urlscan.io logo urlscan.io
SecurityTrails logo

h.dolgoprudnyy.poiskator.su Open in urlscan Pro
2a10:9200:1:ad::1  Public Scan

Go To Rescan Add Verdict Report
URL: http://h.dolgoprudnyy.poiskator.su/
Submission: On December 06 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 11 domains to perform 73 HTTP transactions. The main IP is 2a10:9200:1:ad::1, located in Russian Federation and belongs to CLOUDASSETS, RU. The main domain is h.dolgoprudnyy.poiskator.su.
This is the only time h.dolgoprudnyy.poiskator.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

13    2a10:9200:1:ad::1 (Russian Federation)

ASN212441 (CLOUDASSETS, RU)
h.dolgoprudnyy.poiskator.su
10    2607:f8b0:4006:822::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2607:f8b0:4006:817::2008 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    2607:f8b0:4006:80b::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.com
1    2607:f8b0:4006:809::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    88.212.202.52 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru
counter.yadro.ru
4    88.212.201.204 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru
counter.yadro.ru
4    2607:f8b0:4006:809::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2607:f8b0:4006:821::200a (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2607:f8b0:4006:817::2003 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
24    2607:f8b0:4006:80e::2001 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2607:f8b0:4006:81e::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2607:f8b0:4006:822::2004 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
34 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 109
tpc.googlesyndication.com — Cisco Umbrella Rank: 144
401 KB
13 poiskator.su
h.dolgoprudnyy.poiskator.su
19 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
92 KB
6 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 7875
4 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 38
20 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 87
www.google.com — Cisco Umbrella Rank: 2
2 KB
3 gstatic.com
www.gstatic.com
15 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
94 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 51
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65
119 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 942
698 B
73 11
Domain Requested by
24 tpc.googlesyndication.com googleads.g.doubleclick.net
h.dolgoprudnyy.poiskator.su
tpc.googlesyndication.com
pagead2.googlesyndication.com
13 h.dolgoprudnyy.poiskator.su h.dolgoprudnyy.poiskator.su
10 pagead2.googlesyndication.com h.dolgoprudnyy.poiskator.su
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
h.dolgoprudnyy.poiskator.su
googleads.g.doubleclick.net
6 counter.yadro.ru 4 redirects h.dolgoprudnyy.poiskator.su
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.gstatic.com googleads.g.doubleclick.net
2 www.google.com 1 redirects tpc.googlesyndication.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 fonts.googleapis.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 www.googletagmanager.com h.dolgoprudnyy.poiskator.su
www.googletagmanager.com
1 partner.googleadservices.com pagead2.googlesyndication.com
73 13
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh

This page contains 11 frames:

Primary Page: http://h.dolgoprudnyy.poiskator.su/
Frame ID: A9CF5DDEF66FF038A1E21A6A44216B22
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/zrt_lookup.html
Frame ID: 297152A14C0F18429B052D4F8C37E817
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8959338553837844&output=html&adk=1812271804&adf=3025194257&lmt=1670321289&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fh.dolgoprudnyy.poiskator.su%2F&ea=0&pra=5&wgl=1&dt=1670321289944&bpp=6&bdt=114&idt=172&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=152537592231&frm=20&pv=2&ga_vid=1693928911.1670321290&ga_sid=1670321290&ga_hid=916985021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C44770880%2C44777948&oid=2&pvsid=250007747692704&tmod=953556985&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=198
Frame ID: 370760BBBA4766F59787AA5E95C171DB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9D43B50A3172888FEF236E4A8ACE3167
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2E3F67FDA95345D4C747C63632A80EEC
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/index.html
Frame ID: A3F1C81B590EAA27A020F7DD7A967D41
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: EA99688F893B574639EE47FBBB2F62A8
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1B4B519C8068C47FA01BF48707E0694D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/T3BTWj-SqXOOtsP36vZJ1esojObpW8ivZm_viBadolo.js
Frame ID: B2473A21C4D5F69DECC6ED5B322AA313
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FAFC0C6CD10D7CCB007E2C4152C777D3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F4A44A63342B276CEC4D848E851FF8D3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ПОИСКАТОР - удобный поиск самых свежих объявлений

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <script[^<>]*>[^]{0,128}?src\s*=\s*['"]//counter\.yadro\.ru/hit(?:;\S+)?\?(?:t\d+\.\d+;)?r
  • <!--LiveInternet counter-->
  • <!--/LiveInternet-->

