microsoftportal.net Open in urlscan Pro
46.254.16.156 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://microsoftportal.net/
Submission: On December 25 via api (December 25th 2021, 7:12:51 am UTC) from VN — Scanned from DE

Summary HTTP 181 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 43 IPs in 6 countries across 47 domains to perform 181 HTTP transactions. The main IP is 46.254.16.156, located in Russian Federation and belongs to EUROBYTE Eurobyte LLC, RU. The main domain is microsoftportal.net.
TLS certificate: Issued by R3 on December 25th 2021. Valid for: 3 months.

This is the only time microsoftportal.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	46.254.16.156 46.254.16.156	210079 (EUROBYTE ...) (EUROBYTE Eurobyte LLC)
15	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3 12	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
1 5	217.69.133.145 217.69.133.145	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 13	46.4.114.109 46.4.114.109	24940 (HETZNER-AS) (HETZNER-AS)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
1	81.19.89.17 81.19.89.17	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
18	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3 4	96.46.183.20 96.46.183.20	7979 (SERVERS-COM) (SERVERS-COM)
1 1	159.69.74.6 159.69.74.6	24940 (HETZNER-AS) (HETZNER-AS)
4	195.201.243.71 195.201.243.71	24940 (HETZNER-AS) (HETZNER-AS)
2 2	193.232.150.46 193.232.150.46	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2 2	81.222.128.14 81.222.128.14	20597 (ELTEL-AS) (ELTEL-AS)
2	81.222.128.216 81.222.128.216	20597 (ELTEL-AS) (ELTEL-AS)
1	2606:4700:303... 2606:4700:3039::6815:c0a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	194.190.117.94 194.190.117.94	204600 (REPUBLER-AS) (REPUBLER-AS)
2 4	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	37.18.103.21 37.18.103.21	205675 (HYBRID-AS) (HYBRID-AS)
2	185.15.175.147 185.15.175.147	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	195.201.152.110 195.201.152.110	24940 (HETZNER-AS) (HETZNER-AS)
2 2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 1	109.248.237.37 109.248.237.37	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
1	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	95.163.37.253 95.163.37.253	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1 1	185.147.80.35 185.147.80.35	41722 (MIRAN-AS ...) (MIRAN-AS Miran DC)
1 2	136.243.148.229 136.243.148.229	24940 (HETZNER-AS) (HETZNER-AS)
1 1	80.64.106.147 80.64.106.147	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1 1	5.200.44.122 5.200.44.122	48096 (ITGRAD) (ITGRAD)
1 1	37.9.245.57 37.9.245.57	16345 (BEE-AS Ru...) (BEE-AS Russia)
1 2	89.108.97.2 89.108.97.2	197695 (AS-REG) (AS-REG)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
5 5	217.66.147.164 217.66.147.164	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
2 2	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
2 4	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
1 1	148.251.156.238 148.251.156.238	24940 (HETZNER-AS) (HETZNER-AS)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	65.108.1.47 65.108.1.47	24940 (HETZNER-AS) (HETZNER-AS)
1	217.65.2.150 217.65.2.150	3175 (CITYTELEC...) (CITYTELECOM-MSK)
1	93.95.102.105 93.95.102.105	48347 (MTW-AS) (MTW-AS)
2 3	89.108.120.68 89.108.120.68	197695 (AS-REG) (AS-REG)
1 1	130.193.58.13 130.193.58.13	200350 (YANDEXCLOUD) (YANDEXCLOUD)
2	2606:4700:10:... 2606:4700:10::6816:557	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	81.19.89.18 81.19.89.18	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1	188.42.29.80 188.42.29.80	7979 (SERVERS-COM) (SERVERS-COM)
25	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2 4	185.15.175.148 185.15.175.148	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
181	43

34 46.254.16.156 (Russian Federation)

ASN210079 (EUROBYTE Eurobyte LLC, RU)
PTR: hosted-by.ihc.ru

microsoftportal.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

informer.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 217.69.133.145 (Russian Federation) 1 redirects

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 46.4.114.109 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1271137.aucourant.info

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.19.89.17 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

st.top100.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 96.46.183.20 (United States) 3 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.74.6 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1290922.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 195.201.243.71 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ingolstadt.aucourant.info

acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.46 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp19.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.14 (Russian Federation) 2 redirects

ASN20597 (ELTEL-AS, RU)
PTR: ad4.adriver.ru

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.216 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad16.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c0a2 (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.117.94 (Russian Federation) 2 redirects

ASN204600 (REPUBLER-AS, RU)
PTR: carp.bspb2.kavanga.ru

sync.republer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.172.81.158 (Muehlheim am Main, Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.160 (Muehlheim am Main, Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.103.21 (Netherlands)

ASN205675 (HYBRID-AS, RU)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.147 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.152.110 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.110.152.201.195.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.37 (Moscow, Russian Federation) 1 redirects

ASN201009 (SUPPORTIT-AS, RU)

stat.adlabs.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.66.35 (Purmer, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

adlmerge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.163.37.253 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: relap.io

relap.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.147.80.35 (Russian Federation) 1 redirects

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: ssp2.bestssp.com

ssp.bestssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.148.229 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.229.148.243.136.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.147 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr2.rutarget.ru

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.200.44.122 (Moscow, Russian Federation) 1 redirects

ASN48096 (ITGRAD, RU)

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.9.245.57 (Russian Federation) 1 redirects

ASN16345 (BEE-AS Russia, RU)

0100007f6cc4c6612405c70e02b87374-sp.ops.beeline.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.97.2 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru

ut.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 217.66.147.164 (St Petersburg, Russian Federation) 5 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-164-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.87.44.187 (Moscow, Russian Federation) 2 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::90 (Moscow, Russian Federation) 2 redirects

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.156.238 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.238.156.251.148.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.108.1.47 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.47.1.108.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

fcgi4.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.108.120.68 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.193.58.13 (Russian Federation) 1 redirects

ASN200350 (YANDEXCLOUD, RU)

pixel.konnektu.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:557 (United States)

ASN13335 (CLOUDFLARENET, US)

s3.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.19.89.18 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.29.80 (Luxembourg)

ASN7979 (SERVERS-COM, US)

api.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.15.175.148 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	429 KB
34	microsoftportal.net microsoftportal.net	895 KB
19	doubleclick.net 2 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	172 KB
17	acint.net 2 redirects www.acint.net acint.net	16 KB
16	gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com fonts.gstatic.com	232 KB
9	yandex.com 2 redirects mc.yandex.com	3 KB
7	mts.ru 7 redirects sm.rtb.mts.ru tech.rtb.mts.ru	4 KB
7	yandex.ru 3 redirects informer.yandex.ru mc.yandex.ru an.yandex.ru	70 KB
6	digitaltarget.ru 2 redirects tag.digitaltarget.ru dmg.digitaltarget.ru	22 KB
6	google.com 3 redirects adservice.google.com www.google.com	1 KB
6	mail.ru 1 redirects top-fwz1.mail.ru ad.mail.ru	17 KB
5	googletagservices.com www.googletagservices.com	183 KB
4	googleapis.com fonts.googleapis.com	3 KB
4	bumlam.com 2 redirects sync.bumlam.com	2 KB
4	adriver.ru 2 redirects ad.adriver.ru ssp.adriver.ru	2 KB
4	betweendigital.com 3 redirects ads.betweendigital.com	3 KB
3	advarkads.com s3.advarkads.com api.advarkads.com	8 KB
3	aidata.io 2 redirects x01.aidata.io	1 KB
2	rambler.ru kraken.rambler.ru	1 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr	500 B
2	rktch.com 1 redirects ut.rktch.com	683 B
2	1dmp.io 1 redirects sync.1dmp.io	815 B
2	adsniper.ru 2 redirects sync3.adsniper.ru	1 KB
2	republer.com 2 redirects sync.republer.com	950 B
2	adhigh.net 2 redirects px.adhigh.net	828 B
2	google.de adservice.google.de	914 B
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	facebook.net connect.facebook.net	83 KB
1	konnektu.ru 1 redirects pixel.konnektu.ru	262 B
1	gnezdo.ru fcgi4.gnezdo.ru	189 B
1	new-programmatic.com match.new-programmatic.com	215 B
1	bidvol.com 1 redirects ssp.bidvol.com	454 B
1	uuidksinc.net 1 redirects s.uuidksinc.net	208 B
1	buzzoola.com 1 redirects exchange.buzzoola.com	176 B
1	beeline.ru 1 redirects 0100007f6cc4c6612405c70e02b87374-sp.ops.beeline.ru	634 B
1	adlook.me 1 redirects ads.adlook.me	163 B
1	rutarget.ru 1 redirects sape-sync.rutarget.ru	416 B
1	bestssp.com 1 redirects ssp.bestssp.com	304 B
1	relap.io relap.io	1018 B
1	adlmerge.com adlmerge.com	115 B
1	adlabs.ru 1 redirects stat.adlabs.ru	108 B
1	otm-r.com sync.dmp.otm-r.com	69 B
1	hybrid.ai dm-eu.hybrid.ai	239 B
1	utraff.com a.utraff.com	815 B
1	sape.ru 1 redirects ssp-rtb.sape.ru	566 B
1	googleadservices.com partner.googleadservices.com	652 B
1	top100.ru st.top100.ru	66 KB
181	47

	Domain	Requested by
34	microsoftportal.net	microsoftportal.net
25	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net microsoftportal.net
15	pagead2.googlesyndication.com	microsoftportal.net pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
13	www.acint.net	2 redirects microsoftportal.net www.acint.net
9	mc.yandex.com	2 redirects mc.yandex.ru microsoftportal.net
5	www.gstatic.com	googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
5	sm.rtb.mts.ru	5 redirects
5	top-fwz1.mail.ru	1 redirects microsoftportal.net top-fwz1.mail.ru
4	dmg.digitaltarget.ru	2 redirects www.acint.net
4	www.google.com	3 redirects tpc.googlesyndication.com
4	fonts.googleapis.com	googleads.g.doubleclick.net
4	an.yandex.ru	2 redirects www.acint.net
4	sync.bumlam.com	2 redirects www.acint.net
4	acint.net	www.acint.net
4	ads.betweendigital.com	3 redirects www.acint.net
3	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
3	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
3	x01.aidata.io	2 redirects www.acint.net
2	fonts.gstatic.com	fonts.googleapis.com
2	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
2	kraken.rambler.ru	st.top100.ru microsoftportal.net
2	s3.advarkads.com	www.acint.net s3.advarkads.com
2	tech.rtb.mts.ru	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	ut.rktch.com	1 redirects www.acint.net
2	sync.1dmp.io	1 redirects www.acint.net
2	cm.g.doubleclick.net	2 redirects
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	sync3.adsniper.ru	2 redirects
2	sync.republer.com	2 redirects
2	ssp.adriver.ru	www.acint.net
2	ad.adriver.ru	2 redirects
2	px.adhigh.net	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	mc.yandex.ru	1 redirects microsoftportal.net
2	counter.yadro.ru	1 redirects microsoftportal.net
2	connect.facebook.net	microsoftportal.net connect.facebook.net
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	api.advarkads.com	s3.advarkads.com
1	pixel.konnektu.ru	1 redirects
1	fcgi4.gnezdo.ru	www.acint.net
1	match.new-programmatic.com	www.acint.net
1	ssp.bidvol.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	exchange.buzzoola.com	1 redirects
1	0100007f6cc4c6612405c70e02b87374-sp.ops.beeline.ru	1 redirects
1	ads.adlook.me	1 redirects
1	sape-sync.rutarget.ru	1 redirects
1	ssp.bestssp.com	1 redirects
1	relap.io	www.acint.net
1	adlmerge.com	www.acint.net
1	stat.adlabs.ru	1 redirects
1	sync.dmp.otm-r.com	www.acint.net
1	dm-eu.hybrid.ai	www.acint.net
1	a.utraff.com	www.acint.net
1	ad.mail.ru	www.acint.net
1	ssp-rtb.sape.ru	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	st.top100.ru	microsoftportal.net
1	informer.yandex.ru	microsoftportal.net
181	63

This site contains links to these domains. Also see Links.

Domain
perevozka-spb.ru
p100.tv
dtgt.dp.ua
dobrivikna.com.ua
3net.org.ua
www.liveinternet.ru
metrika.yandex.ru
top100.rambler.ru
top.mail.ru
www.facebook.com
www.odnoklassniki.ru
vk.com
twitter.com
www.youtube.com
steamcommunity.com
plus.google.com

Subject Issuer	Validity	Valid
microsoftportal.net R3	`2021-12-25` - `2022-03-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-03` - `2022-01-01`	3 months	crt.sh
*.acint.net R3	`2021-12-16` - `2022-03-16`	3 months	crt.sh
*.top100.ru RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-02-15` - `2022-02-14`	a year	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
tag.digitaltarget.ru R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
sync.dmp.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-18` - `2022-06-18`	a year	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
relap.io GeoTrust RSA CA 2018	`2021-08-26` - `2022-09-26`	a year	crt.sh
new-programmatic.com R3	`2021-10-24` - `2022-01-22`	3 months	crt.sh
fcgi4.gnezdo.ru R3	`2021-11-08` - `2022-02-06`	3 months	crt.sh
*.bumlam.com R3	`2021-12-08` - `2022-03-08`	3 months	crt.sh
advarkads.com Cloudflare Inc ECC CA-3	`2021-06-08` - `2022-06-07`	a year	crt.sh
*.rambler.ru RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-20` - `2022-05-19`	a year	crt.sh
*.advarkads.com GlobalSign GCC R3 DV TLS CA 2020	`2020-12-03` - `2022-01-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://microsoftportal.net/
Frame ID: 2FA08B184E6103B4555216C0EAB48EE9
Requests: 65 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: 572468B2192688290F8C144E976DD9A3
Requests: 1 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=10&tc=1
Frame ID: 76928CD0D335B7E9EB084C4B8B39275C
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&h=90&slotname=2908634292&adk=3175562939&adf=658274708&pi=t.ma~as.2908634292&w=728&lmt=1640416364&psa=0&format=728x90&url=https%3A%2F%2Fmicrosoftportal.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640416364852&bpp=4&bdt=287&idt=86&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=982702852882&frm=20&pv=2&ga_vid=1225953099.1640416365&ga_sid=1640416365&ga_hid=139679891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=250&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C31063824&oid=2&pvsid=3866466638775476&pem=996&tmod=991&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=BU0vNWFOfP&p=https%3A//microsoftportal.net&dtd=98
Frame ID: 32A3138367CA1FCC870F4881BE1E33E2
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&h=600&slotname=2618197074&adk=2460103794&adf=3305433536&pi=t.ma~as.2618197074&w=300&fwrn=4&fwrnh=100&lmt=1640416364&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fmicrosoftportal.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640416364856&bpp=1&bdt=291&idt=102&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=982702852882&frm=20&pv=1&ga_vid=1225953099.1640416365&ga_sid=1640416365&ga_hid=139679891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1099&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C31063824&oid=2&pvsid=3866466638775476&pem=996&tmod=991&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rSVjrZdHA9&p=https%3A//microsoftportal.net&dtd=105
Frame ID: 8B40099C2D3A85741792553965CA5036
Requests: 18 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F6CC4C6612405C70E02B87374
Frame ID: 26DDED538B8D9862BE5726E630984A7D
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&h=280&slotname=7615861873&adk=1353954373&adf=392815488&pi=t.ma~as.7615861873&w=1197&fwrn=4&fwrnh=100&lmt=1640416364&rafmt=1&psa=0&format=1197x280&url=https%3A%2F%2Fmicrosoftportal.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640416364857&bpp=1&bdt=292&idt=109&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x600&correlator=982702852882&frm=20&pv=1&ga_vid=1225953099.1640416365&ga_sid=1640416365&ga_hid=139679891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=2208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C31063824&oid=2&pvsid=3866466638775476&pem=996&tmod=991&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=lnvm7Fmo9X&p=https%3A//microsoftportal.net&dtd=113
Frame ID: 487568136A3B95CBA99A5807E4C19761
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&adk=1812271804&adf=3025194257&lmt=1640416364&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmicrosoftportal.net%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640416364866&bpp=1&bdt=302&idt=107&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x600%2C1197x280&nras=1&correlator=982702852882&frm=20&pv=1&ga_vid=1225953099.1640416365&ga_sid=1640416365&ga_hid=139679891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C31063824&oid=2&pvsid=3866466638775476&pem=996&tmod=991&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=112
Frame ID: F99CD38B577E6EDC58315331359D8D49
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: B8E4136602C0094D17997A7CE16DC5C1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0E2261C22F7D710CB986557BFCEE9BE1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Frame ID: 6DD30CF99F50817BC5ABF96B9D7C0205
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Frame ID: 3281DCE71E5F0F5795327EF3125CB860
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Frame ID: 9F00492ECF43C59F0DED094F53FAF2F0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 686F85B4DF2F7A03A90F1E9FD73DB706
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Frame ID: BE64F251AD16ED412666382EE5851D80
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EFE0E9D499A789B3DECD3728F9871A57
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: E1430419DF62690C79B6E9E632342CD2
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6739B0A24FF3B15477B802945B560EC4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Frame ID: A04A1FBA8259A858BFBE3A00BE4962BD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js
Frame ID: FD3BDEEEDDBBCDBBC015AEC2B7F4BA04
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 108758D1E8B82970CD9C05DF3450999C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7D45067FA4405DEC33EB693BA0C5F287
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MSPortal

