vcruntime140-dll.ru Open in urlscan Pro
81.200.116.208 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://vcruntime140-dll.ru/
Effective URL:
https://vcruntime140-dll.ru/
Submission: On December 19 via api (December 19th 2023, 4:59:57 pm UTC) from US — Scanned from DE

Summary HTTP 149 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 25 IPs in 7 countries across 26 domains to perform 149 HTTP transactions. The main IP is 81.200.116.208, located in St Petersburg, Russian Federation and belongs to BEGET-AS, RU. The main domain is vcruntime140-dll.ru.
TLS certificate: Issued by R3 on October 24th 2023. Valid for: 3 months.

This is the only time vcruntime140-dll.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 31	81.200.116.208 81.200.116.208	198610 (BEGET-AS) (BEGET-AS)
24	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
1	2600:9000:225... 2600:9000:225e:1600:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	87.236.16.218 87.236.16.218	198610 (BEGET-AS) (BEGET-AS)
7	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
5 11	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
4 12	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 11	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:b72b:cd0:cea1:c93f	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1 2	23.32.185.35 23.32.185.35	16625 (AKAMAI-AS) (AKAMAI-AS)
6	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	18.192.242.138 18.192.242.138	16509 (AMAZON-02) (AMAZON-02)
4 4	37.157.3.26 37.157.3.26	198622 (ADFORM) (ADFORM)
149	25

31 81.200.116.208 (St Petersburg, Russian Federation) 1 redirects

ASN198610 (BEGET-AS, RU)

vcruntime140-dll.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:1600:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.236.16.218 (St Petersburg, Russian Federation)

ASN198610 (BEGET-AS, RU)
PTR: ssl.atom4.beget.com

it-tehnik.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.184.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:b72b:cd0:cea1:c93f (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (Hessen, Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.185.35 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.192.242.138 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-242-138.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.3.26 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	387 KB
31	vcruntime140-dll.ru 1 redirects vcruntime140-dll.ru	352 KB
24	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 248 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	138 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com	331 KB
8	yandex.com 4 redirects mc.yandex.com — Cisco Umbrella Rank: 8902	4 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 jnn-pa.googleapis.com — Cisco Umbrella Rank: 203	44 KB
7	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	969 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 560	3 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	816 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	193 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4182	57 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1299	453 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 749	796 B
2	yastatic.net yastatic.net — Cisco Umbrella Rank: 7053	41 KB
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	146 B
1	ctnsnet.com 1 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 4999	613 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	543 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 714	388 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	363 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	716 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1618	173 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	717 B
1	it-tehnik.ru it-tehnik.ru	5 KB
1	optad360.io get.optad360.io — Cisco Umbrella Rank: 39286	368 B
149	26

	Domain	Requested by
31	vcruntime140-dll.ru	1 redirects vcruntime140-dll.ru
24	pagead2.googlesyndication.com	vcruntime140-dll.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
18	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com www.youtube.com googleads.g.doubleclick.net
11	cm.g.doubleclick.net	1 redirects vcruntime140-dll.ru googleads.g.doubleclick.net
10	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
8	mc.yandex.com	4 redirects vcruntime140-dll.ru mc.yandex.ru
7	www.youtube.com	vcruntime140-dll.ru www.youtube.com
6	www.googleadservices.com	vcruntime140-dll.ru googleads.g.doubleclick.net
5	www.gstatic.com	googleads.g.doubleclick.net
4	c1.adform.net	4 redirects
4	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	jnn-pa.googleapis.com	www.youtube.com
4	fonts.googleapis.com	vcruntime140-dll.ru googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	mc.yandex.ru	1 redirects vcruntime140-dll.ru
2	sync.teads.tv	1 redirects vcruntime140-dll.ru
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	yastatic.net	vcruntime140-dll.ru
1	x.bidswitch.net	googleads.g.doubleclick.net
1	ipac.ctnsnet.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	onetag-sys.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	static.doubleclick.net	www.youtube.com
1	it-tehnik.ru	vcruntime140-dll.ru
1	get.optad360.io	vcruntime140-dll.ru
149	32

This site contains links to these domains. Also see Links.

Domain
it-tehnik.ru
www.microsoft.com
vk.com
connect.ok.ru
connect.mail.ru
twitter.com

Subject Issuer	Validity	Valid
vcruntime140-dll.ru R3	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-12-13` - `2024-06-11`	6 months	crt.sh
*.optad360.io Amazon RSA 2048 M02	`2023-09-17` - `2024-10-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
it-tehnik.ru R3	`2023-11-22` - `2024-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://vcruntime140-dll.ru/
Frame ID: EC79E2B5AFF4B07DC778D19A895505A5
Requests: 74 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Fw3_8sFZ5Pk
Frame ID: FF77834D9B18859AFA04BDCC7F79E710
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 5841E71102DD7068E1DA52CC39F942F5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&adk=1812271804&adf=3025194257&lmt=1618315212&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x540_r&format=0x0&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192240&bpp=6&bdt=564&idt=315&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=534312875220&frm=20&pv=2&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=322
Frame ID: E7CE31FDD48715317A7B9EC51C71457D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&h=280&adk=2816580624&adf=1397657714&pi=t.aa~a.2254042233~rp.1&w=1130&fwrn=4&fwrnh=100&lmt=1618315212&rafmt=1&to=qs&pwprc=8216980806&format=1130x280&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192246&bpp=2&bdt=570&idt=333&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=534312875220&frm=20&pv=1&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=334
Frame ID: A7C2B0EDC8281009673128EBC360DEA1
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&h=280&adk=1625554742&adf=4150002502&pi=t.aa~a.3467383289~i.3~rp.4&w=1090&fwrn=4&fwrnh=100&lmt=1618315212&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8216980806&ad_type=text_image&format=1090x280&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&fwr=0&pra=3&rh=200&rw=1090&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192929&bpp=1&bdt=1253&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=3&correlator=534312875220&frm=20&pv=1&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=10
Frame ID: B4357AE0B413E3E4BA609AD97F47C1E9
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&h=280&adk=1625554742&adf=527327188&pi=t.aa~a.3467383289~i.5~rp.4&w=1090&fwrn=4&fwrnh=100&lmt=1618315212&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8216980806&ad_type=text_image&format=1090x280&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&fwr=0&pra=3&rh=200&rw=1090&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192929&bpp=1&bdt=1254&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280%2C1090x280&nras=4&correlator=534312875220&frm=20&pv=1&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Frame ID: 6EE52DB23D2CE089EF18123B6D7868F0
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 73A9213B16875B93D2460B255655C0EC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FA515B53865275182C6DA47551D26CC5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 4F3BDBB9CE0ACA7E17F966D0489183F5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AB85ABE4A2F204E0224EC431B8CA03E4
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 8C6E96E65DFA9F9A54DEC85DD310A771
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 4E62D6380606B4D3525D1535CEFB4D77
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3ACC6534877988F7C204AA152978F002
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6BF88C4118726294E942EA084AF57356
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Скачать vcruntime140.dll - Что это за ошибка как исправить?