Page Statistics

73
Requests

79 %
HTTPS

85 %
IPv6

11
Domains

13
Subdomains

13
IPs

2
Countries

765 kB
Transfer

2137 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • http://counter.yadro.ru/hit;poiskuny?t26.6;r;s1600*1200*24;uhttp%3A//h.dolgoprudnyy.poiskator.su/;h%u041F%u041E%u0418%u0421%u041A%u0410%u0422%u041E%u0420%20-%20%u0443%u0434%u043E%u0431%u043D%u044B%u0439%20%u043F%u043E%u0438%u0441%u043A%20%u0441%u0430%u043C%u044B%u0445%20%u0441%u0432%u0435%u0436%u0438%u0445%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u0439;0.8848104980867861 HTTP 302
  • https://counter.yadro.ru/hit;poiskuny?t26.6;r;s1600*1200*24;uhttp%3A//h.dolgoprudnyy.poiskator.su/;h%u041F%u041E%u0418%u0421%u041A%u0410%u0422%u041E%u0420%20-%20%u0443%u0434%u043E%u0431%u043D%u044B%u0439%20%u043F%u043E%u0438%u0441%u043A%20%u0441%u0430%u043C%u044B%u0445%20%u0441%u0432%u0435%u0436%u0438%u0445%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u0439;0.8848104980867861 HTTP 302
  • https://counter.yadro.ru/hit;poiskuny?q;t26.6;r;s1600*1200*24;uhttp%3A//h.dolgoprudnyy.poiskator.su/;h%u041F%u041E%u0418%u0421%u041A%u0410%u0422%u041E%u0420%20-%20%u0443%u0434%u043E%u0431%u043D%u044B%u0439%20%u043F%u043E%u0438%u0441%u043A%20%u0441%u0430%u043C%u044B%u0445%20%u0441%u0432%u0435%u0436%u0438%u0445%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u0439;0.8848104980867861
Request Chain 20
  • http://counter.yadro.ru/hit;poiskator?t26.6;r;s1600*1200*24;uhttp%3A//h.dolgoprudnyy.poiskator.su/;h%u041F%u041E%u0418%u0421%u041A%u0410%u0422%u041E%u0420%20-%20%u0443%u0434%u043E%u0431%u043D%u044B%u0439%20%u043F%u043E%u0438%u0441%u043A%20%u0441%u0430%u043C%u044B%u0445%20%u0441%u0432%u0435%u0436%u0438%u0445%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u0439;0.7960663632351941 HTTP 302
  • https://counter.yadro.ru/hit;poiskator?t26.6;r;s1600*1200*24;uhttp%3A//h.dolgoprudnyy.poiskator.su/;h%u041F%u041E%u0418%u0421%u041A%u0410%u0422%u041E%u0420%20-%20%u0443%u0434%u043E%u0431%u043D%u044B%u0439%20%u043F%u043E%u0438%u0441%u043A%20%u0441%u0430%u043C%u044B%u0445%20%u0441%u0432%u0435%u0436%u0438%u0445%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u0439;0.7960663632351941 HTTP 302
  • https://counter.yadro.ru/hit;poiskator?q;t26.6;r;s1600*1200*24;uhttp%3A//h.dolgoprudnyy.poiskator.su/;h%u041F%u041E%u0418%u0421%u041A%u0410%u0422%u041E%u0420%20-%20%u0443%u0434%u043E%u0431%u043D%u044B%u0439%20%u043F%u043E%u0438%u0441%u043A%20%u0441%u0430%u043C%u044B%u0445%20%u0441%u0432%u0435%u0436%u0438%u0445%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u0439;0.7960663632351941
Request Chain 60
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
h.dolgoprudnyy.poiskator.su/ 		7 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://h.dolgoprudnyy.poiskator.su/
Protocol
HTTP/1.1
Server
2a10:9200:1:ad::1 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
Software
nginx /
Resource Hash
df472cf420c129d36063addb805ca954c25d1ab0c0216a7b10bf0ab7a3c8b17f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src http://pagead2.googlesyndication.com https://csi.gstatic.com https://pagead2.googlesyndication.com https://stats.g.doubleclick.net https://www.google-analytics.com 'report-sample'; font-src https://fonts.gstatic.com; frame-src https://googleads.g.doubleclick.net https://tpc.googlesyndication.com https://www.google.com 'report-sample'; img-src * 'report-sample'; manifest-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://pagead2.googlesyndication.com https://adservice.google.ae https://adservice.google.at https://adservice.google.az https://adservice.google.be https://adservice.google.bg https://adservice.google.bj https://adservice.google.by https://adservice.google.ca https://adservice.google.ch https://adservice.google.cl https://adservice.google.co.id https://adservice.google.co.il https://adservice.google.co.in https://adservice.google.co.jp https://adservice.google.co.kr https://adservice.google.co.uk https://adservice.google.co.uz https://adservice.google.co.za https://adservice.google.com https://adservice.google.com.ar https://adservice.google.com.au https://adservice.google.com.br https://adservice.google.com.cy https://adservice.google.com.eg https://adservice.google.com.gh https://adservice.google.com.ng https://adservice.google.com.pk https://adservice.google.com.sg https://adservice.google.com.tj https://adservice.google.com.tr https://adservice.google.com.tw https://adservice.google.com.ua https://adservice.google.com.vn https://adservice.google.cz https://adservice.google.de https://adservice.google.ee https://adservice.google.es https://adservice.google.fi https://adservice.google.fr https://adservice.google.ge https://adservice.google.gl https://adservice.google.gr https://adservice.google.hu https://adservice.google.ie https://adservice.google.iq https://adservice.google.it https://adservice.google.jo https://adservice.google.kg https://adservice.google.kz https://adservice.google.lt https://adservice.google.lu https://adservice.google.lv https://adservice.google.md https://adservice.google.mn https://adservice.google.mv https://adservice.google.nl https://adservice.google.no https://adservice.google.pl https://adservice.google.ps https://adservice.google.pt https://adservice.google.ro https://adservice.google.ru https://adservice.google.sc https://adservice.google.se https://adservice.google.sk https://adservice.google.sn https://adservice.google.tm https://pagead2.googlesyndication.com https://partner.googleadservices.com https://tpc.googlesyndication.com https://www.google-analytics.com https://www.googletagservices.com www.googletagmanager.com https://www.gstatic.com 'report-sample'; style-src 'self' 'unsafe-inline' https://www.gstatic.com 'report-sample'; report-uri /csp-report.php
Strict-Transport-Security max-age=15768000; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, must-revalidate, max-age=7200
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src 'none'; connect-src http://pagead2.googlesyndication.com https://csi.gstatic.com https://pagead2.googlesyndication.com https://stats.g.doubleclick.net https://www.google-analytics.com 'report-sample'; font-src https://fonts.gstatic.com; frame-src https://googleads.g.doubleclick.net https://tpc.googlesyndication.com https://www.google.com 'report-sample'; img-src * 'report-sample'; manifest-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://pagead2.googlesyndication.com https://adservice.google.ae https://adservice.google.at https://adservice.google.az https://adservice.google.be https://adservice.google.bg https://adservice.google.bj https://adservice.google.by https://adservice.google.ca https://adservice.google.ch https://adservice.google.cl https://adservice.google.co.id https://adservice.google.co.il https://adservice.google.co.in https://adservice.google.co.jp https://adservice.google.co.kr https://adservice.google.co.uk https://adservice.google.co.uz https://adservice.google.co.za https://adservice.google.com https://adservice.google.com.ar https://adservice.google.com.au https://adservice.google.com.br https://adservice.google.com.cy https://adservice.google.com.eg https://adservice.google.com.gh https://adservice.google.com.ng https://adservice.google.com.pk https://adservice.google.com.sg https://adservice.google.com.tj https://adservice.google.com.tr https://adservice.google.com.tw https://adservice.google.com.ua https://adservice.google.com.vn https://adservice.google.cz https://adservice.google.de https://adservice.google.ee https://adservice.google.es https://adservice.google.fi https://adservice.google.fr https://adservice.google.ge https://adservice.google.gl https://adservice.google.gr https://adservice.google.hu https://adservice.google.ie https://adservice.google.iq https://adservice.google.it https://adservice.google.jo https://adservice.google.kg https://adservice.google.kz https://adservice.google.lt https://adservice.google.lu https://adservice.google.lv https://adservice.google.md https://adservice.google.mn https://adservice.google.mv https://adservice.google.nl https://adservice.google.no https://adservice.google.pl https://adservice.google.ps https://adservice.google.pt https://adservice.google.ro https://adservice.google.ru https://adservice.google.sc https://adservice.google.se https://adservice.google.sk https://adservice.google.sn https://adservice.google.tm https://pagead2.googlesyndication.com https://partner.googleadservices.com https://tpc.googlesyndication.com https://www.google-analytics.com https://www.googletagservices.com www.googletagmanager.com https://www.gstatic.com 'report-sample'; style-src 'self' 'unsafe-inline' https://www.gstatic.com 'report-sample'; report-uri /csp-report.php
Content-Type
text/html; charset=utf-8
Date
Tue, 06 Dec 2022 10:08:09 GMT
ETag
W/"ebb921346173b187cc8ab825612a53c6"
Expires
Tue, 06 Dec 2022 12:08:09 GMT
Keep-Alive
timeout=5
Last-Modified
Tue, 06 Dec 2022 10:08:09 GMT
Referrer-Policy
strict-origin-when-cross-origin
Report-To
{'group':'csp-endpoint','max_age':86400,'endpoints':[{'url':'/csp-report.php'}]}
Server
nginx
Strict-Transport-Security
max-age=15768000; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
sameorigin
X-XSS-Protection
0
index.css
h.dolgoprudnyy.poiskator.su/templates/common/styles/ 		1 KB
1003 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://h.dolgoprudnyy.poiskator.su/templates/common/styles/index.css
Requested by
Host: h.dolgoprudnyy.poiskator.su
URL: http://h.dolgoprudnyy.poiskator.su/
Protocol
HTTP/1.1
Server
2a10:9200:1:ad::1 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
Software
nginx /
Resource Hash
89a0bfd12a193515cd2d5d2ed88aaed0a93a2558c29dabdf432461c40795bbf3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
http://h.dolgoprudnyy.poiskator.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 10:08:09 GMT
Strict-Transport-Security
max-age=15768000; preload
Content-Encoding
gzip
Last-Modified
Mon, 27 Apr 2020 14:00:00 GMT
Server
nginx
ETag
W/"5ea6e560-598"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Tue, 13 Dec 2022 10:08:09 GMT
index.css
h.dolgoprudnyy.poiskator.su/templates/poiskator/styles/ 		202 B
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://h.dolgoprudnyy.poiskator.su/templates/poiskator/styles/index.css
Requested by
Host: h.dolgoprudnyy.poiskator.su
URL: http://h.dolgoprudnyy.poiskator.su/
Protocol
HTTP/1.1
Server
2a10:9200:1:ad::1 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
Software
nginx /
Resource Hash
48d8320967ee3adf5cfd89467b6c810809872a660ddc510ad76610dce9a6d411
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
http://h.dolgoprudnyy.poiskator.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 10:08:10 GMT
Strict-Transport-Security
max-age=15768000; preload
Last-Modified
Thu, 20 Aug 2015 06:02:00 GMT
Server
nginx
ETag
"55d56d58-ca"
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
202
Expires
Tue, 13 Dec 2022 10:08:10 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		142 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8959338553837844
Requested by
Host: h.dolgoprudnyy.poiskator.su
