2B01%3A00&pd=12&pdh=1200&pdw=1600&pr1=1622358717&pr=993290586&prr=&pv=7&pw=4&extid_loader=&extid_tag_loader=office-guru.ru&ylv=0.1912&ybv=0.1910&ytt=487083681515541&is-turbo=0&skip-token=&ad-session-id=319871605163095046&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22left%22%3A1045%2C%22top%22%3A616%2C%22visible%22%3A1%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&p1=clzny&p2=gxna&slotNumber=3&bids=W10%3D&grab=dNCU0L7QsdGA0L4g0L_QvtC20LDQu9C-0LLQsNGC0Ywg0LIg0LzQuNGAINGD0YDQvtC60L7QsiDQv9C-IE1pY3Jvc29mdCBPZmZpY2UhIC0g0JjQvdGE0L7RgNC80LDRhtC40L7QvdC90YvQtSDRgtC10YXQvdC-0LvQvtCz0LjQuAox0JTQvtCx0YDQviDQv9C-0LbQsNC70L7QstCw0YLRjCDQsiDQvNC40YAg0YPRgNC-0LrQvtCyINC_0L4gTWljcm9zb2Z0IE9mZmljZSEgCjLQp9GC0L4g0YLQsNC60L7QtSBNaWNyb3NvZnQgT2ZmaWNlPyAK&utf8=%E2%9C%93
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://office-guru.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 12 Nov 2020 06:38:15 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//office-guru.ru/;h%u0414%u043E%u0431%u0440%u043E%20%u043F%u043E%u0436%u0430%u043B%u043E%u0432%u0430%u0442%u044C%20%u0432%20%u043C%u0438%u0440%...
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//office-guru.ru/;h%u0414%u043E%u0431%u0440%u043E%20%u043F%u043E%u0436%u0430%u043B%u043E%u0432%u0430%u0442%u044C%20%u0432%20%u043C%u0438%u044...

43 B
496 B

89ms
89ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//office-guru.ru/;h%u0414%u043E%u0431%u0440%u043E%20%u043F%u043E%u0436%u0430%u043B%u043E%u0432%u0430%u0442%u044C%20%u0432%20%u043C%u0438%u0440%20%u0443%u0440%u043E%u043A%u043E%u0432%20%u043F%u043E%20Microsoft%20Office%21%20-%20%u0418%u043D%u0444%u043E%u0440%u043C%u0430%u0446%u0438%u043E%u043D%u043D%u044B%u0435%20%u0442%u0435%u0445%u043D%u043E%u043B%u043E%u0433%u0438%u0438;0.04880294747473024

Requested by

Host: office-guru.ru
URL: https://office-guru.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 12 Nov 2020 06:38:15 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 12 Nov 2019 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 12 Nov 2020 06:38:15 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//office-guru.ru/;h%u0414%u043E%u0431%u0440%u043E%20%u043F%u043E%u0436%u0430%u043B%u043E%u0432%u0430%u0442%u044C%20%u0432%20%u043C%u0438%u0440%20%u0443%u0440%u043E%u043A%u043E%u0432%20%u043F%u043E%20Microsoft%20Office%21%20-%20%u0418%u043D%u0444%u043E%u0440%u043C%u0430%u0446%u0438%u043E%u043D%u043D%u044B%u0435%20%u0442%u0435%u0445%u043D%u043E%u043B%u043E%u0433%u0438%u0438;0.04880294747473024
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Tue, 12 Nov 2019 21:00:00 GMT

GET
H/1.1 200
OK code.js Show response
top-fwz1.mail.ru/js/ 20 KB
9 KB 249ms
100ms Script
application/javascript 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: office-guru.ru
URL: https://office-guru.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

f7be6de3b83efa3f4948d05d0d64a104cffd62b5e5670f4be6b8f77bd4aa2762

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 12 Nov 2020 06:38:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: *
Last-Modified: Tue, 02 Jun 2020 14:51:19 GMT
Server: nginx
ETag: W/"5ed66767-5098"
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: max-age=3600, private
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: *
Keep-Alive: timeout=60
Expires: Thu, 12 Nov 2020 07:38:15 GMT

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/ 114 KB
41 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df1a864eb139f7b83e359441a65279606060e7849312d1124f854628c31eb14c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 22:15:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202957
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41221
x-xss-protection: 0
last-modified: Fri, 23 Oct 2020 17:38:50 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Nov 2021 22:15:38 GMT

GET
H3-Q050 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/ 120 KB
41 KB 38ms
24ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66897be078be4f7ceb97fed6611f98f7e47a0245e45fe0e39a8a7ae258231323

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 09 Nov 2020 22:15:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202957
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41449
x-xss-protection: 0
last-modified: Fri, 23 Oct 2020 17:38:50 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Nov 2021 22:15:38 GMT

GET
H2 200 subscribe_embed
www.youtube.com/ Frame E2FA 0
0 92ms
72ms Document
text/html 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCLAZCZAQmwCVaYsXrUT-Hjg&layout=default&count=default&origin=https%3A%2F%2Foffice-guru.ru&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /subscribe_embed?usegapi=1&channelid=UCLAZCZAQmwCVaYsXrUT-Hjg&layout=default&count=default&origin=https%3A%2F%2Foffice-guru.ru&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://office-guru.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://office-guru.ru/

Response headers

status: 200
content-type: text/html; charset=utf-8
content-encoding: br
cache-control: no-cache
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-length: 1636
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date: Thu, 12 Nov 2020 06:38:15 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=fSKhFRL8qAI; path=/; domain=.youtube.com; secure; expires=Tue, 11-May-2021 06:38:15 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Thu, 12-Nov-2020 07:08:15 GMT YSC=gxd-T-P6sQA; path=/; domain=.youtube.com; secure; httponly; samesite=None
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 5f835778e9f0e.js Show response
files.jumpoutpopup.ru/ 11 KB
3 KB 11ms
11ms Script
application/javascript 2606:4700:3030::681b:a38b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://files.jumpoutpopup.ru/5f835778e9f0e.js
Requested by: Host: files.jumpoutpopup.ru
URL: https://files.jumpoutpopup.ru/aa2a8b53fdc42c3962f3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:a38b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50704b6b80daa4416b0826ab64f07513080dc4bb3e755f1278dfcc5c6fced070

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 36482
status: 200
cf-request-id: 065cc62c7a00002bd2f2964000000001
pragma: public
last-modified: Sun, 11 Oct 2020 19:09:00 GMT
server: cloudflare
etag: W/"5f83584c-2b6d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cWMMKKHw6D%2B6HuZaZqosH5AeAitCfb4K0Mi6NyTWGXtK%2Fc%2Fv3Z0QF1di0KjLWAj9TxbmvR%2BL9crArlj5ZIlew4SR%2BkWmziaVgVCocbOQGBRG%2Bg389JS4EdpNLzFqhmLPcaA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200, public, must-revalidate, proxy-revalidate
cf-ray: 5f0e3fc0ccf62bd2-FRA
expires: Thu, 12 Nov 2020 08:30:13 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201110/r20190131/ 231 KB
87 KB 55ms
42ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201110/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

252555acdfff588cc5362679cb32d1c18fa0c576968fc73ce8c9458d11666fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88609
x-xss-protection: 0
server: cafe
etag: 13545726671071964201
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Nov 2020 06:38:15 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201110/r20190131/ Frame 794B 0
0 6ms
6ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201110/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://office-guru.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://office-guru.ru/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 11 Nov 2020 22:12:43 GMT
expires: Wed, 25 Nov 2020 22:12:43 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 30332
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 widget.css
w.likebtn.com/css/w/ 72 KB
27 KB 21ms
20ms Stylesheet
text/css 2606:4700:20::681a:e45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w.likebtn.com/css/w/widget.css?v=39
Requested by: Host: w.likebtn.com
URL: https://w.likebtn.com/js/w/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39b677ec4a0c2d95bb6d1439e68b5a0aa693c17912dc9e0209930088182483cf

