urlscan.io logo urlscan.io
SecurityTrails logo

standoff-2.ru.uptodown.com Open in urlscan Pro
104.90.137.209  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://dw4.uptodown.com/dwn/CXd6q8y4o0cyDMe9p3CrEmaUUDoAOhmCcCmPPdOkFxZPuQRjPZWCxskXnycMukcs8LHGwZrq_M1NQaRMwwtzwazqACxO...
Effective URL: https://standoff-2.ru.uptodown.com/android
Submission Tags: falconsandbox
Submission: On February 04 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 5 countries across 19 domains to perform 106 HTTP transactions. The main IP is 104.90.137.209, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is standoff-2.ru.uptodown.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 14th 2021. Valid for: a year.
This is the only time standoff-2.ru.uptodown.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 145.239.67.125 16276 (OVH)
23 104.90.137.209 16625 (AKAMAI-AS)
5 2a00:1450:400... 15169 (GOOGLE)
9 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
14 142.250.184.226 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 4 172.217.16.130 15169 (GOOGLE)
3 5 2.20.85.164 16625 (AKAMAI-AS)
3 4 37.252.172.38 29990 (ASN-APPNEX)
2 142.250.185.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
106 26
1    145.239.67.125 (France)

ASN16276 (OVH, FR)
PTR: dw4.uptodown.com
dw4.uptodown.com
23    104.90.137.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-137-209.deploy.static.akamaitechnologies.com
standoff-2.ru.uptodown.com
img.utdstc.com
stc.utdstc.com
5    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
9    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    2606:4700:20::681a:578 (United States)

ASN13335 (CLOUDFLARENET, US)
ssm.codes
2    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
14    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
9    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com
1    2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
3    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
11    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.fr
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
5    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
cm.g.doubleclick.net
5    2.20.85.164 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-85-164.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
4    37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
Apex Domain
Subdomains		 Transfer
25 googlesyndication.com
579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
135 KB
22 utdstc.com
img.utdstc.com — Cisco Umbrella Rank: 91242
stc.utdstc.com — Cisco Umbrella Rank: 100461
169 KB
14 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274
168 KB
9 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 324
216 KB
9 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 496
167 KB
6 google.com
adservice.google.com — Cisco Umbrella Rank: 80
www.google.com — Cisco Umbrella Rank: 13
2 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
4 KB
5 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 255
73 KB
5 gstatic.com
fonts.gstatic.com
105 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 241
4 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
98 KB
2 uptodown.com
dw4.uptodown.com
standoff-2.ru.uptodown.com
16 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
1 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
38 KB
1 google.fr
www.google.fr — Cisco Umbrella Rank: 12911
501 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 743
373 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8028
792 B
1 ssm.codes
ssm.codes — Cisco Umbrella Rank: 39108
55 KB
106 19
Domain Requested by
13 stc.utdstc.com standoff-2.ru.uptodown.com
12 pagead2.googlesyndication.com securepubads.g.doubleclick.net
standoff-2.ru.uptodown.com
579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
11 tpc.googlesyndication.com securepubads.g.doubleclick.net
579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com
tpc.googlesyndication.com
standoff-2.ru.uptodown.com
s0.2mdn.net
9 cdn.ampproject.org ssm.codes
securepubads.g.doubleclick.net
9 cdn.cookielaw.org standoff-2.ru.uptodown.com
cdn.cookielaw.org
9 img.utdstc.com standoff-2.ru.uptodown.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 s0.2mdn.net standoff-2.ru.uptodown.com
s0.2mdn.net
5 www.google.com 1 redirects 579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com
standoff-2.ru.uptodown.com
tpc.googlesyndication.com
5 securepubads.g.doubleclick.net ssm.codes
securepubads.g.doubleclick.net
standoff-2.ru.uptodown.com
5 fonts.gstatic.com standoff-2.ru.uptodown.com
fonts.googleapis.com
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 googleads4.g.doubleclick.net standoff-2.ru.uptodown.com
2 googleads.g.doubleclick.net 579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com
standoff-2.ru.uptodown.com
2 579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.googletagmanager.com standoff-2.ru.uptodown.com
www.googletagmanager.com
1 fonts.googleapis.com s0.2mdn.net
1 www.googletagservices.com 579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com
1 www.google.fr
1 stats.g.doubleclick.net www.google-analytics.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 ssm.codes standoff-2.ru.uptodown.com
1 standoff-2.ru.uptodown.com
1 dw4.uptodown.com 1 redirects
106 28
Subject Issuer Validity Valid
uptodown.com
DigiCert SHA2 Secure Server CA		 2021-09-14 -
2022-09-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-19 -
2022-06-18		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://standoff-2.ru.uptodown.com/android
Frame ID: BDEA196C41F9A22AA1F5D70862B07767
Requests: 58 HTTP requests in this frame

Frame: https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2E033803FFAF706ECAB7997B722BB084
Requests: 1 HTTP requests in this frame

Frame: https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1A38FEFF6C7A00E1E6A1D016229C0471
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMCe2QEQ1rr1Ahi50Ne3ATAB&v=APEucNXbe05BreLNC2NlWAzwMJQ1omDcQxo0XIU3w1uynTMldZa6i_m4D_N0ntCeVM6s7ffCRSFXLuEK10H0MAlLrIUjisQIqyMoadEFX50AooeI30PuJmssZM7qcAe2vRaDER3FTvNcgKW_cz-0kykl8qo2TzQIJf3V9Hb2kFTxjAud5GHx_0U
Frame ID: B6C51EE654680D16BF61FDC36D454536
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7A09DD3F433617A233F8D64F6FDF8025
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7980405297842551193/index.html
Frame ID: 277E285844B5E438CE33F5733DF13196
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Frame ID: BCE938D8C76DFD7C77339A35C0022C41
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mdqKvlGwTeSXiP4SbDG4fPc0JxjBpG49JTgeDIKrRjQ.js
Frame ID: 3523FEB81292C1189D9BA439CB649650
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3B16CA3CD2077885D7C559B59829BB40
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 514F53C1A2434DF737624F3185AC9660
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Standoff 2 для Android - Скачайте APK с UptodownBack ButtonFilter Button

Page URL History Show full URLs

  1. https://dw4.uptodown.com/dwn/CXd6q8y4o0cyDMe9p3CrEmaUUDoAOhmCcCmPPdOkFxZPuQRjPZWCxskXnycMukcs8LHGwZrq... HTTP 302
    https://standoff-2.ru.uptodown.com/android Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

106
Requests

95 %
HTTPS

73 %
IPv6

19
Domains

28
Subdomains

26
IPs

5
Countries

1266 kB
Transfer

3696 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dw4.uptodown.com/dwn/CXd6q8y4o0cyDMe9p3CrEmaUUDoAOhmCcCmPPdOkFxZPuQRjPZWCxskXnycMukcs8LHGwZrq_M1NQaRMwwtzwazqACxOnPRQeeR9RajbVAdjs41viwL1pMdaV2oyr8Mk/3CsvYjQmyaW1F8OOSIzox0FF19opduUgDqpbzrWzgPZXahD3HPmf8wJ8ANqGDV5LYKcaWdFDHo3sj-xmUYNSL2hI9_b14XVIHqCrhcSEqZQUuTz49lA23GxnrzDNmaak/w6UB54a2EGiKMVi2iJCc7FvMKm5wOOMc0zsSsG1UXiZOP0CnqhVFLjNl4U4ipqJ3YTvTKtUfNzOB8IgRwonTHg==/standoff-2-0-18-1.xapk HTTP 302
    https://standoff-2.ru.uptodown.com/android Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFm51ee_C2LAFW8SKr2yldU&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFm51ee_C2LAFW8SKr2yldU&google_cver=1&C=1
Request Chain 68
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yfz0mm1sXJth4WMQxscL-wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFm51ee_C2LAFW8SKr2yldU&google_cver=1
Request Chain 69
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOe1vs3jMoifKFvVvkanoj8&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOe1vs3jMoifKFvVvkanoj8%26google_cver%3D1
Request Chain 70
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTkzNzUzNzMwNjgxMzM0MjY5MA%3D%3D
Request Chain 89
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

106 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request android
standoff-2.ru.uptodown.com/
Redirect Chain
  • https://dw4.uptodown.com/dwn/CXd6q8y4o0cyDMe9p3CrEmaUUDoAOhmCcCmPPdOkFxZPuQRjPZWCxskXnycMukcs8LHGwZrq_M1NQaRMwwtzwazqACxOnPRQeeR9RajbVAdjs41viwL1pMdaV2oyr8Mk/3CsvYjQmyaW1F8OOSIzox0FF19opduUgDqpbzrW...
  • https://standoff-2.ru.uptodown.com/android
82 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5b746796582387b70386c38493c4d397513adc37eeb780541478b556568d18fa
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

server
nginx
content-type
text/html;charset=UTF-8
strict-transport-security
max-age=16000000; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
content-encoding
gzip
cache-control
private, max-age=60
expires
Fri, 04 Feb 2022 09:41:40 GMT
date
Fri, 04 Feb 2022 09:40:40 GMT
content-length
15588
vary
Accept-Encoding