URL: http://h.dolgoprudnyy.poiskator.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1cb6f5b19fc4b516fcbc1cf1cd5d15a32e059886a59ae4db0eecd6e021b92e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://h.dolgoprudnyy.poiskator.su/
Origin
http://h.dolgoprudnyy.poiskator.su
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 10:08:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49195
x-xss-protection
0
server
cafe
etag
12451941251575605342
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 10:08:09 GMT
optimize.js
h.dolgoprudnyy.poiskator.su/include/js/ 		430 B
836 B 		Script
General
Check archive.org
Download Go to
Full URL
http://h.dolgoprudnyy.poiskator.su/include/js/optimize.js
Requested by
Host: h.dolgoprudnyy.poiskator.su
URL: http://h.dolgoprudnyy.poiskator.su/
Protocol
HTTP/1.1
Server
2a10:9200:1:ad::1 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
Software
nginx /
Resource Hash
5f5ce9f65460be13ecd26fbbb05806445861f53e01da856400244353576302f4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
http://h.dolgoprudnyy.poiskator.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 10:08:10 GMT
Strict-Transport-Security
max-age=15768000; preload
Last-Modified
Sun, 26 Apr 2020 13:29:00 GMT
Server
nginx
ETag
"5ea58c9c-1ae"
Content-Type
application/javascript; charset=utf8
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
430
Expires
Tue, 13 Dec 2022 10:08:10 GMT
by.png
h.dolgoprudnyy.poiskator.su/images/countryflags/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://h.dolgoprudnyy.poiskator.su/images/countryflags/by.png
Requested by
Host: h.dolgoprudnyy.poiskator.su
URL: http://h.dolgoprudnyy.poiskator.su/
Protocol
HTTP/1.1
Server
2a10:9200:1:ad::1 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
Software
nginx /
Resource Hash
67ccb921981c0d70a272f13159101b91c183bfe825ab325af8a574df7f63f61f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
http://h.dolgoprudnyy.poiskator.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 10:08:10 GMT
Strict-Transport-Security
max-age=15768000; preload
Last-Modified
Wed, 22 Apr 2015 22:00:00 GMT
Server
nginx
ETag
"553819e0-490"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1168
Expires
Thu, 31 Dec 2037 23:55:55 GMT
kz.png
h.dolgoprudnyy.poiskator.su/images/countryflags/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://h.dolgoprudnyy.poiskator.su/images/countryflags/kz.png
Requested by
Host: h.dolgoprudnyy.poiskator.su
URL: http://h.dolgoprudnyy.poiskator.su/
Protocol
HTTP/1.1
Server
2a10:9200:1:ad::1 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
Software
nginx /
Resource Hash
6d958ccde374ce86de23898b8a06c3f1d968fda65943698ac115c42b3dcb667d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
http://h.dolgoprudnyy.poiskator.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 10:08:10 GMT
Strict-Transport-Security
max-age=15768000; preload
Last-Modified
Wed, 22 Apr 2015 22:00:00 GMT
Server
nginx
ETag
"553819e0-6ab"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1707
Expires
Thu, 31 Dec 2037 23:55:55 GMT
ru.png
h.dolgoprudnyy.poiskator.su/images/countryflags/ 		581 B
963 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://h.dolgoprudnyy.poiskator.su/images/countryflags/ru.png
Requested by
Host: h.dolgoprudnyy.poiskator.su
URL: http://h.dolgoprudnyy.poiskator.su/
Protocol
HTTP/1.1
Server
2a10:9200:1:ad::1 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
Software
nginx /
Resource Hash
3d934257156f441f8231d9e618c3b71ed083c77e50357f9c56572c5dbfd761fa
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
http://h.dolgoprudnyy.poiskator.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 10:08:10 GMT
Strict-Transport-Security
max-age=15768000; preload
Last-Modified
Wed, 22 Apr 2015 22:00:00 GMT
Server
nginx
ETag
"553819e0-245"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
581
Expires
Thu, 31 Dec 2037 23:55:55 GMT
ua.png
h.dolgoprudnyy.poiskator.su/images/countryflags/ 		531 B
913 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://h.dolgoprudnyy.poiskator.su/images/countryflags/ua.png
Requested by
Host: h.dolgoprudnyy.poiskator.su
URL: http://h.dolgoprudnyy.poiskator.su/
Protocol
HTTP/1.1
Server
2a10:9200:1:ad::1 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
Software
nginx /
Resource Hash
ef40be3d974c8cc776013f7b7f1095aafdee5b7bd914e907da97fad4ae06a9eb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
http://h.dolgoprudnyy.poiskator.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 10:08:10 GMT
Strict-Transport-Security
max-age=15768000; preload
Last-Modified
Wed, 22 Apr 2015 22:00:00 GMT
Server
nginx
ETag
"553819e0-213"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
531
Expires
Thu, 31 Dec 2037 23:55:55 GMT
www.png
h.dolgoprudnyy.poiskator.su/images/platform/ 		761 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://h.dolgoprudnyy.poiskator.su/images/platform/www.png
Requested by
Host: h.dolgoprudnyy.poiskator.su
URL: http://h.dolgoprudnyy.poiskator.su/
Protocol
HTTP/1.1
Server
2a10:9200:1:ad::1 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
Software
nginx /
Resource Hash
689f313aedbcf0fa2d1e383cfa7004ea9914121b1de499ab053fbed31d3a29bc
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
http://h.dolgoprudnyy.poiskator.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 10:08:10 GMT
Strict-Transport-Security
max-age=15768000; preload
Last-Modified
Mon, 25 Apr 2016 06:09:00 GMT
Server
nginx
ETag
"571db47c-2f9"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
761
Expires
Thu, 31 Dec 2037 23:55:55 GMT
m.png
h.dolgoprudnyy.poiskator.su/images/platform/ 		610 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://h.dolgoprudnyy.poiskator.su/images/platform/m.png
Requested by
Host: h.dolgoprudnyy.poiskator.su
URL: http://h.dolgoprudnyy.poiskator.su/
Protocol
HTTP/1.1
Server
2a10:9200:1:ad::1 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
Software
nginx /
Resource Hash
c09d28cb767050938a4e5f273cd33be0a0679de5b640bbf40c24a8514b3863d3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
http://h.dolgoprudnyy.poiskator.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 10:08:10 GMT
Strict-Transport-Security
max-age=15768000; preload
Last-Modified
Mon, 25 Apr 2016 06:09:00 GMT
Server
nginx
ETag
"571db47c-262"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
610
Expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-127232603-1
Requested by
Host: h.dolgoprudnyy.poiskator.su
URL: http://h.dolgoprudnyy.poiskator.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b1d761e84671bdb97cc200e2b0693ba0411fc963cc230dd7a7c194757f650166
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://h.dolgoprudnyy.poiskator.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 10:08:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
44733
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 06 Dec 2022 10:08:09 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/ 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8959338553837844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8be8ce2526471d5e7b5a06e776a2aadcd28149fcdc42918286eb6e89b45c3753
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://h.dolgoprudnyy.poiskator.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 10:08:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119753
x-xss-protection
0
server
cafe
etag
2101006045486374896
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 10:08:10 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/ Frame 2971 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8959338553837844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://h.dolgoprudnyy.poiskator.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
10075
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 07:20:14 GMT
etag
10353107486223812946
expires
Tue, 20 Dec 2022 07:20:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
all.css
h.dolgoprudnyy.poiskator.su/templates/poiskator/styles/ 		1 KB
960 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://h.dolgoprudnyy.poiskator.su/templates/poiskator/styles/all.css
Requested by
Host: h.dolgoprudnyy.poiskator.su
URL: http://h.dolgoprudnyy.poiskator.su/templates/poiskator/styles/index.css
Protocol
HTTP/1.1
Server
2a10:9200:1:ad::1 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
Software
nginx /
Resource Hash
24a5c9b3a6ae329c08de559686268d57aadd1aef916ce806c5397e43fdb87964
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
http://h.dolgoprudnyy.poiskator.su/templates/poiskator/styles/index.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 10:08:10 GMT
Strict-Transport-Security
max-age=15768000; preload
Content-Encoding
gzip
Last-Modified
Mon, 17 Jun 2019 08:01:00 GMT
Server
nginx
ETag
W/"5d0748bc-4e8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Tue, 13 Dec 2022 10:08:10 GMT
screen.css
h.dolgoprudnyy.poiskator.su/templates/poiskator/styles/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://h.dolgoprudnyy.poiskator.su/templates/poiskator/styles/screen.css
Requested by
Host: h.dolgoprudnyy.poiskator.su
URL: http://h.dolgoprudnyy.poiskator.su/templates/poiskator/styles/index.css
Protocol
HTTP/1.1
Server
2a10:9200:1:ad::1 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
Software
nginx /
Resource Hash
581b92bbe05bbebf4ea9f95e1dd1c3a6c78d2212842090e9391525eccc011c63
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
http://h.dolgoprudnyy.poiskator.su/templates/poiskator/styles/index.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 10:08:10 GMT
Strict-Transport-Security
max-age=15768000; preload
Content-Encoding
gzip
Last-Modified
Wed, 19 Jun 2019 22:24:00 GMT
Server
nginx
ETag
W/"5d0ab600-7be"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Tue, 13 Dec 2022 10:08:10 GMT
handheld.css
h.dolgoprudnyy.poiskator.su/templates/poiskator/styles/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://h.dolgoprudnyy.poiskator.su/templates/poiskator/styles/handheld.css
Requested by
Host: h.dolgoprudnyy.poiskator.su
URL: http://h.dolgoprudnyy.poiskator.su/templates/poiskator/styles/index.css
Protocol
HTTP/1.1
Server
2a10:9200:1:ad::1 , Russian Federation, ASN212441 (CLOUDASSETS, RU),
Reverse DNS
Software
nginx /
Resource Hash
44342a5be56e61bfe9a7a935260f1b0eb51360dd3be7efcd3ac145e649d28c65
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
http://h.dolgoprudnyy.poiskator.su/templates/poiskator/styles/index.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 10:08:10 GMT
Strict-Transport-Security
max-age=15768000; preload
Content-Encoding
gzip
Last-Modified
Wed, 19 Jun 2019 22:24:00 GMT
Server
nginx
ETag
W/"5d0ab600-726"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Tue, 13 Dec 2022 10:08:10 GMT
cookie.js
partner.googleadservices.com/gampad/ 		391 B
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=h.dolgoprudnyy.poiskator.su&callback=_gfp_s_&client=ca-pub-8959338553837844&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab8b3a0368fd252f52e010d138ff2c9b14d33972cee872eb400c0d539babc33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://h.dolgoprudnyy.poiskator.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 10:08:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