Page URL History Show full URLs

http://vcruntime140-dll.ru/ HTTP 301
https://vcruntime140-dll.ru/ Page URL

Detected technologies

Joomla (CMS) Expand

Overall confidence: 50%
Detected patterns

(?:<div[^>]+id="wrapper_r"|<(?:link|script)[^>]+(?:feed|components)/com_|<table[^>]+class="pill)

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

UIKit (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

uikit.*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

149
Requests

89 %
HTTPS

57 %
IPv6

26
Domains

32
Subdomains

25
IPs

7
Countries

2520 kB
Transfer

6693 kB
Size

35
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://it-tehnik.ru/download/yandex-browser

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/ru-RU/download/details.aspx?id=52685
Title: Microsoft Visual C++ 2015

Search URL Search Domain Scan URL

URL: https://vk.com/share.php?url=https%3A%2F%2Fvcruntime140-dll.ru%2F&title=%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20vcruntime140.dll%20-%20%D0%A7%D1%82%D0%BE%20%D1%8D%D1%82%D0%BE%20%D0%B7%D0%B0%20%D0%BE%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20%D0%BA%D0%B0%D0%BA%20%D0%B8%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%8C%3F&utm_source=share2
Title: ВКонтакте

Search URL Search Domain Scan URL

URL: https://connect.ok.ru/offer?url=https%3A%2F%2Fvcruntime140-dll.ru%2F&title=%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20vcruntime140.dll%20-%20%D0%A7%D1%82%D0%BE%20%D1%8D%D1%82%D0%BE%20%D0%B7%D0%B0%20%D0%BE%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20%D0%BA%D0%B0%D0%BA%20%D0%B8%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%8C%3F&utm_source=share2
Title: Одноклассники

Search URL Search Domain Scan URL

URL: https://connect.mail.ru/share?url=https%3A%2F%2Fvcruntime140-dll.ru%2F&title=%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20vcruntime140.dll%20-%20%D0%A7%D1%82%D0%BE%20%D1%8D%D1%82%D0%BE%20%D0%B7%D0%B0%20%D0%BE%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20%D0%BA%D0%B0%D0%BA%20%D0%B8%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%8C%3F&utm_source=share2
Title: Мой Мир

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20vcruntime140.dll%20-%20%D0%A7%D1%82%D0%BE%20%D1%8D%D1%82%D0%BE%20%D0%B7%D0%B0%20%D0%BE%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20%D0%BA%D0%B0%D0%BA%20%D0%B8%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%8C%3F&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&utm_source=share2
Title: Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://vcruntime140-dll.ru/ HTTP 301
https://vcruntime140-dll.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 69

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10222.rouFLJmufHwBDnlvMCfBmbrpnuh7gGX4RqatIypIlfnJKMnIIQF_Ofpr2SpzWtxj.tFYiUuRTzK_OZMshP9nNMUGzdo4%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10222.Nw3jT-qEUKg1piVsXDWgu7qkFPeqa8VZ0Q1a-nNIA6JJ1WLmUsEDxha-uZZOMitAo8sQbe6EQnitcJrz8KJe2NDAwM7xpM-N6oouUS-rNhNxD1qxem9yai9OjP38I243rwo-1QjcAGN-wZNB7VHkH6IGHOsEq5slSLt-vRziJV3w5aI9355-likdtYo2uRBY7roQhWSxIt9lyIb3pLmJyywVcMH1GmI4MiI_mbbGLCs%2C.MQP-AL3_MY764SYn3-DKMVI7108%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10222.Jvb1Q4UKLZnbgHnLCTpcX_OLvZWQ9twNKL7ynhzXapnMF4JYLsb-GNF35IZflNKuGpst0YAekkUdxSrAm3rQ1bLFvgJDTxoPiCHzF11lBOsn2S5rhzdjn0hgd-VUaQumHroqeZcKsg_0J1XO6TsLsEpHKS7Y40JG-SDaWJokCVBfd-o5gH4oJVee8pfyMkcNKY1ljvcIuXay85Xi3zUnNQ%2C%2C.KydkWjkfbwzBH1q9FydcIqAILuA%2C

Request Chain 74

https://mc.yandex.com/watch/26812653?wmode=7&page-url=https%3A%2F%2Fvcruntime140-dll.ru%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22b%2Fh%2Fj%2Fk%2Fk%2Fk%2Fk%2Fk%2Fk%2Fk%2Fk%2Fl%2Ft%22%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3gtstpmsk4v16yqhe1wbp8d7%3Afp%3A1060%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A2%3Adp%3A1%3Als%3A954715064697%3Ahid%3A172115730%3Az%3A60%3Ai%3A20231219175952%3Aet%3A1703005193%3Ac%3A1%3Arn%3A665179643%3Arqn%3A1%3Au%3A1703005193566654365%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C116%2C112%2C2%2C488%2C0%2C%2C486%2C13%2C%2C%2C%2C1205%3Aco%3A0%3Acpf%3A1%3Ans%3A1703005190957%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703005193%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20vcruntime140.dll%20-%20%D0%A7%D1%82%D0%BE%20%D1%8D%D1%82%D0%BE%20%D0%B7%D0%B0%20%D0%BE%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20%D0%BA%D0%B0%D0%BA%20%D0%B8%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%8C%3F&t=gdpr(14)clc(0-0-0)rqnt(1)lt(10200)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fvcruntime140-dll.ru%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22b%2Fh%2Fj%2Fk%2Fk%2Fk%2Fk%2Fk%2Fk%2Fk%2Fk%2Fl%2Ft%22%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3gtstpmsk4v16yqhe1wbp8d7%3Afp%3A1060%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A2%3Adp%3A1%3Als%3A954715064697%3Ahid%3A172115730%3Az%3A60%3Ai%3A20231219175952%3Aet%3A1703005193%3Ac%3A1%3Arn%3A665179643%3Arqn%3A1%3Au%3A1703005193566654365%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C116%2C112%2C2%2C488%2C0%2C%2C486%2C13%2C%2C%2C%2C1205%3Aco%3A0%3Acpf%3A1%3Ans%3A1703005190957%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703005193%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20vcruntime140.dll%20-%20%D0%A7%D1%82%D0%BE%20%D1%8D%D1%82%D0%BE%20%D0%B7%D0%B0%20%D0%BE%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20%D0%BA%D0%B0%D0%BA%20%D0%B8%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%8C%3F&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29lt%2810200%29aw%281%29rcm%281%29ti%281%29

Request Chain 75

https://mc.yandex.com/watch/48553934?wmode=7&page-url=https%3A%2F%2Fvcruntime140-dll.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3gtstpmsk4v16yqhe1wbp8d7%3Afp%3A1060%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A77455174923%3Ahid%3A172115730%3Az%3A60%3Ai%3A20231219175952%3Aet%3A1703005193%3Ac%3A1%3Arn%3A71960032%3Arqn%3A1%3Au%3A1703005193566654365%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C116%2C112%2C2%2C488%2C0%2C%2C486%2C13%2C%2C%2C%2C1205%3Aco%3A0%3Acpf%3A1%3Ans%3A1703005190957%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703005193%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20vcruntime140.dll%20-%20%D0%A7%D1%82%D0%BE%20%D1%8D%D1%82%D0%BE%20%D0%B7%D0%B0%20%D0%BE%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20%D0%BA%D0%B0%D0%BA%20%D0%B8%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%8C%3F&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/48553934/1?wmode=7&page-url=https%3A%2F%2Fvcruntime140-dll.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3gtstpmsk4v16yqhe1wbp8d7%3Afp%3A1060%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A77455174923%3Ahid%3A172115730%3Az%3A60%3Ai%3A20231219175952%3Aet%3A1703005193%3Ac%3A1%3Arn%3A71960032%3Arqn%3A1%3Au%3A1703005193566654365%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C116%2C112%2C2%2C488%2C0%2C%2C486%2C13%2C%2C%2C%2C1205%3Aco%3A0%3Acpf%3A1%3Ans%3A1703005190957%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703005193%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20vcruntime140.dll%20-%20%D0%A7%D1%82%D0%BE%20%D1%8D%D1%82%D0%BE%20%D0%B7%D0%B0%20%D0%BE%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20%D0%BA%D0%B0%D0%BA%20%D0%B8%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%8C%3F&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Request Chain 101