Redirect headers

server
nginx
date
Fri, 04 Feb 2022 09:40:40 GMT
content-type
text/html; charset=UTF-8
location
https://standoff-2.ru.uptodown.com/android
cache-control
no-cache, must-revalidate, max-age=0
379716f6b0af3b2c4b7fab6e75a4902e9db6dd5a455e388aa63369ead53a3298:200
img.utdstc.com/icon/379/716/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/icon/379/716/379716f6b0af3b2c4b7fab6e75a4902e9db6dd5a455e388aa63369ead53a3298:200
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
a78b1acb597ed68b5a0cff8852f9365b5acc458e134d83b6fda4b8f829d227cd
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 07 Dec 2021 07:18:57 GMT
server
nginx/1.14.2
etag
"61af0ae1-2982"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
private, max-age=6013
date
Fri, 04 Feb 2022 09:40:40 GMT
content-security-policy
default-src 'self'
accept-ranges
bytes
vary
Accept
content-length
10626
x-xss-protection
1; mode=block
expires
Fri, 04 Feb 2022 11:20:53 GMT
BngMUXZYTXPIvIBgJJSb6ufJ5qWr4xCCQ_k.woff2
fonts.gstatic.com/s/robotoslab/v16/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufJ5qWr4xCCQ_k.woff2
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d354a7f5b1102a2b479c16c639657aeea187f93973782775a6048fd2fb23a23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 20:02:47 GMT
x-content-type-options
nosniff
age
221873
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20724
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 18:18:34 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 20:02:47 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 04 Feb 2022 09:40:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
dMq6iJthjOyg56NOUFVpHQ==
age
7262
vary
Accept-Encoding
content-length
6508
x-ms-lease-status
unlocked
last-modified
Thu, 03 Feb 2022 03:33:29 GMT
server
cloudflare
etag
0x8D9E6C5F2678BEA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f241b5e8-501e-00a0-6bc2-181780000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d82f05b0b56ee1b-CDG
expires
Fri, 04 Feb 2022 13:40:40 GMT
uptodown.js
ssm.codes/smart-tag/ 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssm.codes/smart-tag/uptodown.js
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:578 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7b4784983b29e0179ae487533023c376d4e71d91917d88ec0cafa4dd49b6495
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 09:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1843
cf-polished
origSize=205580
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 02 Feb 2022 17:56:33 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UoFoKNPf%2BVc7wP%2B6yaTPVwwC73wka2lL%2FPe30Mih5YsVDDAbcIKGpw%2FLq44v6xKhSRYhutM9ED16GWBwwhbIJlRC0yziVDfz%2Bbw5CR%2FHm%2F%2FNQTfsqIeBjHEb%2BsGiA0%2BmSufV42TRcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600
cf-ray
6d82f05a689d32c2-CDG
cf-bgj
minify
vendor.css
stc.utdstc.com/1643908411468/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stc.utdstc.com/1643908411468/vendor.css
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
8d42b52d0ee5987a43c5763d7e433557ca6ac4c43a23445be5f9769762b8566b
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
etag
W/"61fc0e0f-12e6"
x-cache-status
MISS
content-length
1677
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 03 Feb 2022 17:17:03 GMT
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
date
Fri, 04 Feb 2022 09:40:40 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=15552000, public
content-security-policy
default-src 'self'
expires
Tue, 02 Aug 2022 17:39:29 GMT
detail.css
stc.utdstc.com/1643908411468/ 		39 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stc.utdstc.com/1643908411468/detail.css
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
68ec52c8ed5afc0227465d086630b9929b482909c70a40d0cb6ae45ac760746f
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
etag
W/"61fc0e0f-9ca4"
x-cache-status
MISS
content-length
6429
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 03 Feb 2022 17:17:03 GMT
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
date
Fri, 04 Feb 2022 09:40:40 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=15552000, public
content-security-policy
default-src 'self'
expires
Tue, 02 Aug 2022 17:39:29 GMT
vendor-ru.js
stc.utdstc.com/1643908411468/ 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stc.utdstc.com/1643908411468/vendor-ru.js
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
f804374205f0854ac486f90207fdc4f9f71b1480702ee21f0c70d8eae8a715f2
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
etag
W/"61fc0e0f-12eb1"
x-cache-status
MISS
content-length
25300
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 03 Feb 2022 17:17:03 GMT
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
date
Fri, 04 Feb 2022 09:40:40 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=15552000, public
content-security-policy
default-src 'self'
accept-ranges
bytes
expires
Tue, 02 Aug 2022 17:39:43 GMT
detail-ru.js
stc.utdstc.com/1643908411468/ 		62 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stc.utdstc.com/1643908411468/detail-ru.js
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
227f2598b22ebfef47701ad6ede03a9844d74cdc1b2ae9d5710f7a65338c813e
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
etag
W/"61fc0e0f-f7d0"
x-cache-status
MISS
content-length
13000
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 03 Feb 2022 17:17:03 GMT
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
date
Fri, 04 Feb 2022 09:40:40 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=15552000, public
content-security-policy
default-src 'self'
accept-ranges
bytes
expires
Tue, 02 Aug 2022 17:40:11 GMT
header-btn-menu.svg
stc.utdstc.com/img/ 		329 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stc.utdstc.com/img/header-btn-menu.svg
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
edf9aaeb4b02399681f93612ffecac6f2347009bffd52fb5eab056939c2399aa
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
etag
W/"6183e0e7-149"
x-cache-status
MISS
content-length
190
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 04 Nov 2021 13:32:23 GMT
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
date
Fri, 04 Feb 2022 09:40:40 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=15552000, public
content-security-policy
default-src 'self'
expires
Fri, 13 May 2022 09:05:25 GMT
logo.svg
stc.utdstc.com/img/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stc.utdstc.com/img/logo.svg
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
9d72f0312a1466baa268cc0ded170291c5037335cf124f840e4397dbfa850cc4
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
etag
W/"5f6867d7-fce"
x-cache-status
MISS
content-length
918
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 21 Sep 2020 08:44:07 GMT
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
date
Fri, 04 Feb 2022 09:40:41 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=15552000, public
content-security-policy
default-src 'self'
expires
Sun, 22 May 2022 09:36:49 GMT
header-btn-search.svg
stc.utdstc.com/img/ 		582 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stc.utdstc.com/img/header-btn-search.svg
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
3905e01fb4ee5610d7a1076f1c7794f9e41aa81a8d77d915cabeeaaf4fea3cc7
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
etag
W/"6183e0ff-246"
x-cache-status
MISS
content-length
319
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 04 Nov 2021 13:32:47 GMT
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
date
Fri, 04 Feb 2022 09:40:41 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=15552000, public
content-security-policy
default-src 'self'
expires
Fri, 13 May 2022 09:05:25 GMT
icon-star.svg
stc.utdstc.com/img/ 		506 B
682 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stc.utdstc.com/img/icon-star.svg
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
086082e9c25f074ab48a40655ad9c881dd4f90f10b94b69a3167ad0494932639
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
etag
W/"6184fac6-1fa"
x-cache-status
MISS
content-length
305
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Nov 2021 09:35:02 GMT
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
date
Fri, 04 Feb 2022 09:40:41 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=15552000, public
content-security-policy
default-src 'self'
expires
Sun, 22 May 2022 09:36:49 GMT
icon-comment.svg
stc.utdstc.com/img/ 		209 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stc.utdstc.com/img/icon-comment.svg
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
1392ed173851ca4cc26834f1b2556167e66620fb81c9dcd222af1bd02f390fe8
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
etag
W/"6184fad8-d1"
x-cache-status
MISS
content-length
169
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Nov 2021 09:35:20 GMT
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
date
Fri, 04 Feb 2022 09:40:41 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=15552000, public
content-security-policy
default-src 'self'
expires
Sun, 22 May 2022 09:36:49 GMT
icon-download.svg
stc.utdstc.com/img/ 		541 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stc.utdstc.com/img/icon-download.svg
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
c01524a3a9835d934fc9546e82fb2f72eb70ca3528328b537280f8d4d287a12d
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
etag
W/"6184fae5-21d"
x-cache-status
MISS
content-length
326
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Nov 2021 09:35:33 GMT
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
date
Fri, 04 Feb 2022 09:40:41 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=15552000, public
content-security-policy
default-src 'self'
expires
Sun, 22 May 2022 09:36:49 GMT
icon-shield.svg
stc.utdstc.com/img/ 		638 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stc.utdstc.com/img/icon-shield.svg
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
2c587010af5ec749079fd5a4d6c00d525c66f92da8e877f8ce89a05b4a0d7eeb
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
etag
W/"6184faf3-27e"
x-cache-status
MISS
content-length
365
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Nov 2021 09:35:47 GMT
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
date
Fri, 04 Feb 2022 09:40:41 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=15552000, public
content-security-policy
default-src 'self'
expires
Fri, 13 May 2022 09:05:25 GMT
js
www.googletagmanager.com/gtag/ 		92 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-313498-1
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e85ceeddc50b1322c08edb56e85fe82e922b33f5501a834c863f1f870946bba4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 09:40:41 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36989
x-xss-protection
0
expires
Fri, 04 Feb 2022 09:40:41 GMT
pubads_impl_2022013101.js
securepubads.g.doubleclick.net/gpt/ 		356 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022013101.js
Requested by
Host: ssm.codes
URL: https://ssm.codes/smart-tag/uptodown.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
80e9b90d32a294251cbec3aa3402fbd9c560100a23484d7947fd61e1faf5740e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://standoff-2.ru.uptodown.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 04 Feb 2022 09:13:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1646
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122566
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 09:40:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 04 Feb 2023 09:13:14 GMT
v0.js
cdn.ampproject.org/ 		273 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: ssm.codes
URL: https://ssm.codes/smart-tag/uptodown.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abf66c29b32b2d1ec026140f3cc72b7cfffd86396abbe306b16fdf350e032fad
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71894
x-xss-protection
0
server
sffe
date
Fri, 04 Feb 2022 09:40:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"8bd4bb494fcd9a77"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 04 Feb 2022 09:40:41 GMT
amp-fx-flying-carpet-0.1.js
cdn.ampproject.org/v0/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-fx-flying-carpet-0.1.js
Requested by
Host: ssm.codes
URL: https://ssm.codes/smart-tag/uptodown.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db565c7372c014bb708268e5f741b827d8f083af54fc09b8afb58703a09f463a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2750
x-xss-protection
0
server
sffe
date
Fri, 04 Feb 2022 09:40:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"056bfcf14f69d3c6"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 04 Feb 2022 09:40:41 GMT
amp-ad-0.1.js
cdn.ampproject.org/v0/ 		78 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-ad-0.1.js
Requested by
Host: ssm.codes
URL: https://ssm.codes/smart-tag/uptodown.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d7dd2bd5eaac02dc7527e36be4d53cd2e43cce63d6a3b4cb96efd4b1ead1b6e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21986
x-xss-protection
0
server
sffe
date
Fri, 04 Feb 2022 09:40:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"b56685f33d30428c"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 04 Feb 2022 09:40:41 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/v0/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js
Requested by
Host: ssm.codes
URL: https://ssm.codes/smart-tag/uptodown.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b548551eca0e4d7efc7e9f8aff5a214df175bc78d4f6de5f169e044a7c30ff3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10272
x-xss-protection
0
server
sffe
date
Fri, 04 Feb 2022 09:40:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"3d972da8868fab70"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 04 Feb 2022 09:40:41 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