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4145
cf-polished: origSize=80956
status: 200
cf-request-id: 065cc62c9a0000c2c24a3a1000000001
last-modified: Thu, 01 Oct 2020 07:23:18 GMT
server: cloudflare
etag: W/"5f7583e6-13c3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7QQdhtn19CNMlf3UaS%2FY8rx3sazpswhk2PeRVLdGWqLvzBMq4qsb5NsS1Jj2695UP86YBotBt2wf9EpBV42j8nkJA%2FfHnZMRfxPsK%2BTDM3wCSzcFxY9g6GNM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 5f0e3fc0fafdc2c2-FRA
cf-bgj: minify

OPTIONS
H2 204 visit
nativerent.ru/ext/article/ Frame 0
0 102ms
102ms Other 84.201.175.104
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://nativerent.ru/ext/article/visit
Protocol: H2
Server: 84.201.175.104 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://office-guru.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 204
date: Thu, 12 Nov 2020 06:38:15 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: PUT, GET, POST, OPTIONS, HEAD
access-control-allow-headers: Content-Type, X-Ray-ID
access-control-max-age: 600
content-length: 0

POST
H2 204 visit Show response
nativerent.ru/ext/article/ 0
175 B 87ms
86ms XHR
text/plain 84.201.175.104
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://nativerent.ru/ext/article/visit
Requested by: Host: nativerent.ru
URL: https://nativerent.ru/js/codes/nativerent.v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.201.175.104 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

status: 204
date: Thu, 12 Nov 2020 06:38:15 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: Content-Type, X-Ray-ID
access-control-allow-methods: PUT, GET, POST, OPTIONS, HEAD

GET
H2 204 datarent Show response
nativerent.ru/ext/ 0
195 B 101ms
101ms XHR
text/plain 84.201.175.104
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://nativerent.ru/ext/datarent?url=https%3A%2F%2Foffice-guru.ru%2F&site_id=5e465c392532f
Requested by: Host: nativerent.ru
URL: https://nativerent.ru/js/codes/nativerent.v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.201.175.104 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Thu, 12 Nov 2020 06:38:15 GMT
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: Content-Type, X-Ray-ID
access-control-allow-methods: PUT, GET, POST, OPTIONS, HEAD

GET
H2 200 5f835778e9f0e.html
files.jumpoutpopup.ru/ Frame 4D31 0
0 17ms
16ms Document
text/html 2606:4700:3030::681b:a38b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://files.jumpoutpopup.ru/5f835778e9f0e.html

Requested by

Host: files.jumpoutpopup.ru
URL: https://files.jumpoutpopup.ru/5f835778e9f0e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::681b:a38b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

:method: GET
:authority: files.jumpoutpopup.ru
:scheme: https
:path: /5f835778e9f0e.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://office-guru.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://office-guru.ru/

Response headers

status: 200
date: Thu, 12 Nov 2020 06:38:15 GMT
content-type: text/html
set-cookie: __cfduid=d65bd8b2a751f905182d3668239d27f611605163095; expires=Sat, 12-Dec-20 06:38:15 GMT; path=/; domain=.jumpoutpopup.ru; HttpOnly; SameSite=Lax
last-modified: Sun, 11 Oct 2020 19:09:00 GMT
vary: Accept-Encoding
expires: Thu, 12 Nov 2020 18:38:15 GMT
cache-control: max-age=43200
x-frame-options: ALLOWALL
cf-cache-status: DYNAMIC
cf-request-id: 065cc62cea00002bd21f309000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ItU8w4otyOvtva3lLbraU1rK02BeZPeLtceTLVQuMGYEq%2FKMDdVjKDHR3O6YifACrOZAhQZdFamPJgxgkHH%2Byos2Lpgk29Ft1AQlDsbuC6nIDEj7BNCeBcoguwuDt83FeMg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5f0e3fc17e672bd2-FRA
content-encoding: br

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame C46E 0
0 16ms
15ms Document
text/html 2a00:1450:4001:800::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Foffice-guru.ru&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KGyUNjFYKOBb3EuvBAplXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=https%3A%2F%2Foffice-guru.ru&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://office-guru.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=204=hhfv8dSr-QzQkMy5fZX9RznjaoF4j36DHjU-cHAoPrvXbTuNnphBApNGoxgRGI-rDzp3GK-pIgFxAmSO8lvihvtCmqS-ms7MHDmIjDLUmSPijFn7xPba30H8EnCZLirGXCRRZEqmWjsuMPMSh_xF14-tUe7IkrP5NDJxCGXIXIQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://office-guru.ru/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 12 Nov 2020 06:38:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-KGyUNjFYKOBb3EuvBAplXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK / Show response
stat.optad360.mgr.consensu.org/ 20 B
286 B 189ms
59ms XHR
text/html 18.196.233.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.optad360.mgr.consensu.org/
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/86314e2d-6eff-47fc-ba39-cc8adf4bff3d/plugin.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.196.233.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-233-38.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3686dfcc387ce3016d755449af77eede88cc7e1bd34aa42b9ac8b9431b45b1ef

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 12 Nov 2020 06:38:15 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 prebid4.10.0.js Show response
get.optad360.io/sf/ 376 KB
120 KB 13ms
13ms Script
application/javascript 2600:9000:2190:6200:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid4.10.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/86314e2d-6eff-47fc-ba39-cc8adf4bff3d/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:6200:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0f6b305d4e421043e07884f55d7af7c94f7102e98b59ec56c22b5f9061d2bc1

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 23:32:37 GMT
content-encoding: gzip
last-modified: Tue, 06 Oct 2020 11:44:24 GMT
server: AmazonS3
age: 25539
etag: W/"7c66aabe3020c6a7b9e7bb4172cf0f03"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=360000000
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: MojsZM-pSX5yjsfDifRhge0DKJsU0ZIxJdZHXD1L6B1xKh0IerY-bA==
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)

GET
H2

200

1 Show response
mc.yandex.ru/watch/26013990/
Redirect Chain

https://mc.yandex.ru/watch/26013990?wmode=7&page-url=https%3A%2F%2Foffice-guru.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605163094331%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A2166136261...
https://mc.yandex.ru/watch/26013990/1?wmode=7&page-url=https%3A%2F%2Foffice-guru.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605163094331%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A21661362...

202 B
573 B

47ms
46ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/26013990/1?wmode=7&page-url=https%3A%2F%2Foffice-guru.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605163094331%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201112073815%3Aet%3A1605163095%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A775297407280%3Arqn%3A1%3Arn%3A203065242%3Ahid%3A332536088%3Ads%3A0%2C64%2C227%2C2%2C189%2C0%2C0%2C294%2C27%2C%2C%2C%2C781%3Afp%3A712%3Agdpr%3A14%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605163095%3Au%3A1605163095756595676%3At%3A%D0%94%D0%BE%D0%B1%D1%80%D0%BE%20%D0%BF%D0%BE%D0%B6%D0%B0%D0%BB%D0%BE%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B2%20%D0%BC%D0%B8%D1%80%20%D1%83%D1%80%D0%BE%D0%BA%D0%BE%D0%B2%20%D0%BF%D0%BE%20Microsoft%20Office%21%20-%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%82%D0%B5%D1%85%D0%BD%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D0%B8

Requested by

Host: office-guru.ru
URL: https://office-guru.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