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 116

https://um.simpli.fi/gp_match?google_gid=CAESEAmIqGQwEw_CB_1daMhUdHM&google_cver=1&google_push=AXcoOmSiXB6-0Sn5yqwWgTXpHJMafByVAp72ICA3TJZ_deZb_FtsPoJIhWyefKa3_D2A-k7oX1ZnqaYiZFOQQwxc1-S9KZKNwYn-aoK6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=565E3DA893694F808781ED76E7052F5A&google_push=AXcoOmSiXB6-0Sn5yqwWgTXpHJMafByVAp72ICA3TJZ_deZb_FtsPoJIhWyefKa3_D2A-k7oX1ZnqaYiZFOQQwxc1-S9KZKNwYn-aoK6

Request Chain 118

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEI8AorDtcs_ARtV2lWbMbNU&google_cver=1&google_push=AXcoOmS5O8IHDumXC3-Oz_p9FNC2nTk12ntOLqt48CFPxwo46jw_u9dTE-JbbLSKJL1r4gik_fAEqmZ4eBv-g1peOJqy7fR3bJvroazS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS5O8IHDumXC3-Oz_p9FNC2nTk12ntOLqt48CFPxwo46jw_u9dTE-JbbLSKJL1r4gik_fAEqmZ4eBv-g1peOJqy7fR3bJvroazS&google_hm=eS1aTW5UZTRKRTJwRktNSUE1Mmx4ZjkwR1BKQS42M09fN35B

Request Chain 120

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGjrpoLKqCZWxC2VntZ1aOM&google_cver=1&google_push=AXcoOmStWp0x0yaOH8JCnJ6NcPzQTUThp9aukTSB9wZkJrUrWM7WGMwjNkf7EQN8Yyw7vNiFK8_KUNTKCTZrRjAHD0h8xhgrGiOg8QM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmStWp0x0yaOH8JCnJ6NcPzQTUThp9aukTSB9wZkJrUrWM7WGMwjNkf7EQN8Yyw7vNiFK8_KUNTKCTZrRjAHD0h8xhgrGiOg8QM

Request Chain 121

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEO2r011UdS618hooYINQ67g&google_cver=1&google_push=AXcoOmQo0UWEcRwzVhcy3_o7LMpsSeNjK_pXy3WH3yxmq7SNMEs9UHDGWNT-uom71z6q5YfzQHXQOxAnzQcad2Be1rN6kZwm3TKkowclwQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQo0UWEcRwzVhcy3_o7LMpsSeNjK_pXy3WH3yxmq7SNMEs9UHDGWNT-uom71z6q5YfzQHXQOxAnzQcad2Be1rN6kZwm3TKkowclwQ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 124

https://googleads.g.doubleclick.net/pagead/adview?ai=Ct-ymCMyBZZCcLZfR29gPrOK80AzFzu3SdJuM9KqAEM2OjLn9QRABILmczR1gleKQgqAHoAH9sqLFA8gBAakCAIgMvXBVsj6oAwHIA8sEqgTwAU_Q5Pn2Q6YhtKO-GqAM_5lyy9som-0-FeUC48AgJuIBHhd43vmZqpsfWHwmRGaJqL6V5n-7HlvOQm6r2P_WptCJ-ptnuqnHyBZVjGHBAn-UC_wyowmdOlyuOdIrTTvtzIkXEgnEKe3h1VTLzPPAgyhuhjRanBnmYd85USToQMV0Z4cde7gms7oqboo9HAS1rCYqJWnsDicr67y7ugudsoUfxxzyQcSRabhg0Q4w5FrOkOzYkwWwk0G6wkw9gfuN49KG6DBXkf3IIGwDA-Nllj7zgBdyYUrW8pnOCsIlVMrThgq0JGoyl3z6bAiwvNAxk8AEvZvv8fcDiAXZq7GNM5IFBAgEGAGSBQQIBRgEgAeG6YQcqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQlZUd0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliBjLnc_JuDA5oJIWh0dHBzOi8vdHJhbnNmb3JtLmRtZ21vcmkuY29tL2RlL4AKAcgLAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQLYEw2IFAbQFQGAFwGyFxwKGggAEhRwdWItMzQ2NDc0MDgxMTMyNDc0NxgA&sigh=Nja8nAlMIKg&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_rlT96FmFneQUPbZEY_dV13eXMsre3DkMjMFAMg8xdtmmLiUADIjDXRriWCcA1O4cQ3S9-VaJrCfPegnHpc9vhc4AiFt773zzzhIYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211227968319129074872%22,%22debug_reporting%22:true,%22destination%22:%22https://dmgmori.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22950573437%22],%2222%22:[%22true%22],%224%22:[%2212-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22304759390031753153%22}&andc=true

Request Chain 128

https://googleads.g.doubleclick.net/pagead/adview?ai=CCZ1DCcyBZc3pBpqt29gPirSp-ATIiNHmdNqWvN26EouR_4_4QRABILmczR1gleKQgqAHoAHxmqDQAcgBCagDAcgDywSqBPQBT9CiKWXunHx1vlmCKQmJeNFAWxSu8BNbesuR_BRP1Hd7XRuIR6CJ-osyrrCB2TeOQn6zd77Hi4O3eqFU_zjK0UCkXz8SddrlXZvyWU9s7Lgqvp-5bQ1EDg3TR9C9ue_RHRM4LU40p61UHYwlqfq7ZTzp1KpSYTwskTOQgpyPTFSpanhcAvTR5eFVL_TAVXI2DLPxfRX7cVJlVVSdAI63jcNKkB1G0gKWfgJrGkOGX2z0Ev-KRnuXtOrSem7IHWFvmfvqJLgk-HNz3YSStynnbQpRMbfQOiPqLclID3wyDC9Zoo0iVUKu9HGg9CQf_kUNy8kg-8AE7p6478IEiAW42P3bTZIFBAgEGAGSBQQIBRgEoAYugAf35N-vAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEJfmAtIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY7tDP3PybgwOaCSBodHRwczovL2Rvd25sb2FkLndhdmVicm93c2VyLmNvL4AKAcgLAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQK4E-QD2BMM0BUBmBYBgBcBshccChoIABIUcHViLTM0NjQ3NDA4MTEzMjQ3NDcYAA&sigh=aM-nDmnIHAQ&uach_m=%5BUACH%5D&ase=2&cid=CAQSOwAvHhf_qD7OmQf0jlU6f8-C2OkgDs2KMgjQYIPUS2j03aPhTMtFrLz6meYUL1gjYUo2enaU0OPMpxQdGAE&template_id=484&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217184709602890545347%22,%22debug_reporting%22:true,%22destination%22:%22https://wavebrowser.co%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22436735345%22],%2222%22:[%22true%22],%224%22:[%2212-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223393932101944402369%22}&andc=true