253
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=h.dolgoprudnyy.poiskator.su
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://h.dolgoprudnyy.poiskator.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 10:08:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3707 		291 KB
79 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8959338553837844&output=html&adk=1812271804&adf=3025194257&lmt=1670321289&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fh.dolgoprudnyy.poiskator.su%2F&ea=0&pra=5&wgl=1&dt=1670321289944&bpp=6&bdt=114&idt=172&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=152537592231&frm=20&pv=2&ga_vid=1693928911.1670321290&ga_sid=1670321290&ga_hid=916985021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C44770880%2C44777948&oid=2&pvsid=250007747692704&tmod=953556985&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=198
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e4401b55a737f0ce57e38789a49116d0c41d181d0be0e7d2cdf20f3821585cf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://h.dolgoprudnyy.poiskator.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
80879
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 10:08:10 GMT
expires
Tue, 06 Dec 2022 10:08:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
hit;poiskuny
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit;poiskuny?t26.6;r;s1600*1200*24;uhttp%3A//h.dolgoprudnyy.poiskator.su/;h%u041F%u041E%u0418%u0421%u041A%u0410%u0422%u041E%u0420%20-%20%u0443%u0434%u043E%u0431%u043D%u044B%...
  • https://counter.yadro.ru/hit;poiskuny?t26.6;r;s1600*1200*24;uhttp%3A//h.dolgoprudnyy.poiskator.su/;h%u041F%u041E%u0418%u0421%u041A%u0410%u0422%u041E%u0420%20-%20%u0443%u0434%u043E%u0431%u043D%u044B...
  • https://counter.yadro.ru/hit;poiskuny?q;t26.6;r;s1600*1200*24;uhttp%3A//h.dolgoprudnyy.poiskator.su/;h%u041F%u041E%u0418%u0421%u041A%u0410%u0422%u041E%u0420%20-%20%u0443%u0434%u043E%u0431%u043D%u04...
129 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;poiskuny?q;t26.6;r;s1600*1200*24;uhttp%3A//h.dolgoprudnyy.poiskator.su/;h%u041F%u041E%u0418%u0421%u041A%u0410%u0422%u041E%u0420%20-%20%u0443%u0434%u043E%u0431%u043D%u044B%u0439%20%u043F%u043E%u0438%u0441%u043A%20%u0441%u0430%u043C%u044B%u0445%20%u0441%u0432%u0435%u0436%u0438%u0445%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u0439;0.8848104980867861
Requested by
Host: h.dolgoprudnyy.poiskator.su
URL: http://h.dolgoprudnyy.poiskator.su/
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
19faf481d0a2a2fdab710f94980706107e08066dcfc7ed662e5d2fc5991dd5d8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
http://h.dolgoprudnyy.poiskator.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 10:08:11 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
129
Expires
Sun, 05 Dec 2021 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 10:08:11 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit;poiskuny?q;t26.6;r;s1600*1200*24;uhttp%3A//h.dolgoprudnyy.poiskator.su/;h%u041F%u041E%u0418%u0421%u041A%u0410%u0422%u041E%u0420%20-%20%u0443%u0434%u043E%u0431%u043D%u044B%u0439%20%u043F%u043E%u0438%u0441%u043A%20%u0441%u0430%u043C%u044B%u0445%20%u0441%u0432%u0435%u0436%u0438%u0445%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u0439;0.8848104980867861
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Sun, 05 Dec 2021 21:00:00 GMT
hit;poiskator
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit;poiskator?t26.6;r;s1600*1200*24;uhttp%3A//h.dolgoprudnyy.poiskator.su/;h%u041F%u041E%u0418%u0421%u041A%u0410%u0422%u041E%u0420%20-%20%u0443%u0434%u043E%u0431%u043D%u044B...
  • https://counter.yadro.ru/hit;poiskator?t26.6;r;s1600*1200*24;uhttp%3A//h.dolgoprudnyy.poiskator.su/;h%u041F%u041E%u0418%u0421%u041A%u0410%u0422%u041E%u0420%20-%20%u0443%u0434%u043E%u0431%u043D%u044...
  • https://counter.yadro.ru/hit;poiskator?q;t26.6;r;s1600*1200*24;uhttp%3A//h.dolgoprudnyy.poiskator.su/;h%u041F%u041E%u0418%u0421%u041A%u0410%u0422%u041E%u0420%20-%20%u0443%u0434%u043E%u0431%u043D%u0...
125 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;poiskator?q;t26.6;r;s1600*1200*24;uhttp%3A//h.dolgoprudnyy.poiskator.su/;h%u041F%u041E%u0418%u0421%u041A%u0410%u0422%u041E%u0420%20-%20%u0443%u0434%u043E%u0431%u043D%u044B%u0439%20%u043F%u043E%u0438%u0441%u043A%20%u0441%u0430%u043C%u044B%u0445%20%u0441%u0432%u0435%u0436%u0438%u0445%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u0439;0.7960663632351941
Requested by
Host: h.dolgoprudnyy.poiskator.su
URL: http://h.dolgoprudnyy.poiskator.su/
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
ca56bda0acb57d8c6d61cab2c1fa427557824d9267740567262da8b3505192ab
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
http://h.dolgoprudnyy.poiskator.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 10:08:11 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
125
Expires
Sun, 05 Dec 2021 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 06 Dec 2022 10:08:11 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit;poiskator?q;t26.6;r;s1600*1200*24;uhttp%3A//h.dolgoprudnyy.poiskator.su/;h%u041F%u041E%u0418%u0421%u041A%u0410%u0422%u041E%u0420%20-%20%u0443%u0434%u043E%u0431%u043D%u044B%u0439%20%u043F%u043E%u0438%u0441%u043A%20%u0441%u0430%u043C%u044B%u0445%20%u0441%u0432%u0435%u0436%u0438%u0445%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u0439;0.7960663632351941
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Sun, 05 Dec 2021 21:00:00 GMT
js
www.googletagmanager.com/gtag/ 		213 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NJWL5MC007&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-127232603-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
24ed79128695eb25f2a99d4fbc882fa4b14ebaf1f3a70c6c27514ca65413cfc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://h.dolgoprudnyy.poiskator.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 10:08:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76274
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 06 Dec 2022 10:08:10 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-127232603-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://h.dolgoprudnyy.poiskator.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Dec 2022 09:46:25 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1305
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 06 Dec 2022 11:46:25 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=916985021&t=pageview&_s=1&dl=http%3A%2F%2Fh.dolgoprudnyy.poiskator.su%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D0%9E%D0%98%D0%A1%D0%9A%D0%90%D0%A2%D0%9E%D0%A0%20-%20%D1%83%D0%B4%D0%BE%D0%B1%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%20%D1%81%D0%B0%D0%BC%D1%8B%D1%85%20%D1%81%D0%B2%D0%B5%D0%B6%D0%B8%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=753807624&gjid=1981398626&cid=1693928911.1670321290&tid=UA-127232603-1&_gid=1737220873.1670321290&_r=1&gtm=2oubu0&z=663171652
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://h.dolgoprudnyy.poiskator.su/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 10:08:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://h.dolgoprudnyy.poiskator.su
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-NJWL5MC007&gtm=2oebu0&_p=916985021&cid=1693928911.1670321290&ul=en-us&sr=1600x1200&_s=1&sid=1670321290&sct=1&seg=0&dl=http%3A%2F%2Fh.dolgoprudnyy.poiskator.su%2F&dt=%D0%9F%D0%9E%D0%98%D0%A1%D0%9A%D0%90%D0%A2%D0%9E%D0%A0%20-%20%D1%83%D0%B4%D0%BE%D0%B1%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%20%D1%81%D0%B0%D0%BC%D1%8B%D1%85%20%D1%81%D0%B2%D0%B5%D0%B6%D0%B8%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NJWL5MC007&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://h.dolgoprudnyy.poiskator.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 10:08:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://h.dolgoprudnyy.poiskator.su
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec7e7224f1fff9c07e0a4e8cb23b2347591ee74dc1b289061eaf0a0eb3f0c683
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://h.dolgoprudnyy.poiskator.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 10:08:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52315
x-xss-protection
0
server
cafe
etag
18395381298464890889
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Dec 2022 10:08:10 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=h.dolgoprudnyy.poiskator.su
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://h.dolgoprudnyy.poiskator.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 10:08:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/ Frame 9D43 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://h.dolgoprudnyy.poiskator.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
47895
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 20:49:55 GMT
etag
10353107486223812946
expires
Mon, 19 Dec 2022 20:49:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/ Frame 2E3F 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://h.dolgoprudnyy.poiskator.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
47895
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 05 Dec 2022 20:49:55 GMT
etag
10353107486223812946
expires
Mon, 19 Dec 2022 20:49:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 9D43 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Dec 2022 10:08:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 10:06:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Dec 2022 10:08:10 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9D43 		205 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 21:48:37 GMT
x-content-type-options
nosniff
age
217173
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 03 Dec 2023 21:48:37 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9D43 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 20:46:07 GMT
x-content-type-options
nosniff
age
566523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 29 Nov 2023 20:46:07 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/elements/html/ Frame 9D43 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:05:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
32541
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8084
x-xss-protection
0
server
cafe
etag
2222875591315018765
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 01:05:49 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/ Frame A3F1 		18 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/index.html
Requested by
Host: h.dolgoprudnyy.poiskator.su
URL: http://h.dolgoprudnyy.poiskator.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0ef47a36092be1edfc1c8e2554c1a29f8cbf78875602e7408f42aa906284af3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
469342
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3980
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Nov 2022 23:45:48 GMT
expires
Thu, 30 Nov 2023 23:45:48 GMT
last-modified