7c06f865ca9f3e6a4592756794a15e7107412168e0d2d9968a91d35d8df33183

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Nov 2020 06:38:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 12-Nov-2020 06:38:15 GMT
status: 200
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://office-guru.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 202
x-xss-protection: 1; mode=block
expires: Thu, 12-Nov-2020 06:38:15 GMT

Redirect headers

pragma: no-cache
date: Thu, 12 Nov 2020 06:38:15 GMT
last-modified: Thu, 12-Nov-2020 06:38:15 GMT
status: 302
location: /watch/26013990/1?wmode=7&page-url=https%3A%2F%2Foffice-guru.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605163094331%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201112073815%3Aet%3A1605163095%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A775297407280%3Arqn%3A1%3Arn%3A203065242%3Ahid%3A332536088%3Ads%3A0%2C64%2C227%2C2%2C189%2C0%2C0%2C294%2C27%2C%2C%2C%2C781%3Afp%3A712%3Agdpr%3A14%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605163095%3Au%3A1605163095756595676%3At%3A%D0%94%D0%BE%D0%B1%D1%80%D0%BE%20%D0%BF%D0%BE%D0%B6%D0%B0%D0%BB%D0%BE%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B2%20%D0%BC%D0%B8%D1%80%20%D1%83%D1%80%D0%BE%D0%BA%D0%BE%D0%B2%20%D0%BF%D0%BE%20Microsoft%20Office%21%20-%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%82%D0%B5%D1%85%D0%BD%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D0%B8
access-control-allow-origin: https://office-guru.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 12-Nov-2020 06:38:15 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 204 B
665 B 146ms
53ms Script
text/javascript 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=office-guru.ru&callback=_gfp_s_&client=ca-pub-4894759983606832

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201110/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

4f21ee5b14c07664683ff59391074c53b612065a798473769545a0a2a485c74d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 Nov 2020 06:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
169 B 15ms
14ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=office-guru.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201110/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 Nov 2020 06:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 16ms
16ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=office-guru.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201110/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 Nov 2020 06:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 3765 0
0 71ms
71ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4894759983606832&output=html&adk=1812271804&adf=1573534164&lmt=1584466821&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Foffice-guru.ru%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605163095172&bpp=14&bdt=355&idt=307&shv=r20201110&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2294507911647&frm=20&pv=2&ga_vid=349425306.1605163095&ga_sid=1605163095&ga_hid=884713947&ga_fc=0&iag=0&icsg=277214379641359&dssz=55&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428&oid=3&pvsid=2966986437810616&pem=894&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=326

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201110/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4894759983606832&output=html&adk=1812271804&adf=1573534164&lmt=1584466821&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Foffice-guru.ru%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605163095172&bpp=14&bdt=355&idt=307&shv=r20201110&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2294507911647&frm=20&pv=2&ga_vid=349425306.1605163095&ga_sid=1605163095&ga_hid=884713947&ga_fc=0&iag=0&icsg=277214379641359&dssz=55&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428&oid=3&pvsid=2966986437810616&pem=894&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=326
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://office-guru.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://office-guru.ru/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 12 Nov 2020 06:38:15 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 12-Nov-2020 06:53:15 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 12 Nov 2020 06:38:15 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201110/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e28099ec8875ba272b12bb0fb2a7269c2e0ac46d1761ee6ff4f069a59fd4e39e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605098045670130"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28195
x-xss-protection: 0
expires: Thu, 12 Nov 2020 06:38:15 GMT

GET
H/1.1 200
OK alfadart.lib.min.js Show response
cdn.alfasense.net/lib/ 30 KB
31 KB 374ms
94ms Script
text/javascript 188.42.211.42
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.alfasense.net/lib/alfadart.lib.min.js
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode-bundles/0.1910/banners.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.211.42 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: fc5ee8ea0d44efe74c22c16b2fc3e0005de8c876c2efbce5fefe6bf7677e25fa

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 12 Nov 2020 06:38:15 GMT
Last-Modified: Sat, 03 Oct 2020 08:08:03 GMT
Server: nginx
Etag: "7e47660e852977b193c0ad5794ce7671"
Content-Type: text/javascript
X-Timestamp: 1601712482.26136
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30931
X-Trans-Id: tx92e8a48d32fd475cb8bf9-005facd857

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
136 B 43ms
43ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: office-guru.ru
URL: https://office-guru.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:15 GMT
last-modified: Wed, 11 Nov 2020 09:28:07 GMT
status: 200
etag: "5fabaea7-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 12 Nov 2020 07:38:15 GMT

POST
H/1.1 200
OK counter
top-fwz1.mail.ru/ 43 B
1 KB 74ms
74ms Other
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=3145625;u=https%3A//office-guru.ru/;st=1605163095112;title=%D0%94%D0%BE%D0%B1%D1%80%D0%BE%20%D0%BF%D0%BE%D0%B6%D0%B0%D0%BB%D0%BE%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B2%20%D0%BC%D0%B8%D1%80%20%D1%83%D1%80%D0%BE%D0%BA%D0%BE%D0%B2%20%D0%BF%D0%BE%20Microsoft%20Office!%20-%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%82%D0%B5%D1%85%D0%BD%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D0%B8;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=18cd1e174e47fda8;ver=60.3.0;tz=-60%2FEurope%2FBerlin;ni=10//4g/0/0/;lvid=1605163095537%3A1605163095562%3A1%3A6c9d489e729741b96d1b8eb1c6ac1672;_=0.9673003756912322

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 12 Nov 2020 06:38:15 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: https://office-guru.ru
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://office-guru.ru
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: https://office-guru.ru
Keep-Alive: timeout=60

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 1 KB
1 KB 18ms
6ms XHR
application/json 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20201112

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.10.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

29ffa23e06568b5b21b5392bb3c73ff0a7840cd9ce2329c6d07f97c6fcc98b20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 37421
x-cache: HIT, HIT
status: 200
cross-origin-resource-policy: cross-origin
content-length: 743
etag: W/"52f-3tBxWKFupuh9msh2202XIlhYl9w"
x-served-by: cache-fra19137-FRA, cache-hhn4063-HHN
date: Thu, 12 Nov 2020 06:38:15 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 1
mc.yandex.ru/watch/26013990/ 43 B
73 B 50ms
50ms Other
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/26013990/1?page-url=https%3A%2F%2Foffice-guru.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Ans%3A1605163094331%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Az%3A60%3Ai%3A20201112073815%3Aet%3A1605163095%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apa%3A1%3Als%3A775297407280%3Arqn%3A2%3Arn%3A503551855%3Ahid%3A332536088%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605163096%3Au%3A1605163095756595676

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 12 Nov 2020 06:38:15 GMT
last-modified: Thu, 12-Nov-2020 06:38:15 GMT
status: 200
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://office-guru.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 12-Nov-2020 06:38:15 GMT

POST
H2 200 1
mc.yandex.ru/watch/26013990/ 43 B
73 B 46ms
46ms Other
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/26013990/1?page-ref=https%3A%2F%2Foffice-guru.ru%2F&page-url=goal%3A%2F%2Foffice-guru.ru%2Fjumpout&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1605163094331%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201112073815%3Aet%3A1605163096%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Als%3A775297407280%3Arqn%3A3%3Arn%3A392012961%3Ahid%3A332536088%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Afu%3A3%3Aeu%3A1%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605163096%3Au%3A1605163095756595676%3At%3A%D0%94%D0%BE%D0%B1%D1%80%D0%BE%20%D0%BF%D0%BE%D0%B6%D0%B0%D0%BB%D0%BE%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B2%20%D0%BC%D0%B8%D1%80%20%D1%83%D1%80%D0%BE%D0%BA%D0%BE%D0%B2%20%D0%BF%D0%BE%20Microsoft%20Office!%20-%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%82%D0%B5%D1%85%D0%BD%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D0%B8