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

181
Requests

86 %
HTTPS

32 %
IPv6

47
Domains

63
Subdomains

43
IPs

6
Countries

2202 kB
Transfer

4463 kB
Size

98
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://perevozka-spb.ru/
Title: сайте

Search URL Search Domain Scan URL

URL: http://p100.tv/
Title: опубликован тут

Search URL Search Domain Scan URL

URL: http://dtgt.dp.ua/
Title: Золотой кубок

Search URL Search Domain Scan URL

URL: https://dobrivikna.com.ua/
Title: здесь

Search URL Search Domain Scan URL

URL: http://3net.org.ua/
Title: Поинт лото

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: https://metrika.yandex.ru/stat/?id=10478836&from=informer

Search URL Search Domain Scan URL

URL: https://top100.rambler.ru/home?id=2584737

Search URL Search Domain Scan URL

URL: https://top.mail.ru/jump?from=2124891

Search URL Search Domain Scan URL

URL: https://www.facebook.com/microsoftportal

Search URL Search Domain Scan URL

URL: http://www.odnoklassniki.ru/group/51631113764995

Search URL Search Domain Scan URL

URL: http://vk.com/microsoftportal

Search URL Search Domain Scan URL

URL: https://twitter.com/microsoftportal

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCiih5R_7C82ChX0YqUAWTtA

Search URL Search Domain Scan URL

URL: http://steamcommunity.com/groups/microsoftportal

Search URL Search Domain Scan URL

URL: https://plus.google.com/+MicrosoftPortalNET/posts

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://top-fwz1.mail.ru/counter?id=2124891;t=433;l=1 HTTP 302
https://top-fwz1.mail.ru/counter2?id=2124891;t=433;l=1

Request Chain 36

https://counter.yadro.ru/hit?t15.1;r;s1600*1200*24;uhttps%3A//microsoftportal.net/;hMSPortal;0.021343113101302436 HTTP 302
https://counter.yadro.ru/hit?q;t15.1;r;s1600*1200*24;uhttps%3A//microsoftportal.net/;hMSPortal;0.021343113101302436

Request Chain 45

https://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10&tc=1

Request Chain 51

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F6CC4C6612405C70E02B87374 HTTP 302
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F6CC4C6612405C70E02B87374&crf=1

Request Chain 52

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=0100007F6CC4C6611300825E024CE1B8

Request Chain 53

https://px.adhigh.net/p/cm/sape?u=0100007F6CC4C6612405C70E02B87374 HTTP 302
https://px.adhigh.net/p/cm/sape?u=0100007F6CC4C6612405C70E02B87374&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=uLvejjOzaOk0.AikABlF98G9KQg

Request Chain 55

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5766999566 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=AOb9f0eZHJ2WfuVcjzEcSjg&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F6CC4C6612605B50E02EB395A

Request Chain 57

https://sync.republer.com/match?dsp=sape HTTP 307
https://sync.republer.com/match?dsp=sape&qset=1 HTTP 307
https://sync.bumlam.com/?src=rp1&uid=5726b9d6-697a-44b5-8231-c154e5aadadd HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjtiJuOBlIEioaQK2IkNTcyNmI5ZDYtNjk3YS00NGI1LTgyMzEtYzE1NGU1YWFkYWRk HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjtiJuOBlIEioaQK2IkNTcyNmI5ZDYtNjk3YS00NGI1LTgyMzEtYzE1NGU1YWFkYWRkogEQDwQ8LmVSEeym6QAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQABjtiJuOBmIkNTcyNmI5ZDYtNjk3YS00NGI1LTgyMzEtYzE1NGU1YWFkYWRkogEQDwQ8LmVSEeym6QAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQARjtiJuOBmIkNTcyNmI5ZDYtNjk3YS00NGI1LTgyMzEtYzE1NGU1YWFkYWRkogEQDwQ8LmVSEeym6QAlkMgkNw**

Request Chain 61

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf2zExmEkBccOArhzdA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf2zExmEkBccOArhzdA&google_tc= HTTP 302
https://www.acint.net/match?dp=77&euid=

Request Chain 62

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F6CC4C6612405C70E02B87374 HTTP 302
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F6CC4C6612405C70E02B87374

Request Chain 65

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP 302
https://www.acint.net/match?dp=95&euid=KUNLTYVX

Request Chain 66

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F6CC4C6612405C70E02B87374 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F6CC4C6612405C70E02B87374&cs=1

Request Chain 67

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=86FI9JEAkJDx

Request Chain 68

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://acint.net/match?dp=107&euid=d8225777-db3d-5367-894d-3234e88bf659

Request Chain 69

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP 302
https://acint.net/match?dp=110&euid=c6554327e719412a99a5a515686abad1

Request Chain 70

https://0100007f6cc4c6612405c70e02b87374-sp.ops.beeline.ru/p?ssp=sp&id=0100007F6CC4C6612405C70E02B87374 HTTP 301
https://www.acint.net/match?dp=111&euid=fa763ecf-face-4ddb-bc9b-2681fe52422d

Request Chain 71

https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F6CC4C6612405C70E02B87374 HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=144535463 HTTP 302
https://ut.rktch.com/matchspm?pi=1000006&pui=QaC00ldUVzxnrNBxmVXl1u&noredirect

Request Chain 72

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F6CC4C6612405C70E02B87374 HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F6CC4C6612405C70E02B87374 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=37074cd9-fd6c-4065-aed2-6bb8f029afea&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FNwdM2f1sQGWu0mu48Cmv6g%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D30%2526em%253D0%26sign%3D1642731105 HTTP 302
https://an.yandex.ru/setud/mts_banner/NwdM2f1sQGWu0mu48Cmv6g?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=1642731105 HTTP 302
https://an.yandex.ru/setud/mts_banner/NwdM2f1sQGWu0mu48Cmv6g?redir-setuniq=1&location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=1642731105

Request Chain 73

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=dab6c64b-9e15-4ba8-4ffd-9bf532372161

Request Chain 74

https://s.uuidksinc.net/match/396/?remote_uid=0100007F6CC4C6612405C70E02B87374 HTTP 302
https://www.acint.net/match?dp=127&euid=yqHQE9BOnenNMh3AWGv2

Request Chain 75

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1 HTTP 302
https://www.acint.net/match?dp=129&euid=urkrp8y5ti

Request Chain 78

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F6CC4C6612405C70E02B87374 HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F6CC4C6612405C70E02B87374&bounce=1 HTTP 302
https://sm.rtb.mts.ru/p?ssp=aidata&id=lid0qgBLv2WRy5K%2Bntr8OA HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=51&exu=lid0qgBLv2WRy5K%2Bntr8OA HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=37074cd9-fd6c-4065-aed2-6bb8f029afea&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D51%2526em%253D1%2526ssp%253Dkonnektu%2526exu%253Dlid0qgBLv2WRy5K%25252Bntr8OA%2526id%253D%257BUSER_ID%257D HTTP 302
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D1%26ssp%3Dkonnektu%26exu%3Dlid0qgBLv2WRy5K%252Bntr8OA%26id%3D%7BUSER_ID%7D HTTP 302
https://sm.rtb.mts.ru/em?next=51&em=1&ssp=konnektu&exu=lid0qgBLv2WRy5K%2Bntr8OA&id= HTTP 301
https://x01.aidata.io/0.gif?pid=9503528&uid=37074cd9-fd6c-4065-aed2-6bb8f029afea&exu=lid0qgBLv2WRy5K%!B(string=%20%20)ntr8OA

Request Chain 80

https://an.yandex.ru/mapuid/sapeis/0100007F6CC4C6612405C70E02B87374 HTTP 302
https://an.yandex.ru/mapuid/sapeis/0100007F6CC4C6612405C70E02B87374?redir-setuniq=1

Request Chain 89

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9498.7OfTJGHFsfr8swmS6xTZuhYNoW8AHMqKoJROJbncWTwYKBr0i4F2oAdq3Ry_mhkv.zUdAjWe9Sg6sENHHuVi6UmlIBHg%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9498.Xr30ziOPQSq7BwN0v2dD4WUXWt8GsDzj09AL-fLg948zoG0xXxKTxWjc96E7kvYD8WsvwZT-9l8-t2LqBwMfHQ%2C%2C.rAxmL15BZgS7NC_7FGBIUZEvf_M%2C

Request Chain 92

https://mc.yandex.com/watch/10478836?wmode=7&page-url=https%3A%2F%2Fmicrosoftportal.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykdauinnulox185iv3%3Afp%3A737%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A555795306657%3Ahid%3A34755083%3Az%3A0%3Ai%3A20211225071245%3Aet%3A1640416365%3Ac%3A1%3Arn%3A413065758%3Arqn%3A1%3Au%3A1640416365193618850%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1640416364048%3Ads%3A17%2C92%2C404%2C1%2C0%2C0%2C%2C248%2C6%2C%2C%2C%2C838%3Adsn%3A18%2C91%2C404%2C2%2C0%2C0%2C%2C249%2C5%2C%2C%2C%2C839%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640416365%3At%3AMSPortal&t=gdpr(14)aw(1)mtb(0)efid(1)ti(2) HTTP 302
https://mc.yandex.com/watch/10478836/1?wmode=7&page-url=https%3A%2F%2Fmicrosoftportal.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykdauinnulox185iv3%3Afp%3A737%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A555795306657%3Ahid%3A34755083%3Az%3A0%3Ai%3A20211225071245%3Aet%3A1640416365%3Ac%3A1%3Arn%3A413065758%3Arqn%3A1%3Au%3A1640416365193618850%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1640416364048%3Ads%3A17%2C92%2C404%2C1%2C0%2C0%2C%2C248%2C6%2C%2C%2C%2C838%3Adsn%3A18%2C91%2C404%2C2%2C0%2C0%2C%2C249%2C5%2C%2C%2C%2C839%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640416365%3At%3AMSPortal&t=gdpr%2814%29aw%281%29mtb%280%29efid%281%29ti%282%29

Request Chain 121

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 123

https://dmg.digitaltarget.ru/1/1093/i/i?i=536966666337741.347839591139939&a=77&e=0100007F6CC4C6612405C70E02B87374&pref=https%3A%2F%2Fmicrosoftportal.net%2F&c=ss:77.up:0100007F6CC4C6612405C70E02B87374.sync:up.xdua:duT7xYL4jtnqVvIdHknaMibw.xps:xps44SLCCOfwrpdPUH3OOHzmV.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=536966666337741.347839591139939&a=77&e=0100007F6CC4C6612405C70E02B87374&pref=https%3A%2F%2Fmicrosoftportal.net%2F&c=ss:77.up:0100007F6CC4C6612405C70E02B87374.sync:up.xdua:duT7xYL4jtnqVvIdHknaMibw.xps:xps44SLCCOfwrpdPUH3OOHzmV.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Request Chain 124

https://dmg.digitaltarget.ru/1/1093/i/i?i=536966666337741.993990860377467&a=77&e=0100007F6CC4C6612405C70E02B87374&pref=https%3A%2F%2Fmicrosoftportal.net%2F&c=ss:77.up:0100007F6CC4C6612405C70E02B87374.sync:up.xdua:duT7xYL4jtnqVvIdHknaMibw.xps:xps44SLCCOfwrpdPUH3OOHzmV.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=536966666337741.993990860377467&a=77&e=0100007F6CC4C6612405C70E02B87374&pref=https%3A%2F%2Fmicrosoftportal.net%2F&c=ss:77.up:0100007F6CC4C6612405C70E02B87374.sync:up.xdua:duT7xYL4jtnqVvIdHknaMibw.xps:xps44SLCCOfwrpdPUH3OOHzmV.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Request Chain 164

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 166

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

181 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
microsoftportal.net/ 38 KB
11 KB 514ms
404ms Document
text/html 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftportal.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 / PHP/7.2.34
Resource Hash: f8f7d75d67db3a5a6ab2ac6c1bc96e157be5f5dc898a980f71628bb4e8fdfcf2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx/1.20.2
Date: Sat, 25 Dec 2021 07:12:46 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip

GET
H/1.1 200
OK index.php Show response
microsoftportal.net/engine/classes/min/ 84 KB
29 KB 81ms
80ms Script
application/x-javascript 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftportal.net/engine/classes/min/index.php?g=general&v=27
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 / PHP/7.2.34
Resource Hash: b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Content-Encoding: gzip
Last-Modified: Sat, 28 Dec 2019 11:45:54 GMT
Server: nginx/1.20.2
X-Powered-By: PHP/7.2.34
ETag: "pub1577533554;gz"
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 29779
Expires: Sun, 25 Dec 2022 07:12:46 GMT

GET
H/1.1 200
OK index.php Show response
microsoftportal.net/engine/classes/min/ 128 KB
34 KB 260ms
125ms Script
application/x-javascript 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftportal.net/engine/classes/min/index.php?f=engine/classes/js/jqueryui.js,engine/classes/js/dle_js.js&v=27
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 / PHP/7.2.34
Resource Hash: f60527825f5eb56b1f7bf9f6ab37c9c865bb6ef2ace55674b4f1cccd4209b670

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Content-Encoding: gzip
Last-Modified: Sat, 28 Dec 2019 11:45:54 GMT
Server: nginx/1.20.2
X-Powered-By: PHP/7.2.34
ETag: "pub1577533554;gz"
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 34007
Expires: Sun, 25 Dec 2022 07:12:46 GMT

GET
H/1.1 200
OK engine.css
microsoftportal.net/templates/MSPortal/style/ 61 KB
25 KB 176ms
89ms Stylesheet
text/css 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftportal.net/templates/MSPortal/style/engine.css
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: 572e2f25267f2879b7d5c14151314133fc8c67293837ce4bb184153664694160

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Content-Encoding: gzip
Last-Modified: Sun, 28 Jan 2018 23:35:29 GMT
Server: nginx/1.20.2
ETag: W/"5a6e5e41-f36f"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK styles.css
microsoftportal.net/templates/MSPortal/style/ 27 KB
8 KB 132ms
45ms Stylesheet
text/css 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftportal.net/templates/MSPortal/style/styles.css
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: f0c9f90c27c6cbac55ffd616c55711f9693d0a52ae63c6948d23e3f62ae4385b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 May 2021 19:36:55 GMT
Server: nginx/1.20.2
ETag: W/"60b14657-6c27"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK libs.js Show response
microsoftportal.net/templates/MSPortal/js/ 1 KB
822 B 133ms
45ms Script
application/javascript 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftportal.net/templates/MSPortal/js/libs.js
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: a61eeea560e1f947cd3e50db09d52da15eebe911865e29f5398bb44cb0d9252e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Content-Encoding: gzip
Last-Modified: Sun, 28 Jan 2018 23:35:32 GMT
Server: nginx/1.20.2
ETag: W/"5a6e5e44-500"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK style.css
microsoftportal.net/templates/MSPortal/icomm/ 838 B
640 B 132ms
45ms Stylesheet
text/css 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftportal.net/templates/MSPortal/icomm/style.css
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: 18f0f623763901aeeb156407ed6a37d5c0716ff174ba9a6ce09fbb5ed9d45d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Content-Encoding: gzip
Last-Modified: Sun, 28 Jan 2018 23:35:31 GMT
Server: nginx/1.20.2
ETag: W/"5a6e5e43-346"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK tipsy.css
microsoftportal.net/templates/MSPortal/js/ 607 B
548 B 132ms
45ms Stylesheet
text/css 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftportal.net/templates/MSPortal/js/tipsy.css
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: 65b45154530acccb3435ac25e0f1bc131589c2388bfd67481526cbe2ed521eca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Content-Encoding: gzip
Last-Modified: Sun, 28 Jan 2018 23:35:32 GMT
Server: nginx/1.20.2
ETag: W/"5a6e5e44-25f"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK jquery.tipsy.js Show response
microsoftportal.net/templates/MSPortal/js/ 2 KB
2 KB 178ms
44ms Script
application/javascript 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftportal.net/templates/MSPortal/js/jquery.tipsy.js
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: 449ef4a890525256bc3bc16dea519e857a7a694c5048820cc7271e713766652b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Content-Encoding: gzip
Last-Modified: Sun, 28 Jan 2018 23:35:32 GMT
Server: nginx/1.20.2
ETag: W/"5a6e5e44-86b"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK noavatar.png
microsoftportal.net/templates/MSPortal/dleimages/ 1 KB
1 KB 45ms
44ms Image
image/png 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftportal.net/templates/MSPortal/dleimages/noavatar.png
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: 479b699a76b4f1c5d74bf82e7351685c455b79547d10b6891680fbfa590e68ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:28 GMT
Server: nginx/1.20.2
ETag: "5a6e5e40-4c7"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1223

GET
H/1.1 200
OK logo.png
microsoftportal.net/templates/MSPortal/images/ 22 KB
22 KB 46ms
44ms Image
image/png 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftportal.net/templates/MSPortal/images/logo.png
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: 2ac0b867fa66324ed79b248a5fa546bde07c503e90754be44773cfa368d3217e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:31 GMT
Server: nginx/1.20.2
ETag: "5a6e5e43-56f0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22256

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 58ms
34ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15ebd3fea955e8b57f8c2a0529312e251907d6bf2c9fdec448c886d1d76d9ec6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51831
x-xss-protection: 0
server: cafe
etag: 10428275096539019523
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 07:12:44 GMT