Tue, 27 Sep 2022 14:14:46 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 2E3F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Crb8xihSPY4S-C5nOnQSA4LrQDq2uvtpt1ciK67cQ2tkeEAEgy9fvHmDJxqmLwKTYD6ABtvzH8APIAQmpApn2Y7YhmbE-qAMByANIqgTgAU_Qh4SlgXyP_Qus3MMBRwcpXqx76c7p1vJd8cYu25BTlizmHpSFJcE3EMRPnu1Aq0uVKsmU1pVeAPIS46wTCXIFM-iRcpslzboNBLWO4HBCfr63oGBbtFgyZCrNzGgPvOFhFiO-5_Es7kIRv8E8coeHICuhI5YBb7ekDOqWndleiJs8Gyc9mlTAVZU2dxYgDXjFyzKmHg8I-2nNJ5q5ITFpKEQOB6xYEe-SFnbxgvlq1jmtnwK3fLoGibPz4aBWNSjq31FjNCOGN3LMN2cxDArirPCElnqefeLcKpv4fevawATzqfW79AOSBQQIBBgBkgUECAUYBKAGLoAHsoO4D6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEP_2ENIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTAtAVAYAXAbIXHAoaCAASFHB1Yi04OTU5MzM4NTUzODM3ODQ0GAA&sigh=jnmHuDHthsM&uach_m=[UACH]&cid=CAQSGwDq26N9p1XNyH4T0lxdU-koubEUIYzYzDkFmBgBIBM&template_id=419
Requested by
Host: h.dolgoprudnyy.poiskator.su
URL: http://h.dolgoprudnyy.poiskator.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 06 Dec 2022 10:08:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 06 Dec 2022 10:08:10 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/ Frame 2E3F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:05:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
32541
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9421
x-xss-protection
0
server
cafe
etag
8437175705735068947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 01:05:49 GMT
css
fonts.googleapis.com/ Frame EA99 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Dec 2022 10:08:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 09:21:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Dec 2022 10:08:10 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame EA99 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:05:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
32539
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 01:05:51 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/ Frame EA99 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:05:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
32541
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9421
x-xss-protection
0
server
cafe
etag
8437175705735068947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 01:05:49 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame EA99 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 00:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
34321
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 00:36:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame EA99 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:05:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
32541
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7443
x-xss-protection
0
server
cafe
etag
629801499763588852
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 01:05:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EA99 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 10:08:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47692
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670243872199174"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 10:08:11 GMT
83de75e735dabeddf4e705de6f0a2f41.js
www.gstatic.com/mysidia/ Frame EA99 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 18:54:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
227648
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14157
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 21:52:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 03 Mar 2023 18:54:02 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame A3F1 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 13:38:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
73810
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 06 Dec 2022 13:38:00 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A3F1 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 17:54:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
58393
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 06 Dec 2022 17:54:57 GMT
8678b31a9e1c7e2371270110672d8eb0.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/ Frame A3F1 		74 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/8678b31a9e1c7e2371270110672d8eb0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb0b01a387ef8c09939c46f9c4ef3cb8b01bd5edcf9d48f2c37be4afbd819ec7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 30 Nov 2022 23:45:53 GMT
age
469337
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21834
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 14:14:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 30 Nov 2023 23:45:53 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1B4B 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
3036
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 09:17:34 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 2E3F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 00:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
34321
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 00:36:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 2E3F 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 01:05:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
32541
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7443
x-xss-protection
0
server
cafe
etag
629801499763588852
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 20 Dec 2022 01:05:49 GMT
bf9f55bc54fecda17e2273b660c9aea0.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/media/ Frame A3F1 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/media/bf9f55bc54fecda17e2273b660c9aea0.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
694e6c1873f759d3878e36ee39ed4ccfc9a9d652d9442e51f3479cea8b4bd8c4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 01 Dec 2022 09:44:47 GMT
x-content-type-options
nosniff
age
433404
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5715
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 14:14:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Dec 2023 09:44:47 GMT
901154728a0c8e9528491094b30a1b26.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/media/ Frame A3F1 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/media/901154728a0c8e9528491094b30a1b26.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26768bab684df896f527749eb45012964f848807e18eddb9bde52737a667bf9a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 30 Nov 2022 23:11:17 GMT
x-content-type-options
nosniff
age
471414
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1389
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 14:14:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 30 Nov 2023 23:11:17 GMT
02f3251ff2371e664364aff85d61becf.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/media/ Frame A3F1 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/media/02f3251ff2371e664364aff85d61becf.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23903be274e296639efdf0b84d2a4887be7326d066c3aefee1da494bfd45e2da
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 01 Dec 2022 06:26:49 GMT
x-content-type-options
nosniff
age
445282
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17038
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 14:14:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Dec 2023 06:26:49 GMT
undefinedr5mrx1
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/ Frame A3F1 		43 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/undefinedr5mrx1
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 10:08:11 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Tue, 06 Dec 2022 10:08:11 GMT
dc56a1070adf322516862fb686a73531.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/media/ Frame A3F1 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/media/dc56a1070adf322516862fb686a73531.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3775b97a9e71a4e5d22b2121a41494e7cef9e3a7b8ece07fa2904be0aae1c45b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 03 Dec 2022 03:18:39 GMT
x-content-type-options
nosniff
age
283772
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1308
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 14:14:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 03 Dec 2023 03:18:39 GMT
729773ebcea271639649799279830654.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/media/ Frame A3F1 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/media/729773ebcea271639649799279830654.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d90b136d498586b5cbadfc3a0c601c91cea3b6e7e205fa75ebd570f2c5cd682e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 06 Dec 2022 06:41:16 GMT
x-content-type-options
nosniff
age
12415
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1222
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 14:14:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 06 Dec 2023 06:41:16 GMT
c1c2113a2c50d0ceba0e2ae7d3cad296.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/media/ Frame A3F1 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/media/c1c2113a2c50d0ceba0e2ae7d3cad296.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
672e72f4e1b85c6f2035c40db51c0326d7b89a57b3337734a37a5e1e43b30e19
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 30 Nov 2022 22:08:00 GMT
x-content-type-options
nosniff
age
475211
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1534
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 14:14:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 30 Nov 2023 22:08:00 GMT
37eb2ad77f918450cc4964d58b0a7476.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/media/ Frame A3F1 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/media/37eb2ad77f918450cc4964d58b0a7476.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82661ce896588ec78d9bda7900c262fc121c4174e96fa3f8c054deebd65297a1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 30 Nov 2022 18:44:21 GMT
x-content-type-options
nosniff
age
487430
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1331
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 14:14:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 30 Nov 2023 18:44:21 GMT
d6beef42b9c043802acb9168cc3c9795.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/media/ Frame A3F1 		705 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/media/d6beef42b9c043802acb9168cc3c9795.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c273c08e2135f068e4fc1a2db5c2df8d5f1d8bf7df2e03262370f929e3b9b67
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 30 Nov 2022 17:49:13 GMT
x-content-type-options
nosniff
age
490738
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
705
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 14:14:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 30 Nov 2023 17:49:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2E3F 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 10:08:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47692
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670243872199174"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 10:08:11 GMT
truncated
/ Frame 2E3F 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72870850a5cc59c90f4e32eabebda0aac348d4ea012b6df24ce8af85d042a148