fonts.gstatic.com/s/robotoslab/v16/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
282da86e1071d060a343341b75391a036a23e28adfc93e879fae9775e45bfd7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://standoff-2.ru.uptodown.com/
Origin
https://standoff-2.ru.uptodown.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 17:46:34 GMT
x-content-type-options
nosniff
age
230047
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32784
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 18:11:38 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 17:46:34 GMT
BngMUXZYTXPIvIBgJJSb6ufJ5qWr4xCCQ_k.woff2
fonts.gstatic.com/s/robotoslab/v16/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufJ5qWr4xCCQ_k.woff2
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d354a7f5b1102a2b479c16c639657aeea187f93973782775a6048fd2fb23a23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://standoff-2.ru.uptodown.com/
Origin
https://standoff-2.ru.uptodown.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 20:02:47 GMT
x-content-type-options
nosniff
age
221874
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20724
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 18:18:34 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 20:02:47 GMT
fe8404ab-f4df-40dd-b535-5d69e11408c8.json
cdn.cookielaw.org/consent/fe8404ab-f4df-40dd-b535-5d69e11408c8/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/fe8404ab-f4df-40dd-b535-5d69e11408c8/fe8404ab-f4df-40dd-b535-5d69e11408c8.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b643d5ebc5e58fba3d24cbf62e8bfd4ab3f47a9f344e5c7059d9691c9395cc70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 04 Feb 2022 09:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-md5
rww2rs18Aetsty0ET9+h2A==
vary
Accept-Encoding
content-length
1884
x-ms-lease-status
unlocked
last-modified
Fri, 17 Dec 2021 07:28:18 GMT
server
cloudflare
etag
0x8D9C12ECC075364
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5f264c7f-f01e-0043-29c7-11f20f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d82f05e6a5e404f-CDG
expires
Fri, 04 Feb 2022 13:40:41 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=standoff-2.ru.uptodown.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022013101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 04 Feb 2022 09:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=standoff-2.ru.uptodown.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022013101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 04 Feb 2022 09:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
menu-android.svg
stc.utdstc.com/img/ 		1 KB
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stc.utdstc.com/img/menu-android.svg
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
612b39042629b8942e046dbe26168e15e1012ccf8d403c1f49abc757dec3fee5
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
etag
W/"6183e121-53f"
x-cache-status
MISS
content-length
529
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 04 Nov 2021 13:33:21 GMT
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
date
Fri, 04 Feb 2022 09:40:41 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=15552000, public
content-security-policy
default-src 'self'
expires
Fri, 13 May 2022 09:05:25 GMT
b0BIcnzp6jU.jpg
img.utdstc.com/videos/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/videos/b0BIcnzp6jU.jpg
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
403527fc33bc524c8d9e39115d0728c9e895fc91c7edf8c8bcf631dd24d99e43
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
server
nginx/1.14.2
date
Fri, 04 Feb 2022 09:40:41 GMT
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
private, max-age=9102229
content-security-policy
default-src 'self'
vary
Accept
content-length
18398
x-xss-protection
1; mode=block
expires
Fri, 20 May 2022 18:04:30 GMT
OlANAXahNDo.jpg
img.utdstc.com/videos/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/videos/OlANAXahNDo.jpg
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
f22e3215bb72d8a8112c9478f01eb6612fa5723ca556c5127e387cba5e7e790e
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
server
nginx/1.14.2
date
Fri, 04 Feb 2022 09:40:41 GMT
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
private, max-age=9102281
content-security-policy
default-src 'self'
vary
Accept
content-length
16560
x-xss-protection
1; mode=block
expires
Fri, 20 May 2022 18:05:22 GMT
97834724d7b7ee0c191c3ce4a0a16e6a322adfd5920cae38bc72587fb1004b13:200
img.utdstc.com/screen/978/347/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/screen/978/347/97834724d7b7ee0c191c3ce4a0a16e6a322adfd5920cae38bc72587fb1004b13:200
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
4d41e5dad5d4f654541feec74f656bad6c842c34204f3567cd2003099ed9196d
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 19 Apr 2021 16:34:56 GMT
server
nginx/1.14.2
etag
"607db130-347e"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
private, max-age=9498
date
Fri, 04 Feb 2022 09:40:41 GMT
content-security-policy
default-src 'self'
accept-ranges
bytes
vary
Accept
content-length
13438
x-xss-protection
1; mode=block
expires
Fri, 04 Feb 2022 12:18:59 GMT
9af0c65c7a3546dfc6ccde4c2e749ea138b48e0e40d7e8b47b651068ce48b497:200
img.utdstc.com/screen/9af/0c6/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/screen/9af/0c6/9af0c65c7a3546dfc6ccde4c2e749ea138b48e0e40d7e8b47b651068ce48b497:200
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
563f57a7401016846d1378cb12e2cfaa3e168d4ffa959ff282edd03d8d9f61b4
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 19 Apr 2021 16:59:17 GMT
server
nginx/1.14.2
etag
"607db6e5-3116"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
private, max-age=20408
date
Fri, 04 Feb 2022 09:40:41 GMT
content-security-policy
default-src 'self'
accept-ranges
bytes
vary
Accept
content-length
12566
x-xss-protection
1; mode=block
expires
Fri, 04 Feb 2022 15:20:49 GMT
9dab23407157cfbb795f9619c7d836083cf49271197ce5e8f461261ec21563a1:200
img.utdstc.com/screen/9da/b23/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/screen/9da/b23/9dab23407157cfbb795f9619c7d836083cf49271197ce5e8f461261ec21563a1:200
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
72a41c55d6666b76cef61cff72cd0bd9bb4bf4d54729d0906db250cf59a506fe
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 19 Apr 2021 16:42:47 GMT
server
nginx/1.14.2
etag
"607db307-3ad4"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
private, max-age=19874
date
Fri, 04 Feb 2022 09:40:41 GMT
content-security-policy
default-src 'self'
accept-ranges
bytes
vary
Accept
content-length
15060
x-xss-protection
1; mode=block
expires
Fri, 04 Feb 2022 15:11:55 GMT
f07ca4a47d2bbf1c60ad7a13264b21d16f3f0df316eb09c515eeb64cb4e97fbf:200
img.utdstc.com/screen/f07/ca4/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/screen/f07/ca4/f07ca4a47d2bbf1c60ad7a13264b21d16f3f0df316eb09c515eeb64cb4e97fbf:200
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
72f29fb214833cd75513830d1659e1d6b917073dacbd13903293cc6ddf6903c7
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 19 Apr 2021 19:43:08 GMT
server
nginx/1.14.2
etag
"607ddd4c-1ebe"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
private, max-age=20381
date
Fri, 04 Feb 2022 09:40:41 GMT
content-security-policy
default-src 'self'
accept-ranges
bytes
vary
Accept
content-length
7870
x-xss-protection
1; mode=block
expires
Fri, 04 Feb 2022 15:20:22 GMT
d10e880026645aff8a0c6b685e5bf123e5a9d4f283d182619746efb4d5a338ce:200
img.utdstc.com/screen/d10/e88/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/screen/d10/e88/d10e880026645aff8a0c6b685e5bf123e5a9d4f283d182619746efb4d5a338ce:200
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
40e070c3a04e9d6920f79672e52f410396fe31bbd3e9f49e74d5950910e3a7ac
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 19 Apr 2021 18:05:54 GMT
server
nginx/1.14.2
etag
"607dc682-2d00"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
private, max-age=324
date
Fri, 04 Feb 2022 09:40:41 GMT
content-security-policy
default-src 'self'
accept-ranges
bytes
vary
Accept
content-length
11520
x-xss-protection
1; mode=block
expires
Fri, 04 Feb 2022 09:46:05 GMT
738fad80694726c17f0294385debc996461b948e47fc5380a88bc8e1d8639dba:200
img.utdstc.com/screen/738/fad/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/screen/738/fad/738fad80694726c17f0294385debc996461b948e47fc5380a88bc8e1d8639dba:200
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
41ddcc983bcfd66a21aebfa85f5a27da8de8d5d5f6287e9108c31c7a1bebc2cd
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 19 Apr 2021 16:10:31 GMT
server
nginx/1.14.2
etag
"607dab77-24f2"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
private, max-age=20422
date
Fri, 04 Feb 2022 09:40:41 GMT
content-security-policy
default-src 'self'
accept-ranges
bytes
vary
Accept
content-length
9458
x-xss-protection
1; mode=block
expires
Fri, 04 Feb 2022 15:21:03 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		439 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=387816944449785&correlator=692783292157359&output=ldjh&impl=fifs&vrg=2022013101&ptt=17&sc=1&sfv=1-0-38&ecs=20220204&iu_parts=78011819%3A64971086%2CSSM_SMART_TAG_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C468x60%7C980x250%7C980x90&fluid=height&cust_params=ssmasdomain%3Dstandoff-2.ru.uptodown.com%26ssmasin%3D1%26ssmashour%3D9&cookie_enabled=1&bc=31&abxe=1&dt=1643967641352&lmt=1643967641&dlt=1643967640610&idt=574&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=336&adks=3118680435&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fstandoff-2.ru.uptodown.com%2Fandroid&vis=1&stss=1&scr_x=0&scr_y=0&psz=970x15&msz=970x0&ga_vid=1397525373.1643967641&ga_sid=1643967641&ga_hid=1420664423&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022013101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
7cdc7dc12837f041409ec827316ec4da02e20c49262b8515382138215c14a562
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 09:40:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
236
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://standoff-2.ru.uptodown.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2E03 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022013101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 04 Feb 2022 09:40:41 GMT
expires
Sat, 04 Feb 2023 09:40:41 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ 		86 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=387816944449785&correlator=692783292157359&output=ldjh&impl=fifs&vrg=2022013101&ptt=17&sc=1&sfv=1-0-38&ecs=20220204&iu_parts=1060150%2CMPU_content_App_Info&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C336x280%7C300x600%7C300x250&fluid=height&cust_params=ssmasdomain%3Dstandoff-2.ru.uptodown.com%26ssmasin%3D1%26ssmashour%3D9&cookie_enabled=1&bc=31&abxe=1&dt=1643967641410&lmt=1643967641&dlt=1643967640610&idt=574&frm=20&biw=1600&bih=1200&oid=2&adxs=334&adys=790&adks=382584501&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fstandoff-2.ru.uptodown.com%2Fandroid&vis=1&stss=1&scr_x=0&scr_y=0&psz=360x0&msz=360x0&ga_vid=1397525373.1643967641&ga_sid=1643967641&ga_hid=1420664423&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022013101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
4de5b686aa7f5b9a48b43904e9cf68f26feb9d0efb7b63cff648fdbb99c6384d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 09:40:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34980
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://standoff-2.ru.uptodown.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		41 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=387816944449785&correlator=692783292157359&output=ldjh&impl=fifs&vrg=2022013101&ptt=17&sc=1&sfv=1-0-38&ecs=20220204&iu_parts=1060150%2CMPU_content_2_App_Info&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C468x60%7C336x280%7C300x250%7C980x250&fluid=height&cust_params=ssmasdomain%3Dstandoff-2.ru.uptodown.com%26ssmasin%3D1%26ssmashour%3D9&cookie_enabled=1&bc=31&abxe=1&dt=1643967641415&lmt=1643967641&dlt=1643967640610&idt=574&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=1492&adks=676377447&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fstandoff-2.ru.uptodown.com%2Fandroid&vis=1&stss=1&scr_x=0&scr_y=0&psz=970x0&msz=970x0&ga_vid=1397525373.1643967641&ga_sid=1643967641&ga_hid=1420664423&ga_fc=false&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022013101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e206f9b821434e92e91f19f0ea93cafb55198e8ad93832b89d65438d337a5058
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 09:40:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10552
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://standoff-2.ru.uptodown.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		163 B
373 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f39a9aae1a3970b1087e2dd27728d22fa2aa750c0743e548ccfcfbf36e72097f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 09:40:41 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d82f05f48013b97-CDG
js
www.googletagmanager.com/gtag/ 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DW5XRK7GYT&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-313498-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5d62fd5d34d6dee6593cb5c481473e61ff347448ee7ccc6fcb9ff6f9ed85d355
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 09:40:41 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62462
x-xss-protection
0
expires
Fri, 04 Feb 2022 09:40:41 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.25.0/ 		318 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe035b6ff2394b9fc9b4dad0acc9050d633269a5efa7cfeac7e6b8fdc12b7065