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 12 Nov 2020 06:38:15 GMT
last-modified: Thu, 12-Nov-2020 06:38:15 GMT
status: 200
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://office-guru.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 12-Nov-2020 06:38:15 GMT

POST
H2 200 1
mc.yandex.ru/watch/26013990/ 43 B
73 B 45ms
45ms Other
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/26013990/1?page-ref=https%3A%2F%2Foffice-guru.ru%2F&page-url=goal%3A%2F%2Foffice-guru.ru%2Fjumpout%255B19967%255D%255Bshow%255D&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1605163094331%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201112073815%3Aet%3A1605163096%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Als%3A775297407280%3Arqn%3A4%3Arn%3A220183575%3Ahid%3A332536088%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Afu%3A3%3Aeu%3A1%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605163096%3Au%3A1605163095756595676%3At%3A%D0%94%D0%BE%D0%B1%D1%80%D0%BE%20%D0%BF%D0%BE%D0%B6%D0%B0%D0%BB%D0%BE%D0%B2%D0%B0%D1%82%D1%8C%20%D0%B2%20%D0%BC%D0%B8%D1%80%20%D1%83%D1%80%D0%BE%D0%BA%D0%BE%D0%B2%20%D0%BF%D0%BE%20Microsoft%20Office!%20-%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%82%D0%B5%D1%85%D0%BD%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D0%B8

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 12 Nov 2020 06:38:15 GMT
last-modified: Thu, 12-Nov-2020 06:38:15 GMT
status: 200
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://office-guru.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 12-Nov-2020 06:38:15 GMT

GET
H3-Q050 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/ 27 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_2

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72e7061b2fead0aa3c75037191d060ca98f532e0745eb5cfd2f9e02c6d863c71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 04:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6417
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9266
x-xss-protection: 0
last-modified: Fri, 23 Oct 2020 17:38:50 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Nov 2021 04:51:18 GMT

GET
H3-Q050 200 subscribe_embed
www.youtube.com/ Frame 3A61 0
0 69ms
68ms Document
text/html 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCLAZCZAQmwCVaYsXrUT-Hjg&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.0_afc8ibZR4.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew/cb=gapi.loaded_0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /subscribe_embed?action_card=1&channelid=UCLAZCZAQmwCVaYsXrUT-Hjg&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.0_afc8ibZR4.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOPV8Bttuu5r6907bIMhw8f2tfAew%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://office-guru.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: VISITOR_INFO1_LIVE=fSKhFRL8qAI; YSC=gxd-T-P6sQA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://office-guru.ru/

Response headers

status: 200
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-encoding: br
content-type: text/html; charset=utf-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
strict-transport-security: max-age=31536000
cache-control: no-cache
x-content-type-options: nosniff
content-length: 327
date: Thu, 12 Nov 2020 06:38:15 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: GPS=1; path=/; domain=.youtube.com; expires=Thu, 12-Nov-2020 07:08:15 GMT
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
118 B 35ms
21ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif

Requested by

Host: office-guru.ru
URL: https://office-guru.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 09:03:31 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 509684
content-type: image/gif
status: 200
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Sat, 06 Nov 2021 09:03:31 GMT

GET
H3-Q050 200 spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
128 B 35ms
20ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif

Requested by

Host: office-guru.ru
URL: https://office-guru.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 11:49:32 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 67723
content-type: image/gif
status: 200
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Thu, 11 Nov 2021 11:49:32 GMT

GET
H3-Q050 200 bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 318 B
686 B 33ms
20ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png

Requested by

Host: office-guru.ru
URL: https://office-guru.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 00:57:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 366037
content-type: image/png
status: 200
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
expires: Mon, 08 Nov 2021 00:57:38 GMT

GET
H3-Q050 200 bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 116 B
193 B 34ms
21ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png

Requested by

Host: office-guru.ru
URL: https://office-guru.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 01:15:59 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 364936
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116
x-xss-protection: 0
expires: Mon, 08 Nov 2021 01:15:59 GMT

GET
H3-Q050 200 bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 117 B
143 B 34ms
21ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png

Requested by

Host: office-guru.ru
URL: https://office-guru.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 09:03:31 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 509684
content-type: image/png
status: 200
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
expires: Sat, 06 Nov 2021 09:03:31 GMT

GET
H/1.1 200
OK ad_1199.js Show response
cdn.alfasense.net/js/ 24 KB
25 KB 97ms
96ms Script
application/javascript 188.42.211.42
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.alfasense.net/js/ad_1199.js
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode-bundles/0.1910/banners.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.211.42 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 6e284840a560a58a585b5c5baf01975a3d630307d7fbbe772ff9a9f0d3002245

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 12 Nov 2020 06:38:16 GMT
Last-Modified: Thu, 12 Nov 2020 05:52:52 GMT
Server: nginx
Etag: "41a98fc17716fc994466c14b7f58b42f"
Content-Type: application/javascript
X-Timestamp: 1605160371.71192
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24797
X-Trans-Id: tx9a171e90791249f5a3e55-005facd858

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 46ms
33ms XHR
application/json 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201110&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201110/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2dfb633cd7ac71676d43513b2f0912ba31b0cf7d9cdb092ccc81bb0e74c952dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 12 Nov 2020 06:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6529
x-xss-protection: 0

POST
H/1.1 200
OK tracker
top-fwz1.mail.ru/ 43 B
1 KB 76ms
76ms Other
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3145625;u=https%3A//office-guru.ru/;st=1605163095112;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=18cd1e174e47fda8;ver=60.3.0;tz=-60%2FEurope%2FBerlin;nt=0/0/1605163094331/////189/190/190/190/254/221/254/481/483/487/781/781/808/1746/1746/;ni=10//4g/0/0/;lvid=1605163095537%3A1605163096079%3A2%3A6c9d489e729741b96d1b8eb1c6ac1672;_=0.9243318569504548;e=RT/load;et=1605163096078

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 12 Nov 2020 06:38:16 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: https://office-guru.ru
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://office-guru.ru
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: https://office-guru.ru
Keep-Alive: timeout=60

GET
H/1.1 200
OK prebid.js Show response
cdn.alfadart.com/js/libs/ 240 KB
240 KB 208ms
63ms Script
application/javascript 88.99.167.101
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.alfadart.com/js/libs/prebid.js
Requested by: Host: cdn.alfasense.net
URL: https://cdn.alfasense.net/lib/alfadart.lib.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.167.101 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 428b13118852b2ca337a85300daa8f6eddcd37b27ae26610c7582550b97358a8

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 12 Nov 2020 06:38:16 GMT
Last-Modified: Tue, 07 Jul 2020 16:02:33 GMT
Server: nginx/1.16.0
ETag: "5f049c99-3be68"
Content-Type: application/javascript
Cache-control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 245352

OPTIONS
H2 204 c
pa.rxthdr.com/v3/ Frame 0
0 413ms
137ms Other 3.224.156.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.rxthdr.com/v3/c?publisherId=d2029f5a-ca17-4e5d-ba7b-68f2fd9a6591&host=office-guru.ru
Protocol: H2
Server: 3.224.156.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://office-guru.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 204
date: Thu, 12 Nov 2020 06:38:17 GMT
server: nginx
access-control-allow-origin: https://office-guru.ru
access-control-allow-methods: POST, GET
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
cache-control: no-cache, private

GET
H2 200 c Show response
pa.rxthdr.com/v3/ 47 B
278 B 398ms
133ms XHR
application/json 3.224.156.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.rxthdr.com/v3/c?publisherId=d2029f5a-ca17-4e5d-ba7b-68f2fd9a6591&host=office-guru.ru
Requested by: Host: cdn.alfadart.com
URL: https://cdn.alfadart.com/js/libs/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.156.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: af22b7b8b927999e453225a1bbb00a6a4894a38f2df58f10c96e01bcafea8bc5