Request Chain 139

https://googleads.g.doubleclick.net/pagead/adview?ai=CI_35CcyBZamBBpys29gPqvujuA7y16LcdJnLveiUEb_v6rKYHBABILmczR1gleKQgqAHoAG62-OYA8gBCagDAcgDywSqBPMBT9BnDaHbXxp6JOZqnXwmVwggXz-FOROjUSrqEb4GwCjJ41Xt8HtefbpGHZTZUL73AgWPkzHPEywQxfsKrI3XkmsB8vf1zC-JUEi-VyWnsvYAvS4UMa1zoU-KbCkNHhE3_fnRRtcQfuu7clJ62huSnNh0l3PCVge1Zv8EJheLTXcDb9Q0MTmSES0AKWuavcW55nYfMGZElJaWa86RWOygS69b_uCIx0BsqU04wlvKuzG0LB0tC_mYujZ_6zP22kzPSV4ciUWxNWkVA-8uWMhLejXON8novuezgju5sGm8WIENPOAoHQWwE4o78S1hLdhOtf4YwATcrPSepwSIBcu1v79JkgUECAQYAZIFBAgFGASgBi6AB66knGeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDE9QfSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WOmBz9z8m4MDmgmgAWh0dHBzOi8vd3d3LmluZnJhZ2lzdGljcy5jb20vcHJvZHVjdHMvaWduaXRlLXVpLWJsYXpvci92cz91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWNwYyZ1dG1fY2FtcGFpZ249aWduaXRlLXVpLWJsYXpvciZ1dG1fdGVybT1nZXJtYW55LWRpc3BsYXktY29tcGV0ZS1sbS1uZXeACgHICwGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAtgTDYgUA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi0zNDY0NzQwODExMzI0NzQ3GAA&sigh=AX5RNpx65Nw&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_868GKILNc1YeYAtt0VfimefPFqJpX1lBjAbVzr5OkBq6Lj9OXalMitdLQB7r-90HMj7lu2uIDxgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213306744847274328055%22,%22debug_reporting%22:true,%22destination%22:%22https://infragistics.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22857271738%22],%2222%22:[%22true%22],%224%22:[%2212-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217920059991192296801%22}&andc=true

Request Chain 143

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELN3oa7Mq1wL1NJ2HcZb0Ek&google_cver=1&google_push=AXcoOmSPChbVzw0-JE6RIqb7ktHDGoopbUaDPslrZpslXPRNbNQ2hV87wXCOvh3-y0u7PPVb1zbtHLvfUCTj0Vj8OpW_uMH4E-Frtw HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSPChbVzw0-JE6RIqb7ktHDGoopbUaDPslrZpslXPRNbNQ2hV87wXCOvh3-y0u7PPVb1zbtHLvfUCTj0Vj8OpW_uMH4E-Frtw&google_hm=1KkkaQh517PC7ZHTRf3_YA

Request Chain 144

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDlvFKcnqZE0FnnG7Gh--nA&google_cver=1&google_push=AXcoOmTwkG7z4OC0HMjmg0qApXhr8mpkL58DgSQ096g9VDLtTdsvBosJNcgcUe65Rs0ldrgzVVVFw0IfcCpaZkNVSvZBn1B7KbTf1Cg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTwkG7z4OC0HMjmg0qApXhr8mpkL58DgSQ096g9VDLtTdsvBosJNcgcUe65Rs0ldrgzVVVFw0IfcCpaZkNVSvZBn1B7KbTf1Cg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDlvFKcnqZE0FnnG7Gh--nA&google_cver=1&google_push=AXcoOmTwkG7z4OC0HMjmg0qApXhr8mpkL58DgSQ096g9VDLtTdsvBosJNcgcUe65Rs0ldrgzVVVFw0IfcCpaZkNVSvZBn1B7KbTf1Cg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTwkG7z4OC0HMjmg0qApXhr8mpkL58DgSQ096g9VDLtTdsvBosJNcgcUe65Rs0ldrgzVVVFw0IfcCpaZkNVSvZBn1B7KbTf1Cg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 145

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEKHR2iraTqnDlE4jd9jc0P8&google_cver=1&google_push=AXcoOmQNcoZbVdGQJOGh7ocw4f-_iLhjy33XovsCZ0cGoQeUVSVUBWKwZx4iKL9y2ng0uEGZGic_vjeuAsdrbekbf-rDwrbLv3Nycu4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKHR2iraTqnDlE4jd9jc0P8&google_push=AXcoOmQNcoZbVdGQJOGh7ocw4f-_iLhjy33XovsCZ0cGoQeUVSVUBWKwZx4iKL9y2ng0uEGZGic_vjeuAsdrbekbf-rDwrbLv3Nycu4

Request Chain 146

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEOGLynLFMmev4H2sRaKhD8c&google_cver=1&google_push=AXcoOmSTwLhSKEE6Ubc37I0wa43SSRW0b1GR36_TezVAKYynzzzaiXBEnVd2pysjDVJA-XlDhUFtiAkHz7MAs5YnRNB71v5OoWurObQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmSTwLhSKEE6Ubc37I0wa43SSRW0b1GR36_TezVAKYynzzzaiXBEnVd2pysjDVJA-XlDhUFtiAkHz7MAs5YnRNB71v5OoWurObQ&google_hm=p0d_HWKBTkK5V_qqEtCiTIg

Request Chain 148

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAvap9C-7kVrcYaHSkQTcag&google_cver=1&google_push=AXcoOmQ60NFcRcDP41JIR6jvvVxe1sEcyFcWubgOcJooFBSzYSrjLgqJtTmLc5HnP_1WxO1JVuUdKhJu6kHATGP37pWBXTZb-4MCecA HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAvap9C-7kVrcYaHSkQTcag&google_cver=1&google_push=AXcoOmQ60NFcRcDP41JIR6jvvVxe1sEcyFcWubgOcJooFBSzYSrjLgqJtTmLc5HnP_1WxO1JVuUdKhJu6kHATGP37pWBXTZb-4MCecA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzE2MTA1NzQwNTY4ODQ2ODQxOQ&google_push=AXcoOmQ60NFcRcDP41JIR6jvvVxe1sEcyFcWubgOcJooFBSzYSrjLgqJtTmLc5HnP_1WxO1JVuUdKhJu6kHATGP37pWBXTZb-4MCecA

Request Chain 149

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAvap9C-7kVrcYaHSkQTcag&google_cver=1&google_push=AXcoOmRwydhGV7YdVR1awdNnx2RfRtEdXmMSApKMo4qt4LtiFUZN4OsKMfZ76ySChvE_ApEtVxdA4Zv61upfYIvddaINqjmrlY6wNw HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAvap9C-7kVrcYaHSkQTcag&google_cver=1&google_push=AXcoOmRwydhGV7YdVR1awdNnx2RfRtEdXmMSApKMo4qt4LtiFUZN4OsKMfZ76ySChvE_ApEtVxdA4Zv61upfYIvddaINqjmrlY6wNw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg2NzE4NjM3NzMwODU1OTA5NA&google_push=AXcoOmRwydhGV7YdVR1awdNnx2RfRtEdXmMSApKMo4qt4LtiFUZN4OsKMfZ76ySChvE_ApEtVxdA4Zv61upfYIvddaINqjmrlY6wNw

149 HTTP transactions
18 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
vcruntime140-dll.ru/
Redirect Chain

http://vcruntime140-dll.ru/
https://vcruntime140-dll.ru/

31 KB
10 KB

229ms
112ms

Document
text/html

81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: f6048ed879451b183c6eef0699d35989cb844967569a295f2580d226ecc3e83f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 19 Dec 2023 16:59:51 GMT
etag: W/"7dcf-5bfd95f5f10ca"
last-modified: Tue, 13 Apr 2021 12:00:12 GMT
server: nginx-reuseport/1.21.1
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 319
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 19 Dec 2023 16:59:51 GMT
Keep-Alive: timeout=30
Location: https://vcruntime140-dll.ru/
Server: nginx-reuseport/1.21.1