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1B4B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 10:08:11 GMT
expires
Tue, 06 Dec 2022 10:08:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 10:08:11 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
T3BTWj-SqXOOtsP36vZJ1esojObpW8ivZm_viBadolo.js
pagead2.googlesyndication.com/bg/ Frame B247 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/T3BTWj-SqXOOtsP36vZJ1esojObpW8ivZm_viBadolo.js
Requested by
Host: h.dolgoprudnyy.poiskator.su
URL: http://h.dolgoprudnyy.poiskator.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f70535a3f92a9738eb6c3f7eaf649d5eb288ce6e95bc8af666fef88169da25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 08:54:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4411
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Dec 2023 08:54:40 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221129&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b9b53acc75b3f039d981496f92dc804536d87ddaa78a3162b2ded43e08685e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://h.dolgoprudnyy.poiskator.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 10:08:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11309
x-xss-protection
0
T3BTWj-SqXOOtsP36vZJ1esojObpW8ivZm_viBadolo.js
pagead2.googlesyndication.com/bg/ Frame A3F1 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/T3BTWj-SqXOOtsP36vZJ1esojObpW8ivZm_viBadolo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f70535a3f92a9738eb6c3f7eaf649d5eb288ce6e95bc8af666fef88169da25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 08:54:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4411
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Dec 2023 08:54:40 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://h.dolgoprudnyy.poiskator.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 10:08:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Dec 2022 10:08:13 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2E3F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstRKIqLMs4A1oMQEZCzEXPQhPPIfvgaWw5w3NfG5rj6ZfuenOBYqa15ddpFi4s-lZOduBTsAG4aWBQqAN64HSASaxPNNxNsT8Gj1joUQVdULWPy-UG2VxCHwYUSrPcVqKFp0QY&sai=AMfl-YTQoC7m5SAurw8Xwtzr-UQd09PLk3IYl0D-S17gOUwuftqB7cc902SwX7WCPxjEy9tO9yz7I8sZAswFX9Y&sig=Cg0ArKJSzIotm5x2D4o2EAE&cid=CAQSGwDq26N9p1XNyH4T0lxdU-koubEUIYzYzDkFmBgBIBM&id=lidar2&mcvt=1000&p=0,1,124.25,1006&mtos=0,778,1000,1000,1000&tos=0,778,222,0,0&v=20221205&bin=7&avms=nio&bs=0,0&mc=0.78&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1670321290686&rpt=447&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 10:08:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FAFC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://h.dolgoprudnyy.poiskator.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
4412
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 08:54:41 GMT
expires
Wed, 06 Dec 2023 08:54:41 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F4A4 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
047fc2906b7ba066298394c3c6bbe363effc3972cfc72c9fd8fe8dd02eab327b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UqdzN7T6jtefAFAbocdi9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://h.dolgoprudnyy.poiskator.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-UqdzN7T6jtefAFAbocdi9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Dec 2022 10:08:13 GMT
expires
Tue, 06 Dec 2022 10:08:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
T3BTWj-SqXOOtsP36vZJ1esojObpW8ivZm_viBadolo.js
pagead2.googlesyndication.com/bg/ Frame FAFC 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/T3BTWj-SqXOOtsP36vZJ1esojObpW8ivZm_viBadolo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f70535a3f92a9738eb6c3f7eaf649d5eb288ce6e95bc8af666fef88169da25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 08:54:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4413
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 21 Nov 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 06 Dec 2023 08:54:40 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F4A4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221129&jk=250007747692704&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame FAFC 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?EjHstA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 10:08:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221129&jk=250007747692704&bg=!ysmlyY3NAAa7eOFIm3g7ACkAdvg8WsPH2y_dpDzxqt17QRnAh87SsDO0fzr5f4jBd4-_pkwPQY8B3AIAAACEUgAAAANoAQcKAFzs7cXvRpDCrs4EFF17KSuuUzY_RUQyIj8eCpHfk1jz3-DKvvfedCZVmninArkzAY4RG0XbHorj_noQFMCvQK7ZzpppY58tzBk50xUsuOCxS1bGoMHtr6a-pTLOmJkCr4rAjFE0nCz5_6r0Fd1YAaCD9EniJz_4cPNBSdjTFimJ918v3ZrzOs_D9J9Xnl5-iPEmJ6YmpZaFIPaegoL4VAcj69tNP4SZZrjcr8qAkTPCocFoOlcj_KiWUtzhDQg_xj_Ml-GA0NRpiqe_lZWyedidmJvQBPSkiqlLeKc4h4y6ljcpV_8RFHOAe_TvrbeKOgkUaeDEMOIi_4Zj9K_T-Y7CSeFVrhHAQMPuUYN5yJ6pVAn1AuhVUr8_UF9iYNUmnSX9GXgNdu45j7OnvL6qMp8hyb6TTPW_x9wzqT5ahxivgrwoaomcU5P0XE4uU9itrSntvJ4MeGqP1a_EFa45bSiKHMsK6Sved6emL1mBOEN6pdP3RTWouCZZ6ft48a06IypRVoYc5MIFyO-vNvYhOnGxOiVZKztd1IkeQWfJFMN4-S7TMeWQf3N6lCkMmUP0Vpk8pPOu2k5IEsReN4T11iGngvKBmo3QOklHSo73KhEVV5myM6-vB5m5qTopRi2-JcqYorX7SktbSQKWkdNrB3V2dE0ipTQMq5838HSNa2Wy7-55RX9KDmhV5ZETr47RHIF84SWx6o8tkU6bv1sq4DUF7cctzw1Uk-Jxz_0cXK9UZ8p5LIyvDAIfQZD8oXKiQQVG8VXzIcdrOlhw4Vm4tzQ4y2lLPg32nxu9A08rZdR8cODNaB1lZHZglNfO-rKDeB7qia3wQvQfzfWKmuROhCv1Zg9GY4DbGplIRGISqeu0r5WgCbDg_IhJf2d6SUJLnmhf6LuJ-Pwd5GgEP_nUhovUQ1iW4zXV8gsoCQXQVu5wpFoif6wPjC7fM_5w6AEAGHpfEoRbjsmIZuY32mDxYRSj1EqinStKOJI9J2Yg8fxgqPoHF1_EMxtHP7VOI4JOpL0ueL-77vkVf7lA7a674A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://h.dolgoprudnyy.poiskator.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-NJWL5MC007&gtm=2oebu0&_p=916985021&cid=1693928911.1670321290&ul=en-us&sr=1600x1200&_s=2&sid=1670321290&sct=1&seg=0&dl=http%3A%2F%2Fh.dolgoprudnyy.poiskator.su%2F&dt=%D0%9F%D0%9E%D0%98%D0%A1%D0%9A%D0%90%D0%A2%D0%9E%D0%A0%20-%20%D1%83%D0%B4%D0%BE%D0%B1%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%20%D1%81%D0%B0%D0%BC%D1%8B%D1%85%20%D1%81%D0%B2%D0%B5%D0%B6%D0%B8%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9&en=scroll&epn.percent_scrolled=90&_et=9
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NJWL5MC007&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://h.dolgoprudnyy.poiskator.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Dec 2022 10:08:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://h.dolgoprudnyy.poiskator.su
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontentvisibilityautostatechange object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| openNextCat function| random function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData function| onYouTubeIframeAPIReady object| google_llp number| google_lpabyc object| googletag object| GoogleGcLKhOms object| google_image_requests