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/json

Response headers

date: Thu, 12 Nov 2020 06:38:17 GMT
server: nginx
status: 200
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: https://office-guru.ru
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type

GET
H2 200 adjson Show response
pub-eu.p.otm-r.com/ 2 B
287 B 143ms
47ms XHR
application/javascript 148.251.9.22
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-eu.p.otm-r.com/adjson?tz=-60&w=970&h=250&s=3371&bidid=272bcaef529ccc&transactionid=3fe4cfb5-547e-440e-8ecb-e5c325373ba3&auctionid=ab6478c6-866a-4a37-a478-c43c104c6c31&bidfloor=undefined&
Requested by: Host: cdn.alfadart.com
URL: https://cdn.alfadart.com/js/libs/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.251.9.22 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.22.9.251.148.clients.your-server.de
Software: nginx/1.17.2 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 Nov 2020 06:38:16 GMT
server: nginx/1.17.2
status: 200
content-type: application/javascript
access-control-allow-origin: https://office-guru.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2
expires: 0

GET
H2

200

direct_banner Show response
px.adhigh.net/rtb/
Redirect Chain

https://px.adhigh.net/rtb/direct_banner?bid_id=4d06b147cb256&pid=66&tid=970x250_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=970x250&cur=RUB&floor=0.1&
https://px.adhigh.net/rtb/direct_banner?bid_id=4d06b147cb256&pid=66&tid=970x250_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=970x250&cur=RUB&floor=0.1&&bounced=1

12 B
406 B

88ms
88ms

XHR
application/json

193.232.148.151
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.adhigh.net/rtb/direct_banner?bid_id=4d06b147cb256&pid=66&tid=970x250_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=970x250&cur=RUB&floor=0.1&&bounced=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.232.148.151 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: hosting.adhigh.net
Software: nginx /
Resource Hash: cac9fb81a29c07978b6ff53ec2a73344f4756aba46e066610c17d9dd06fa96ae

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Nov 2020 06:38:17 GMT
server: nginx
x-backend-id: f16-ru
status: 200
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://office-guru.ru
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 12
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 12 Nov 2020 06:38:17 GMT
server: nginx
status: 302
x-backend-id: f12-ru
location: https://px.adhigh.net/rtb/direct_banner?bid_id=4d06b147cb256&pid=66&tid=970x250_alfadart&known=1&is_video=false&resp_type=JSON&provider=direct.prebidjs&size=970x250&cur=RUB&floor=0.1&&bounced=1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://office-guru.ru
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

adjson Show response
ads.betweendigital.com/
Redirect Chain

https://ads.betweendigital.com/adjson?jst=hb&ord=7463649712359517&tz=-60&fl=0&rr=direct&w=970&h=250&s=3930264&bidid=6cc013a43d3504&transactionid=3fe4cfb5-547e-440e-8ecb-e5c325373ba3&auctionid=ab647...
https://ads.betweendigital.com/adjson?jst=hb&ord=7463649712359517&tz=-60&fl=0&rr=direct&w=970&h=250&s=3930264&bidid=6cc013a43d3504&transactionid=3fe4cfb5-547e-440e-8ecb-e5c325373ba3&auctionid=ab647...

2 B
230 B

51ms
51ms

XHR
application/json

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?jst=hb&ord=7463649712359517&tz=-60&fl=0&rr=direct&w=970&h=250&s=3930264&bidid=6cc013a43d3504&transactionid=3fe4cfb5-547e-440e-8ecb-e5c325373ba3&auctionid=ab6478c6-866a-4a37-a478-c43c104c6c31&crf=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://office-guru.ru
content-encoding: gzip
content-type: application/json

Redirect headers

status: 302
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://office-guru.ru
content-length: 0
location: /adjson?jst=hb&ord=7463649712359517&tz=-60&fl=0&rr=direct&w=970&h=250&s=3930264&bidid=6cc013a43d3504&transactionid=3fe4cfb5-547e-440e-8ecb-e5c325373ba3&auctionid=ab6478c6-866a-4a37-a478-c43c104c6c31&crf=1

POST
H2 200 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 1 KB
1 KB 178ms
62ms XHR
application/json 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.alfadart.com
URL: https://cdn.alfadart.com/js/libs/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: 967c8bbcecd7fccdf1bbd1a7f12d064c512f6a3bbdc4cc983881cecd26685e21

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Nov 2020 06:38:16 GMT
status: 200
access-control-max-age: 3600
access-control-allow-methods: POST
content-type: application/json;charset=utf-8
access-control-allow-origin: https://office-guru.ru
access-control-allow-credentials: true
content-length: 1225

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
144 B 162ms
53ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=20&wv=2.32.0-pre&cb=95772926730
Requested by: Host: cdn.alfadart.com
URL: https://cdn.alfadart.com/js/libs/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Thu, 12 Nov 2020 06:38:16 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://office-guru.ru
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK 1x1.png
v.alfasrv.com/stats/ 95 B
396 B 174ms
42ms Image
image/png 88.99.167.101
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.alfasrv.com/stats/1x1.png?s=4850&e=r&t=p
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.167.101 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 12 Nov 2020 06:38:16 GMT
Last-Modified: Thursday, 12-Nov-2020 06:38:16 GMT
Server: nginx/1.16.0
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95

GET
H2 200 imp-delivery
ams.creativecdn.com/ Frame 3124 0
0 170ms
169ms Document
text/html 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://ams.creativecdn.com/imp-delivery?tk=Pp8EJOD7PmqMlaAa9bbrBscVPOmvnIpkdf4DYZBKcyewEYYEOIzpa63zBp3iq07A5nrCUMnLRtcDgsBgcGf9FLPeL1Eufzj9DTSwEU9RxVm3EqQsx5XTrfzLndD09OeL0Jyg-QbymlZg_X6YarrYBMUbLIAizXd8swfNlfnS_o5IQ5OlOTqJCRIWChLfKdTwUBbcBYSosNuqBNxz4vvWtKBeHGHB0wtYLwIelT-pfNZc7FxLU3S0u0jAfR0V6d5rf7reYhuB_XOYHXOZxgr97qOY5YdIHnIyjcnGFwa3QvI&curl=https%3A%2F%2Fams.creativecdn.com%2Fclicks%3Fid%3D20201112_NjOKZqPJA4Bk41vqkwRg%26tdc%3Dams%26%7BEXTRA_CLICK_PARAMS%7D&tdc=ams
Requested by: Host: cdn.alfadart.com
URL: https://cdn.alfadart.com/js/libs/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: ams.creativecdn.com
:scheme: https
:path: /imp-delivery?tk=Pp8EJOD7PmqMlaAa9bbrBscVPOmvnIpkdf4DYZBKcyewEYYEOIzpa63zBp3iq07A5nrCUMnLRtcDgsBgcGf9FLPeL1Eufzj9DTSwEU9RxVm3EqQsx5XTrfzLndD09OeL0Jyg-QbymlZg_X6YarrYBMUbLIAizXd8swfNlfnS_o5IQ5OlOTqJCRIWChLfKdTwUBbcBYSosNuqBNxz4vvWtKBeHGHB0wtYLwIelT-pfNZc7FxLU3S0u0jAfR0V6d5rf7reYhuB_XOYHXOZxgr97qOY5YdIHnIyjcnGFwa3QvI&curl=https%3A%2F%2Fams.creativecdn.com%2Fclicks%3Fid%3D20201112_NjOKZqPJA4Bk41vqkwRg%26tdc%3Dams%26%7BEXTRA_CLICK_PARAMS%7D&tdc=ams
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://office-guru.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://office-guru.ru/