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 04 Feb 2022 09:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
wv3c0qnkBhaWE//T4i2BGA==
age
193
vary
Accept-Encoding
content-length
77456
x-ms-lease-status
unlocked
last-modified
Fri, 22 Oct 2021 16:52:46 GMT
server
cloudflare
etag
0x8D9957C5F8AA42D
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9ce670a2-d01e-015b-5892-da99cf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d82f05f9aaaee1b-CDG
collect
www.google-analytics.com/g/ 		0
179 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-DW5XRK7GYT&gtm=2oe220&_p=1420664423&sr=1600x1200&ul=en-us&cid=1397525373.1643967641&_s=1&dl=https%3A%2F%2Fstandoff-2.ru.uptodown.com%2Fandroid&dt=Standoff%202%20%D0%B4%D0%BB%D1%8F%20Android%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20APK%20%D1%81%20Uptodown&sid=1643967641&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DW5XRK7GYT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://standoff-2.ru.uptodown.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 04 Feb 2022 09:40:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://standoff-2.ru.uptodown.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-313498-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
347
date
Fri, 04 Feb 2022 09:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 04 Feb 2022 11:34:54 GMT
en.json
cdn.cookielaw.org/consent/fe8404ab-f4df-40dd-b535-5d69e11408c8/94924637-c1e5-4c85-810e-08532d82add4/ 		46 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/fe8404ab-f4df-40dd-b535-5d69e11408c8/94924637-c1e5-4c85-810e-08532d82add4/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
465060aafa2f8175137e65e80292a14b544cf34ccab65ce49fb028a763024404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 04 Feb 2022 09:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-md5
u21ME32j6hYb4S+vChIfLQ==
vary
Accept-Encoding
content-length
10315
x-ms-lease-status
unlocked
last-modified
Fri, 17 Dec 2021 07:28:30 GMT
server
cloudflare
etag
0x8D9C12ED3749894
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a2fde1eb-501e-00a0-7c88-191780000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d82f0603f21404f-CDG
expires
Fri, 04 Feb 2022 13:40:41 GMT
iab2Data.json
cdn.cookielaw.org/vendorlist/ 		275 KB
38 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/vendorlist/iab2Data.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd3a6aa18ddd0015c9680303e4656a9aa0fea2b1f7ea7f061bf07ffcac910ca4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 04 Feb 2022 09:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-md5
U+gpYQDbluzqe7vTwT2C0Q==
vary
Accept-Encoding
content-length
38875
x-ms-lease-status
unlocked
last-modified
Fri, 04 Feb 2022 07:02:07 GMT
server
cloudflare
etag
0x8D9E7AC41DD9E56
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
0de6d742-801e-010c-51ab-197042000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d82f0603f24404f-CDG
otTCF.js
cdn.cookielaw.org/scripttemplates/6.25.0/ 		68 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.25.0/otTCF.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8592cb7471c1b07f3e828af105858e795e1122adfce21be5e6ec43054d5be2fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 04 Feb 2022 09:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
YXJYn5Vw+11yZ/srS1Yf2Q==
age
9365539
vary
Accept-Encoding
content-length
14952
x-ms-lease-status
unlocked
last-modified
Thu, 14 Oct 2021 05:25:47 GMT
server
cloudflare
etag
0x8D98ED3140A205E
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ed3d74df-201e-00e0-046c-c43e6e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d82f0603b75ee1b-CDG
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1420664423&t=pageview&_s=1&dl=https%3A%2F%2Fstandoff-2.ru.uptodown.com%2Fandroid&ul=en-us&de=UTF-8&dt=Standoff%202%20%D0%B4%D0%BB%D1%8F%20Android%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20APK%20%D1%81%20Uptodown&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1659593292&gjid=2011415330&cid=1397525373.1643967641&tid=UA-313498-1&_gid=3876648.1643967642&_r=1&gtm=2ou220&z=925176130
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://standoff-2.ru.uptodown.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Feb 2022 09:40:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://standoff-2.ru.uptodown.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022013101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022013101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
748aa4fcfc1d8197b2d45afe55a29731fae7bdac57af2006ac902b6318d48de7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 04 Feb 2022 09:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9991
x-xss-protection
0
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/6.25.0/assets/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.25.0/assets/otCenterRounded.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b26a37736a1c5a3e268b492a0b89a278c88208bdf6ea88543c0720c0317854c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 04 Feb 2022 09:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-md5
GusGKeZw4BFJM/nj45byyg==
vary
Accept-Encoding
content-length
2584
x-ms-lease-status
unlocked
last-modified
Fri, 22 Oct 2021 16:52:37 GMT
server
cloudflare
etag
0x8D9957C5AAAE362
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
7f09b31e-601e-0009-2db1-17c268000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d82f0616a2c404f-CDG
otPcTab.json
cdn.cookielaw.org/scripttemplates/6.25.0/assets/v2/ 		47 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.25.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4efca4768dedb757f956b51f3620d1521be4e8f065080515489defc83c2de704
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 04 Feb 2022 09:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-md5
HVRygTYMrq20E07mjabR6A==
vary
Accept-Encoding
content-length
11929
x-ms-lease-status
unlocked
last-modified
Fri, 22 Oct 2021 16:52:39 GMT
server
cloudflare
etag
0x8D9957C5B4EFA5E
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
20728c1c-c01e-0122-1034-02f085000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d82f0616a2e404f-CDG
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.25.0/assets/ 		20 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.25.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 04 Feb 2022 09:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-md5
Ye6OeZcNyuFoWog7CYs00A==
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Fri, 22 Oct 2021 16:52:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
fa37d5a2-001e-007f-18b1-1746d4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
6d82f0616a35404f-CDG
collect
stats.g.doubleclick.net/j/ 		4 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-313498-1&cid=1397525373.1643967641&jid=1659593292&gjid=2011415330&_gid=3876648.1643967642&_u=YADAAUAAAAAAAC~&z=401534982
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://standoff-2.ru.uptodown.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 04 Feb 2022 09:40:41 GMT
content-type
text/plain
access-control-allow-origin
https://standoff-2.ru.uptodown.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022013101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 09:40:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 04 Feb 2022 09:40:43 GMT
container.html
579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1A38 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022013101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 04 Feb 2022 09:40:41 GMT
expires
Sat, 04 Feb 2023 09:40:41 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-313498-1&cid=1397525373.1643967641&jid=1659593292&_u=YADAAUAAAAAAAC~&z=515771645
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Feb 2022 09:40:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-313498-1&cid=1397525373.1643967641&jid=1659593292&_u=YADAAUAAAAAAAC~&z=515771645
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Feb 2022 09:40:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B6C5 		624 B
975 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMCe2QEQ1rr1Ahi50Ne3ATAB&v=APEucNXbe05BreLNC2NlWAzwMJQ1omDcQxo0XIU3w1uynTMldZa6i_m4D_N0ntCeVM6s7ffCRSFXLuEK10H0MAlLrIUjisQIqyMoadEFX50AooeI30PuJmssZM7qcAe2vRaDER3FTvNcgKW_cz-0kykl8qo2TzQIJf3V9Hb2kFTxjAud5GHx_0U
Requested by
Host: 579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com
URL: https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 04 Feb 2022 09:40:42 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 04 Feb 2022 09:40:42 GMT
express_html_obb_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 1A38 		119 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_275.js
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a57cecd2bf4d6d3b8498c67487333f6dc9e102371f5e48ffc7fcf18a6e8487e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/
Origin
https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 11:59:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78099
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42555
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Feb 2022 11:59:03 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/elements/html/ Frame 1A38 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 09:17:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1413
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 18 Feb 2022 09:17:09 GMT
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/ Frame 1A38 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/abg_lite_fy2019.js
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
76d507787e9cb8cc91e5cf3f2aae4a816e9466a7164df455e377f47cff68bef3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 09:01:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2364
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7737
x-xss-protection
0
server
cafe
etag
11249816806015362922
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 18 Feb 2022 09:01:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A38 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CIF2okstVz0B365sPxco_3NnTfPvboUBltH84aXDgnhDPflCvezXsV8NDz75l-8tkvwqI116HE2_ThadQX0qmBmj4eRur3sifQ8lezKLiNN1madas
Requested by
Host: 579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com
URL: https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Feb 2022 09:40:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 1A38 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js
Requested by
Host: 579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com
URL: https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 09:35:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
331
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 18 Feb 2022 09:35:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1A38 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com
URL: https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 09:40:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643806174374025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 04 Feb 2022 09:40:42 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 1A38 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com
URL: https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 09:37:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
180
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6204
x-xss-protection
0
server
cafe
etag
12229469669374805284
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 18 Feb 2022 09:37:42 GMT
l
www.google.com/ads/measurement/ Frame 1A38 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSJTqZTLA1DcvVyDMHLzUKVDvFi1U7USH2toj4ALGdQpTKkQgofTVd9gUMEapOzNpn7o6gL3kZNFNtWk3W3D-8088vgBg
Requested by
Host: 579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com
URL: https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1A38 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com
URL: https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 16:37:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Feb 2023 16:37:12 GMT
rum
dsum-sec.casalemedia.com/ Frame B6C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFm51ee_C2LAFW8SKr2yldU&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFm51ee_C2LAFW8SKr2yldU&google_cver=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFm51ee_C2LAFW8SKr2yldU&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMCe2QEQ1rr1Ahi50Ne3ATAB&v=APEucNXbe05BreLNC2NlWAzwMJQ1omDcQxo0XIU3w1uynTMldZa6i_m4D_N0ntCeVM6s7ffCRSFXLuEK10H0MAlLrIUjisQIqyMoadEFX50AooeI30PuJmssZM7qcAe2vRaDER3FTvNcgKW_cz-0kykl8qo2TzQIJf3V9Hb2kFTxjAud5GHx_0U
Protocol
HTTP/1.1
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Feb 2022 09:40:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 04 Feb 2022 09:40:42 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 04 Feb 2022 09:40:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFm51ee_C2LAFW8SKr2yldU&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Fri, 04 Feb 2022 09:40:42 GMT
rum
dsum-sec.casalemedia.com/ Frame B6C5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yfz0mm1sXJth4WMQxscL-wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFm51ee_C2LAFW8SKr2yldU&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFm51ee_C2LAFW8SKr2yldU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMCe2QEQ1rr1Ahi50Ne3ATAB&v=APEucNXbe05BreLNC2NlWAzwMJQ1omDcQxo0XIU3w1uynTMldZa6i_m4D_N0ntCeVM6s7ffCRSFXLuEK10H0MAlLrIUjisQIqyMoadEFX50AooeI30PuJmssZM7qcAe2vRaDER3FTvNcgKW_cz-0kykl8qo2TzQIJf3V9Hb2kFTxjAud5GHx_0U
Protocol
HTTP/1.1
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Feb 2022 09:40:42 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 04 Feb 2022 09:40:42 GMT