GET
H/1.1 200
OK 1640348322_1637763165_1619796723_1612445210_1553423146_skype3_story.jpg
microsoftportal.net/uploads/posts/2021-12/ 12 KB
12 KB 46ms
44ms Image
image/jpeg 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftportal.net/uploads/posts/2021-12/1640348322_1637763165_1619796723_1612445210_1553423146_skype3_story.jpg
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: 2556be87318f6f63d55f3a1d7a8193750683ff0055c318536f62ba8a6d1b457f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Last-Modified: Fri, 24 Dec 2021 12:17:41 GMT
Server: nginx/1.20.2
ETag: "61c5ba65-2e14"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11796

GET
H/1.1 200
OK 1640347221_surface-studio-2-gia-bao-nhieu.jpg
microsoftportal.net/uploads/posts/2021-12/thumbs/ 63 KB
63 KB 89ms
88ms Image
image/jpeg 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftportal.net/uploads/posts/2021-12/thumbs/1640347221_surface-studio-2-gia-bao-nhieu.jpg
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: 019bc4f3c6613f2c561b8b4c239d16aafb01ffd755e604095aa1e745854a547a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Last-Modified: Fri, 24 Dec 2021 11:59:21 GMT
Server: nginx/1.20.2
ETag: "61c5b619-fc83"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64643

GET
H/1.1 200
OK 1640344416_microsoft-teams-video-filters-1200x717.jpg
microsoftportal.net/uploads/posts/2021-12/thumbs/ 30 KB
30 KB 144ms
44ms Image
image/jpeg 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftportal.net/uploads/posts/2021-12/thumbs/1640344416_microsoft-teams-video-filters-1200x717.jpg
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: f41e049057fde682981f2aaacc101007c7d812a2f9242e85bca29f4b84bb3ebf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Last-Modified: Fri, 24 Dec 2021 11:13:20 GMT
Server: nginx/1.20.2
ETag: "61c5ab50-7762"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30562

GET
H/1.1 200
OK 1640287281_bezymjannyj.png
microsoftportal.net/uploads/posts/2021-12/ 311 KB
311 KB 112ms
44ms Image
image/png 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftportal.net/uploads/posts/2021-12/1640287281_bezymjannyj.png
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: 6e8bf0be05ae370031305384f7d6b08c55a8cb4ef557b3db42b8e10729ea0783

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Last-Modified: Thu, 23 Dec 2021 19:20:11 GMT
Server: nginx/1.20.2
ETag: "61c4cbeb-4db3b"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 318267

GET
H/1.1 200
OK 1640278368_bezymjannyj.png
microsoftportal.net/uploads/posts/2021-12/thumbs/ 137 KB
137 KB 156ms
44ms Image
image/png 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftportal.net/uploads/posts/2021-12/thumbs/1640278368_bezymjannyj.png
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: 0b79d9afad7efe9b5df66caaf99a3d5d92ee81c3bdbcba0ba3d45a692fd8a34b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Last-Modified: Thu, 23 Dec 2021 16:51:59 GMT
Server: nginx/1.20.2
ETag: "61c4a92f-22424"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 140324

GET
H/1.1 200
OK 1640002780_vps-hosting.jpg
microsoftportal.net/uploads/posts/2021-12/thumbs/ 43 KB
43 KB 44ms
44ms Image
image/jpeg 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftportal.net/uploads/posts/2021-12/thumbs/1640002780_vps-hosting.jpg
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: 9463ef93cb9aefa7b4d3891744db9387fd1a29c5890e205e09289581320862c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Last-Modified: Mon, 20 Dec 2021 12:18:29 GMT
Server: nginx/1.20.2
ETag: "61c07495-abaf"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43951

GET
H/1.1 200
OK 1639999321_1639836506_windows_wednesday_story.jpg
microsoftportal.net/uploads/posts/2021-12/thumbs/ 21 KB
21 KB 45ms
45ms Image
image/jpeg 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftportal.net/uploads/posts/2021-12/thumbs/1639999321_1639836506_windows_wednesday_story.jpg
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: b5a8e9e7501f1c26f61fb9b71c38521b1226e511074b4cd8f98a99ca535497bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Last-Modified: Mon, 20 Dec 2021 11:21:31 GMT
Server: nginx/1.20.2
ETag: "61c0673b-5216"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21014

GET
H/1.1 200
OK 1639667149_1637358482_1636753059_1634927333_1633727290_officeinsiderprogram.png
microsoftportal.net/uploads/posts/2021-12/ 17 KB
17 KB 44ms
44ms Image
image/png 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftportal.net/uploads/posts/2021-12/1639667149_1637358482_1636753059_1634927333_1633727290_officeinsiderprogram.png
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: f945474f0ee263682e161153f48e2851a6aa12972cec9dda9e8a123e58137ef4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Last-Modified: Thu, 16 Dec 2021 15:05:36 GMT
Server: nginx/1.20.2
ETag: "61bb55c0-422c"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16940

GET
H/1.1 200
OK 1639662862_1623070805_1619195920_1609841756_1609262151_1595864495_microsoft_launcher_story.jpg
microsoftportal.net/uploads/posts/2021-12/ 11 KB
11 KB 44ms
44ms Image
image/jpeg 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftportal.net/uploads/posts/2021-12/1639662862_1623070805_1619195920_1609841756_1609262151_1595864495_microsoft_launcher_story.jpg
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: f30626434597480b05329fde4877a559ff02b81928341be49f6bca75b21ed231

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Last-Modified: Thu, 16 Dec 2021 13:54:18 GMT
Server: nginx/1.20.2
ETag: "61bb450a-2b89"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11145

GET
H/1.1 200
OK 1639659201_1479328474_visual-studio-00_story.jpg
microsoftportal.net/uploads/posts/2021-12/thumbs/ 13 KB
13 KB 44ms
44ms Image
image/jpeg 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftportal.net/uploads/posts/2021-12/thumbs/1639659201_1479328474_visual-studio-00_story.jpg
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: be09287dc5a2179a73fa792069d5228e9a5740c69c45104e71db5122a5864da1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Last-Modified: Thu, 16 Dec 2021 12:52:17 GMT
Server: nginx/1.20.2
ETag: "61bb3681-3370"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13168

GET
H/1.1 200
OK default.js Show response
microsoftportal.net/engine/skins/ 11 KB
4 KB 45ms
45ms Script
application/javascript 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://microsoftportal.net/engine/skins/default.js
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: b912455480572174b87986b8f195eae651c900ef3b6fb85d72310b6aad0c878c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Content-Encoding: gzip
Last-Modified: Sat, 28 Dec 2019 11:44:05 GMT
Server: nginx/1.20.2
ETag: W/"5e074005-2ae5"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H2 200 3_0_FFFFFFFF_EFEFEFFF_0_pageviews
informer.yandex.ru/informer/10478836/ 1 KB
1 KB 134ms
42ms Image
image/png 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://informer.yandex.ru/informer/10478836/3_0_FFFFFFFF_EFEFEFFF_0_pageviews

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

9e98aa5c3a32be2de2b78136d4193426cbc63c246612cb4330caf8988019c6b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
last-modified: Sat, 25-Dec-2021 07:12:44 GMT
content-type: image/png
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1253
x-xss-protection: 1; mode=block
expires: Sat, 25-Dec-2021 07:12:44 GMT

GET
H2

200

counter2
top-fwz1.mail.ru/
Redirect Chain

https://top-fwz1.mail.ru/counter?id=2124891;t=433;l=1
https://top-fwz1.mail.ru/counter2?id=2124891;t=433;l=1

1 KB
2 KB

73ms
73ms

Image
image/gif

217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=2124891;t=433;l=1

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/

Protocol

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

8e887002196ac4cf944a2a419274dc217df3873c576bf48def369bc2977c623b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:45 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 1390
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Sat, 25 Dec 2021 07:12:44 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
location: https://top-fwz1.mail.ru/counter2?id=2124891;t=433;l=1
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 all.js Show response
connect.facebook.net/ru_RU/ 3 KB
2 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/all.js

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7efc7a686e4263b53b0f5b9de6f7a6edc050581750f2b25b3dabec36518a8b9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: QDQb5inrFvEbmGLF5EC9bg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sat, 25 Dec 2021 07:27:31 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: RoooJXt6Xo+n3fychXVEeFWjmtvEyRCrwMcToMSVmm0zNzWrKVUZz6BDbvHxkjJ5G76r/Gm/RKVzv7Y61zFSxw==
x-fb-trip-id: 686109401
x-fb-content-md5: 7ad54ac83c4a9fbad46a1f6b12d1f209
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 25 Dec 2021 07:12:44 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "524ba3195572de7a60b76bad33a361da"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK img9.jpg
microsoftportal.net/templates/MSPortal/images/ 59 KB
60 KB 120ms
87ms Image
image/jpeg 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftportal.net/templates/MSPortal/images/img9.jpg
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/templates/MSPortal/style/styles.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: edea62b6792791e90490e04ecbdb167677f4c84c09fe19efba4dbdc6494efb10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:32 GMT
Server: nginx/1.20.2
ETag: "5a6e5e44-edfb"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 60923

GET
H/1.1 200
OK login_ic.png
microsoftportal.net/templates/MSPortal/images/ 4 KB
4 KB 78ms
43ms Image
image/png 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftportal.net/templates/MSPortal/images/login_ic.png
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/templates/MSPortal/style/styles.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: a8cf59007153a1d366dd69c66f54edbbcfec46a32330626a714f1b22934ec468

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:32 GMT
Server: nginx/1.20.2
ETag: "5a6e5e44-edb"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3803

GET
H/1.1 200
OK search_bg.png
microsoftportal.net/templates/MSPortal/images/ 3 KB
3 KB 77ms
44ms Image
image/png 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftportal.net/templates/MSPortal/images/search_bg.png
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/templates/MSPortal/style/styles.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: 3b9e8d070eb3d3a740240f79b731159e34f993842e3d80dd07a2114c69ed8075

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:32 GMT
Server: nginx/1.20.2
ETag: "5a6e5e44-ae6"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2790

GET
H/1.1 200
OK search_ic.png
microsoftportal.net/templates/MSPortal/images/ 3 KB
3 KB 78ms
44ms Image
image/png 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftportal.net/templates/MSPortal/images/search_ic.png
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/templates/MSPortal/style/styles.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: 8f281ebc45c293d64b39f0a23399a3cccbd542c3a1245019dd33e2139d45ed3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:31 GMT
Server: nginx/1.20.2
ETag: "5a6e5e43-c7e"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3198

GET
H/1.1 200
OK bt_ic.png
microsoftportal.net/templates/MSPortal/images/ 3 KB
3 KB 112ms
44ms Image
image/png 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftportal.net/templates/MSPortal/images/bt_ic.png
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/templates/MSPortal/style/styles.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: c2a53a2ff6fe4b87169761f63876c4239639b5710db7c5e2861dd24e8e347180

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:31 GMT
Server: nginx/1.20.2
ETag: "5a6e5e43-c84"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3204

GET
H/1.1 200
OK auth_line.png
microsoftportal.net/templates/MSPortal/images/ 3 KB
3 KB 108ms
44ms Image
image/png 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftportal.net/templates/MSPortal/images/auth_line.png
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/templates/MSPortal/style/styles.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: f32de53959fd8081d100f1e31199a913a86804e58d7cd8498124dded214f74d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:32 GMT
Server: nginx/1.20.2
ETag: "5a6e5e44-aec"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2796

GET
H/1.1 200
OK short_ic.png
microsoftportal.net/templates/MSPortal/images/ 3 KB
4 KB 99ms
44ms Image
image/png 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftportal.net/templates/MSPortal/images/short_ic.png
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/templates/MSPortal/style/styles.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: c654e1b1768e9ee4ef211ea90736e7e99679d7af202faa4f2782db9447bdf548

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:31 GMT
Server: nginx/1.20.2
ETag: "5a6e5e43-d12"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3346

GET
H/1.1 200
OK page_nav.png
microsoftportal.net/templates/MSPortal/images/ 3 KB
3 KB 44ms
43ms Image
image/png 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftportal.net/templates/MSPortal/images/page_nav.png
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/templates/MSPortal/style/styles.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: 77affbd2fb12370b0c53ff6b46dfa66c313f0d29f4e4148913a42d5789ac6451

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:31 GMT
Server: nginx/1.20.2
ETag: "5a6e5e43-bf1"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3057

GET
H3 200 all.js Show response
connect.facebook.net/ru_RU/ 285 KB
80 KB 16ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/all.js?hash=77db23e32f2e8d59162dd4f386fac1c1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

384d0ed21660e40b825198c198b162f68d0ac3aee2c7640d04433496672b2133

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://microsoftportal.net/
Origin: https://microsoftportal.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Af4bgNPaR+v2gsu3yDosQA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sun, 25 Dec 2022 06:28:41 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82060
x-fb-rlafr: 0
x-fb-debug: rAHUIE/wr8VMuIV1jnVjjZGA1bTdlfGETJj64Rp3ueZjTZRIjs6EcxBAH8+Rmj1CiZbJ0Nc7WfPrVZTeZ0vk1A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 7f418e6ffe662cb60d6861b523d54d82
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 25 Dec 2021 07:12:44 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "4c43126299728db479a65e68d345118d"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK b_title_ic.png
microsoftportal.net/templates/MSPortal/images/ 7 KB
7 KB 151ms
45ms Image
image/png 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftportal.net/templates/MSPortal/images/b_title_ic.png
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/templates/MSPortal/style/styles.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: 91cfab827f1f7c9aca0933e30f433ed72d44546deef812d3ef4e6f0745ba3f4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:32 GMT
Server: nginx/1.20.2
ETag: "5a6e5e44-1a44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6724

GET
H2 200 aci.js Show response
www.acint.net/ 22 KB
7 KB 45ms
11ms Script
application/x-javascript 46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:44 GMT
content-encoding: gzip
last-modified: Mon, 29 Nov 2021 13:21:32 GMT
server: openresty
etag: "61a4d3dc-1d25"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 7461
expires: Sat, 25 Dec 2021 19:12:44 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t15.1;r;s1600*1200*24;uhttps%3A//microsoftportal.net/;hMSPortal;0.021343113101302436
https://counter.yadro.ru/hit?q;t15.1;r;s1600*1200*24;uhttps%3A//microsoftportal.net/;hMSPortal;0.021343113101302436

228 B
714 B

57ms
57ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t15.1;r;s1600*1200*24;uhttps%3A//microsoftportal.net/;hMSPortal;0.021343113101302436

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2a5f26bffe81cc508826e84b459d64cb95cee1bf5e8daf380cc11e0be574bcf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 25 Dec 2021 07:13:00 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 228
Expires: Thu, 24 Dec 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 25 Dec 2021 07:13:00 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t15.1;r;s1600*1200*24;uhttps%3A//microsoftportal.net/;hMSPortal;0.021343113101302436
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Thu, 24 Dec 2020 21:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 197 KB
67 KB 161ms
77ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

9dd33489fbd3a8ddf6a82e0b9ca3b954e557bfe5ccb4c2e2871c84632ad87899

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:44 GMT
content-encoding: br
last-modified: Thu, 23 Dec 2021 16:10:01 GMT
etag: "61c47529-10c74"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 68724
expires: Sat, 25 Dec 2021 08:12:44 GMT

GET
H2 200 top100.js Show response
st.top100.ru/top100/ 199 KB
66 KB 157ms
49ms Script
application/javascript 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/top100.js
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.89.17 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: f7a8ea10aa7f4c6489430c8b5b6a56fe48602447ec0791b45606474e06d0f2c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:44 GMT
content-encoding: gzip
last-modified: Tue, 21 Dec 2021 09:50:41 GMT
server: nginx/1.19.4
etag: W/"61c1a371-31cb4"
vary: Accept-Encoding
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: max-age=3600
content-type: application/javascript
expires: Sat, 25 Dec 2021 08:12:44 GMT

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 27 KB
11 KB 212ms
123ms Script
application/javascript 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

f1153a7d9e7f877b55f4e32fe45448a1229fdc0ab67ae1bfa09fd77b9c72679a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Wed, 22 Dec 2021 12:22:53 GMT
server: nginx
etag: W/"61c3189d-6a23"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *
expires: Sat, 25 Dec 2021 08:12:44 GMT

GET
H/1.1 200
OK bar-bg.png
microsoftportal.net/templates/MSPortal/images/ 313 B
551 B 124ms
43ms Image
image/png 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftportal.net/templates/MSPortal/images/bar-bg.png
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: c5c44afc84eb882c171355b664f14b251d5c34db9023b719ba29dac938b6554e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:32 GMT
Server: nginx/1.20.2
ETag: "5a6e5e44-139"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 313

GET
H/1.1 200
OK bar-blue.png
microsoftportal.net/templates/MSPortal/images/ 253 B
490 B 155ms
44ms Image
image/png 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftportal.net/templates/MSPortal/images/bar-blue.png
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: 694b3d44092af2be786c584ad80546df912fb0bf621e760a9bfd8d0c8f986be9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:31 GMT
Server: nginx/1.20.2
ETag: "5a6e5e43-fd"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 253

GET
H/1.1 200
OK soc.png
microsoftportal.net/templates/MSPortal/images/ 7 KB
8 KB 44ms
44ms Image
image/png 46.254.16.156
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://microsoftportal.net/templates/MSPortal/images/soc.png
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/templates/MSPortal/style/styles.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.254.16.156 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx/1.20.2 /
Resource Hash: 27a9105727943397b059ee354ee7f2f665f3d5a7a6fb0df68aad37b7f43b7cac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/templates/MSPortal/style/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Last-Modified: Sun, 28 Jan 2018 23:35:31 GMT
Server: nginx/1.20.2
ETag: "5a6e5e43-1dbf"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7615