GET
H2 200 style.css
vcruntime140-dll.ru/components/com_jcomments/tpl/dt/ 11 KB
3 KB 61ms
58ms Stylesheet
text/css 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vcruntime140-dll.ru/components/com_jcomments/tpl/dt/style.css?v=3002
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 4a3eca77ff9d440fabfc4e66dee7087633e455f7b6846e1ba26b71824837270b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:51 GMT
content-encoding: gzip
last-modified: Thu, 19 Apr 2018 06:43:04 GMT
server: nginx-reuseport/1.21.1
etag: W/"5ad83a78-2a54"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Tue, 26 Dec 2023 16:59:51 GMT

GET
H2 200 extravote.css
vcruntime140-dll.ru/plugins/content/extravote/assets/ 5 KB
1 KB 62ms
59ms Stylesheet
text/css 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vcruntime140-dll.ru/plugins/content/extravote/assets/extravote.css
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 9e92b02c607537badcaa2104a66b8964dc659afee390d2b2515071bc4c91a1c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:51 GMT
content-encoding: gzip
last-modified: Thu, 19 Apr 2018 06:43:04 GMT
server: nginx-reuseport/1.21.1
etag: W/"5ad83a78-1445"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Tue, 26 Dec 2023 16:59:51 GMT

GET
H2 200 jcomments-v2.3.js Show response
vcruntime140-dll.ru/components/com_jcomments/js/ 28 KB
8 KB 62ms
60ms Script
application/x-javascript 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vcruntime140-dll.ru/components/com_jcomments/js/jcomments-v2.3.js?v=12
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 71afafd6cbf9f8256229bb61ab5e50a8a5fad057a5e311c2e3eb698e01f18260

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:51 GMT
content-encoding: gzip
last-modified: Thu, 19 Apr 2018 06:43:02 GMT
server: nginx-reuseport/1.21.1
etag: W/"5ad83a76-7173"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 26 Dec 2023 16:59:51 GMT

GET
H2 200 ajax.js Show response
vcruntime140-dll.ru/components/com_jcomments/libraries/joomlatune/ 4 KB
2 KB 63ms
60ms Script
application/x-javascript 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vcruntime140-dll.ru/components/com_jcomments/libraries/joomlatune/ajax.js?v=4
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: c4a3e09c02acac77ace5d2236bac1ec8efbc42dcba66b407a73fb0adb5f87ba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:51 GMT
content-encoding: gzip
last-modified: Thu, 19 Apr 2018 06:43:02 GMT
server: nginx-reuseport/1.21.1
etag: W/"5ad83a76-106e"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 26 Dec 2023 16:59:51 GMT

GET
H2 200 jquery.min.js Show response
vcruntime140-dll.ru/media/jui/js/ 95 KB
33 KB 63ms
60ms Script
application/x-javascript 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vcruntime140-dll.ru/media/jui/js/jquery.min.js
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:51 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2018 11:38:20 GMT
server: nginx-reuseport/1.21.1
etag: W/"5ad72e2c-17b8b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 26 Dec 2023 16:59:51 GMT

GET
H2 200 jquery-noconflict.js Show response
vcruntime140-dll.ru/media/jui/js/ 21 B
213 B 63ms
61ms Script
application/x-javascript 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vcruntime140-dll.ru/media/jui/js/jquery-noconflict.js
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:51 GMT
last-modified: Wed, 18 Apr 2018 11:38:20 GMT
server: nginx-reuseport/1.21.1
etag: "5ad72e2c-15"
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 21
expires: Tue, 26 Dec 2023 16:59:51 GMT

GET
H2 200 jquery-migrate.min.js Show response
vcruntime140-dll.ru/media/jui/js/ 10 KB
4 KB 63ms
61ms Script
application/x-javascript 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vcruntime140-dll.ru/media/jui/js/jquery-migrate.min.js
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:51 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2018 11:38:20 GMT
server: nginx-reuseport/1.21.1
etag: W/"5ad72e2c-2748"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 26 Dec 2023 16:59:51 GMT

GET
H2 200 fields.js Show response
vcruntime140-dll.ru/plugins/content/fields/inc/ 332 B
438 B 63ms
61ms Script
application/x-javascript 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vcruntime140-dll.ru/plugins/content/fields/inc/fields.js
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 5301bbead54523dd82d645f1f4f51054844036477a493e1cc48257fbeb4b7399

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:51 GMT
content-encoding: gzip
last-modified: Thu, 19 Apr 2018 06:43:04 GMT
server: nginx-reuseport/1.21.1
etag: W/"5ad83a78-14c"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 26 Dec 2023 16:59:51 GMT

GET
H2 200 extravote.js Show response
vcruntime140-dll.ru/plugins/content/extravote/assets/ 2 KB
1 KB 173ms
171ms Script
application/x-javascript 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vcruntime140-dll.ru/plugins/content/extravote/assets/extravote.js
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 10105af423c3dcf46d274e7c2b1fba727d64543722aa114a35f6a7536f719cb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:51 GMT
content-encoding: gzip
last-modified: Thu, 19 Apr 2018 06:43:04 GMT
server: nginx-reuseport/1.21.1
etag: W/"5ad83a78-997"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 26 Dec 2023 16:59:51 GMT

GET
H2 200 theme.css
vcruntime140-dll.ru/templates/dll/css/ 109 KB
20 KB 61ms
59ms Stylesheet
text/css 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vcruntime140-dll.ru/templates/dll/css/theme.css
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: cf8123045ef80b8be3f0c4af6ce6b9aec01099cb573ac467e0b6fc596fc29f1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:51 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2018 11:38:20 GMT
server: nginx-reuseport/1.21.1
etag: W/"5ad72e2c-1b5b7"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Tue, 26 Dec 2023 16:59:51 GMT

GET
H2 200 custom.css
vcruntime140-dll.ru/templates/dll/css/ 233 B
359 B 61ms
59ms Stylesheet
text/css 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vcruntime140-dll.ru/templates/dll/css/custom.css
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: b8b34054874c5aa9b958c029817c4f878c873b1312379e8882bdcdefb1758626

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:51 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2018 11:38:20 GMT
server: nginx-reuseport/1.21.1
etag: W/"5ad72e2c-e9"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Tue, 26 Dec 2023 16:59:51 GMT

GET
H2 200 uikit.js Show response
vcruntime140-dll.ru/templates/dll/warp/vendor/uikit/js/ 55 KB
15 KB 173ms
172ms Script
application/x-javascript 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vcruntime140-dll.ru/templates/dll/warp/vendor/uikit/js/uikit.js
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 00e2768a2298a27c65f487c38443c821db861cd1decd09fc9d0268b8f462f5aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:51 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2018 11:38:21 GMT
server: nginx-reuseport/1.21.1
etag: W/"5ad72e2d-dbf2"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 26 Dec 2023 16:59:51 GMT

GET
H2 200 autocomplete.js Show response
vcruntime140-dll.ru/templates/dll/warp/vendor/uikit/js/components/ 4 KB
2 KB 174ms
172ms Script
application/x-javascript 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vcruntime140-dll.ru/templates/dll/warp/vendor/uikit/js/components/autocomplete.js
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 2a6bb5c3e685d7a455dcef8e345cbb537cb2af4e77cc2193c86e6c2fcf69809a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:51 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2018 11:38:20 GMT
server: nginx-reuseport/1.21.1
etag: W/"5ad72e2c-10a6"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 26 Dec 2023 16:59:51 GMT