10 Cookies

Domain/Path Name / Value
.poiskator.su/ Name: __gads
Value: ID=da93f94dfa5d315b-2213efc7d8d800bb:T=1670321290:RT=1670321290:S=ALNI_MYvO-X85-zXFmWYhTTNc4_JD2W7Sg
.poiskator.su/ Name: __gpi
Value: UID=000008c69120575c:T=1670321290:RT=1670321290:S=ALNI_Mb4_Em8p5wa5UIXCAhdGIjAMdRf1Q
.poiskator.su/ Name: _gid
Value: GA1.2.1737220873.1670321290
.poiskator.su/ Name: _gat_gtag_UA_127232603_1
Value: 1
.poiskator.su/ Name: _ga_NJWL5MC007
Value: GS1.1.1670321290.1.0.1670321290.0.0.0
.poiskator.su/ Name: _ga
Value: GA1.1.1693928911.1670321290
.doubleclick.net/ Name: IDE
Value: AHWqTUnJl3iHKGz25gLDieulIOOeZXTnLUtf99xBFYrZdYVH-TE6Veu5JFDvFWqwARw
.yadro.ru/ Name: FTID
Value: 1ZZnIB0FpA8S1ZZnIB002Tqt
.doubleclick.net/ Name: DSID
Value: NO_DATA
.yadro.ru/ Name: VID
Value: 2mBtTo3wNWeS1ZZnIB002Ex6