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 276 KB
99 KB 47ms
32ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8396851324217908&plah=microsoftportal.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101734
x-xss-protection: 0
server: cafe
etag: 4507154694380913909
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 07:12:44 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame 5724 11 KB
5 KB 30ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 24 Dec 2021 18:36:45 GMT
expires: Fri, 07 Jan 2022 18:36:45 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 45359
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

/ Show response
www.acint.net/mc/ Frame 7692
Redirect Chain

https://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10&tc=1

4 KB
4 KB

12ms
11ms

Document
text/html

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=10&tc=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: c808c3cddb994e5e133fd592693da054fa2217afe3f9fc65afe59ea19c49a6fe

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/

Response headers

server: openresty
date: Sat, 25 Dec 2021 07:12:44 GMT
content-type: text/html
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip

Redirect headers

server: openresty
date: Sat, 25 Dec 2021 07:12:44 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1

GET
H2 200 /
www.acint.net/hit/ 43 B
339 B 14ms
11ms Image
image/gif 46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.4.0&uid=199196ec-bccd-41b0-b8db-ea1746eba219&dp=10&tz=%2B00%3A00&nc=30535241&u=https%3A%2F%2Fmicrosoftportal.net%2F&r=&rs=1600x1200&t=MSPortal&oE=1&oP=1&dT=2021-12-25T07%3A12%3A44.895&fu=0500db2e-809d-49b0-aed5-a3019941d3c3
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 223 B
652 B 48ms
15ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=microsoftportal.net&callback=_gfp_s_&client=ca-pub-8396851324217908

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8396851324217908&plah=microsoftportal.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

16b068cb61cb1fc1ad6612960bf3e209ee5af2fb5275cea153046edb7681437b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 208
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 49ms
16ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=microsoftportal.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 25 Dec 2021 07:12:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 52ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=microsoftportal.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 25 Dec 2021 07:12:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 32A3 75 KB
28 KB 498ms
482ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&h=90&slotname=2908634292&adk=3175562939&adf=658274708&pi=t.ma~as.2908634292&w=728&lmt=1640416364&psa=0&format=728x90&url=https%3A%2F%2Fmicrosoftportal.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640416364852&bpp=4&bdt=287&idt=86&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=982702852882&frm=20&pv=2&ga_vid=1225953099.1640416365&ga_sid=1640416365&ga_hid=139679891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=250&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C31063824&oid=2&pvsid=3866466638775476&pem=996&tmod=991&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=BU0vNWFOfP&p=https%3A//microsoftportal.net&dtd=98

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

954aa4d2c0af250560a514e57d68aa8757575d4a7c4f7c909eda37b9e9065503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 25 Dec 2021 07:12:45 GMT
server: cafe
content-length: 28943
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 25 Dec 2021 07:12:45 GMT
cache-control: private

GET
H2

200

match
ads.betweendigital.com/ Frame 7692
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F6CC4C6612405C70E02B87374
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F6CC4C6612405C70E02B87374&crf=1

68 B
607 B

101ms
101ms

Image
image/png

96.46.183.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F6CC4C6612405C70E02B87374&crf=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=73&external_user_id=0100007F6CC4C6612405C70E02B87374&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 7692
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=0100007F6CC4C6611300825E024CE1B8

43 B
270 B

52ms
15ms

Image
image/gif

195.201.243.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=0100007F6CC4C6611300825E024CE1B8
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ingolstadt.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Sat, 25 Dec 2021 07:12:44 GMT
Server: openresty
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Location: https://acint.net/match?dp=14&euid=0100007F6CC4C6611300825E024CE1B8
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: text/html
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame 7692
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=0100007F6CC4C6612405C70E02B87374
https://px.adhigh.net/p/cm/sape?u=0100007F6CC4C6612405C70E02B87374&bounced=1
https://acint.net/match?dp=17&euid=uLvejjOzaOk0.AikABlF98G9KQg

43 B
269 B

11ms
11ms

Image
image/gif

195.201.243.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=uLvejjOzaOk0.AikABlF98G9KQg
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ingolstadt.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 25 Dec 2021 07:12:45 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f19-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://acint.net/match?dp=17&euid=uLvejjOzaOk0.AikABlF98G9KQg
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame 7692 43 B
764 B 179ms
58ms Image
image/gif 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=0100007F6CC4C6612405C70E02B87374
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:45 GMT
Last-Modified: Sat, 25 Dec 2021 07:12:45 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Sat, 25 Dec 2021 13:12:45 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 7692
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5766999566
https://www.acint.net/rmatch?dp=45&euid=AOb9f0eZHJ2WfuVcjzEcSjg&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F6CC4C6612605B50E02EB395A

42 B
201 B

447ms
62ms

Image
image/gif

81.222.128.216
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F6CC4C6612605B50E02EB395A
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad16.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:45 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Sat, 25 Dec 2021 07:12:45 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F6CC4C6612605B50E02EB395A
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 sync
a.utraff.com/ Frame 7692 0
815 B 124ms
69ms Image
text/plain 2606:4700:3039::6815:c0a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=sape
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c0a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q6Vcqk%2BoEsz5nK4uvsQfKq0EjC5lF0NPqKdkLBhrkhTReilMA0ahkTnhHvkFNzexgWHwgl4kcXyXLDDyuiwwDk3%2FE6rYK2pSDfZcxLbtsTgSG7pln3e5H4cc2Yu0yr4uRlS9HLLt0NW1Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 6c3043496c835a3d-MXP
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame 7692
Redirect Chain

https://sync.republer.com/match?dsp=sape
https://sync.republer.com/match?dsp=sape&qset=1
https://sync.bumlam.com/?src=rp1&uid=5726b9d6-697a-44b5-8231-c154e5aadadd
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjtiJuOBlIEioaQK2IkNTcyNmI5ZDYtNjk3YS00NGI1LTgyMzEtYzE1NGU1YWFkYWRk
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjtiJuOBlIEioaQK2IkNTcyNmI5ZDYtNjk3YS00NGI1LTgyMzEtYzE1NGU1YWFkYWRkogEQDwQ8LmVSEeym6QAlkMgkNw**
https://sync.bumlam.com/?src=rp1&s_data=CAIQABjtiJuOBmIkNTcyNmI5ZDYtNjk3YS00NGI1LTgyMzEtYzE1NGU1YWFkYWRkogEQDwQ8LmVSEeym6QAlkMgkNw**
https://sync.bumlam.com/?src=rp1&s_data=CAIQARjtiJuOBmIkNTcyNmI5ZDYtNjk3YS00NGI1LTgyMzEtYzE1NGU1YWFkYWRkogEQDwQ8LmVSEeym6QAlkMgkNw**

43 B
552 B

8ms
7ms

Image
image/gif

31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=rp1&s_data=CAIQARjtiJuOBmIkNTcyNmI5ZDYtNjk3YS00NGI1LTgyMzEtYzE1NGU1YWFkYWRkogEQDwQ8LmVSEeym6QAlkMgkNw**
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 31.172.81.158 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:45 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Sat, 25 Dec 2021 07:12:45 GMT
Server: nginx
ETag: 0f043c2e-6552-11ec-a6e9-002590c82437
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=rp1&s_data=CAIQARjtiJuOBmIkNTcyNmI5ZDYtNjk3YS00NGI1LTgyMzEtYzE1NGU1YWFkYWRkogEQDwQ8LmVSEeym6QAlkMgkNw**
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2 204 match
dm-eu.hybrid.ai/ Frame 7692 0
239 B 56ms
12ms Image
text/plain 37.18.103.21
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=106&vid=0100007F6CC4C6612405C70E02B87374

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.103.21 , Netherlands, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 07:12:45 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 508
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame 7692 3 KB
3 KB 203ms
64ms Script
application/javascript 185.15.175.147
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.147 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:45 GMT
Last-Modified: Tue, 16 Nov 2021 09:48:08 GMT
Server: nginx
ETag: "61937e58-beb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3051

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame 7692 0
69 B 54ms
12ms Image
text/plain 195.201.152.110
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=0100007F6CC4C6612405C70E02B87374
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.152.110 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.110.152.201.195.clients.your-server.de
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 25 Dec 2021 07:12:45 GMT
server: nginx/1.17.6

GET
H2

200

match
www.acint.net/ Frame 7692
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf2zExmEkBccOArhzdA
https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf2zExmEkBccOArhzdA&google_tc=
https://www.acint.net/match?dp=77&euid=

43 B
269 B

11ms
11ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=77&euid=
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 25 Dec 2021 07:12:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.acint.net/match?dp=77&euid=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
adlmerge.com/merge_gpsid/ Frame 7692
Redirect Chain

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F6CC4C6612405C70E02B87374
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F6CC4C6612405C70E02B87374

43 B
115 B

52ms
14ms

Image
image/gif

95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F6CC4C6612405C70E02B87374
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 95.211.66.35 Purmer, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

iseu: eu
server: nginx/1.16.0
date: Sat, 25 Dec 2021 07:12:45 GMT
content-type: image/gif

Redirect headers

location: //adlmerge.com/merge_gpsid/?sid=50&id=0100007F6CC4C6612405C70E02B87374
date: Sat, 25 Dec 2021 07:12:45 GMT
server: nginx
content-length: 0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 7692 42 B
201 B 580ms
60ms Image
image/gif 81.222.128.216
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F6CC4C6612405C70E02B87374
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad16.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:45 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2 200 sprcs
relap.io/partners/ Frame 7692 43 B
1018 B 213ms
53ms Image
image/gif 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/partners/sprcs?uid=0100007F6CC4C6612405C70E02B87374

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 07:12:45 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-server: web06
content-length: 43
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H2

200

match
www.acint.net/ Frame 7692
Redirect Chain

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
https://www.acint.net/match?dp=95&euid=KUNLTYVX

43 B
269 B

11ms
11ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=95&euid=KUNLTYVX
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=95&euid=KUNLTYVX
Date: Sat, 25 Dec 2021 07:12:45 GMT
Server: nginx/1.16.1
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 7692
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F6CC4C6612405C70E02B87374
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F6CC4C6612405C70E02B87374&cs=1

35 B
376 B

11ms
11ms

Image
image/gif

136.243.148.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F6CC4C6612405C70E02B87374&cs=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 136.243.148.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.148.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:45 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F6CC4C6612405C70E02B87374&cs=1
date: Sat, 25 Dec 2021 07:12:45 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2

200

match
www.acint.net/ Frame 7692
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=86FI9JEAkJDx

43 B
269 B

11ms
11ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=86FI9JEAkJDx
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=86FI9JEAkJDx
Date: Sat, 25 Dec 2021 07:12:45 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame 7692
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
https://acint.net/match?dp=107&euid=d8225777-db3d-5367-894d-3234e88bf659

43 B
269 B

12ms
12ms

Image
image/gif

195.201.243.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=d8225777-db3d-5367-894d-3234e88bf659
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ingolstadt.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=d8225777-db3d-5367-894d-3234e88bf659
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 7692
Redirect Chain

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
https://acint.net/match?dp=110&euid=c6554327e719412a99a5a515686abad1

43 B
269 B

11ms
11ms

Image
image/gif

195.201.243.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=110&euid=c6554327e719412a99a5a515686abad1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ingolstadt.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=110&euid=c6554327e719412a99a5a515686abad1
date: Sat, 25 Dec 2021 07:12:45 GMT
server: Kestrel
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 7692
Redirect Chain

https://0100007f6cc4c6612405c70e02b87374-sp.ops.beeline.ru/p?ssp=sp&id=0100007F6CC4C6612405C70E02B87374
https://www.acint.net/match?dp=111&euid=fa763ecf-face-4ddb-bc9b-2681fe52422d

43 B
269 B

11ms
11ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=111&euid=fa763ecf-face-4ddb-bc9b-2681fe52422d
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Sat, 25 Dec 2021 07:12:45 GMT
x-route: http://upstream_cookiesync
server: nginx
location: https://www.acint.net/match?dp=111&euid=fa763ecf-face-4ddb-bc9b-2681fe52422d
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true, true
x-host: 192.168.152.60
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

matchspm
ut.rktch.com/ Frame 7692
Redirect Chain

https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F6CC4C6612405C70E02B87374
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=144535463
https://ut.rktch.com/matchspm?pi=1000006&pui=QaC00ldUVzxnrNBxmVXl1u&noredirect

88 B
88 B

55ms
55ms

Image
image/png

89.108.97.2
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=1000006&pui=QaC00ldUVzxnrNBxmVXl1u&noredirect
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d50603.reg.regrucolo.ru
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:45 GMT
Server: nginx/1.18.0
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: image/png
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Content-Length: 88

Redirect headers

pragma: no-cache
date: Sat, 25 Dec 2021 07:12:45 GMT
via: 1.1 google
last-modified: Sat, 25 Dec 2021 07:12:45 GMT
server: nginx/1.12.0
location: https://ut.rktch.com/matchspm?pi=1000006&pui=QaC00ldUVzxnrNBxmVXl1u&noredirect
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

404

NwdM2f1sQGWu0mu48Cmv6g
an.yandex.ru/setud/mts_banner/ Frame 7692
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F6CC4C6612405C70E02B87374
https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F6CC4C6612405C70E02B87374
https://tech.rtb.mts.ru/?dsp_uid=37074cd9-fd6c-4065-aed2-6bb8f029afea&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FNwdM2f1sQGWu0mu48Cmv6g%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts...
https://an.yandex.ru/setud/mts_banner/NwdM2f1sQGWu0mu48Cmv6g?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=1642731105
https://an.yandex.ru/setud/mts_banner/NwdM2f1sQGWu0mu48Cmv6g?redir-setuniq=1&location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=1642731105

43 B
113 B

69ms
69ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/mts_banner/NwdM2f1sQGWu0mu48Cmv6g?redir-setuniq=1&location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=1642731105

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 07:12:45 GMT
content-encoding: gzip
last-modified: Sat, 25 Dec 2021 07:12:45 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 25 Dec 2021 07:12:45 GMT

Redirect headers

pragma: no-cache
date: Sat, 25 Dec 2021 07:12:45 GMT
content-encoding: gzip
last-modified: Sat, 25 Dec 2021 07:12:45 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/setud/mts_banner/NwdM2f1sQGWu0mu48Cmv6g?redir-setuniq=1&location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=1642731105
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 25 Dec 2021 07:12:45 GMT

GET
H2

200

match
www.acint.net/ Frame 7692
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=dab6c64b-9e15-4ba8-4ffd-9bf532372161

43 B
269 B

11ms
11ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=dab6c64b-9e15-4ba8-4ffd-9bf532372161
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=dab6c64b-9e15-4ba8-4ffd-9bf532372161
date: Sat, 25 Dec 2021 07:12:45 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame 7692
Redirect Chain

https://s.uuidksinc.net/match/396/?remote_uid=0100007F6CC4C6612405C70E02B87374
https://www.acint.net/match?dp=127&euid=yqHQE9BOnenNMh3AWGv2

43 B
269 B

11ms
10ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=yqHQE9BOnenNMh3AWGv2
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=127&euid=yqHQE9BOnenNMh3AWGv2
date: Sat, 25 Dec 2021 07:12:45 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 7692
Redirect Chain

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1
https://www.acint.net/match?dp=129&euid=urkrp8y5ti

43 B
269 B

12ms
11ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=129&euid=urkrp8y5ti
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 25 Dec 2021 07:12:45 GMT
server: nginx/1.14.0
access-control-allow-origin: *
surrogate-control: no-store
vary: Origin
location: https://www.acint.net/match?dp=129&euid=urkrp8y5ti
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
x-request-id: eb5dc50d-0a0e-49f3-b02a-b272130a821f
expires: 0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame 7692 0
215 B 191ms
51ms Image
text/plain 217.65.2.150
CITYTELECOM-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=0100007F6CC4C6612405C70E02B87374
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 25 Dec 2021 07:12:16 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 204 0100007F6CC4C6612405C70E02B87374
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame 7692 0
189 B 161ms
49ms Image
text/plain 93.95.102.105
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F6CC4C6612405C70E02B87374
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:45 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H2

204

0.gif
x01.aidata.io/ Frame 7692
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F6CC4C6612405C70E02B87374
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F6CC4C6612405C70E02B87374&bounce=1
https://sm.rtb.mts.ru/p?ssp=aidata&id=lid0qgBLv2WRy5K%2Bntr8OA
https://sm.rtb.mts.ru/match/second?ssp=51&exu=lid0qgBLv2WRy5K%2Bntr8OA
https://tech.rtb.mts.ru/?dsp_uid=37074cd9-fd6c-4065-aed2-6bb8f029afea&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%...
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D1%26ssp%3Dkonnektu%26exu%3Dlid0qgBLv2WRy5K%252Bntr8OA%26id%3D%7BUSER_ID%7D
https://sm.rtb.mts.ru/em?next=51&em=1&ssp=konnektu&exu=lid0qgBLv2WRy5K%2Bntr8OA&id=
https://x01.aidata.io/0.gif?pid=9503528&uid=37074cd9-fd6c-4065-aed2-6bb8f029afea&exu=lid0qgBLv2WRy5K%!B(string=%20%20)ntr8OA