Redirect headers

pragma
no-cache
date
Fri, 04 Feb 2022 09:40:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFm51ee_C2LAFW8SKr2yldU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame B6C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOe1vs3jMoifKFvVvkanoj8&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOe1vs3jMoifKFvVvkanoj8%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOe1vs3jMoifKFvVvkanoj8%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMCe2QEQ1rr1Ahi50Ne3ATAB&v=APEucNXbe05BreLNC2NlWAzwMJQ1omDcQxo0XIU3w1uynTMldZa6i_m4D_N0ntCeVM6s7ffCRSFXLuEK10H0MAlLrIUjisQIqyMoadEFX50AooeI30PuJmssZM7qcAe2vRaDER3FTvNcgKW_cz-0kykl8qo2TzQIJf3V9Hb2kFTxjAud5GHx_0U
Protocol
HTTP/1.1
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Feb 2022 09:40:42 GMT
X-Proxy-Origin
37.59.164.101; 37.59.164.101; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
ba0e49d4-e1c6-40ba-9a51-7d8f7a2f3424
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 04 Feb 2022 09:40:42 GMT
X-Proxy-Origin
37.59.164.101; 37.59.164.101; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
861f748a-8b38-4c34-b096-431b5c5ded42
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOe1vs3jMoifKFvVvkanoj8%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B6C5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTkzNzUzNzMwNjgxMzM0MjY5MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTkzNzUzNzMwNjgxMzM0MjY5MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMCe2QEQ1rr1Ahi50Ne3ATAB&v=APEucNXbe05BreLNC2NlWAzwMJQ1omDcQxo0XIU3w1uynTMldZa6i_m4D_N0ntCeVM6s7ffCRSFXLuEK10H0MAlLrIUjisQIqyMoadEFX50AooeI30PuJmssZM7qcAe2vRaDER3FTvNcgKW_cz-0kykl8qo2TzQIJf3V9Hb2kFTxjAud5GHx_0U
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Feb 2022 09:40:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 04 Feb 2022 09:40:42 GMT
X-Proxy-Origin
37.59.164.101; 37.59.164.101; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
cddf42eb-2698-49ab-b46c-430bcdae8593
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTkzNzUzNzMwNjgxMzM0MjY5MA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7A09 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 03 Feb 2022 16:37:12 GMT
expires
Fri, 03 Feb 2023 16:37:12 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
61410
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
s0.2mdn.net/sadbundle/7980405297842551193/ Frame 277E 		18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7980405297842551193/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ac259b4b218cde0311104dae7b304fdbe049e77a0ace99d43869077a05248d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
4637
date
Fri, 04 Feb 2022 08:09:21 GMT
expires
Sat, 04 Feb 2023 08:09:21 GMT
cache-control
public, max-age=31536000
age
5481
last-modified
Thu, 14 Oct 2021 14:00:37 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 1A38 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstGys7FiDuWL33kg5zrdFZExpqVTDZa9DwG1gxh5fW44KXGGddZ1ITnYfR-RJryYjFP4UU-CWQdXfComUpWhsMbabyL9lVhQwgRwRm1gtwB2VWc8iJjQ4TXUCS9I0VAsoE0M4lSCHv70rBaYabxeaWayFTB0SWjHWf6HhNAOfprLdQG4EsXSDqvO_qnAJdR7_NWDJdAPgPQFv7AwhSRMn1EmluilFiCJIsq5qICVREbA74d86_GQUF0BZkk3qH4QVVooojdU0JQWcYAMyeSPN0B1SZqRilt_j1LCC1yjKuzOizFVbfvgj5THgp93fo6m9mtS4o_4AdksVDe-l7mWq0cJGsyTDrhFOWPLORzmCiDU6Z0GyBOMzSMCXx--mRfIwLwrfPrM9wQSJ_Pa5e8AGRPymNy6Au_UKUVWfWKzbgQr6kZVp0c-9Mtxz_uCxNYkhTUJ9I71GnarM79CG7G4LGaoEU0gidcRb2JI_P0kqnkM7N1PuvRwNtyMNIyXZs_YVof1LE74jrtUB8OLmcbeJcGnI2Biqhd07N2zfcB7K3F-AzyQW8SWeT3wKYI1sLCPKVPWcvabpOFCWyn00Hlgzzy0qWixv1Q5WLEuWqYUYyUYZIODvAuPNFPzaXHr9VhMdssKe37GhTkV2_ArFAQzmBPUIJkFm_o0wpErCCd1g15HKfrmyBS-L-u4kQ_qZ0lOEhhP4bXiW4I7yqw3TTnWbHDIl62T2hdVA8JER5lAJH1mwFdiSxIKyFX23x6mHr8odDSoGK5YgUXL7noWMowXznF-p9_IOzmVHqHq4UZPspXTzlXXN-mF0QU5oDLSBcn_qCH9CGH6xF-jQTSB8sxhEtN4Y9DP7qz3Sa6O9rJfjxKhVXAtMx3qkFUxVIrMRW1c4fjCnqYUMQ8CdHTHk1nLHJtYFhUv_mGMxJcZIme5FmvaBOXnpxSxxcLQrkm-K0anoUaEVkdrD4UF4DlJ6zmWwBRHrY4VGSwy7j6NcjOEunnODE2Y-DPoHXOhR6ioP2g5duof3KoSgLP4ii6Ia48eo9Mq0uH0xU1njw6MzyMsG52w7Vw_GDjshr-ntM1kdR1tUUqDSO1fkI3ds8lFjLiKkVbB5XAY8V1wuxQgUMea5gHu7sErRysu5PWJp_9MF3Zy1RmiDUfQYlet3pwA_xYYhz5MrkAd8AFwkSupal465a4lTOdgU8q4ptcUI7PVBO9rTpFBqcAIdHt4omAP1CkljJApfjvxyTpvbr2gzQTdYAjXWDCEIv_c0ikCzdQrElB18MG&sai=AMfl-YS6jaE0zlbTQaiB2kPsoqIQa5DfBaOrVPnbfcqPyi-CbVTq8UqpVFo3FjOghPxmCIU0YrzuLO4Bw9I2GTY0A06FrRDwYG7gmayvvDiQPuLJZJK-FeG1GaqGEQq7MXDSc2RSNPZebtAFoGKYNTK2d8veFbHfcgELS1rm1b-2wsyHwypRcf_4HYlBbNiWZlOTqMfnWufed2MFcm92Rn9nNh1m5YRZNTz28Imec_8BI8Jgd9TqIBFO9-A7ZABLRqDbk0FPxACYskvruJ_41XecO0ZpDxQELuOM4Q9fvyNe1yAMOzf52Zqr7Nwh3MuYT9Us0OKrozeIrA1F4rj0LMR-3O_ZMvbt-PhhHIBVXvbbvXYbBFahrs_EaOrJIbmx0EulYqVzkroLtWZJG9s&sig=Cg0ArKJSzKfHQ1XXMwBqEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=126&cbvp=1&cstd=122&cisv=r20220201.31254&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 04 Feb 2022 09:40:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012201141909000/ Frame BCE9 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022013101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
55764
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61542
x-xss-protection
0
server
sffe
date
Thu, 03 Feb 2022 18:11:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"00d9ef7efeb287da"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 03 Feb 2023 18:11:18 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame BCE9 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022013101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
55764
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5698
x-xss-protection
0
server
sffe
date
Thu, 03 Feb 2022 18:11:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"919adc590e0ff503"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 03 Feb 2023 18:11:18 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame BCE9 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022013101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
55764
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29570
x-xss-protection
0
server
sffe
date
Thu, 03 Feb 2022 18:11:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c52208c2e07002d5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 03 Feb 2023 18:11:18 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame BCE9 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022013101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
55764
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1851
x-xss-protection
0
server
sffe
date
Thu, 03 Feb 2022 18:11:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"76a8c96b6aaec2c9"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 03 Feb 2023 18:11:18 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame BCE9 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022013101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
55764
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13611
x-xss-protection
0
server
sffe
date
Thu, 03 Feb 2022 18:11:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7aefe3fe93cc7383"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 03 Feb 2023 18:11:18 GMT
truncated
/ Frame BCE9 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42ee57e1e00468b21d00cc992d2cab22a6fc75b5acdd571f046f2408858f10d8