Response headers

status: 200
date: Thu, 12 Nov 2020 06:38:17 GMT Thu, 12 Nov 2020 06:38:17 GMT
content-type: text/html;charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-max-age: 3600
vary: Origin Accept-Encoding, User-Agent
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip

GET
H2 200 win-notify
ams.creativecdn.com/ Frame B3E4 42 B
252 B 61ms
59ms Image
image/gif 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams.creativecdn.com/win-notify?tk=Pp8EJOD7PmqMlaAa9bbrBscVPOmvnIpkdf4DYZBKcyewEYYEOIzpa63zBp3iq07A5nrCUMnLRtcDgsBgcGf9FLPeL1Eufzj9DTSwEU9RxVm3EqQsx5XTrfzLndD09OeL0Jyg-QbymlZg_X6YarrYBMUbLIAizXd8swfNlfnS_o5IQ5OlOTqJCRIWChLfKdTwUBbcBYSosNuqBNxz4vvWtKBeHGHB0wtYLwIelT-pfNZc7FxLU3S0u0jAfR0V6d5rf7reYhuB_XOYHXOZxgr97qOY5YdIHnIyjcnGFwa3QvI&wp=0.009967557674434968&tdc=ams
Requested by: Host: office-guru.ru
URL: https://office-guru.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Thu, 12 Nov 2020 06:38:17 GMT, Thu, 12 Nov 2020 06:38:17 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-type: image/gif
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 1x1.png
v.alfasrv.com/stats/ Frame B3E4 95 B
396 B 43ms
42ms Image
image/png 88.99.167.101
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.alfasrv.com/stats/1x1.png?s=4850&a=rtbhouse&k1=1&k2=1&e=i&t=p&c=0.5981
Requested by: Host: office-guru.ru
URL: https://office-guru.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.167.101 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 12 Nov 2020 06:38:17 GMT
Last-Modified: Thursday, 12-Nov-2020 06:38:17 GMT
Server: nginx/1.16.0
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95

POST
H2 200 26013990 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 44ms
43ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/26013990?wmode=0&rn=300278501&page-url=https%3A%2F%2Foffice-guru.ru%2F&wv-type=5&wv-hit=332536088&wv-part=1&browser-info=ti%3A8%3Aet%3A1605163096%3Aw%3A1600x1200%3Av%3A1976%3Az%3A60%3Ai%3A20201112073815%3Ast%3A1605163098%3Au%3A1605163095756595676

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 Nov 2020 06:38:17 GMT
last-modified: Thu, 12-Nov-2020 06:38:17 GMT
status: 200
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://office-guru.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 12-Nov-2020 06:38:17 GMT

GET
H/1.1 200
OK ads-async.js Show response
ad.mail.ru/static/ 14 KB
14 KB 198ms
98ms Script
application/javascript 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/static/ads-async.js
Requested by: Host: nativerent.ru
URL: https://nativerent.ru/js/codes/nativerent.v2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 867575c9c88f77dea03ab02ec9d483028582a27031fadfcce596b069c74ccc13

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 12 Nov 2020 06:38:18 GMT
Last-Modified: Mon, 19 Oct 2020 08:24:28 GMT
Server: nginx
ETag: "5f8d4d3c-3625"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 13861
Expires: Thu, 12 Nov 2020 07:38:18 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 74 KB
24 KB 53ms
19ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: nativerent.ru
URL: https://nativerent.ru/js/codes/nativerent.v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 379bf9de3c8c291c08a96b1489d7eaad78c77e5bf0a322a7b6a0736f123589be

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:18 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 07:08:16 GMT
server: nginx
etag: W/"5f8e8ce0-12977"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Fri, 13 Nov 2020 06:38:18 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 54 KB
18 KB 132ms
46ms Script
text/javascript 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: nativerent.ru
URL: https://nativerent.ru/js/codes/nativerent.v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

sffe /

Resource Hash

754d2c2129111b5185366700c8e4a76676f463c666a9fa61578a70b86a89f3ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "691 / 918 of 1000 / last-modified: 1605136227"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18202
x-xss-protection: 0
expires: Thu, 12 Nov 2020 06:38:18 GMT

GET
H2 200 8feb39e1e557977ef54f.js Show response
an.yandex.ru/partner-code-bundles/12990/ 325 KB
71 KB 195ms
96ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/partner-code-bundles/12990/8feb39e1e557977ef54f.js

Requested by

Host: nativerent.ru
URL: https://nativerent.ru/js/codes/nativerent.v2.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

ba13bc418e4e18f915a8a4c8d3aa49b9f9a3fb9fcddf7046165a67192fa5c636

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;, max-age=31536000

Request headers

Origin: https://office-guru.ru
Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:18 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
status: 200
content-length: 72428
timing-allow-origin: *
last-modified: Mon, 09 Nov 2020 13:49:11 GMT
server: nginx/1.12.2
etag: "5d6238ff94fee8f866f86fc779325b5d"
strict-transport-security: max-age=43200000; includeSubDomains;, max-age=31536000
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 10 Nov 2050 15:33:53 GMT

GET
H2 200 bf838cbcee9d31a1b917.js Show response
an.yandex.ru/partner-code-bundles/12990/ 493 KB
78 KB 290ms
191ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/partner-code-bundles/12990/bf838cbcee9d31a1b917.js

Requested by

Host: nativerent.ru
URL: https://nativerent.ru/js/codes/nativerent.v2.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

bee03edf51a80abd88a7ea9bcdc4e763906c8053d6494e2cc9317088186d7bf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;, max-age=31536000

Request headers

Origin: https://office-guru.ru
Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:18 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
status: 200
content-length: 78730
timing-allow-origin: *
last-modified: Mon, 09 Nov 2020 13:49:11 GMT
server: nginx/1.12.2
etag: "d71503fe42ccdce4b2d2ddb10b58764f"
strict-transport-security: max-age=43200000; includeSubDomains;, max-age=31536000
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 10 Nov 2050 15:33:53 GMT

GET
H2 200 8a57570b99cbb59deb4d.js Show response
an.yandex.ru/partner-code-bundles/12990/ 60 KB
16 KB 290ms
191ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/partner-code-bundles/12990/8a57570b99cbb59deb4d.js

Requested by

Host: nativerent.ru
URL: https://nativerent.ru/js/codes/nativerent.v2.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

826586b2ecc8ed28d7fb47afb1db3c13dde508d9034270da15212e8a66eb2858

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;, max-age=31536000

Request headers

Origin: https://office-guru.ru
Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:18 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
status: 200
content-length: 15724
timing-allow-origin: *
last-modified: Mon, 09 Nov 2020 13:49:11 GMT
server: nginx/1.12.2
etag: "29c37c3de46234e84dcfeb0913b44ea2"
strict-transport-security: max-age=43200000; includeSubDomains;, max-age=31536000
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 10 Nov 2050 15:33:53 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: nativerent.ru
URL: https://nativerent.ru/js/codes/nativerent.v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Thu, 12 Nov 2020 06:38:18 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 6EAC 0
0 33ms
20ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://office-guru.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://office-guru.ru/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Wed, 11 Nov 2020 21:08:27 GMT
expires: Thu, 11 Nov 2021 21:08:27 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 34191
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 syncframe
gum.criteo.com/ Frame CD04 0
0 48ms
15ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=office-guru.ru

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=office-guru.ru
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://office-guru.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://office-guru.ru/

Response headers

status: 200
cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 531
date: Thu, 12 Nov 2020 06:38:17 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 74 KB
24 KB 50ms
20ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 379bf9de3c8c291c08a96b1489d7eaad78c77e5bf0a322a7b6a0736f123589be