0
433 B

50ms
50ms

Image
text/plain

89.108.120.68
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=9503528&uid=37074cd9-fd6c-4065-aed2-6bb8f029afea&exu=lid0qgBLv2WRy5K%!B(string=%20%20)ntr8OA
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51803.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 07:12:46 GMT
last-modified: Sat, 25 Dec 2021 07:12:45 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Sat, 25 Dec 2021 07:12:45 GMT

Redirect headers

Date: Sat, 25 Dec 2021 07:12:25 GMT
Server: nginx
Access-Control-Allow-Origin: *
Vary: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Location: https://x01.aidata.io/0.gif?pid=9503528&uid=37074cd9-fd6c-4065-aed2-6bb8f029afea&exu=lid0qgBLv2WRy5K%!B(string= )ntr8OA
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK /
sync.bumlam.com/ Frame 7692 0
523 B 8ms
7ms Image
text/html 31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=sap1&uid=0100007F6CC4C6612405C70E02B87374
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.158 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:45 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

200

0100007F6CC4C6612405C70E02B87374
an.yandex.ru/mapuid/sapeis/ Frame 7692
Redirect Chain

https://an.yandex.ru/mapuid/sapeis/0100007F6CC4C6612405C70E02B87374
https://an.yandex.ru/mapuid/sapeis/0100007F6CC4C6612405C70E02B87374?redir-setuniq=1

43 B
98 B

83ms
83ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0100007F6CC4C6612405C70E02B87374?redir-setuniq=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 07:12:45 GMT
content-encoding: gzip
last-modified: Sat, 25 Dec 2021 07:12:45 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 25 Dec 2021 07:12:45 GMT

Redirect headers

pragma: no-cache
date: Sat, 25 Dec 2021 07:12:45 GMT
content-encoding: gzip
last-modified: Sat, 25 Dec 2021 07:12:45 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/sapeis/0100007F6CC4C6612405C70E02B87374?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 25 Dec 2021 07:12:45 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8B40 114 KB
34 KB 531ms
525ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&h=600&slotname=2618197074&adk=2460103794&adf=3305433536&pi=t.ma~as.2618197074&w=300&fwrn=4&fwrnh=100&lmt=1640416364&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fmicrosoftportal.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640416364856&bpp=1&bdt=291&idt=102&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=982702852882&frm=20&pv=1&ga_vid=1225953099.1640416365&ga_sid=1640416365&ga_hid=139679891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1099&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C31063824&oid=2&pvsid=3866466638775476&pem=996&tmod=991&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rSVjrZdHA9&p=https%3A//microsoftportal.net&dtd=105

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b95551b67b78f070623c3439b51bd566bee844c961452c50ccad66cd9c024b2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 25 Dec 2021 07:12:45 GMT
server: cafe
content-length: 34456
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 25 Dec 2021 07:12:45 GMT
cache-control: private

GET
H2 200 frame.html Show response
s3.advarkads.com/modules/match/ Frame 26DD 187 B
413 B 209ms
160ms Document
text/html 2606:4700:10::6816:557
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F6CC4C6612405C70E02B87374
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:557 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/

Response headers

date: Sat, 25 Dec 2021 07:12:45 GMT
content-type: text/html
cache-control: max-age=60
last-modified: Wed, 13 Oct 2021 12:55:49 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c3043496f96d60c-MXP
content-encoding: gzip

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4875 102 KB
33 KB 732ms
732ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&h=280&slotname=7615861873&adk=1353954373&adf=392815488&pi=t.ma~as.7615861873&w=1197&fwrn=4&fwrnh=100&lmt=1640416364&rafmt=1&psa=0&format=1197x280&url=https%3A%2F%2Fmicrosoftportal.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640416364857&bpp=1&bdt=292&idt=109&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x600&correlator=982702852882&frm=20&pv=1&ga_vid=1225953099.1640416365&ga_sid=1640416365&ga_hid=139679891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=2208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C31063824&oid=2&pvsid=3866466638775476&pem=996&tmod=991&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=lnvm7Fmo9X&p=https%3A//microsoftportal.net&dtd=113

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d15baa903edc6b266041303753bd9d856fc87c8cbbe714917d86b0b933968938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 25 Dec 2021 07:12:45 GMT
server: cafe
content-length: 33261
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 25 Dec 2021 07:12:45 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F99C 251 KB
62 KB 708ms
707ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&adk=1812271804&adf=3025194257&lmt=1640416364&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmicrosoftportal.net%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640416364866&bpp=1&bdt=302&idt=107&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x600%2C1197x280&nras=1&correlator=982702852882&frm=20&pv=1&ga_vid=1225953099.1640416365&ga_sid=1640416365&ga_hid=139679891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C31063824&oid=2&pvsid=3866466638775476&pem=996&tmod=991&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=112

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e53ac8c89c5440411fe150b5ab717e185550ae0b99023c880341bcd75116406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 25 Dec 2021 07:12:45 GMT
server: cafe
content-length: 63199
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 25 Dec 2021 07:12:45 GMT
cache-control: private

GET
H2 200 metrika_match.html Show response
mc.yandex.com/metrika/ Frame B8E4 2 KB
855 B 47ms
41ms Document
text/html 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

544b582a40797a87e392c4b827908c8474e985f3d7ed08c2dcca17a8d5fa8525

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/

Response headers

content-length: 674
date: Sat, 25 Dec 2021 07:12:45 GMT
access-control-allow-origin: *
etag: "61c47529-2a2"
expires: Sat, 25 Dec 2021 08:12:45 GMT
last-modified: Thu, 23 Dec 2021 16:10:01 GMT
cache-control: max-age=3600
content-encoding: br
content-type: text/html
strict-transport-security: max-age=31536000

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 41ms
41ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:45 GMT
last-modified: Thu, 23 Dec 2021 16:10:01 GMT
etag: "61c47529-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 25 Dec 2021 08:12:45 GMT

POST
H2 200 counter
top-fwz1.mail.ru/ 43 B
925 B 63ms
63ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=2124891;u=https%3A//microsoftportal.net/;st=1640416364813;title=MSPortal;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=8e7df66be7bfff67;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.5//4g/0/0/;lvid=1640416365080%3A1640416365089%3A1%3A62e6d85eee10cabd1fe362ca101f54d5;visible=true;_=0.8904416474020413

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://microsoftportal.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 25 Dec 2021 07:12:45 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://microsoftportal.net
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://microsoftportal.net
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://microsoftportal.net
access-control-allow-headers: *

GET
H2 200 userip Show response
kraken.rambler.ru/ 12 B
418 B 148ms
46ms XHR
text/plain 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kraken.rambler.ru/userip
Requested by: Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: d7cbaea0f54d0bb510e31c42359e59602983c0f1cb3c42337083ded48da06382

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://microsoftportal.net
date: Sat, 25 Dec 2021 07:12:45 GMT
x-srv: 2node0044.top100.rambler.tech
content-type: application/octet-stream, text/plain
content-length: 12
server: nginx/1.19.4
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/ Frame B8E4
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9498.7OfTJGHFsfr8swmS6xTZuhYNoW8AHMqKoJROJbncWTwYKBr0i4F2oAdq3Ry_mhkv.zUdAjWe9Sg6sENHHuVi6UmlIBHg%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9498.Xr30ziOPQSq7BwN0v2dD4WUXWt8GsDzj09AL-fLg948zoG0xXxKTxWjc96E7kvYD8WsvwZT-9l8-t2LqBwMfHQ%2C%2C.rAxmL15BZgS7NC_7FGBIUZEvf_M%2C

75 B
75 B

41ms
41ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9498.Xr30ziOPQSq7BwN0v2dD4WUXWt8GsDzj09AL-fLg948zoG0xXxKTxWjc96E7kvYD8WsvwZT-9l8-t2LqBwMfHQ%2C%2C.rAxmL15BZgS7NC_7FGBIUZEvf_M%2C

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mc.yandex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:45 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9498.Xr30ziOPQSq7BwN0v2dD4WUXWt8GsDzj09AL-fLg948zoG0xXxKTxWjc96E7kvYD8WsvwZT-9l8-t2LqBwMfHQ%2C%2C.rAxmL15BZgS7NC_7FGBIUZEvf_M%2C
date: Sat, 25 Dec 2021 07:12:45 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame 7692 15 KB
15 KB 128ms
127ms Script
application/javascript 185.15.175.147
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=970044699327785
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.147 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6b2385df25640156748d25320c7f27e980535d744f14d2eaa596ca2ef8660a67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:45 GMT
Last-Modified: Tue, 16 Nov 2021 09:48:09 GMT
Server: nginx
ETag: "61937e59-3cda"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15578

GET
H2 200 frame.js Show response
s3.advarkads.com/modules/match/ Frame 26DD 22 KB
7 KB 131ms
130ms Script
application/javascript 2606:4700:10::6816:557
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/match/frame.js
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F6CC4C6612405C70E02B87374
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:557 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03333e8487b65839387c9cdecc9a112b7e41570d728a2ab48c7ed89aab72145f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F6CC4C6612405C70E02B87374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:45 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Tue, 14 Dec 2021 07:30:44 GMT
server: cloudflare
etag: "0aa781bcf0d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
cf-ray: 6c30434a783cd60c-MXP
content-length: 7430

GET
H2

200

1 Show response
mc.yandex.com/watch/10478836/
Redirect Chain

https://mc.yandex.com/watch/10478836?wmode=7&page-url=https%3A%2F%2Fmicrosoftportal.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykdauinnulox185iv3%3Afp%3A737%3Afu%3A0%3Aen%3Autf-8%3...
https://mc.yandex.com/watch/10478836/1?wmode=7&page-url=https%3A%2F%2Fmicrosoftportal.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykdauinnulox185iv3%3Afp%3A737%3Afu%3A0%3Aen%3Autf-8...

331 B
413 B

42ms
41ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/10478836/1?wmode=7&page-url=https%3A%2F%2Fmicrosoftportal.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykdauinnulox185iv3%3Afp%3A737%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A555795306657%3Ahid%3A34755083%3Az%3A0%3Ai%3A20211225071245%3Aet%3A1640416365%3Ac%3A1%3Arn%3A413065758%3Arqn%3A1%3Au%3A1640416365193618850%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1640416364048%3Ads%3A17%2C92%2C404%2C1%2C0%2C0%2C%2C248%2C6%2C%2C%2C%2C838%3Adsn%3A18%2C91%2C404%2C2%2C0%2C0%2C%2C249%2C5%2C%2C%2C%2C839%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640416365%3At%3AMSPortal&t=gdpr%2814%29aw%281%29mtb%280%29efid%281%29ti%282%29

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

365d26485f2b776dc4b334775a54f8245be342675f2972b1d587b2a4a67b2922

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 07:12:45 GMT
x-content-type-options: nosniff
last-modified: Sat, 25-Dec-2021 07:12:45 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://microsoftportal.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Sat, 25-Dec-2021 07:12:45 GMT

Redirect headers

pragma: no-cache
date: Sat, 25 Dec 2021 07:12:45 GMT
last-modified: Sat, 25-Dec-2021 07:12:45 GMT
location: /watch/10478836/1?wmode=7&page-url=https%3A%2F%2Fmicrosoftportal.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykdauinnulox185iv3%3Afp%3A737%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A555795306657%3Ahid%3A34755083%3Az%3A0%3Ai%3A20211225071245%3Aet%3A1640416365%3Ac%3A1%3Arn%3A413065758%3Arqn%3A1%3Au%3A1640416365193618850%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1640416364048%3Ads%3A17%2C92%2C404%2C1%2C0%2C0%2C%2C248%2C6%2C%2C%2C%2C838%3Adsn%3A18%2C91%2C404%2C2%2C0%2C0%2C%2C249%2C5%2C%2C%2C%2C839%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640416365%3At%3AMSPortal&t=gdpr%2814%29aw%281%29mtb%280%29efid%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://microsoftportal.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 25-Dec-2021 07:12:45 GMT

GET
H2 200 /
kraken.rambler.ru/cnt/ 595 B
1 KB 193ms
64ms Image
image/gif 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/?et=pv&pid=2584737&rid=1640416365.102-1475929727&tid=t1.2584737.248923019.1640416365103&v=1.25.11&exp=exp_bot%2Csplit_b%2Cexp_ab3%2Cd&aduid=6f265be9-5c28-4aec-9c5a-627720bf2460&aduidsc=microsoftportal.net&rn=20693627&bs=1600x1200&ce=1&rf&en=1&pt=MSPortal&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&fv&sv&lv&le=0&url=https%3A%2F%2Fmicrosoftportal.net%2F&eid=2788163651095059&stid=668008240_1640416365104&sn=1&sen=1&fp_scope=1&fid=pA8AAENKs1cs64goAZD%2F2QA%3D&fip=pA8AAENKs1ekm%2Bk3AZpuRQA%3D
Requested by: Host: microsoftportal.net
URL: https://microsoftportal.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: fd4b37401b665299f555320c5f46a1421d791bcbba1b23cba58dba9f01fc6f9a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:45 GMT
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
x-srv: 0node0011.top100.rambler.tech
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
access-control-allow-headers: content-type
content-length: 595
server: nginx/1.19.4

GET
H/1.1 200
OK match
api.advarkads.com/api/statistic/ Frame 26DD 43 B
389 B 253ms
56ms Image
image/gif 188.42.29.80
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.advarkads.com/api/statistic/match?id=8113-1-1&uid=0100007F6CC4C6612405C70E02B87374
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F6CC4C6612405C70E02B87374
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.29.80 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.18.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3.advarkads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 25 Dec 2021 07:12:45 GMT
Server: nginx/1.18.0
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: -1

GET
H2 200 6765000061041829816
tpc.googlesyndication.com/simgad/ Frame 32A3 7 KB
8 KB 46ms
14ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6765000061041829816?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qm1n7S05OVx449qBa1MLmjHOADEQA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&h=90&slotname=2908634292&adk=3175562939&adf=658274708&pi=t.ma~as.2908634292&w=728&lmt=1640416364&psa=0&format=728x90&url=https%3A%2F%2Fmicrosoftportal.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640416364852&bpp=4&bdt=287&idt=86&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=982702852882&frm=20&pv=2&ga_vid=1225953099.1640416365&ga_sid=1640416365&ga_hid=139679891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=250&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C31063824&oid=2&pvsid=3866466638775476&pem=996&tmod=991&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=BU0vNWFOfP&p=https%3A//microsoftportal.net&dtd=98

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e68e945a649846d4d4a9a500187cede630091294f70313f784f4538fdb6c652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 17:13:51 GMT
x-content-type-options: nosniff
age: 136734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7278
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 16:58:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Dec 2022 17:13:51 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 32A3 19 KB
8 KB 40ms
9ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 06:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jan 2022 06:50:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 32A3 2 KB
1 KB 40ms
13ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 06:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jan 2022 06:59:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 32A3 119 KB
37 KB 57ms
33ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 25 Dec 2021 07:12:45 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 32A3 15 KB
6 KB 40ms
12ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 06:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jan 2022 06:37:27 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 32A3 27 KB
11 KB 41ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cc36b7e19b912c6d09739d2c3edbbb05a272be96736ae9fb0b0a70c2a331d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 00:25:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11415
x-xss-protection: 0
server: cafe
etag: 3382072337847676073
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jan 2022 00:25:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8B40 2 KB
1 KB 38ms
17ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&h=600&slotname=2618197074&adk=2460103794&adf=3305433536&pi=t.ma~as.2618197074&w=300&fwrn=4&fwrnh=100&lmt=1640416364&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fmicrosoftportal.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640416364856&bpp=1&bdt=291&idt=102&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=982702852882&frm=20&pv=1&ga_vid=1225953099.1640416365&ga_sid=1640416365&ga_hid=139679891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1099&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C31063824&oid=2&pvsid=3866466638775476&pem=996&tmod=991&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rSVjrZdHA9&p=https%3A//microsoftportal.net&dtd=105

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 25 Dec 2021 06:12:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 25 Dec 2021 07:12:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Dec 2021 07:12:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 32A3 0
0 30ms
29ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQ0NQbMTGYbf-O5KC9u8P_4qD6AT7hp_KZOn_mJqqD7_hHhABIJLwwzBgleKQgqAHoAHKn8PeAsgBAqgDAcgDyQSqBM8BT9DOfMjb1cZFpcONMZ2K9LGrONMoetJbUQ0pmYUo0Sp8SC7iTS9chF-ULboPRvtI32nGlFuU69KW1CVoScYD62fmdxYYPYeevmVq7zeFWe4EMd72gHBjPRFAouK2JtMSdGuEeExDZpMMc-8pKHuEZ5hlUNgYbvcudajMdcGglsLlwdhHYBRFlpXebdBhVmGGNQa75aBjrAZN6HxoSpC0J_tMbrFBNU4Ht8MXDjimsRqs786_Ihjxh09JnhEQO8lES69wGt4ryQsG2sPItPRAwASvx86dzgOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHnuC8oQGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCLmQvSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItODM5Njg1MTMyNDIxNzkwOBgA&sigh=HFrmf2ey5lc&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&h=90&slotname=2908634292&adk=3175562939&adf=658274708&pi=t.ma~as.2908634292&w=728&lmt=1640416364&psa=0&format=728x90&url=https%3A%2F%2Fmicrosoftportal.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640416364852&bpp=4&bdt=287&idt=86&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=982702852882&frm=20&pv=2&ga_vid=1225953099.1640416365&ga_sid=1640416365&ga_hid=139679891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=250&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C31063824&oid=2&pvsid=3866466638775476&pem=996&tmod=991&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=BU0vNWFOfP&p=https%3A//microsoftportal.net&dtd=98
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 25 Dec 2021 07:12:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 8B40 1 KB
960 B 36ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 06:01:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4271
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jan 2022 06:01:34 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 8B40 19 KB
8 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 06:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jan 2022 06:50:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 8B40 2 KB
1 KB 37ms
16ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 06:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jan 2022 06:59:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8B40 119 KB
37 KB 41ms
23ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 25 Dec 2021 07:12:45 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 8B40 15 KB
6 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 06:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jan 2022 06:37:27 GMT