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
15208316034865790334
tpc.googlesyndication.com/simgad/ Frame BCE9 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15208316034865790334?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkHVJg-3gM9hVCuMbSXdsKLUVYXPg
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1040ee28682c2941e9cc0682255ec62357d0df02ac9df2ad0dcf7636db0122c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 29 Jan 2022 09:40:09 GMT
x-content-type-options
nosniff
age
518433
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10346
x-xss-protection
0
last-modified
Fri, 06 Aug 2021 13:50:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 29 Jan 2023 09:40:09 GMT
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BCE9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 05:59:37 GMT
x-content-type-options
nosniff
server
cafe
age
13265
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6726277462267614359
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3041
x-xss-protection
0
expires
Sat, 05 Feb 2022 05:59:37 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame BCE9 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 06:46:14 GMT
x-content-type-options
nosniff
server
cafe
age
10468
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 05 Feb 2022 06:46:14 GMT
l
www.google.com/ads/measurement/ Frame BCE9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTSREw-L-VvbQSj6_DGNRxq0yDX3uug-BzwPLoISzeKQNJoV6jCcIL2KnMdShGQhNo1_A-cPq_6VGtj1_W3UOy0jix_Dg
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame BCE9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=COuOWmfT8YfbwMefI7_UP2vK80AfS5-CXaJLV5IitDpbq75GMDhABIIbUzh5g-_n2gogKoAG_-rTSAcgBAqkCoapW1Ag6sz7gAgCoAwHIAwiqBIkCT9DQf0gIinsKc0p3wPcHZRS8ru8HHXmk0nnJPVJL8hD5bIUg7lFCoptzoS--ub5glvzzevdoXx6QH6XWketBw5k7AO_GTZNNc-txMF2S9JFquXb1XMLva9707Ec-MuYSmEf8WB6UHYu4Umjrvy2jEGkoNiL6QJb4NjNe5quKJBO9Wvm5uO1MRJlVFRnMnUyKI9Y7K_p-xmpLrjHLzhbMOGF8rGK65StZli7amfsTUN7J1aRjDlnaBP1ZJrsHHZR-38zy4Bxc_j9HM-5N-J5jXHzu7qA3k3TnH_oGulh_7Qr-vWU6BAmL9dIcEVpNm97n7cTPp_UAwL3G6gaKVFvSYoRl3qs37FuDjcAEpdWXi7wD4AQBkgUECAQYAZIFBAgFGASgBgKAB6mFy60CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQmdAB0ggJCIjhgBAQARgdgAoDyAsB2BMM0BUBmBYBgBcBshceChwIABIUcHViLTE0NDAwMDE0MjY3NjE2MjcY_oYJ&sigh=77xgU6O4JdE&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
DhLxIvxe_zqkAVEA_yTUctP7nok4SIlUAmQRNhxnrsk.js
pagead2.googlesyndication.com/bg/ Frame 7A09 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DhLxIvxe_zqkAVEA_yTUctP7nok4SIlUAmQRNhxnrsk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
0e12f122fc5eff3aa4015100ff24d472d3fb9e8938488954026411361c67aec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 09:02:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
2269
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13595
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Feb 2023 09:02:53 GMT
css
fonts.googleapis.com/ Frame 277E 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:regular,italic,700,700italic&cb=1633951844
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7980405297842551193/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6823285eb46b5b3f5c60cedb96d66a4d18bdc335096705d9f9c72aa681ddab5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 07:44:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 04 Feb 2022 09:40:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 04 Feb 2022 09:40:42 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 277E 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7980405297842551193/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7980405297842551193/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 09:40:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 04 Feb 2022 09:40:42 GMT
truncated
/ Frame 1A38 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac3e3ea4d8be14873b094472b0437371332ab463a5f4a9082cccaacca84736ab