GET
H2 200 form-select.js Show response
vcruntime140-dll.ru/templates/dll/warp/vendor/uikit/js/components/ 1 KB
767 B 174ms
172ms Script
application/x-javascript 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vcruntime140-dll.ru/templates/dll/warp/vendor/uikit/js/components/form-select.js
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: e832ca82e692bd71c3163d5d52b14a5e27c53574df19423aa1bfcc8657adf67b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:51 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2018 11:38:20 GMT
server: nginx-reuseport/1.21.1
etag: W/"5ad72e2c-4b1"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 26 Dec 2023 16:59:51 GMT

GET
H2 200 search.js Show response
vcruntime140-dll.ru/templates/dll/warp/vendor/uikit/js/components/ 3 KB
1 KB 174ms
173ms Script
application/x-javascript 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vcruntime140-dll.ru/templates/dll/warp/vendor/uikit/js/components/search.js
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: e197d53fe7df60cf0d734093501fc6d16ee9ba1bc2dd0fc6e8b80aad3bf7a304

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:51 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2018 11:38:21 GMT
server: nginx-reuseport/1.21.1
etag: W/"5ad72e2d-ab1"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 26 Dec 2023 16:59:51 GMT

GET
H2 200 sticky.js Show response
vcruntime140-dll.ru/templates/dll/warp/vendor/uikit/js/components/ 5 KB
2 KB 174ms
173ms Script
application/x-javascript 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vcruntime140-dll.ru/templates/dll/warp/vendor/uikit/js/components/sticky.js
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: f243c4151df8fe5a2d6585c08c0ceb8888a4f04fda74a8887e20a46aa45d674c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:51 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2018 11:38:21 GMT
server: nginx-reuseport/1.21.1
etag: W/"5ad72e2d-13c0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 26 Dec 2023 16:59:51 GMT

GET
H2 200 tooltip.js Show response
vcruntime140-dll.ru/templates/dll/warp/vendor/uikit/js/components/ 4 KB
2 KB 174ms
173ms Script
application/x-javascript 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vcruntime140-dll.ru/templates/dll/warp/vendor/uikit/js/components/tooltip.js
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 273f57ca0bb782190a8a76646cc5af8f5bc1b757a3f96cd81e5ba5dd1e83a239

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:51 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2018 11:38:21 GMT
server: nginx-reuseport/1.21.1
etag: W/"5ad72e2d-e84"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 26 Dec 2023 16:59:51 GMT

GET
H2 200 theme.js Show response
vcruntime140-dll.ru/templates/dll/js/ 506 B
413 B 175ms
174ms Script
application/x-javascript 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vcruntime140-dll.ru/templates/dll/js/theme.js
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 825dc17f49ca9b050b073867d0860e756bd4d97aaba6dd3cf444ebd0bc90298a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:51 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2018 11:38:20 GMT
server: nginx-reuseport/1.21.1
etag: W/"5ad72e2c-1fa"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 26 Dec 2023 16:59:51 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 190ms
109ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78bf2174c142170fb833d75665bbb4626ba20a35e524ac5ab0060463512666ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51508
x-xss-protection: 0
server: cafe
etag: 17964786434647339883
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 16:59:52 GMT

GET
H2 200 vcruntime140.jpg
vcruntime140-dll.ru/images/dll/ 12 KB
12 KB 175ms
174ms Image
image/jpeg 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcruntime140-dll.ru/images/dll/vcruntime140.jpg
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 440c2994b4085022c2627bff0050d133d674b777306ce4fb876cf8877ce70b28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:51 GMT
last-modified: Thu, 19 Apr 2018 11:22:07 GMT
server: nginx-reuseport/1.21.1
etag: "5ad87bdf-304d"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12365
expires: Thu, 18 Jan 2024 16:59:51 GMT

GET
H2 200 2-vcruntime140.jpg
vcruntime140-dll.ru/images/dll/ 26 KB
26 KB 175ms
174ms Image
image/jpeg 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcruntime140-dll.ru/images/dll/2-vcruntime140.jpg
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: b87f65a4f1dede81da14989488d2bda81ed33f0efc75a6b1393b796656e62884

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:51 GMT
last-modified: Thu, 19 Apr 2018 11:34:57 GMT
server: nginx-reuseport/1.21.1
etag: "5ad87ee1-6868"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 26728
expires: Thu, 18 Jan 2024 16:59:51 GMT

GET
H2 200 1-vcruntime140.jpg
vcruntime140-dll.ru/images/dll/ 20 KB
20 KB 57ms
57ms Image
image/jpeg 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcruntime140-dll.ru/images/dll/1-vcruntime140.jpg
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: f944d4ca5dae5802d9219fce97fe6aa892c18e0f64e98b314f4873bc5fa2cf61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:51 GMT
last-modified: Thu, 19 Apr 2018 11:34:56 GMT
server: nginx-reuseport/1.21.1
etag: "5ad87ee0-50e9"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 20713
expires: Thu, 18 Jan 2024 16:59:51 GMT

GET
H2 200 disk-sw.png
vcruntime140-dll.ru/images/dll/ 11 KB
11 KB 57ms
57ms Image
image/png 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcruntime140-dll.ru/images/dll/disk-sw.png
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 6bbe1d6c47ae44a6c20c4a6ff228fdf15b387edfeb7d7535567c239705298a0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:51 GMT
last-modified: Thu, 19 Apr 2018 11:34:58 GMT
server: nginx-reuseport/1.21.1
etag: "5ad87ee2-2bcd"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11213
expires: Thu, 18 Jan 2024 16:59:51 GMT

GET
H2 200 3-vcruntime140.jpg
vcruntime140-dll.ru/images/dll/ 39 KB
39 KB 57ms
57ms Image
image/jpeg 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcruntime140-dll.ru/images/dll/3-vcruntime140.jpg
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 25cdcd78bfaa228c563e223c2bd5516612d369cdccda34c7367f26e7f860ce8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:51 GMT
last-modified: Thu, 19 Apr 2018 11:34:57 GMT
server: nginx-reuseport/1.21.1
etag: "5ad87ee1-9a11"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 39441
expires: Thu, 18 Jan 2024 16:59:51 GMT

GET
H2 200 4-vcruntime140.jpg
vcruntime140-dll.ru/images/dll/ 43 KB
43 KB 58ms
57ms Image
image/jpeg 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcruntime140-dll.ru/images/dll/4-vcruntime140.jpg
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: dd74220782dbe570d4fbc18ef6fbab8c40a91207de49924d09779622efeb6807

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:52 GMT
last-modified: Thu, 19 Apr 2018 11:34:58 GMT
server: nginx-reuseport/1.21.1
etag: "5ad87ee2-ac68"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 44136
expires: Thu, 18 Jan 2024 16:59:52 GMT

GET
H2 200 4-aeyrc.jpg
vcruntime140-dll.ru/images/dll/ 60 KB
60 KB 58ms
57ms Image
image/jpeg 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcruntime140-dll.ru/images/dll/4-aeyrc.jpg
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: eda5d16e8ff221ed19df7cf856547f10c3855a5c411734a709a580399b1d5e3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:52 GMT
last-modified: Thu, 19 Apr 2018 11:34:57 GMT
server: nginx-reuseport/1.21.1
etag: "5ad87ee1-f0c4"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 61636
expires: Thu, 18 Jan 2024 16:59:52 GMT

GET
H2 200 5-systWoW64.jpg
vcruntime140-dll.ru/images/dll/ 30 KB
30 KB 59ms
58ms Image
image/jpeg 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcruntime140-dll.ru/images/dll/5-systWoW64.jpg
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 2f527f213eb8854d203bd3f7d97d5a2d37cc126840a1d8d8b566d37fa7b823c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:52 GMT
last-modified: Thu, 19 Apr 2018 11:34:58 GMT
server: nginx-reuseport/1.21.1
etag: "5ad87ee2-787b"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 30843
expires: Thu, 18 Jan 2024 16:59:52 GMT