GET
H2 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame 8B40 27 KB
12 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 14:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 20 Mar 2022 14:37:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8B40 0
0 24ms
23ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPTW2bMTGYcv6O8WU7_UP6vKz0AGW4fieZ6PboaGhDvTulLvOJhABIJLwwzBgleKQgqAHoAHkqbXaA8gBCakCPVGexJX9sj6oAwHIA8sEqgTVAU_Qs2YreUHA3AlffS1JNS540Bki8b9JTHnng0oe8jHO-uGUxLwH2IaCCeLtdxT9s1Q2ymTq-k1djD1owyTtff5Y3htkWrAZiKHveCp1K4zJOIpzlwGYQxzdAUeZjFwG2cO-wTTgj0A4QxWXvYTFKKX3g8rr432SzTrfrhUBbLbvdrTc6TnKgCO8reoZf-1l2NeoU6SFuJKWfrNk57JrtbB_F6CL8XT3XUAs2EWUnqk9mBWio4ZXU1R_ooFCuEF1B2Zgx5x2kLc8hlt0X_LEl1FSXQdXS8AEr-C4gcoDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4TWyiWoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQ1tsd0ggJCIDhgBAQARgfgAoByAsB2BMO0BUBmBYBgBcBshccChoIABIUcHViLTgzOTY4NTEzMjQyMTc5MDgYAA&sigh=M0Az62N9AW0&uach_m=[UACH]&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&h=600&slotname=2618197074&adk=2460103794&adf=3305433536&pi=t.ma~as.2618197074&w=300&fwrn=4&fwrnh=100&lmt=1640416364&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fmicrosoftportal.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640416364856&bpp=1&bdt=291&idt=102&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=982702852882&frm=20&pv=1&ga_vid=1225953099.1640416365&ga_sid=1640416365&ga_hid=139679891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1099&ady=365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C31063824&oid=2&pvsid=3866466638775476&pem=996&tmod=991&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rSVjrZdHA9&p=https%3A//microsoftportal.net&dtd=105
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 25 Dec 2021 07:12:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 8B40 23 KB
23 KB 45ms
7ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRHos-hv-IJhrJgObnMwF63Q__3cSH1E-RZi6MSdW1TrwI5n2gwsZUWPRk-XBU&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7a092ce913c95c3b823dd1cb91183b960cd7bb4127cd3c5fa1119fd311e28f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 19:44:05 GMT
x-content-type-options: nosniff
age: 127720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23195
x-xss-protection: 0
last-modified: Wed, 11 Aug 2021 10:28:13 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 23 Dec 2022 19:44:05 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 8B40 21 KB
21 KB 50ms
13ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTaQOC1RSx-9gFMzLc2PZE_m2Zj12qQ0cYguM2lUl1ph9OoCEfGFp2Csv5NXg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

133fd980369c625f99de405ca14cebf40098508c5726af9b7088e73fb2cf76f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 05:05:45 GMT
x-content-type-options: nosniff
age: 7620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21144
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 10:29:53 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 25 Dec 2022 05:05:45 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 8B40 16 KB
16 KB 61ms
7ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcT7DJZyYEfoOVgAJRqBLLLOX7Uop9qHAEaMqpqj_wcVUX1kfk-ItQzOImkkrw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61d6c159cdd37cd4e7d15b25ce4cfacf46e61a9272f974bea526fbcbbd0affe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 20:36:47 GMT
x-content-type-options: nosniff
age: 470158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Sat, 28 Jan 2017 06:51:26 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 19 Dec 2022 20:36:47 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 8B40 24 KB
24 KB 51ms
13ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQ_5AffBii1hhF6_wxqe-dFJiQD7pSIEVORJEU197Qqs63l7kwOkqEUaR6H3g&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62acee54c76f3253a454c6f81dd26f2113bf452609c8366e0c49842c507cf48a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 12:59:17 GMT
x-content-type-options: nosniff
age: 152008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24186
x-xss-protection: 0
last-modified: Sat, 28 Aug 2021 10:25:48 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 23 Dec 2022 12:59:17 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 8B40 24 KB
24 KB 59ms
7ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRjd4YGTjDb5rtnitVmPYoqR_F5JD4xBgUcI4u2T9DIZM0CbPKCFTWRK0vC0g&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f21b28557302700bf26c865410c4d9e787bcf029aed14f51758a0ba012105fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 08:46:19 GMT
x-content-type-options: nosniff
age: 253586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24170
x-xss-protection: 0
last-modified: Fri, 26 Nov 2021 12:59:09 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 22 Dec 2022 08:46:19 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 8B40 23 KB
23 KB 44ms
7ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSyGL2OWvoZn5D4EDKK0Gp16cHxM-kZ-SJZZ9taxRznaATMXejyUqXnYVrR5Q&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fed3b54a5c816235ef84dcae8ddfcf00427453a119a4b21ccc3c57207b8e2f2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 05:17:13 GMT
x-content-type-options: nosniff
age: 6932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23400
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 16:31:51 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 25 Dec 2022 05:17:13 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0E22 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&h=90&slotname=2908634292&adk=3175562939&adf=658274708&pi=t.ma~as.2908634292&w=728&lmt=1640416364&psa=0&format=728x90&url=https%3A%2F%2Fmicrosoftportal.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640416364852&bpp=4&bdt=287&idt=86&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=982702852882&frm=20&pv=2&ga_vid=1225953099.1640416365&ga_sid=1640416365&ga_hid=139679891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=250&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C31063824&oid=2&pvsid=3866466638775476&pem=996&tmod=991&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=BU0vNWFOfP&p=https%3A//microsoftportal.net&dtd=98

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 25 Dec 2021 07:04:48 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 477
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8B40 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 257a8b2f1baf15d3ba84b3ad4bdb36ad02f1c2cf0d491a5c238d823c2a9f20d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 8B40 20 KB
21 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 23:19:29 GMT
x-content-type-options: nosniff
age: 287596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Dec 2022 23:19:29 GMT

GET
DATA 200
OK truncated
/ Frame 32A3 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7bc9d7f5c12fdc6f902179086022b0638fceecdabd68a17c62692b8c1e4139af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 6DD3 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:30:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 157354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 11:30:11 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0E22
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

61ms
60ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 25 Dec 2021 07:12:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 25 Dec 2021 07:12:45 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 25 Dec 2021 07:12:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 3281 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:30:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 157354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 11:30:11 GMT

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 7692
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=536966666337741.347839591139939&a=77&e=0100007F6CC4C6612405C70E02B87374&pref=https%3A%2F%2Fmicrosoftportal.net%2F&c=ss:77.up:0100007F6CC4C6612405C70E02B873...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=536966666337741.347839591139939&a=77&e=0100007F6CC4C6612405C70E02B87374&pref=https%3A%2F%2Fmicrosoftportal.net%2F&c=ss:77.up:01000...

49 B
602 B

61ms
61ms

Image
image/gif

185.15.175.148
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=536966666337741.347839591139939&a=77&e=0100007F6CC4C6612405C70E02B87374&pref=https%3A%2F%2Fmicrosoftportal.net%2F&c=ss:77.up:0100007F6CC4C6612405C70E02B87374.sync:up.xdua:duT7xYL4jtnqVvIdHknaMibw.xps:xps44SLCCOfwrpdPUH3OOHzmV.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Server

185.15.175.148 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 2
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Sat, 25 Dec 2021 07:12:45 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=536966666337741.347839591139939&a=77&e=0100007F6CC4C6612405C70E02B87374&pref=https%3A%2F%2Fmicrosoftportal.net%2F&c=ss:77.up:0100007F6CC4C6612405C70E02B87374.sync:up.xdua:duT7xYL4jtnqVvIdHknaMibw.xps:xps44SLCCOfwrpdPUH3OOHzmV.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 7692
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=536966666337741.993990860377467&a=77&e=0100007F6CC4C6612405C70E02B87374&pref=https%3A%2F%2Fmicrosoftportal.net%2F&c=ss:77.up:0100007F6CC4C6612405C70E02B873...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=536966666337741.993990860377467&a=77&e=0100007F6CC4C6612405C70E02B87374&pref=https%3A%2F%2Fmicrosoftportal.net%2F&c=ss:77.up:01000...

49 B
602 B

81ms
81ms

Image
image/gif

185.15.175.148
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=536966666337741.993990860377467&a=77&e=0100007F6CC4C6612405C70E02B87374&pref=https%3A%2F%2Fmicrosoftportal.net%2F&c=ss:77.up:0100007F6CC4C6612405C70E02B87374.sync:up.xdua:duT7xYL4jtnqVvIdHknaMibw.xps:xps44SLCCOfwrpdPUH3OOHzmV.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Server

185.15.175.148 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 07:12:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 5
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Sat, 25 Dec 2021 07:12:45 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=536966666337741.993990860377467&a=77&e=0100007F6CC4C6612405C70E02B87374&pref=https%3A%2F%2Fmicrosoftportal.net%2F&c=ss:77.up:0100007F6CC4C6612405C70E02B87374.sync:up.xdua:duT7xYL4jtnqVvIdHknaMibw.xps:xps44SLCCOfwrpdPUH3OOHzmV.dn:acint__net.adcm:hit.tg:adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H3 200 css
fonts.googleapis.com/ Frame 4875 2 KB
532 B 34ms
20ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&h=280&slotname=7615861873&adk=1353954373&adf=392815488&pi=t.ma~as.7615861873&w=1197&fwrn=4&fwrnh=100&lmt=1640416364&rafmt=1&psa=0&format=1197x280&url=https%3A%2F%2Fmicrosoftportal.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640416364857&bpp=1&bdt=292&idt=109&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x600&correlator=982702852882&frm=20&pv=1&ga_vid=1225953099.1640416365&ga_sid=1640416365&ga_hid=139679891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=2208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C31063824&oid=2&pvsid=3866466638775476&pem=996&tmod=991&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=lnvm7Fmo9X&p=https%3A//microsoftportal.net&dtd=113

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 25 Dec 2021 06:12:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 25 Dec 2021 07:12:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Dec 2021 07:12:45 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 4875 1 KB
880 B 27ms
10ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 06:01:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4271
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jan 2022 06:01:34 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 4875 19 KB
8 KB 26ms
9ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 06:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jan 2022 06:50:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 4875 2 KB
1 KB 27ms
10ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 06:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jan 2022 06:59:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4875 119 KB
36 KB 30ms
15ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 25 Dec 2021 07:12:45 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 4875 15 KB
6 KB 27ms
10ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 06:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jan 2022 06:37:27 GMT

GET
H3 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame 4875 27 KB
11 KB 25ms
9ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 14:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 20 Mar 2022 14:37:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4875 0
0 28ms
28ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CB91SbMTGYaSaPMuX9u8PpqCQ6AT9rNKsZ97j15aBDs2Z7I2mJxABIJLwwzBgleKQgqAHoAHooKzMA8gBCakCPVGexJX9sj6oAwHIA8sEqgTVAU_QLeMRbm_rJMpDTPyTsiFnk8F1LMeSM7Wc7Tr4GrRdM859aicE7eL_pYuFFY_Seyjcev6JjVrAv2z8iIw9p232rjQmGJ8LOIOgIQREVICaSJrKbWm_6JbIijeDIsNcRzFljxO6fOr57R-u6kotuYDdoPlqxaSoLLb0FbEK2GTKDnHwr2YA4xC2keyZOyDaGSX5_GdaYhAlQM5uXYpR9z1aD3LZkoUrI3nQQcGb32iwMl_pOeHt1tEFSUIj8qzTsaleMAIU5PjENpsLpnST4umCg0NJYsAEhMDAuO4DkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4Df0zOoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQ8dUt0ggJCIDhgBAQARgfgAoByAsB2BMO0BUBgBcBshccChoIABIUcHViLTgzOTY4NTEzMjQyMTc5MDgYAA&sigh=7B23sAqU0eM&uach_m=[UACH]&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8396851324217908&output=html&h=280&slotname=7615861873&adk=1353954373&adf=392815488&pi=t.ma~as.7615861873&w=1197&fwrn=4&fwrnh=100&lmt=1640416364&rafmt=1&psa=0&format=1197x280&url=https%3A%2F%2Fmicrosoftportal.net%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640416364857&bpp=1&bdt=292&idt=109&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x600&correlator=982702852882&frm=20&pv=1&ga_vid=1225953099.1640416365&ga_sid=1640416365&ga_hid=139679891&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=202&ady=2208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C31063824&oid=2&pvsid=3866466638775476&pem=996&tmod=991&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=lnvm7Fmo9X&p=https%3A//microsoftportal.net&dtd=113
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 25 Dec 2021 07:12:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 shopping
encrypted-tbn0.gstatic.com/ Frame 4875 8 KB
8 KB 23ms
9ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRKtKDwd6A82udwClkRoxW3aphSSAkJ_ceY4TvHmRgu1lzgFWYhel2clc2iAQ&usqp=CAI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d863a6ead47f49120679e1f9f1a128eaf2edd339ceb3ab03ecad22e8ee4d4f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 06:22:48 GMT
x-content-type-options: nosniff
age: 262197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8674
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 18:26:56 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 22 Dec 2022 06:22:48 GMT

GET
H3 200 shopping
encrypted-tbn3.gstatic.com/ Frame 4875 8 KB
8 KB 24ms
8ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTFwYktzic4rHvSLq7z8XChzS4_aW7O6k2dKvNAjtoLQIgSgEFyyjl04rq61dQ&usqp=CAI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cbfd211c22a38fa4f8d0d28f65cbb97132e572d611320ad68c76f1297719cb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 18:12:07 GMT
x-content-type-options: nosniff
age: 219638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8428
x-xss-protection: 0
last-modified: Wed, 08 Dec 2021 13:46:23 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 22 Dec 2022 18:12:07 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame 4875 7 KB
7 KB 24ms
8ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTD0g3D8Iu3twFABuNki9Ue5PRNmoaDROq6-R2mSRmCe0E1OBalbkhn4sSR1hE&usqp=CAI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd04843b119999d8cc1f7a8e662571d8f06dca43e4c34f4f4931740b52db9ab7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 11:41:45 GMT
x-content-type-options: nosniff
age: 243060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7171
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 03:11:17 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 22 Dec 2022 11:41:45 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 149 KB
53 KB 29ms
25ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fb03c5889929639808be7ec57fdcac0a13e2bc5de31ac48723aeca4c2ff246e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54385
x-xss-protection: 0
server: cafe
etag: 4993246191385855005
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 07:12:45 GMT

GET
DATA 200
OK truncated
/ Frame 4875 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8d3329fb66fadbbaf9a8f0e3dacdb9410a8f0a7ae86af20aaa382dd800f39f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 4875 20 KB
20 KB 21ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 23:19:29 GMT
x-content-type-options: nosniff
age: 287596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Dec 2022 23:19:29 GMT

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 9F00 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:30:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 157354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 11:30:11 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=microsoftportal.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 25 Dec 2021 07:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=microsoftportal.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 25 Dec 2021 07:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/ Frame 686F 11 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 24 Dec 2021 18:38:26 GMT
expires: Fri, 07 Jan 2022 18:38:26 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 45259
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/ Frame BE64 11 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 24 Dec 2021 18:38:26 GMT
expires: Fri, 07 Jan 2022 18:38:26 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 45259
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css2
fonts.googleapis.com/ Frame 686F 4 KB
634 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 25 Dec 2021 06:07:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 25 Dec 2021 07:12:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Dec 2021 07:12:45 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 686F 205 B
229 B 7ms
6ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 11:51:44 GMT
x-content-type-options: nosniff
age: 69661
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 24 Dec 2022 11:51:44 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 686F 604 B
628 B 8ms
7ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 11:21:44 GMT
x-content-type-options: nosniff
age: 71461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 24 Dec 2022 11:21:44 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 686F 19 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 06:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8346
x-xss-protection: 0
server: cafe
etag: 3177319193432224586
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jan 2022 06:30:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BE64 0
0 25ms
25ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTyJBbMTGYYnzPJ2Q7_UPm8GvgAL7hp_KZOn_mJqqD7_hHhABIJLwwzBgleKQgqAHoAHKn8PeAsgBAqgDAcgDyQSqBM4BT9A-r1vOgco9I2KH8I7sHh8moUMaPwtFhNr6f_ZwWmYz8ld_TzrYY761EkH7e4r8Cr-XgDMj15QIMP0A1n7ZSIOXcJIrtI-go1rrzvordvvn-c0mWCE_5PpDlunS04k7450-Pw53Uu5IWnxPX1QqhIJnONdbJw4x4R4W0nVTlZeVDnUtPF0T4UYGW_ccSLo7FkgV5D6m4Otmszzi0r6Vi9x4jsSy16jouai9TEejSE51CkyUmP-sas-kG4HQSxuPKkDyIToWrkNrvQM_-bLABK_Hzp3OA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAee4LyhAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEMLOC9IICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi04Mzk2ODUxMzI0MjE3OTA4GAA&sigh=mjMDDshQ1Zg&uach_m=[UACH]