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:18 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 07:08:16 GMT
server: nginx
etag: W/"5f8e8ce0-12977"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Fri, 13 Nov 2020 06:38:18 GMT

GET
H3-Q050 200 pubads_impl_2020110501.js Show response
securepubads.g.doubleclick.net/gpt/ 277 KB
98 KB 123ms
69ms Script
text/javascript 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

sffe /

Resource Hash

572b80b324a4dd4a4178975a04f619f4381e4ebdebd6da2abce7f77f91283630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 06:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99552
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 09:43:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Nov 2020 06:38:18 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
111 B 15ms
15ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201110&jk=2966986437810616&bg=!7u2l7c3NAAVxZqjhcVjXaQgiVkOXEQIAAABQUgAAAA1oAQcKAUGxFOP8_CnHFefdjZRGBsNNGHJMqbMpp8bziUtDdiDu9cEin5fDBP5_yZGvQdrVkAZqgk0I7O3vgrVA0OwU44bnlmwcSAh9fdCYKM2TH8BMaOYKhSmPRWJMei0i9OWuPKSANE61P_iSVACU5gSxZbir0TLMwBukrFrO8YLALk92MkS5UeFNZMMdD9UMBtDuzInJ0Yr9agi1IKYWVzi1atrXcSBtBNVapZiRfWJo8sgvCezOo_K5UkZvaabaiCPza1ZnXXD1bVSTYKzIraRLuyvXbeA46-zh41M5w6Cl9aJoARsmbKcM-AZq2wFTr0a_rJ_q-i04JGuTvkbJCqpiSYLO-A_EfqfzFsgWmbQlMpNfDoXa3j5ki6pSiob1D0A3COsTRALbl3ZMhh6sE3gcRmodGyryhztFp-IecYsrnNfCUuWZAbc7a2lEPoTquEmLw2-X0WifLEnBS8Q1md3l9sxWj1Wzt3je63-D_mtIq_x9vTxTFHRm9d3bxY-mzuRcfSZ5gCi88kEpM4ElFTIFgX-KsvUJEsH59mvG5oj7VL8H4tF0ld1Zr6sS9GUFfVGmwnO5IUVS9GMTbr4M-2j82hBu5x5wWAezL9w2j94JwAQwcMmTOR6-Juu6sCVGMolFHGaowIrXliw8JUHbhKmr8NsCKYlLP0sa2tgN6lQ-tJoFMMVvslNnAI1NWcCuV3ld9VQax9PgHq2qQsNXDRFfstTn5fucAmY4kNXiA91jgBBdzJhQ5IjD9vERBctASRb89k_gpyNt6VU0buMTePMeMbEefHrTEAnMmqa0r0SMtS43__B4Ibe9aGnlHI9ZVM14lpAGk-uApF7-5etRqiZYm8QlanIjQ9zoO48x27b2-Dj1s4C7txsc0tbSDDj7ZtWt4xea1F5izbRn4J63kZ4Of5VpftJl4BNqhaP_-LnJlmgjsNbPK0_ZWixuEm10Okcs2dPL6yF3v1cSmYi2ljGU7HpVwP51kTmF0FX5PummLo7bZSLtujdIiUuo5HMo

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Nov 2020 06:38:18 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
status: 204
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event
ads.adfox.ru/332443/ 0
107 B 227ms
87ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/332443/event?hash=eb1b4f632cb69ccf&pm=bmn&rand=nvdrngt&sj=LzoLe1x6RKtYhAyYtvNGsJmsO2WOPcl4S9bQNNRSTSg0uWUSda-h_XCQIRKR30nHufZU4jrdopcdoYqc33WVHcXEzn2z_5IAtxThXfGr9g%3D%3D&ad-session-id=319871605163095046&lts=ffcozqd&ytt=487083681515541&ylv=0.1912&dl=https%3A%2F%2Foffice-guru.ru%2F&ybv=0.1910&p5=irpla&pr=dfpqauc&p1=cmauj&rqs=Vxgf7EaebhNX2Kxf4kyYkYUXsMXJDMem&p2=gxnc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://office-guru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Thu, 12 Nov 2020 06:38:19 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
timing-allow-origin: *

Verdicts & Comments Add Verdict or Comment

257 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-19 18:16:14	Name: NID Value: 204=hhfv8dSr-QzQkMy5fZX9RznjaoF4j36DHjU-cHAoPrvXbTuNnphBApNGoxgRGI-rDzp3GK-pIgFxAmSO8lvihvtCmqS-ms7MHDmIjDLUmSPijFn7xPba30H8EnCZLirGXCRRZEqmWjsuMPMSh_xF14-tUe7IkrP5NDJxCGXIXIQ
.office-guru.ru/	1970-01-19 13:52:44	Name: _ym_visorc_26013990 Value: w
.youtube.com/	1970-01-19 18:11:55	Name: VISITOR_INFO1_LIVE Value: fSKhFRL8qAI
.office-guru.ru/	1970-01-19 21:52:14	Name: tmr_reqNum Value: 2
.office-guru.ru/	1970-01-19 13:53:55	Name: _ym_isad Value: 2
.office-guru.ru/	1970-01-19 21:52:14	Name: tmr_lvidTS Value: 1605163095537
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: gxd-T-P6sQA
.office-guru.ru/	1970-01-19 23:14:19	Name: __gads Value: ID=80fba1e7e97666b9-22f4e7826ba600e1:T=1605163095:RT=1605163095:S=ALNI_MbOwCXqwkyeCy09VBWiq7oSYSpA-A
.office-guru.ru/	1970-01-19 21:52:14	Name: tmr_lvid Value: 6c9d489e729741b96d1b8eb1c6ac1672
.office-guru.ru/	1970-01-19 22:38:19	Name: _ym_d Value: 1605163095
.doubleclick.net/	1970-01-19 13:52:43	Name: test_cookie Value: CheckForPermission
.office-guru.ru/	1970-01-19 22:38:19	Name: _ym_uid Value: 1605163095756595676
office-guru.ru/	1970-01-19 13:53:38	Name: nt.counter.uid Value: 96a0b9e8-237e-9b2a-b891-9315fe16fb2d