2 Console Messages

Source Level URL
Text
security error URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1(Line 21)
Message:
The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.
network error URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4127450053607902391/undefinedr5mrx1
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; connect-src http://pagead2.googlesyndication.com https://csi.gstatic.com https://pagead2.googlesyndication.com https://stats.g.doubleclick.net https://www.google-analytics.com 'report-sample'; font-src https://fonts.gstatic.com; frame-src https://googleads.g.doubleclick.net https://tpc.googlesyndication.com https://www.google.com 'report-sample'; img-src * 'report-sample'; manifest-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://pagead2.googlesyndication.com https://adservice.google.ae https://adservice.google.at https://adservice.google.az https://adservice.google.be https://adservice.google.bg https://adservice.google.bj https://adservice.google.by https://adservice.google.ca https://adservice.google.ch https://adservice.google.cl https://adservice.google.co.id https://adservice.google.co.il https://adservice.google.co.in https://adservice.google.co.jp https://adservice.google.co.kr https://adservice.google.co.uk https://adservice.google.co.uz https://adservice.google.co.za https://adservice.google.com https://adservice.google.com.ar https://adservice.google.com.au https://adservice.google.com.br https://adservice.google.com.cy https://adservice.google.com.eg https://adservice.google.com.gh https://adservice.google.com.ng https://adservice.google.com.pk https://adservice.google.com.sg https://adservice.google.com.tj https://adservice.google.com.tr https://adservice.google.com.tw https://adservice.google.com.ua https://adservice.google.com.vn https://adservice.google.cz https://adservice.google.de https://adservice.google.ee https://adservice.google.es https://adservice.google.fi https://adservice.google.fr https://adservice.google.ge https://adservice.google.gl https://adservice.google.gr https://adservice.google.hu https://adservice.google.ie https://adservice.google.iq https://adservice.google.it https://adservice.google.jo https://adservice.google.kg https://adservice.google.kz https://adservice.google.lt https://adservice.google.lu https://adservice.google.lv https://adservice.google.md https://adservice.google.mn https://adservice.google.mv https://adservice.google.nl https://adservice.google.no https://adservice.google.pl https://adservice.google.ps https://adservice.google.pt https://adservice.google.ro https://adservice.google.ru https://adservice.google.sc https://adservice.google.se https://adservice.google.sk https://adservice.google.sn https://adservice.google.tm https://pagead2.googlesyndication.com https://partner.googleadservices.com https://tpc.googlesyndication.com https://www.google-analytics.com https://www.googletagservices.com www.googletagmanager.com https://www.gstatic.com 'report-sample'; style-src 'self' 'unsafe-inline' https://www.gstatic.com 'report-sample'; report-uri /csp-report.php
Strict-Transport-Security max-age=15768000; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
counter.yadro.ru
fonts.googleapis.com
googleads.g.doubleclick.net
h.dolgoprudnyy.poiskator.su
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
2607:f8b0:4006:809::2002
2607:f8b0:4006:809::200e
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80e::2001
2607:f8b0:4006:817::2003
2607:f8b0:4006:817::2008
2607:f8b0:4006:81e::2002
2607:f8b0:4006:821::200a
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::2004
2a10:9200:1:ad::1
88.212.201.204
88.212.202.52
047fc2906b7ba066298394c3c6bbe363effc3972cfc72c9fd8fe8dd02eab327b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19faf481d0a2a2fdab710f94980706107e08066dcfc7ed662e5d2fc5991dd5d8
1c273c08e2135f068e4fc1a2db5c2df8d5f1d8bf7df2e03262370f929e3b9b67
1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152
23903be274e296639efdf0b84d2a4887be7326d066c3aefee1da494bfd45e2da
24a5c9b3a6ae329c08de559686268d57aadd1aef916ce806c5397e43fdb87964
24ed79128695eb25f2a99d4fbc882fa4b14ebaf1f3a70c6c27514ca65413cfc4
26768bab684df896f527749eb45012964f848807e18eddb9bde52737a667bf9a
2b9b53acc75b3f039d981496f92dc804536d87ddaa78a3162b2ded43e08685e9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3775b97a9e71a4e5d22b2121a41494e7cef9e3a7b8ece07fa2904be0aae1c45b
3ab8b3a0368fd252f52e010d138ff2c9b14d33972cee872eb400c0d539babc33
3d934257156f441f8231d9e618c3b71ed083c77e50357f9c56572c5dbfd761fa
44342a5be56e61bfe9a7a935260f1b0eb51360dd3be7efcd3ac145e649d28c65
48d8320967ee3adf5cfd89467b6c810809872a660ddc510ad76610dce9a6d411
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f70535a3f92a9738eb6c3f7eaf649d5eb288ce6e95bc8af666fef88169da25a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
581b92bbe05bbebf4ea9f95e1dd1c3a6c78d2212842090e9391525eccc011c63
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f5ce9f65460be13ecd26fbbb05806445861f53e01da856400244353576302f4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
672e72f4e1b85c6f2035c40db51c0326d7b89a57b3337734a37a5e1e43b30e19
67ccb921981c0d70a272f13159101b91c183bfe825ab325af8a574df7f63f61f
689f313aedbcf0fa2d1e383cfa7004ea9914121b1de499ab053fbed31d3a29bc
694e6c1873f759d3878e36ee39ed4ccfc9a9d652d9442e51f3479cea8b4bd8c4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d958ccde374ce86de23898b8a06c3f1d968fda65943698ac115c42b3dcb667d
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
72870850a5cc59c90f4e32eabebda0aac348d4ea012b6df24ce8af85d042a148
82661ce896588ec78d9bda7900c262fc121c4174e96fa3f8c054deebd65297a1
89a0bfd12a193515cd2d5d2ed88aaed0a93a2558c29dabdf432461c40795bbf3
8be8ce2526471d5e7b5a06e776a2aadcd28149fcdc42918286eb6e89b45c3753
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
b1cb6f5b19fc4b516fcbc1cf1cd5d15a32e059886a59ae4db0eecd6e021b92e3
b1d761e84671bdb97cc200e2b0693ba0411fc963cc230dd7a7c194757f650166
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
c09d28cb767050938a4e5f273cd33be0a0679de5b640bbf40c24a8514b3863d3
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
ca56bda0acb57d8c6d61cab2c1fa427557824d9267740567262da8b3505192ab
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d90b136d498586b5cbadfc3a0c601c91cea3b6e7e205fa75ebd570f2c5cd682e
df472cf420c129d36063addb805ca954c25d1ab0c0216a7b10bf0ab7a3c8b17f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4401b55a737f0ce57e38789a49116d0c41d181d0be0e7d2cdf20f3821585cf5
ec7e7224f1fff9c07e0a4e8cb23b2347591ee74dc1b289061eaf0a0eb3f0c683
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef40be3d974c8cc776013f7b7f1095aafdee5b7bd914e907da97fad4ae06a9eb
f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
f0ef47a36092be1edfc1c8e2554c1a29f8cbf78875602e7408f42aa906284af3
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a
fb0b01a387ef8c09939c46f9c4ef3cb8b01bd5edcf9d48f2c37be4afbd819ec7
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48