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 25 Dec 2021 07:12:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 6765000061041829816
tpc.googlesyndication.com/simgad/ Frame BE64 7 KB
7 KB 8ms
7ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6765000061041829816?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qm1n7S05OVx449qBa1MLmjHOADEQA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e68e945a649846d4d4a9a500187cede630091294f70313f784f4538fdb6c652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 17:13:51 GMT
x-content-type-options: nosniff
age: 136734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7278
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 16:58:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Dec 2022 17:13:51 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame BE64 19 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 06:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jan 2022 06:50:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame BE64 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 06:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jan 2022 06:59:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BE64 119 KB
36 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 25 Dec 2021 07:12:45 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame BE64 15 KB
6 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 06:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jan 2022 06:37:27 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame BE64 27 KB
11 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cc36b7e19b912c6d09739d2c3edbbb05a272be96736ae9fb0b0a70c2a331d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 00:25:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11415
x-xss-protection: 0
server: cafe
etag: 3382072337847676073
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jan 2022 00:25:47 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EFE0 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 25 Dec 2021 07:04:48 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 477
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame E143 3 KB
579 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 25 Dec 2021 06:08:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 25 Dec 2021 07:12:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Dec 2021 07:12:46 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame E143 1 KB
880 B 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 06:01:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jan 2022 06:01:34 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame E143 19 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 06:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jan 2022 06:50:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame E143 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 06:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 775
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jan 2022 06:59:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E143 119 KB
36 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 25 Dec 2021 07:12:46 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame E143 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 06:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jan 2022 06:37:27 GMT

GET
H3 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame E143 27 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 14:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 20 Mar 2022 14:37:35 GMT

GET
DATA 200
OK truncated
/ Frame BE64 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90be3ff15de1f8ce74028783d480e1d6b588faa2f5725a7f65260571c3ce0130

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EFE0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

102ms
101ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 25 Dec 2021 07:12:46 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 25 Dec 2021 07:12:46 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 25 Dec 2021 07:12:46 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6739 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 25 Dec 2021 07:04:48 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6739
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

62ms
62ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 25 Dec 2021 07:12:46 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 25 Dec 2021 07:12:46 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 25 Dec 2021 07:12:46 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame A04A 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Host: microsoftportal.net
URL: https://microsoftportal.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:30:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 157355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 11:30:11 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 35ms
20ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6177df16a100309ffb75f19440ec94b7d770db519aeb9526098068d39222be3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 25 Dec 2021 07:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8390
x-xss-protection: 0

POST
H2 200 tracker
top-fwz1.mail.ru/ 43 B
926 B 63ms
63ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=2124891;u=https%3A//microsoftportal.net/;st=1640416364813;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=8e7df66be7bfff67;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1640416364048/////0/1/18/18/110/62/110/514/515/517/765/838/844/2234/2234/;ni=9.5//4g/0/0/;lvid=1640416365080%3A1640416366284%3A2%3A62e6d85eee10cabd1fe362ca101f54d5;visible=true;_=0.7420419863742993;e=RT/load;et=1640416366282

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://microsoftportal.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 25 Dec 2021 07:12:46 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://microsoftportal.net
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://microsoftportal.net
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://microsoftportal.net
access-control-allow-headers: *

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame FD3B 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:30:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 157355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 11:30:11 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 1011ms
1011ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Sat, 25 Dec 2021 07:12:47 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 32A3 42 B
64 B 30ms
29ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYjepIibpEpRZnnpllivicQta6ddFH7VzkyH4ugR1PmpCk8r0ni4QbnNwGrk3hycenM50vPfGDAqREVT8sgC5_JDXdig6r4h8PpDEBNAZy0MmKjKb6lA&sai=AMfl-YQejShbd_jj9eaP-pgHhVCJORGfqlXGHgSNviQZcyVHRs4bC_TqtuOqXG24iSXnVg9S4rvGgquMzlYW&sig=Cg0ArKJSzEUSdDk4_RNcEAE&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3175562939&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640416364951&rpt=704&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 07:12:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8B40 42 B
64 B 29ms
29ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvcaxejORcXpL7EG9M8Evz90X720VfsMHN-4tNWJ6fQ8vi4BrF7a5IlQWH7_UwQZ95vvMxK4w1YvyDFzVEHQY76TlP7MkqckapZLi34M_-ZvL_usQ5REw&sai=AMfl-YTSR9F2outQSrrLmJ38ZWLraFVzgJhUN7j5SDiUe8W_zL4Hz7UnU1Jc61yTxkGb9Xw3v8xq19sNwqHX&sig=Cg0ArKJSzF5GeViNe8JpEAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2460103794&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640416364962&rpt=712&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 07:12:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BE64 42 B
64 B 29ms
29ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuGSBMfOLvyzAtUivnZJfkDAlwGvsK2qHocUtElstEbMn3olzCOyu4_PWlZX1S1RN1_UPn5Qsa5_xRMrveoduNqSXVoNgRJXEPmkIN3cebPIaqZxvmjKw&sai=AMfl-YRT3Y6RoL20QghqKN5HI7llAb3tEDmY7m-UVLagwo91OZ-Jq5k_pwp6cSramtiSayC4uaI6atpke6Wg&sig=Cg0ArKJSzLmHZ0UH4foXEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=84,767,1000,1117,1237&tos=84,683,233,117,120&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640416365889&rpt=153&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 07:12:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1087 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Thu, 23 Dec 2021 16:35:09 GMT
expires: Fri, 23 Dec 2022 16:35:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 139058
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7D45 783 B
534 B 16ms
16ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

64aae99873f3fd275afc3c01bfb1bbf47aa0be50e37fd602ffc27d1d44cfd021

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NgT5ThOv58GhegnveH7WPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 25 Dec 2021 07:12:47 GMT
date: Sat, 25 Dec 2021 07:12:47 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-NgT5ThOv58GhegnveH7WPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 10478836 Show response
mc.yandex.com/webvisor/ 43 B
145 B 41ms
41ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/10478836?wmode=0&wv-part=1&wv-hit=34755083&page-url=https%3A%2F%2Fmicrosoftportal.net%2F&rn=802896019&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1640416367%3Aw%3A1600x1200%3Av%3A722%3Az%3A0%3Ai%3A20211225071247%3Au%3A1640416365193618850%3Avf%3Aykdauinnulox185iv3%3Awe%3A1%3Ast%3A1640416367&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://microsoftportal.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 07:12:47 GMT
last-modified: Sat, 25-Dec-2021 07:12:47 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://microsoftportal.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 25-Dec-2021 07:12:47 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7D45 0
0 59ms
59ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=3866466638775476&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 1087 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_8rsBg2pSAE7OSEuXeXkmKAJRzK7XLbOE8Wp2RNR2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:30:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 157356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13622
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Dec 2022 11:30:11 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 30ms
30ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=3866466638775476&bg=!-vml-b3NAAZKWFskSlg7ACkAdvg8WlcxikkrEHo8PdixzWsX7lr0cphmyI9o_h4Hq3WrOfHNNQG5nAIAAABXUgAAAAdoAQcKALRmBDCPER7PLW_Mj9THFB24YAVO0cHItRFUgNunNw0V-1o6lYaIHHQ_KV9vw3YNfDenWcaxiiqxRz-oxGnv7jNXqJ-PX99_mDkdkB2XQSV7zI4OQuy7hL1xoMoERyo6L12p13AwOb3CC3my2iURe547rSnnvp3LXj0MIQpaooB0Jfj8PMbiaGzjlEJ6IUdzNipsnqdky7RTrPAuo5fkLIIXOJE5DpomCPFLQlqTyhAz2oj0oCOZAsW247Mgs-NJZdz17MbbivS6SOdVWffT-PBtwmC3PaD6qy3oOabbZJ2V2TVKC9ogw-X-3H5bdl07T8Wa5lvK5lAxwZ7ibJ8glUuxO8TfW6OxP65Zh_RiZJDS-ZWdbibeKiSNQ-eegpzb4qwWV32MA1-a0UK7b0dipeCNIC8P15JlnvQ2nuQ9cBrkbUcqW3MrpJi1KNK8B5J0qMBgOxwSuPH6gdoR3p8-q090Pl9u3kUIFWWOLHnbNW3Uz51FI1ElB2xSGOy3FoLe2C5rqGOV-7W6gVKqSrBmPP_u72vBZZmDht5knn1IMfe9NNAybtYzBMV6kTCcpz_TOwHKXd4vyJxiyFiQiiss9zbAWi0UpQV72FEbcELB-xY5CsxUAXW9ZspmeEz5uO5qoeQCrzTaCTuAbf_fsUsCqX30SnWHN71ZHgBbJU6n3AZNt8lM3gjzTmyLBp0H11xJ5qutJ3V0siCHh6YirdZI8wZZ5WiSib4Uw-MprlEJVvLhoJ2E4LCjpoLDknIHuXMXdR5EXpBHalY4rBsvoV0hIMz2FIng10w5Q61-ub5cpK5TJ5P8hZev2Eck5t8i0IMTYjjBoT1SjqjP1cTmplICP-KFbVSth5y6nv_OQJnpHa8aTgf5o0J0sKjjVP5dQEPglyB4l9VtG7WIHtr9qAvhZNn_wsPvnpnDqHELeaTDnvNyb1X0jGnP3O84QGNUQ_Z4ShUan0GNdW1t0_Mpud9xOlHezXemSh7yVw6bBgvd9JYVZ4tGUx7_gDsRi_jJBtuDi7jDqJuxr_YgscZfAuQlrtu9btB4ONfCa3Iuo_7CEpWGeq77ESsIZY7Bs0O7GxPujjY9hyjs3tWVTrE6jeGy-RGXncOeQbvXiacACk7v2XG4CTN1UmX7b7eOXndrUZ_Baj6q8aK368gZ8zOT8bjvhrLRUuvS34Lmm0ZGIrRg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 07:12:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 10478836 Show response
mc.yandex.com/webvisor/ 43 B
73 B 201ms
41ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/10478836?wmode=0&wv-part=1&wv-hit=34755083&page-url=https%3A%2F%2Fmicrosoftportal.net%2F&rn=938219133&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1640416368%3Aw%3A1600x1200%3Av%3A722%3Az%3A0%3Ai%3A20211225071247%3Au%3A1640416365193618850%3Avf%3Aykdauinnulox185iv3%3Awe%3A1%3Ast%3A1640416368&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://microsoftportal.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 07:12:47 GMT
last-modified: Sat, 25-Dec-2021 07:12:47 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://microsoftportal.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 25-Dec-2021 07:12:47 GMT

GET
H2 200 /
www.acint.net/ping/ 43 B
224 B 12ms
11ms Image
image/gif 46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.4.0&uid=199196ec-bccd-41b0-b8db-ea1746eba219&dp=10&tz=%2B00%3A00&nc=54891370&dT=2021-12-25T07%3A12%3A47.897
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://microsoftportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:12:47 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 10478836 Show response
mc.yandex.com/webvisor/ 43 B
145 B 41ms
41ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/10478836?wmode=0&wv-part=2&wv-hit=34755083&page-url=https%3A%2F%2Fmicrosoftportal.net%2F&rn=93254051&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1640416369%3Aw%3A1600x1200%3Av%3A722%3Az%3A0%3Ai%3A20211225071249%3Au%3A1640416365193618850%3Avf%3Aykdauinnulox185iv3%3Awe%3A1%3Ast%3A1640416369&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://microsoftportal.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 07:12:49 GMT
last-modified: Sat, 25-Dec-2021 07:12:49 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://microsoftportal.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 25-Dec-2021 07:12:49 GMT