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame BCE9
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H3
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date
Fri, 04 Feb 2022 09:40:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
6acebfc5f53bdb670276de42add67c41.svg
s0.2mdn.net/sadbundle/7980405297842551193/ Frame 277E 		498 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7980405297842551193/6acebfc5f53bdb670276de42add67c41.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7980405297842551193/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e66c223922d55c35f245634281605b918b058e6a1ab60da6e69c6dc8702fbd12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7980405297842551193/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 09:15:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1520
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
267
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 14:00:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Feb 2023 09:15:22 GMT
0cb37c99c9696b91e02ca1c1f65fdb81.png
s0.2mdn.net/sadbundle/7980405297842551193/ Frame 277E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7980405297842551193/0cb37c99c9696b91e02ca1c1f65fdb81.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7980405297842551193/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71a091030e19c84d02b70bcf3893107af4d36a41b5b20797ea9bc4a886e3a998
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7980405297842551193/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 08:09:22 GMT
x-content-type-options
nosniff
age
5480
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3171
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 14:00:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Feb 2023 08:09:22 GMT
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v25/ Frame 277E 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v25/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:regular,italic,700,700italic&cb=1633951844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f3dd8063edfcdb39f4a2163e59dbc73e16a688c59979a4103948fcbf060f385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 19:31:29 GMT
x-content-type-options
nosniff
age
137353
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16168
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:56:49 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 02 Feb 2023 19:31:29 GMT
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v25/ Frame 277E 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v25/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:regular,italic,700,700italic&cb=1633951844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa5d2912bec294d33c9dc4be4a00a9a5f4ac993049a935f4535ae687e3b08d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 19:31:29 GMT
x-content-type-options
nosniff
age
137353
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16088
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:56:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 02 Feb 2023 19:31:29 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1A38 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstGys7FiDuWL33kg5zrdFZExpqVTDZa9DwG1gxh5fW44KXGGddZ1ITnYfR-RJryYjFP4UU-CWQdXfComUpWhsMbabyL9lVhQwgRwRm1gtwB2VWc8iJjQ4TXUCS9I0VAsoE0M4lSCHv70rBaYabxeaWayFTB0SWjHWf6HhNAOfprLdQG4EsXSDqvO_qnAJdR7_NWDJdAPgPQFv7AwhSRMn1EmluilFiCJIsq5qICVREbA74d86_GQUF0BZkk3qH4QVVooojdU0JQWcYAMyeSPN0B1SZqRilt_j1LCC1yjKuzOizFVbfvgj5THgp93fo6m9mtS4o_4AdksVDe-l7mWq0cJGsyTDrhFOWPLORzmCiDU6Z0GyBOMzSMCXx--mRfIwLwrfPrM9wQSJ_Pa5e8AGRPymNy6Au_UKUVWfWKzbgQr6kZVp0c-9Mtxz_uCxNYkhTUJ9I71GnarM79CG7G4LGaoEU0gidcRb2JI_P0kqnkM7N1PuvRwNtyMNIyXZs_YVof1LE74jrtUB8OLmcbeJcGnI2Biqhd07N2zfcB7K3F-AzyQW8SWeT3wKYI1sLCPKVPWcvabpOFCWyn00Hlgzzy0qWixv1Q5WLEuWqYUYyUYZIODvAuPNFPzaXHr9VhMdssKe37GhTkV2_ArFAQzmBPUIJkFm_o0wpErCCd1g15HKfrmyBS-L-u4kQ_qZ0lOEhhP4bXiW4I7yqw3TTnWbHDIl62T2hdVA8JER5lAJH1mwFdiSxIKyFX23x6mHr8odDSoGK5YgUXL7noWMowXznF-p9_IOzmVHqHq4UZPspXTzlXXN-mF0QU5oDLSBcn_qCH9CGH6xF-jQTSB8sxhEtN4Y9DP7qz3Sa6O9rJfjxKhVXAtMx3qkFUxVIrMRW1c4fjCnqYUMQ8CdHTHk1nLHJtYFhUv_mGMxJcZIme5FmvaBOXnpxSxxcLQrkm-K0anoUaEVkdrD4UF4DlJ6zmWwBRHrY4VGSwy7j6NcjOEunnODE2Y-DPoHXOhR6ioP2g5duof3KoSgLP4ii6Ia48eo9Mq0uH0xU1njw6MzyMsG52w7Vw_GDjshr-ntM1kdR1tUUqDSO1fkI3ds8lFjLiKkVbB5XAY8V1wuxQgUMea5gHu7sErRysu5PWJp_9MF3Zy1RmiDUfQYlet3pwA_xYYhz5MrkAd8AFwkSupal465a4lTOdgU8q4ptcUI7PVBO9rTpFBqcAIdHt4omAP1CkljJApfjvxyTpvbr2gzQTdYAjXWDCEIv_c0ikCzdQrElB18MG&sai=AMfl-YS6jaE0zlbTQaiB2kPsoqIQa5DfBaOrVPnbfcqPyi-CbVTq8UqpVFo3FjOghPxmCIU0YrzuLO4Bw9I2GTY0A06FrRDwYG7gmayvvDiQPuLJZJK-FeG1GaqGEQq7MXDSc2RSNPZebtAFoGKYNTK2d8veFbHfcgELS1rm1b-2wsyHwypRcf_4HYlBbNiWZlOTqMfnWufed2MFcm92Rn9nNh1m5YRZNTz28Imec_8BI8Jgd9TqIBFO9-A7ZABLRqDbk0FPxACYskvruJ_41XecO0ZpDxQELuOM4Q9fvyNe1yAMOzf52Zqr7Nwh3MuYT9Us0OKrozeIrA1F4rj0LMR-3O_ZMvbt-PhhHIBVXvbbvXYbBFahrs_EaOrJIbmx0EulYqVzkroLtWZJG9s&sig=Cg0ArKJSzKfHQ1XXMwBqEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=415&vt=11&dtpt=289&dett=3&cstd=122&cisv=r20220201.31254&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Fri, 04 Feb 2022 09:40:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A09 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzBo5mfT8YYmXHM2Q9u8Pi-O2kAIAAAAAOAHgBAI&bg=!z8ylzIjNAAYZkRhwGZE7ACkAdvg8WmHhTvbcdZPn2ou7dCjNRTw-S0IDKB1AJTTAaZAkIMYBbUspuAIAAADqUgAAAANoAQeZAxtiVqZjZ1-ehKN04kDbYkoqB0jYCyw5COU649f3-_8dhL18PYSnoNrJ2A9FfG57jZMG99eJqKzklttGYBJoLLmOkXyndKjYWWiKKXbmuBbM3EawdKv6JCEBcMMFf3ebBIXUNhPXYOyZDr9copbTgTs_AcxSWzKQpVTAqThmFJsWMhOShbTQmZRpDvl8VL1l4xE86rAov96B54-tJROp7ThXl6iPBvmbzykFXkeSkqtLvUE5U1H8Luqv1SxWv7xmAQAZuoWSZvYLDsK-yZbb2QMcO6TYq6IfAAIBpdOmoCv5wL70GaT1zcsmQHO8WP4LSCRGmGipSx0U2bXQpkxFj1yj56X3TDSurRAESj977tksyKJQXUKoy8J-Syt9XsTHA790DYB-zV7Gn04BEL0ZL4qOnKHpiIJwNyVnvoQY_DFaAs41BYEoGzfaM7Aa9VISiI_YYLmZnCTzbgrzt4D9WDuyrfKLK_OX7InkqQzEB2liGic5DGnycI5Acaneq7MxQi_MtTkTAnNlvWhGW_h-3d4TqNfNTAzA_AJUg8BDoYGM1KEhJKaNkZpFeowwI_7x4oAtpGskXWNd8tR7aZI-wfZqxy3NJaKpJaH6XznM7kAwkXcx8Gd0P3-rwqSoWzvBNXpzy_oaeMZccrSckUcT8NZS2_Amr8rHOOxqALIabrqWg2xo7D-UgQZF-DVai_4XL8H0aj25n2ubzAgGo6q62WLXvqMiq_OdR7Xl4YsoIpTT4LQAB9hvfooqcJn-SZ4h3252NS53aU1ZFyJ0s4sho7cOmJ2qwJm_xXXQCSF2-p2Pv8WztWeMeu_Ko-idStWLXYZRlDbS9zLPUR5hJbNJCv_ReGEAGOnKQlRAKs_EJwRIti3JIQdOV0Vlk9mNs7SNS53Y-zyWpnGhc3_Ap8X5OECqb2Wh2BR174ESd4KiE_gJs6kwo8dP23XMyiZAwKWSsfSAQGPNivitUL_2GI8aQtCUswK-6Kx6cDh3uqexD1qhKmbCkrUBcN4apR1UXTuPtarKnuMbj-e9GgSmtUO-hFVz5AgPjnEMOUkEobk
Requested by
Host: 579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com
URL: https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Feb 2022 09:40:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1A38 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04727731faf8f6a41ed91244b544a993e92c683579e031bcee210e88c53326c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 04 Feb 2022 09:40:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5578
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1A38 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 09:40:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 04 Feb 2022 09:40:43 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1A38 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstW8Fj3L1vn24yYKFaOjsVg-3y43x82ahYUn0YCjdgWyc_FHd4JwTPK1fFj3c4ISiVe9nzszl_nDG1y4PsJUDgtuaQbt2VarB3EZ1wIu8T504sXAw7JlA&sai=AMfl-YQYoC2TiaQlBlfaCZlAaXHhy8OljfwEpTJkvvxpudrLqxzaysbkNi-_x2dO5IcYj0vGfctfWU8H6ygneOJBFTummSgn7hdrm6LoUT7HG8CwheJKjzxSl48ADq2EGj4&sig=Cg0ArKJSzCkyEY9afFLyEAE&cid=CAASFeRoyHB0FH3FnDgN29RVg4FX5Gt98Q&id=lidar2&mcvt=1002&p=790,352,1390,652&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&v=20220202&bin=7&avms=nio&bs=0,0&mc=0.68&if=1&app=0&itpl=20&adk=382584501&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643967641892&rpt=388&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Feb 2022 09:40:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mdqKvlGwTeSXiP4SbDG4fPc0JxjBpG49JTgeDIKrRjQ.js
pagead2.googlesyndication.com/bg/ Frame 3523 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mdqKvlGwTeSXiP4SbDG4fPc0JxjBpG49JTgeDIKrRjQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
99da8abe51b04de49788fe126c31b87cf7342718c1a46e3d25381e0c82ab4634
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 09:39:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
82
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13677
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Feb 2023 09:39:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3B16 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 04 Feb 2022 09:19:43 GMT
expires
Sat, 04 Feb 2023 09:19:43 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
1260
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 514F 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d48c68edb7d083a11cb17a46d1013ec74ac485a248fd814ccf0318ea43730eba
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-R9gLGyu5Wx//rndl6prQlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 04 Feb 2022 09:40:43 GMT
date
Fri, 04 Feb 2022 09:40:43 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-R9gLGyu5Wx//rndl6prQlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 514F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022013101&jk=387816944449785&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
mdqKvlGwTeSXiP4SbDG4fPc0JxjBpG49JTgeDIKrRjQ.js
pagead2.googlesyndication.com/bg/ Frame 3B16 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mdqKvlGwTeSXiP4SbDG4fPc0JxjBpG49JTgeDIKrRjQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
99da8abe51b04de49788fe126c31b87cf7342718c1a46e3d25381e0c82ab4634
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 09:39:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
83
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13677
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Feb 2023 09:39:21 GMT
menu-close.svg
stc.utdstc.com/img/ 		273 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stc.utdstc.com/img/menu-close.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
d2c93a24a13c1c829e2d49cccc6d5fbee92ef5b9cad4be4d8a5cb974d4b3b4bf
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
etag
W/"6183e4c3-111"
x-cache-status
MISS
content-length
201
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 04 Nov 2021 13:48:51 GMT
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
date
Fri, 04 Feb 2022 09:40:44 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=15552000, public
content-security-policy
default-src 'self'
expires
Fri, 13 May 2022 09:05:25 GMT
generate_204
tpc.googlesyndication.com/ Frame 3B16 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?5KkKlQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 09:40:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022013101&jk=387816944449785&bg=!-_il-LzNAAYZkRhwGZE7ACkAdvg8WiENFTddAbdanq0PNfw9x8W2L7KLOHQjLNurcsb2jxDVD0LFLAIAAABxUgAAAAloAQeZAs33UqrRFq5-RB_qvv-hIacNnz-cI2Acy6RU1FxtzzB9GTHxyq_18PXZQYVTlKo_OadNqW8XQr0KzPQ7bsfZepi1Q24fKG0frqmycSdQj3ksOQFkG6U99XcPvX9EQlexxPabpyKSZPDXER6dE_x3Bmw8GPBP8uSv35JccM5-6EASD7vuuujodWrf2SSxWlbFdYKhTSothlC8NHzRxq0V8b0iaOOrTpy4_an5bKaoCf5cVt2C0dkuRAdoTPpWy-upU4vPwSmk6gtLlrpxiNxhSrDLkkB4g4VcH9OmUfH_doZuG8aY5MAmEJB2cUZCeVwepclRfImTLRkzwTbIsGoIYeUqvHIPjT_2B3XhQidzNY4ktIbYSKV2NcoZ79yRnuJd5z9hlnwARiUvTwPFaCfyTJIDJOHIB9ObomU9q36yxu8FlCbwfgHCK7brCnAIgq1dcSSI14ZkbG1TUuCws-XxKND8EcKACngULEcZkgeuZjh166lOxOlIl-qU-MA51_1HEMCRMG8kEkeU8p0KZQO2-1wK0HzG7rMOnHG0y_JzCXl31KPqllv1Z2jNHO5q9vBDdmt5xXdOBysUki78QtAWAGBGY_C9O6Wsu2w4xC-MHhZXS8m5eathu3JoYCpuzDeTWkukduPeJ6LV34Of0Si3S-_b_DvZp-q2VCBycwWCsgFgGBEI2Vb9RYym9QmX38pPKcTUSWFsDEVjgEa-GXNTKjCeHgdQbH0XX_3liyscjbMU1fKbH5PTwqtqRQIBxg-8IVA3L6ycWEIK05wZq4ZuA1W_k48_1FwddTJo8p6tVitXynCNHShLTmp9M0VmoAoo5yMpTcPH7yWo4RLlb0yUMelvdf_XX1Na5dQOUYG-0pkZjFZRZ9kTTnYOO0Fk_au6jGHXNG_R_J4XxTyXvPBo_Ozn01sDUGOOcKC1iRbB2KzRNDqlMpPfG93SpFykcFE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Feb 2022 09:40:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| OptanonWrapper object| ssm_config object| googletag object| ggeac object| google_js_reporting_queue object| regeneratorRuntime function| setImmediate function| clearImmediate function| track function| showRtbAds boolean| smartTagLoaded object| ssmSmartTag undefined| google_measure_js_timing function| gtag object| dataLayer object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| webpackJsonp object| lazySizes object| adlazy object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| jsonFeed object| google_tag_manager object| AMP function| __tcfapi object| otStubData object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| otTCF object| otIabModule object| gaplugins object| gaData object| Optanon object| OneTrust object| GoogleGcLKhOms object| ampInaboxIframes object| ampInaboxPendingMessages object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests