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://office-guru.ru/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://nativerent.ru/js/codes/nativerent.v2.js(Line 1) Message: NativeRent: counter init with id 5e465c392532f
console-api	log	URL: https://files.jumpoutpopup.ru/5f835778e9f0e.js(Line 14) Message: pusher_height19967 163
console-api	log	URL: https://files.jumpoutpopup.ru/5f835778e9f0e.js(Line 14) Message: pusher_height19967 175
console-api	error	URL: https://q5e40b17ii.ru/script.js(Line 1) Message: Error: [ADSBID] No blocks found in 500 ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ad.mail.ru
ads.adfox.ru
ads.betweendigital.com
ads.digitalcaramel.com
adservice.google.com
adservice.google.de
ams.creativecdn.com
an.yandex.ru
apis.google.com
bidder.criteo.com
cdn.alfadart.com
cdn.alfasense.net
cdn.jsdelivr.net
cmp.optad360.io
counter.yadro.ru
files.jumpoutpopup.ru
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
googleads.g.doubleclick.net
gum.criteo.com
matchid.adfox.yandex.ru
mc.yandex.ru
nativerent.ru
office-guru.ru
pa.rxthdr.com
pagead2.googlesyndication.com
partner.googleadservices.com
prebid-eu.creativecdn.com
pub-eu.p.otm-r.com
px.adhigh.net
q5e40b17ii.ru
securepubads.g.doubleclick.net
ssl.gstatic.com
stat.optad360.mgr.consensu.org
static.criteo.net
top-fwz1.mail.ru
tpc.googlesyndication.com
v.alfasrv.com
w.likebtn.com
www.googletagservices.com
www.youtube.com
yastatic.net
148.251.9.22
172.217.22.66
178.250.2.131
18.196.233.38
185.184.8.30
188.42.196.115
188.42.211.42
193.232.148.151
217.69.133.145
2600:9000:2156:6000:6:b871:4f00:93a1
2600:9000:2190:6200:11:a4de:2580:93a1
2606:4700:20::681a:e45
2606:4700:3030::681b:a38b
2a00:1148:db00::17
2a00:1450:4001:800::2003
2a00:1450:4001:800::200d
2a00:1450:4001:801::2003
2a00:1450:4001:802::200e
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:814::2002
2a00:1450:4001:815::2002
2a00:1450:4001:819::2002
2a00:1450:4001:821::200e
2a02:2638::1c
2a02:2638::3
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::1:119
2a02:6b8::90
2a03:f480:1:12::72
2a04:4e42:1b::621
3.224.156.224
77.88.21.179
84.201.175.104
88.208.54.88
88.212.201.210
88.99.167.101
88.99.234.26
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04af4f0786ab988f143eb097f17759515b6aa8223d81d4f7b9106d1d2317b244
0da8e781a7f69be2d0cfdc48649fe9c8c08be7fceffb644d05db2baf0c6fc7ca
15605049332bb9670f47c66ac05c9b1a119219e1a467139ec33f77037fda598e
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
252555acdfff588cc5362679cb32d1c18fa0c576968fc73ce8c9458d11666fc8
25c8595459f1938a91138b875bab7a8af803e0c389c9fb94336d646264bfac1e
29ffa23e06568b5b21b5392bb3c73ff0a7840cd9ce2329c6d07f97c6fcc98b20
2dfb633cd7ac71676d43513b2f0912ba31b0cf7d9cdb092ccc81bb0e74c952dd
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2feaace2a38877159676cd57a89741e9c2acbf8e72d536165851dab461712a2a
35495fec0447f4b973eb95e7024ba63721fb0cf35b33bec16b7db9239e79caf9
3686dfcc387ce3016d755449af77eede88cc7e1bd34aa42b9ac8b9431b45b1ef
379bf9de3c8c291c08a96b1489d7eaad78c77e5bf0a322a7b6a0736f123589be
39b677ec4a0c2d95bb6d1439e68b5a0aa693c17912dc9e0209930088182483cf
3a848f431a88df1d8decd2ffbffca48d6aa554bbc16ec7dc5a43e6ee9c60eeb9
3b44e5b9fee146d0ce2c344cd59ded262f33d25f28e0c842e33d6502d97f9a94
428b13118852b2ca337a85300daa8f6eddcd37b27ae26610c7582550b97358a8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4e3bd7b2b6cc441c273947cee8467c6d78e474fd9be1be74c4677ddd107ab743
4eb67ccaa39879544315ccf4a6da86570f7668769c2d8d99f6ea6f44e2076f44
4f21ee5b14c07664683ff59391074c53b612065a798473769545a0a2a485c74d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50704b6b80daa4416b0826ab64f07513080dc4bb3e755f1278dfcc5c6fced070
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
572b80b324a4dd4a4178975a04f619f4381e4ebdebd6da2abce7f77f91283630
62749b9d033f7d2e4fd5444bbe6cc39f0245ca6d726ac6b8ce49c4876db39e75
66897be078be4f7ceb97fed6611f98f7e47a0245e45fe0e39a8a7ae258231323
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6e284840a560a58a585b5c5baf01975a3d630307d7fbbe772ff9a9f0d3002245
72e7061b2fead0aa3c75037191d060ca98f532e0745eb5cfd2f9e02c6d863c71
74a99e6557e9167502f9a38ce992c8d1c00e66a6b6a5bfd7c1545b250dd27b5f
754d2c2129111b5185366700c8e4a76676f463c666a9fa61578a70b86a89f3ae
7717ece3820780ffed6d2ae0f0662abdc9efbf47aee3584cb512b8536a574ee6
7a599ecb233caafa7dfa2fb6b473773da2e045a42efc7d13e1839913de756bdf
7c06f865ca9f3e6a4592756794a15e7107412168e0d2d9968a91d35d8df33183
7ebbf35ca9c954a972a57c781c5ea1af414ff561450800e31165c4ba4d44009c
826586b2ecc8ed28d7fb47afb1db3c13dde508d9034270da15212e8a66eb2858
837b58a7c27b848bf95136bcab10f0b2ec31f38bcd43a731db669a412240c747
867575c9c88f77dea03ab02ec9d483028582a27031fadfcce596b069c74ccc13
8c293bdd1e561a2efc5c35edb0c3133141b3ffd18eda5377960f84f406b5dfc4
967c8bbcecd7fccdf1bbd1a7f12d064c512f6a3bbdc4cc983881cecd26685e21
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d
a10586e2b5e534d34964cf76c28351525460e16fb39622b2f026da8367b7411b
a80d027b0e4a91f0e678978754d20a136bdfd7c881b9d6e603ea62d839664e05
a8cf19ca1500beea786eb4bbe9749598a6358a5c94cc39484aac1291946b8150
af22b7b8b927999e453225a1bbb00a6a4894a38f2df58f10c96e01bcafea8bc5
b890c68ff8bd5d94cba364f4bf535c981905c011e66b911cfadcf25b0a34ebbb
ba13bc418e4e18f915a8a4c8d3aa49b9f9a3fb9fcddf7046165a67192fa5c636
bee03edf51a80abd88a7ea9bcdc4e763906c8053d6494e2cc9317088186d7bf4
c097810c5c2818c403e04fffc03a639cde42bdecb0c53323119cd7f77f8394fa
c1083ad7c7d6ab19f07c9c9ad108450cbdc50adf5c95c94bdf5b26590acf87d1
c564509a50ce9ef93a1776a41576d7dd965955bf216655bf76ecd145317bae39
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
cac9fb81a29c07978b6ff53ec2a73344f4756aba46e066610c17d9dd06fa96ae
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
cbfae477875af029336920c1e51193e3b4b981076657e6e0fafa2444cade996c
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d714e1a99b7a924c0d2c35d4ee08b1812a299728dc581baac49cb50cc725e9ba
dc66320adb9b1a19a4a8408a2a27e99df9849cb79cd496b3c000eb149123b25f
df1a864eb139f7b83e359441a65279606060e7849312d1124f854628c31eb14c
e0f6b305d4e421043e07884f55d7af7c94f7102e98b59ec56c22b5f9061d2bc1
e28099ec8875ba272b12bb0fb2a7269c2e0ac46d1761ee6ff4f069a59fd4e39e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46b148fc456754e7377bc0f6c08be769b8f7fd8014c5fd2212be4a46d085199
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7be6de3b83efa3f4948d05d0d64a104cffd62b5e5670f4be6b8f77bd4aa2762
f9504635ce463f19888209acf89dc32831964d8dee1b4c22aa70f564c208061d
fc5ee8ea0d44efe74c22c16b2fc3e0005de8c876c2efbce5fefe6bf7677e25fa
fc6d61e2c1138a1f7d8d3021c495298e67d63a3c6a3066560795c4336974d8ec

office-guru.ru Open in urlscan Pro 2a03:f480:1:12::72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

100 Requests

100 %HTTPS

59 %IPv6

33 Domains

44 Subdomains

39 IPs

9 Countries

1706 kBTransfer

4884 kBSize

13 Cookies

3 Outgoing links

Page URL History

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

office-guru.ru Open in urlscan Pro
2a03:f480:1:12::72 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

100 %
HTTPS

59 %
IPv6

33
Domains

44
Subdomains

39
IPs

9
Countries

1706 kB
Transfer

4884 kB
Size

13
Cookies

100 HTTP transactions
0 data transactions