GET
H2 200 es5-shims.min.js Show response
yastatic.net/es5-shims/0.0.2/ 3 KB
2 KB 144ms
47ms Script
application/x-javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/es5-shims/0.0.2/es5-shims.min.js

Requested by

Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

40f09dcdb226fb60428bfe107e02f6c50db1561694264b0144e0155f9f3e4140

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:52 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
last-modified: Thu, 25 Oct 2018 11:27:00 GMT
server: nginx/1.17.9
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag: W/"32e3b4f3a8f6048da9934fec1ca08cea"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
x-nginx-request-id: 445387a6de1c8a6e
timing-allow-origin: *
expires: Fri, 22 Dec 2023 04:58:58 GMT

GET
H2 200 share.js Show response
yastatic.net/share2/ 142 KB
39 KB 138ms
99ms Script
application/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/share2/share.js

Requested by

Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

838439f7800886796f6c8dd2b1bb6eeebfccdc9b05f89c489140c10edff3ab28

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:52 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Nov 2023 15:06:40 GMT
server: nginx/1.17.9
etag: W/"72e199079b77250d47f2f9c379273c4c"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=216009
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 22 Dec 2023 04:58:24 GMT

GET
H2 200 lol.gif
vcruntime140-dll.ru/components/com_jcomments/images/smilies/ 681 B
866 B 59ms
58ms Image
image/gif 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcruntime140-dll.ru/components/com_jcomments/images/smilies/lol.gif
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 6c16fcf17b9e066a762a2f648f0fb5b404ef628ca318b1bd97d7c364652a7f1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:52 GMT
last-modified: Thu, 19 Apr 2018 08:40:54 GMT
server: nginx-reuseport/1.21.1
etag: "5ad85616-2a9"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 681
expires: Thu, 18 Jan 2024 16:59:52 GMT

GET
H2 200 laugh.gif
vcruntime140-dll.ru/components/com_jcomments/images/smilies/ 1 KB
1 KB 59ms
59ms Image
image/gif 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcruntime140-dll.ru/components/com_jcomments/images/smilies/laugh.gif
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 82b82e943496c99d9d425239a44177e78cc41cf80acf0312a69b4561fce97fd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:52 GMT
last-modified: Thu, 19 Apr 2018 08:40:54 GMT
server: nginx-reuseport/1.21.1
etag: "5ad85616-448"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1096
expires: Thu, 18 Jan 2024 16:59:52 GMT

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/638e2a7f-2da9-4623-92d3-a9262cd9db2e/ 2 B
368 B 105ms
39ms Script
application/javascript 2600:9000:225e:1600:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/638e2a7f-2da9-4623-92d3-a9262cd9db2e/plugin.min.js
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 13:55:22 GMT
via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jul 2020 06:52:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 270271
etag: "99914b932bd37a50b983c5e7c90ae93b"
x-cache: Error from cloudfront
content-type: application/javascript
cache-control: public, max-age=360000000
accept-ranges: bytes
content-length: 2
x-amz-cf-id: n7Eafm6xU4zlYQ2t8ibZjtSvMVLgcyjP7BBsnYbcRPmslAFtvyaTOw==

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 124ms
45ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,700,400i,700i&subset=latin,cyrillic

Requested by

Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/templates/dll/css/theme.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3eb14959b30b76820df27eddae54d89807523ad15627db1677cfc3918a5e554c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Dec 2023 16:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 16:59:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Dec 2023 16:59:51 GMT

GET
H2 200 yabanner.png
it-tehnik.ru/wp-content/uploads/ 5 KB
5 KB 639ms
56ms Image
image/png 87.236.16.218
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://it-tehnik.ru/wp-content/uploads/yabanner.png
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.218 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.atom4.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: b2ffe03c81d3ea4360413f1a246d4b9b2a032fbfd6a6a88bf374f38bebd8bb34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:52 GMT
last-modified: Mon, 01 Jun 2020 13:16:21 GMT
server: nginx-reuseport/1.21.1
etag: "5ed4ffa5-13c9"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5065
expires: Thu, 18 Jan 2024 16:59:52 GMT

GET
H2 200 Fw3_8sFZ5Pk Show response
www.youtube.com/embed/ Frame FF77 85 KB
39 KB 181ms
101ms Document
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Fw3_8sFZ5Pk

Requested by

Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f0871fbcae00bf918fd72376da512d070f688247b31b93e8181b207556f386a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vcruntime140-dll.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 16:59:52 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 214 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aec8baf0f56ad6481043f64acfac2823acba0c0218394cc89444d43ca23b9f73

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 418 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4548b548dc9ec0ddfecfb43202c659a5cb13f1b1b852ce667372ed88674780f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f256bebcc7927e6a8f6d590bb1463f65e33d67873cdcf0708f538bfcf82ab7c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 202 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c99dfc8bc253b502b7b586e9bc538f8ff16d404329102068a0f50cf5aaa8dc69

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91af9470c746ca950a0ebe1dfc53f7ec96deb86723da7f23c4a0c61c88210fca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 star.png
vcruntime140-dll.ru/plugins/content/extravote/assets/images/ 1 KB
1 KB 60ms
60ms Image
image/png 81.200.116.208
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vcruntime140-dll.ru/plugins/content/extravote/assets/images/star.png
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/plugins/content/extravote/assets/extravote.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.116.208 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 4fbb0bf2ff9704a952c288ccc5438b2f6e7c9753b19299c2f2e7fcb59ba6edb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/plugins/content/extravote/assets/extravote.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:52 GMT
last-modified: Thu, 19 Apr 2018 08:06:51 GMT
server: nginx-reuseport/1.21.1
etag: "5ad84e1b-42d"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1069
expires: Thu, 18 Jan 2024 16:59:52 GMT

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
45 KB 115ms
36ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400i,700i&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vcruntime140-dll.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 23:20:07 GMT
x-content-type-options: nosniff
age: 63585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 23:20:07 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 46 KB
46 KB 155ms
77ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400i,700i&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vcruntime140-dll.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:51:59 GMT
x-content-type-options: nosniff
age: 54473
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47048
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 01:51:59 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
fonts.gstatic.com/s/ptsans/v17/ 29 KB
29 KB 193ms
116ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400i,700i&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vcruntime140-dll.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:54:12 GMT
x-content-type-options: nosniff
age: 29140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29928
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 08:54:12 GMT

GET
H2 200 jizaRExUiTo99u79D0aExdGM.woff2
fonts.gstatic.com/s/ptsans/v17/ 28 KB
28 KB 206ms
130ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400i,700i&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vcruntime140-dll.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 20:26:46 GMT
x-content-type-options: nosniff
age: 73986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28444
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:45:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 20:26:46 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 156 KB
56 KB 236ms
100ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f8ed7cb7ac6dc9850cffba6d02a3e222269f9ac3cdde0cfbead7734149281f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 12 Dec 2023 08:38:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65781bea-dcfc"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 56572
expires: Tue, 19 Dec 2023 17:59:52 GMT

GET
DATA 200
OK truncated
/ 880 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a275afec75ad4968444f347276b7c576a9fd0a4d6f06cb7a1fd0fd43e4a047d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 869 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b8cfedea93ac99d7b64e9477a841535ed7f6f752cbe06eb6fe8f66eec13e4688

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 215 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8734c970c670d52e2a115ab506d983ec6702613db1528af5fff769f3ed117754