17 Cookies

Domain/Path Name / Value
.standoff-2.ru.uptodown.com/ Name: utd_red_lang
Value: ru
.standoff-2.ru.uptodown.com/ Name: utd_red_platform
Value: android
.uptodown.com/ Name: _ga_DW5XRK7GYT
Value: GS1.1.1643967641.1.0.1643967641.0
.uptodown.com/ Name: _ga
Value: GA1.2.1397525373.1643967641
.uptodown.com/ Name: _gid
Value: GA1.2.3876648.1643967642
.uptodown.com/ Name: _gat_gtag_UA_313498_1
Value: 1
.uptodown.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Fri+Feb+04+2022+09%3A40%3A41+GMT%2B0000+(GMT)&version=6.25.0&hosts=&landingPath=https%3A%2F%2Fstandoff-2.ru.uptodown.com%2Fandroid&groups=STACK42%3A0
.doubleclick.net/ Name: IDE
Value: AHWqTUkUW0_w7Tl_dnstStjPwDvtqZufPpjps33KdomkqX4P6mh9Mcwok5yjSREv
.uptodown.com/ Name: __gads
Value: ID=94bea2da04329fa2-223bca5135cd00df:T=1643967641:S=ALNI_MYTHdXRFY1gGaMISRy326vNMtlV_w
.adnxs.com/ Name: uuid2
Value: 6205782582093129742
.casalemedia.com/ Name: CMPS
Value: 1212
.casalemedia.com/ Name: CMID
Value: Yfz0mm1sXJth4WMQxscL-wAA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVLij!<x!]tbPl1M>e)ZlrFUfJ+tGXxom[fX(<IP*RqEy%58AbjlQDYAQPOyxiZXHV>j*bpRz*qF1`*b`uD*Ng$5
.casalemedia.com/ Name: CMPRO
Value: 1107
.casalemedia.com/ Name: CMST
Value: Yfz0mmH89JoA
.casalemedia.com/ Name: CMRUM3
Value: 2d61fcf49a2760CAESEFm51ee_C2LAFW8SKr2yldU
.doubleclick.net/ Name: DSID
Value: NO_DATA

8 Console Messages

Source Level URL
Text
javascript warning URL: https://ssm.codes/smart-tag/uptodown.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022013101.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ssm.codes/smart-tag/uptodown.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022013101.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://standoff-2.ru.uptodown.com/android
Message:
A preload for 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufJ5qWr4xCCQ_k.woff2' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://standoff-2.ru.uptodown.com/android
Message:
A preload for 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufJ5qWr4xCCQ_k.woff2' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://standoff-2.ru.uptodown.com/android
Message:
A preload for 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufJ5qWr4xCCQ_k.woff2' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://s0.2mdn.net/sadbundle/7980405297842551193/index.html
Message:
<link rel=preload> has an invalid `href` value
other warning URL: https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs
Message:
Unrecognized feature: 'attribution-reporting'.
javascript warning URL: https://standoff-2.ru.uptodown.com/android
Message:
The resource https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufJ5qWr4xCCQ_k.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

579e3ab641f56546f9148ad53630b009.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
cdn.ampproject.org
cdn.cookielaw.org
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dw4.uptodown.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
img.utdstc.com
pagead2.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssm.codes
standoff-2.ru.uptodown.com
stats.g.doubleclick.net
stc.utdstc.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.fr
www.googletagmanager.com
www.googletagservices.com
104.90.137.209
142.250.184.226
142.250.185.98
145.239.67.125
172.217.16.130
2.20.85.164
2606:4700:10::6814:b944
2606:4700:20::681a:578
2606:4700::6810:9540
2a00:1450:4001:801::2002
2a00:1450:4001:803::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2008
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2006
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200e
2a00:1450:400c:c06::9a
37.252.172.38
04727731faf8f6a41ed91244b544a993e92c683579e031bcee210e88c53326c2
086082e9c25f074ab48a40655ad9c881dd4f90f10b94b69a3167ad0494932639
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e12f122fc5eff3aa4015100ff24d472d3fb9e8938488954026411361c67aec9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1392ed173851ca4cc26834f1b2556167e66620fb81c9dcd222af1bd02f390fe8
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1f3dd8063edfcdb39f4a2163e59dbc73e16a688c59979a4103948fcbf060f385
227f2598b22ebfef47701ad6ede03a9844d74cdc1b2ae9d5710f7a65338c813e
282da86e1071d060a343341b75391a036a23e28adfc93e879fae9775e45bfd7d
2c587010af5ec749079fd5a4d6c00d525c66f92da8e877f8ce89a05b4a0d7eeb
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2d354a7f5b1102a2b479c16c639657aeea187f93973782775a6048fd2fb23a23
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
3905e01fb4ee5610d7a1076f1c7794f9e41aa81a8d77d915cabeeaaf4fea3cc7
3d7dd2bd5eaac02dc7527e36be4d53cd2e43cce63d6a3b4cb96efd4b1ead1b6e
403527fc33bc524c8d9e39115d0728c9e895fc91c7edf8c8bcf631dd24d99e43
40e070c3a04e9d6920f79672e52f410396fe31bbd3e9f49e74d5950910e3a7ac
41ddcc983bcfd66a21aebfa85f5a27da8de8d5d5f6287e9108c31c7a1bebc2cd
42ee57e1e00468b21d00cc992d2cab22a6fc75b5acdd571f046f2408858f10d8
465060aafa2f8175137e65e80292a14b544cf34ccab65ce49fb028a763024404
4ac259b4b218cde0311104dae7b304fdbe049e77a0ace99d43869077a05248d8
4b548551eca0e4d7efc7e9f8aff5a214df175bc78d4f6de5f169e044a7c30ff3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c
4d41e5dad5d4f654541feec74f656bad6c842c34204f3567cd2003099ed9196d
4de5b686aa7f5b9a48b43904e9cf68f26feb9d0efb7b63cff648fdbb99c6384d
4efca4768dedb757f956b51f3620d1521be4e8f065080515489defc83c2de704
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563f57a7401016846d1378cb12e2cfaa3e168d4ffa959ff282edd03d8d9f61b4
5a57cecd2bf4d6d3b8498c67487333f6dc9e102371f5e48ffc7fcf18a6e8487e
5b746796582387b70386c38493c4d397513adc37eeb780541478b556568d18fa
5d62fd5d34d6dee6593cb5c481473e61ff347448ee7ccc6fcb9ff6f9ed85d355
612b39042629b8942e046dbe26168e15e1012ccf8d403c1f49abc757dec3fee5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6823285eb46b5b3f5c60cedb96d66a4d18bdc335096705d9f9c72aa681ddab5a
68ec52c8ed5afc0227465d086630b9929b482909c70a40d0cb6ae45ac760746f
71a091030e19c84d02b70bcf3893107af4d36a41b5b20797ea9bc4a886e3a998
72a41c55d6666b76cef61cff72cd0bd9bb4bf4d54729d0906db250cf59a506fe
72f29fb214833cd75513830d1659e1d6b917073dacbd13903293cc6ddf6903c7
748aa4fcfc1d8197b2d45afe55a29731fae7bdac57af2006ac902b6318d48de7
76d507787e9cb8cc91e5cf3f2aae4a816e9466a7164df455e377f47cff68bef3
7cdc7dc12837f041409ec827316ec4da02e20c49262b8515382138215c14a562
80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d
80e9b90d32a294251cbec3aa3402fbd9c560100a23484d7947fd61e1faf5740e
8592cb7471c1b07f3e828af105858e795e1122adfce21be5e6ec43054d5be2fa
8d42b52d0ee5987a43c5763d7e433557ca6ac4c43a23445be5f9769762b8566b
99da8abe51b04de49788fe126c31b87cf7342718c1a46e3d25381e0c82ab4634
9d72f0312a1466baa268cc0ded170291c5037335cf124f840e4397dbfa850cc4
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1040ee28682c2941e9cc0682255ec62357d0df02ac9df2ad0dcf7636db0122c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a78b1acb597ed68b5a0cff8852f9365b5acc458e134d83b6fda4b8f829d227cd
a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa
abf66c29b32b2d1ec026140f3cc72b7cfffd86396abbe306b16fdf350e032fad
ac3e3ea4d8be14873b094472b0437371332ab463a5f4a9082cccaacca84736ab
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b26a37736a1c5a3e268b492a0b89a278c88208bdf6ea88543c0720c0317854c8
b643d5ebc5e58fba3d24cbf62e8bfd4ab3f47a9f344e5c7059d9691c9395cc70
c01524a3a9835d934fc9546e82fb2f72eb70ca3528328b537280f8d4d287a12d
cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250
cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864
d2c93a24a13c1c829e2d49cccc6d5fbee92ef5b9cad4be4d8a5cb974d4b3b4bf
d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc
d48c68edb7d083a11cb17a46d1013ec74ac485a248fd814ccf0318ea43730eba
d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740
db565c7372c014bb708268e5f741b827d8f083af54fc09b8afb58703a09f463a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e206f9b821434e92e91f19f0ea93cafb55198e8ad93832b89d65438d337a5058
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66c223922d55c35f245634281605b918b058e6a1ab60da6e69c6dc8702fbd12
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e85ceeddc50b1322c08edb56e85fe82e922b33f5501a834c863f1f870946bba4
ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d
edf9aaeb4b02399681f93612ffecac6f2347009bffd52fb5eab056939c2399aa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22e3215bb72d8a8112c9478f01eb6612fa5723ca556c5127e387cba5e7e790e
f39a9aae1a3970b1087e2dd27728d22fa2aa750c0743e548ccfcfbf36e72097f
f7b4784983b29e0179ae487533023c376d4e71d91917d88ec0cafa4dd49b6495
f804374205f0854ac486f90207fdc4f9f71b1480702ee21f0c70d8eae8a715f2
fa5d2912bec294d33c9dc4be4a00a9a5f4ac993049a935f4535ae687e3b08d0b
fd3a6aa18ddd0015c9680303e4656a9aa0fea2b1f7ea7f061bf07ffcac910ca4
fe035b6ff2394b9fc9b4dad0acc9050d633269a5efa7cfeac7e6b8fdc12b7065
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6