Verdicts & Comments Add Verdict or Comment

173 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

98 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
microsoftportal.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: 67f5fb1ef5ea076eda417cac7b952556
microsoftportal.net/	1978-01-11 21:31:40	Name: fid Value: 0500db2e-809d-49b0-aed5-a3019941d3c3
.acint.net/	1970-01-19 23:40:16	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-25 20:05:16	Name: aid Value: fwAAAWHGxGwOtQUmWjnrAvp4dGoRK0FcpNcic0Dpkqkp6pna
.acint.net/	1970-01-20 00:23:28	Name: cSyncDp7v2 Value: 1640416364
.acint.net/	1970-01-20 00:23:28	Name: cSyncDp14v3 Value: 1640416364
.acint.net/	1970-01-20 00:23:28	Name: cSyncDp17 Value: 1640416364
.acint.net/	1970-01-20 00:23:28	Name: cSyncDp32 Value: 1640416364
.acint.net/	1970-01-19 23:41:42	Name: cSyncDp45v3 Value: 1640416364
.acint.net/	1970-01-20 00:23:28	Name: cSyncDp53 Value: 1640416364
.acint.net/	1970-01-20 00:23:28	Name: cSyncDp54v2 Value: 1640416364
.acint.net/	1970-01-20 00:23:28	Name: cSyncDp62 Value: 1640416364
.acint.net/	1970-01-20 00:23:28	Name: cSyncDp67v2 Value: 1640416364
.acint.net/	1970-01-20 00:23:28	Name: cSyncDp68 Value: 1640416364
.acint.net/	1970-01-20 00:00:25	Name: cSyncDp77 Value: 1640416364
.acint.net/	1970-01-20 00:23:28	Name: cSyncDp84 Value: 1640416364
.acint.net/	1970-01-20 00:23:28	Name: cSyncDp85 Value: 1640416364
.acint.net/	1970-01-20 00:23:28	Name: cSyncDp88 Value: 1640416364
.acint.net/	1970-01-20 00:23:28	Name: cSyncDp95v3 Value: 1640416364
.acint.net/	1970-01-20 00:23:28	Name: cSyncDp101 Value: 1640416364
.acint.net/	1970-01-20 00:00:25	Name: cSyncDp104v2 Value: 1640416364
.acint.net/	1970-01-20 00:23:28	Name: cSyncDp107 Value: 1640416364
.acint.net/	1970-01-20 00:23:28	Name: cSyncDp110 Value: 1640416364
.acint.net/	1970-01-20 00:00:25	Name: cSyncDp111v2 Value: 1640416364
.acint.net/	1970-01-20 00:23:28	Name: cSyncDp112v2 Value: 1640416364
.acint.net/	1970-01-20 00:01:52	Name: cSyncDp125v2 Value: 1640416364
.acint.net/	1970-01-20 00:23:28	Name: cSyncDp126 Value: 1640416364
.acint.net/	1970-01-20 00:23:28	Name: cSyncDp127 Value: 1640416364
.acint.net/	1970-01-20 00:23:28	Name: cSyncDp129 Value: 1640416364
.acint.net/	1970-01-20 00:23:28	Name: cSyncDp136 Value: 1640416364
.acint.net/	1970-01-20 00:23:28	Name: cSyncDp138 Value: 1640416364
.acint.net/	1970-01-20 00:23:28	Name: cSyncDp144 Value: 1640416364
.acint.net/	1970-01-20 00:23:28	Name: cSyncDp146 Value: 1640416364
.acint.net/	1970-01-20 00:23:28	Name: cSyncDp149 Value: 1640416364
.acint.net/	1970-01-20 00:23:28	Name: cSyncDp151 Value: 1640416364
.yadro.ru/	1970-01-20 08:25:15	Name: FTID Value: 1XniHy3j2OuE1XniHy0027SC
.microsoftportal.net/	1970-01-20 09:01:52	Name: __gads Value: ID=c3be6eeb7bdeb580-22138e610fcd00ac:T=1640416364:RT=1640416364:S=ALNI_MYPrU2PV-h11bkG_vKI4vOi4Zn4mg
.ssp-rtb.sape.ru/	1970-01-25 20:05:16	Name: sspuid Value: fwAAAWHGxGxeggATuOFMAh7+U2XE3qDxFmxu2E7qJHp1RzuV
.microsoftportal.net/	1970-01-20 08:25:52	Name: _ym_uid Value: 1640416365193618850
.microsoftportal.net/	1970-01-20 08:25:52	Name: _ym_d Value: 1640416365
.yadro.ru/	1970-01-20 08:25:15	Name: VID Value: 3JB-T02NFueE1XniHy0027UW
.microsoftportal.net/	1970-01-20 07:39:47	Name: tmr_lvid Value: 62e6d85eee10cabd1fe362ca101f54d5
.microsoftportal.net/	1970-01-20 07:39:47	Name: tmr_lvidTS Value: 1640416365080
.utraff.com/	1970-01-20 00:23:39	Name: preutid Value: 1
.microsoftportal.net/	1970-01-20 08:25:52	Name: top100_id Value: t1.2584737.248923019.1640416365103
.doubleclick.net/	1970-01-20 09:01:52	Name: IDE Value: AHWqTUn_yhTa8iUNc7qnPN_yzOM8Dp_p2ry2CJtunaEchtsXPtT-NSioDef5xKK-ArI
.microsoftportal.net/	1970-01-20 23:40:16	Name: last_visit Value: 1640416365107::1640416365107
.microsoftportal.net/	1970-01-20 08:25:52	Name: adtech_uid Value: 6f265be9-5c28-4aec-9c5a-627720bf2460%3Amicrosoftportal.net
.microsoftportal.net/	1970-01-20 08:25:52	Name: t1_sid_2584737 Value: s1.668008240.1640416365104.1640416365109.1.1.1
.microsoftportal.net/	1970-01-20 00:23:28	Name: user-id_1.0.5_lr_lruid Value: pQ8AAG3ExmGOxun1AfdomQA%3D
.microsoftportal.net/	1970-01-19 23:41:28	Name: _ym_isad Value: 2
.adhigh.net/	1970-01-20 08:25:52	Name: gi_u Value: uLvejjOzaOk0.AikABlF98G9KQg
.mc.yandex.com/	1970-01-19 23:40:16	Name: sync_cookie_csrf Value: 3623902377fake
.1dmp.io/	1970-01-20 08:25:52	Name: uid Value: 0ecdba50-6552-11ec-acfd-901b0e8b2a6e
.republer.com/	1970-01-20 08:25:52	Name: ruid Value: 5726b9d6-697a-44b5-8231-c154e5aadadd
.adhigh.net/	1970-01-20 08:25:52	Name: sape_sync Value: I9t
.mc.yandex.ru/	1970-01-19 23:40:16	Name: sync_cookie_csrf Value: 1342938966fake
.adriver.ru/	1970-01-20 17:11:28	Name: cid Value: AOb9f0eZHJ2WfuVcjzEcSjg
.betweendigital.com/	1970-01-20 08:25:52	Name: dc Value: was1
.betweendigital.com/	1970-01-20 08:25:52	Name: ss Value: 1
.yandex.com/	1970-01-20 08:25:52	Name: yandexuid Value: 2505827741640416365
.yandex.com/	1970-01-20 08:25:52	Name: yuidss Value: 2505827741640416365
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 578299771640416365
.yandex.com/	1970-01-23 15:16:16	Name: i Value: UxAoKTEjZlXbSesw0VTDGJ70QF6WDGAf/srrE8nfZYtpKz1cqa0NuY69S6eiDFpUpuFueyUOrcVLxeXRlJIYWqZ2Y2o=
.yandex.com/	1970-01-20 08:25:52	Name: ymex Value: 1671952365.yrts.1640416365#1671952365.yrtsi.1640416365
.relap.io/	1970-01-23 15:16:16	Name: unique Value: 3dBUJI3e
.relap.io/	1970-01-23 15:16:16	Name: fsts Value: 1640416365
.relap.io/	1970-01-23 15:16:16	Name: lsts Value: 1640416365
.relap.io/	1969-12-31 23:59:59	Name: suid Value: c333d50068292775cd61948478df6a0395ed656a--d6a79103e4c9e9330930225b25d8fe58f98ebf26674a603878aeaaeb9665d94b
.relap.io/	1970-01-19 23:41:42	Name: hllc Value: 1
.relap.io/	1970-01-20 08:25:52	Name: rlpsprcs Value: eyJ1aWQiOiIwMTAwMDA3RjZDQzRDNjYxMjQwNUM3MEUwMkI4NzM3NCIsInRzIjoxNjQwNDE2MzY1fQ--85af2c4d16274ac7390c7735e9a3f623a40596c07e3a4399e6288f53c7526126
.microsoftportal.net/	1970-01-19 23:40:18	Name: _ym_visorc Value: w
.betweendigital.com/	1970-01-20 08:25:52	Name: tuuid Value: d8225777-db3d-5367-894d-3234e88bf659
.betweendigital.com/	1970-01-20 08:25:52	Name: ut Value: YcbEbQAE3hi9TpAOP3gBeMGGXUpu5awqlLr0ZA==
.mts.ru/	1970-01-20 08:12:54	Name: dspid Value: 37074cd9-fd6c-4065-aed2-6bb8f029afea
.rutarget.ru/	1970-01-20 03:59:28	Name: userId Value: 86FI9JEAkJDx
.rambler.ru/	1970-01-25 20:05:16	Name: ruid Value: 1CIAAG3ExmHbTpYmAXLmigB=
.uuidksinc.net/	1970-01-20 08:25:52	Name: jcsuuid Value: yqHQE9BOnenNMh3AWGv2
.adsniper.ru/	1970-01-27 06:52:16	Name: uuid3 Value: IiQwZjA0M2MyZS02NTUyLTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.bumlam.com/	1970-01-27 06:52:16	Name: suuid3 Value: IiQwZjA0M2MyZS02NTUyLTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.rktch.com/	1970-01-20 00:23:28	Name: b_uid Value: cdcbfaaba4065cb5d689b4c7af5118db0636
.advarkads.com/	1970-01-20 17:11:28	Name: u Value: EALnQy7zU0-aHQqTHOSBoQ
ssp.bidvol.com/	1970-02-13 20:11:40	Name: bvuid Value: urkrp8y5ti
.ops.beeline.ru/	1970-01-20 08:12:54	Name: BeeAID Value: fa763ecf-face-4ddb-bc9b-2681fe52422d
.mts.ru/	1970-01-23 14:04:16	Name: mts_id Value: d6c65213-2f0b-48fe-ae73-bac8ce3b735b
.mts.ru/	1970-01-23 14:04:16	Name: mts_id_last_sync Value: 1640416365
.weborama.fr/	1970-01-20 09:11:57	Name: AFFICHE_W Value: xczmhtwl8q3F97
.gnezdo.ru/	1970-01-25 20:05:16	Name: uid Value: XV9maWHGxG2hqyPd1hMCAg==
.aidata.io/	1970-01-20 17:11:28	Name: __upin Value: lid0qgBLv2WRy5K+ntr8OA
.aidata.io/	1970-01-20 17:11:28	Name: __upints Value: 1640416365
.yandex.ru/	1970-01-23 15:16:16	Name: yuidss Value: 7505247361640416365
.yandex.ru/	1970-01-23 15:16:16	Name: yandexuid Value: 7505247361640416365
x01.aidata.io/	1970-01-19 23:44:35	Name: mts Value: 1
.doubleclick.net/	1970-01-19 23:40:19	Name: DSID Value: NO_DATA
.dmg.digitaltarget.ru/	1970-01-21 01:35:28	Name: viuserid Value: 3pCXfasYmIuYcWb7Lg3D
.microsoftportal.net/	1970-01-20 07:39:47	Name: tmr_reqNum Value: 2
.mail.ru/	1970-01-20 08:27:18	Name: VID Value: 0rd5v127AZo700000Z16H4I7:::0-0-0-6e11d2d:CAASEARtoin-etY3bKOBnsc31pwaYKgfzSTjhdeIAG49qH-1ow7QT-0B5432sqv43CTRWzgYxGhE_e40UHELz646ZTY7avQVI7s4ryUm4o6T2Ldcq942UvApU4MQvF6LyAyA3SdT6dT3YZMXCUmKrTN1rctUFA
microsoftportal.net/	1970-01-19 23:41:42	Name: tmr_detect Value: 0%7C1640416367417

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9498.Xr30ziOPQSq7BwN0v2dD4WUXWt8GsDzj09AL-fLg948zoG0xXxKTxWjc96E7kvYD8WsvwZT-9l8-t2LqBwMfHQ%2C%2C.rAxmL15BZgS7NC_7FGBIUZEvf_M%2C Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://an.yandex.ru/setud/mts_banner/NwdM2f1sQGWu0mu48Cmv6g?redir-setuniq=1&location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=1642731105 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0100007f6cc4c6612405c70e02b87374-sp.ops.beeline.ru
a.utraff.com
acint.net
ad.adriver.ru
ad.mail.ru
adlmerge.com
ads.adlook.me
ads.betweendigital.com
adservice.google.com
adservice.google.de
an.yandex.ru
api.advarkads.com
cm.g.doubleclick.net
connect.facebook.net
counter.yadro.ru
dm-eu.hybrid.ai
dmg.digitaltarget.ru
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
exchange.buzzoola.com
fcgi4.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
informer.yandex.ru
kraken.rambler.ru
match.new-programmatic.com
mc.yandex.com
mc.yandex.ru
microsoftportal.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.konnektu.ru
px.adhigh.net
redirect.frontend.weborama.fr
relap.io
s.uuidksinc.net
s3.advarkads.com
sape-sync.rutarget.ru
sm.rtb.mts.ru
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.bestssp.com
ssp.bidvol.com
st.top100.ru
stat.adlabs.ru
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.republer.com
sync3.adsniper.ru
tag.digitaltarget.ru
tech.rtb.mts.ru
top-fwz1.mail.ru
tpc.googlesyndication.com
ut.rktch.com
www.acint.net
www.google.com
www.googletagservices.com
www.gstatic.com
x01.aidata.io
109.248.237.37
130.193.58.13
136.243.148.229
142.250.185.130
142.250.185.226
148.251.156.238
159.69.74.6
185.147.80.35
185.15.175.147
185.15.175.148
188.42.29.80
193.232.150.46
194.190.117.94
195.201.152.110
195.201.243.71
213.87.44.187
217.65.2.150
217.66.147.164
217.69.133.145
2606:4700:10::6816:557
2606:4700:3039::6815:c0a2
2a00:1148:db00::17
2a00:1450:4001:802::200a
2a00:1450:4001:808::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:812::200e
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2001
2a00:1450:4001:830::200e
2a02:6b8::1:119
2a02:6b8::90
2a03:2880:f01c:8012:face:b00c:0:3
31.172.81.158
31.172.81.160
31.220.27.134
35.190.16.14
37.18.103.21
37.9.245.57
46.254.16.156
46.4.114.109
5.200.44.122
65.108.1.47
80.64.106.147
81.19.89.17
81.19.89.18
81.222.128.14
81.222.128.216
88.212.201.204
89.108.120.68
89.108.97.2
93.95.102.105
95.163.37.253
95.211.66.35
96.46.183.20
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
019bc4f3c6613f2c561b8b4c239d16aafb01ffd755e604095aa1e745854a547a
03333e8487b65839387c9cdecc9a112b7e41570d728a2ab48c7ed89aab72145f
0b79d9afad7efe9b5df66caaf99a3d5d92ee81c3bdbcba0ba3d45a692fd8a34b
0f21b28557302700bf26c865410c4d9e787bcf029aed14f51758a0ba012105fc
133fd980369c625f99de405ca14cebf40098508c5726af9b7088e73fb2cf76f3
15ebd3fea955e8b57f8c2a0529312e251907d6bf2c9fdec448c886d1d76d9ec6
16b068cb61cb1fc1ad6612960bf3e209ee5af2fb5275cea153046edb7681437b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18f0f623763901aeeb156407ed6a37d5c0716ff174ba9a6ce09fbb5ed9d45d4f
1e53ac8c89c5440411fe150b5ab717e185550ae0b99023c880341bcd75116406
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2556be87318f6f63d55f3a1d7a8193750683ff0055c318536f62ba8a6d1b457f
257a8b2f1baf15d3ba84b3ad4bdb36ad02f1c2cf0d491a5c238d823c2a9f20d8
27a9105727943397b059ee354ee7f2f665f3d5a7a6fb0df68aad37b7f43b7cac
2a5f26bffe81cc508826e84b459d64cb95cee1bf5e8daf380cc11e0be574bcf4
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ac0b867fa66324ed79b248a5fa546bde07c503e90754be44773cfa368d3217e
2cc36b7e19b912c6d09739d2c3edbbb05a272be96736ae9fb0b0a70c2a331d48
2d863a6ead47f49120679e1f9f1a128eaf2edd339ceb3ab03ecad22e8ee4d4f0
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
365d26485f2b776dc4b334775a54f8245be342675f2972b1d587b2a4a67b2922
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
384d0ed21660e40b825198c198b162f68d0ac3aee2c7640d04433496672b2133
3b9e8d070eb3d3a740240f79b731159e34f993842e3d80dd07a2114c69ed8075
3fb03c5889929639808be7ec57fdcac0a13e2bc5de31ac48723aeca4c2ff246e
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
449ef4a890525256bc3bc16dea519e857a7a694c5048820cc7271e713766652b
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
479b699a76b4f1c5d74bf82e7351685c455b79547d10b6891680fbfa590e68ae
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106
544b582a40797a87e392c4b827908c8474e985f3d7ed08c2dcca17a8d5fa8525
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
572e2f25267f2879b7d5c14151314133fc8c67293837ce4bb184153664694160
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6177df16a100309ffb75f19440ec94b7d770db519aeb9526098068d39222be3d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d6c159cdd37cd4e7d15b25ce4cfacf46e61a9272f974bea526fbcbbd0affe5
62acee54c76f3253a454c6f81dd26f2113bf452609c8366e0c49842c507cf48a
64aae99873f3fd275afc3c01bfb1bbf47aa0be50e37fd602ffc27d1d44cfd021
65b45154530acccb3435ac25e0f1bc131589c2388bfd67481526cbe2ed521eca
694b3d44092af2be786c584ad80546df912fb0bf621e760a9bfd8d0c8f986be9
6b2385df25640156748d25320c7f27e980535d744f14d2eaa596ca2ef8660a67
6e8bf0be05ae370031305384f7d6b08c55a8cb4ef557b3db42b8e10729ea0783
6fff2bb01836a52004ece484b97797926280251ccaed72db384f16a7644d4764
77affbd2fb12370b0c53ff6b46dfa66c313f0d29f4e4148913a42d5789ac6451
7bc9d7f5c12fdc6f902179086022b0638fceecdabd68a17c62692b8c1e4139af
7efc7a686e4263b53b0f5b9de6f7a6edc050581750f2b25b3dabec36518a8b9d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
8cbfd211c22a38fa4f8d0d28f65cbb97132e572d611320ad68c76f1297719cb4
8e887002196ac4cf944a2a419274dc217df3873c576bf48def369bc2977c623b
8f281ebc45c293d64b39f0a23399a3cccbd542c3a1245019dd33e2139d45ed3f
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
90be3ff15de1f8ce74028783d480e1d6b588faa2f5725a7f65260571c3ce0130
91cfab827f1f7c9aca0933e30f433ed72d44546deef812d3ef4e6f0745ba3f4a
9463ef93cb9aefa7b4d3891744db9387fd1a29c5890e205e09289581320862c1
954aa4d2c0af250560a514e57d68aa8757575d4a7c4f7c909eda37b9e9065503
9dd33489fbd3a8ddf6a82e0b9ca3b954e557bfe5ccb4c2e2871c84632ad87899
9e68e945a649846d4d4a9a500187cede630091294f70313f784f4538fdb6c652
9e98aa5c3a32be2de2b78136d4193426cbc63c246612cb4330caf8988019c6b3
a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a61eeea560e1f947cd3e50db09d52da15eebe911865e29f5398bb44cb0d9252e
a8cf59007153a1d366dd69c66f54edbbcfec46a32330626a714f1b22934ec468
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b5a8e9e7501f1c26f61fb9b71c38521b1226e511074b4cd8f98a99ca535497bd
b912455480572174b87986b8f195eae651c900ef3b6fb85d72310b6aad0c878c
b95551b67b78f070623c3439b51bd566bee844c961452c50ccad66cd9c024b2e
bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c
bd04843b119999d8cc1f7a8e662571d8f06dca43e4c34f4f4931740b52db9ab7
be09287dc5a2179a73fa792069d5228e9a5740c69c45104e71db5122a5864da1
c2a53a2ff6fe4b87169761f63876c4239639b5710db7c5e2861dd24e8e347180
c5c44afc84eb882c171355b664f14b251d5c34db9023b719ba29dac938b6554e
c654e1b1768e9ee4ef211ea90736e7e99679d7af202faa4f2782db9447bdf548
c808c3cddb994e5e133fd592693da054fa2217afe3f9fc65afe59ea19c49a6fe
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d15baa903edc6b266041303753bd9d856fc87c8cbbe714917d86b0b933968938
d7cbaea0f54d0bb510e31c42359e59602983c0f1cb3c42337083ded48da06382
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
de7a092ce913c95c3b823dd1cb91183b960cd7bb4127cd3c5fa1119fd311e28f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
e8d3329fb66fadbbaf9a8f0e3dacdb9410a8f0a7ae86af20aaa382dd800f39f0
edea62b6792791e90490e04ecbdb167677f4c84c09fe19efba4dbdc6494efb10
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c9f90c27c6cbac55ffd616c55711f9693d0a52ae63c6948d23e3f62ae4385b
f1153a7d9e7f877b55f4e32fe45448a1229fdc0ab67ae1bfa09fd77b9c72679a
f30626434597480b05329fde4877a559ff02b81928341be49f6bca75b21ed231
f32de53959fd8081d100f1e31199a913a86804e58d7cd8498124dded214f74d5
f41e049057fde682981f2aaacc101007c7d812a2f9242e85bca29f4b84bb3ebf
f60527825f5eb56b1f7bf9f6ab37c9c865bb6ef2ace55674b4f1cccd4209b670
f7a8ea10aa7f4c6489430c8b5b6a56fe48602447ec0791b45606474e06d0f2c5
f8f7d75d67db3a5a6ab2ac6c1bc96e157be5f5dc898a980f71628bb4e8fdfcf2
f945474f0ee263682e161153f48e2851a6aa12972cec9dda9e8a123e58137ef4
fd4b37401b665299f555320c5f46a1421d791bcbba1b23cba58dba9f01fc6f9a
fed3b54a5c816235ef84dcae8ddfcf00427453a119a4b21ccc3c57207b8e2f2e
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

microsoftportal.net Open in urlscan Pro 46.254.16.156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

181 Requests

86 %HTTPS

32 %IPv6

47 Domains

63 Subdomains

43 IPs

6 Countries

2202 kBTransfer

4463 kBSize

98 Cookies

16 Outgoing links

Redirected requests

181 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

microsoftportal.net Open in urlscan Pro
46.254.16.156 Public Scan

Screenshot
Live screenshot

Full Image

181
Requests

86 %
HTTPS

32 %
IPv6

47
Domains

63
Subdomains

43
IPs

6
Countries

2202 kB
Transfer

4463 kB
Size

98
Cookies

181 HTTP transactions
4 data transactions