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 357 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57df901ddd718ea67fc2c55f827e20fef7a5fae5145e9149e79eb065f9a097b9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 784 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32f9c09189248fc7081865c0e1b536205384f9d96c5a75e0ccb484e2a74a6f6a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 603 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9be7e931e5978b27a1428050d2045f7759ae34424b2a60a021d57a7af6d981f6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 391 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 723aa7e4d231c81a010c84b8703f0078c2510814c5da2e9ee4d2949c7e48e747

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 www-player.css
www.youtube.com/s/player/d23221b6/ Frame FF77 366 KB
47 KB 36ms
36ms Stylesheet
text/css 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d23221b6/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Fw3_8sFZ5Pk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee11928e9a31b92c22b88f0c49dae1f791043fe071dacf46b848efe85254c003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Fw3_8sFZ5Pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 11:46:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18801
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48218
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 02:47:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 18 Dec 2024 11:46:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FF77 15 KB
15 KB 36ms
35ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Fw3_8sFZ5Pk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 408776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Dec 2024 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FF77 15 KB
15 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Fw3_8sFZ5Pk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 503905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Dec 2024 21:01:27 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/d23221b6/player_ias.vflset/de_DE/ Frame FF77 53 KB
16 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d23221b6/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Fw3_8sFZ5Pk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c9f933d72a7bd02697d7107a9f1ab3d66cba302fc93adb24b1d826f44a99e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Fw3_8sFZ5Pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:33:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 548791
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16708
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 02:47:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 12 Dec 2024 08:33:21 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/d23221b6/www-embed-player.vflset/ Frame FF77 322 KB
96 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d23221b6/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Fw3_8sFZ5Pk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c71106628b235959659a80caca8df6f9e8dfc9eac825605e79d2738726f287d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Fw3_8sFZ5Pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5297
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98540
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 02:47:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 18 Dec 2024 15:31:35 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/d23221b6/player_ias.vflset/de_DE/ Frame FF77 2 MB
769 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d23221b6/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Fw3_8sFZ5Pk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c31daae8b67df28286a285cba84cafe86ff3d2a9043bb26deb93d41156de489

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Fw3_8sFZ5Pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 548791
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 787370
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 02:47:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 12 Dec 2024 08:33:21 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 100ms
100ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3464740811324747&plah=vcruntime140-dll.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84b2ada91ae5c7971c95e2ef86fe50b851d2edf4de551b61d94031960f2de0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137960
x-xss-protection: 0
server: cafe
etag: 10384555884218098946
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 16:59:52 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 5841 9 KB
4 KB 114ms
36ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vcruntime140-dll.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:49:38 GMT
etag: 5585625838579639069
expires: Tue, 02 Jan 2024 13:49:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 67ms
67ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2268629580838820&num=0&dvc=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406

Requested by

Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame FF77
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

43ms
43ms

XHR
application/json

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Fw3_8sFZ5Pk

Protocol

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92bc0c6e7a92e4c25222de29e66ebb67feb254e3dff491a5f6a899a0729ceb96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 19 Dec 2023 16:59:52 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame FF77 29 B
494 B 128ms
35ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:51:11 GMT
x-content-type-options: nosniff
age: 521
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Dec 2023 17:06:11 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 135ms
43ms Preflight
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 19 Dec 2023 16:59:52 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame FF77 86 KB
40 KB 52ms
52ms XHR
application/json+protobuf 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa0512a478d0b22c10cd4b42a386e9e3a6321e221f44eb9ed93d828b4a2d86bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 19 Dec 2023 16:59:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40708
x-xss-protection: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame FF77 0
19 B 44ms
44ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?cpn=A7SKiq6ka8a-B296&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C176963%2C53633%2C84737%2C25688%2C9541%2C1089%2C5877%2C394%2C26439494%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C5877%2C2251%2C859%2C1094%2C9513%2C4683%2C2305%2C7649%2C2008%2C4552%2C6946%2C3033%2C719%2C3424%2C2532%2C931&cl=590345707&seq=1&event=streamingstats&docid=Fw3_8sFZ5Pk&qclc=ChBBN1NLaXE2a2E4YS1CMjk2EAE&embargoed=0&cbr=Chrome&cbrver=120.0.6099.109&c=WEB_EMBEDDED_PLAYER&cver=1.20231212.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth::0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Fw3_8sFZ5Pk
X-YouTube-Client-Version: 1.20231212.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtiY01KS0w0eXRGWSiImIesBjIKCgJERRIEEgAgOg%3D%3D
X-YouTube-Ad-Signals: dt=1703005192406&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:52 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame FF77 296 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e83bcf0315f708e646d547688191140b0fbf240f230225e7e4cc136d8133fe3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E7CE 3 KB
676 B 349ms
348ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&adk=1812271804&adf=3025194257&lmt=1618315212&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x540_r&format=0x0&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192240&bpp=6&bdt=564&idt=315&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=534312875220&frm=20&pv=2&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=322

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3464740811324747&plah=vcruntime140-dll.ru

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9e4b3ee93f851e62156c181e2f75236a75591c3393a46f4f34400589e902bbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vcruntime140-dll.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 653
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 16:59:52 GMT
expires: Tue, 19 Dec 2023 16:59:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10222.rouFLJmufHwBDnlvMCfBmbrpnuh7gGX4RqatIypIlfnJKMnIIQF_Ofpr2SpzWtxj.tFYiUuRTzK_OZMshP9nNMUGzdo4%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10222.Nw3jT-qEUKg1piVsXDWgu7qkFPeqa8VZ0Q1a-nNIA6JJ1WLmUsEDxha-uZZOMitAo8sQbe6EQnitcJrz8KJe2NDAwM7xpM-N6oouUS-rNhNxD1qxem9yai9OjP38I243rwo-1QjcAG...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10222.Jvb1Q4UKLZnbgHnLCTpcX_OLvZWQ9twNKL7ynhzXapnMF4JYLsb-GNF35IZflNKuGpst0YAekkUdxSrAm3rQ1bLFvgJDTxoPiCHzF11lBOsn2...

43 B
582 B

52ms
52ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10222.Jvb1Q4UKLZnbgHnLCTpcX_OLvZWQ9twNKL7ynhzXapnMF4JYLsb-GNF35IZflNKuGpst0YAekkUdxSrAm3rQ1bLFvgJDTxoPiCHzF11lBOsn2S5rhzdjn0hgd-VUaQumHroqeZcKsg_0J1XO6TsLsEpHKS7Y40JG-SDaWJokCVBfd-o5gH4oJVee8pfyMkcNKY1ljvcIuXay85Xi3zUnNQ%2C%2C.KydkWjkfbwzBH1q9FydcIqAILuA%2C

Requested by

Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:52 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10222.Jvb1Q4UKLZnbgHnLCTpcX_OLvZWQ9twNKL7ynhzXapnMF4JYLsb-GNF35IZflNKuGpst0YAekkUdxSrAm3rQ1bLFvgJDTxoPiCHzF11lBOsn2S5rhzdjn0hgd-VUaQumHroqeZcKsg_0J1XO6TsLsEpHKS7Y40JG-SDaWJokCVBfd-o5gH4oJVee8pfyMkcNKY1ljvcIuXay85Xi3zUnNQ%2C%2C.KydkWjkfbwzBH1q9FydcIqAILuA%2C
date: Tue, 19 Dec 2023 16:59:52 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A7C2 132 KB
44 KB 714ms
714ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&h=280&adk=2816580624&adf=1397657714&pi=t.aa~a.2254042233~rp.1&w=1130&fwrn=4&fwrnh=100&lmt=1618315212&rafmt=1&to=qs&pwprc=8216980806&format=1130x280&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192246&bpp=2&bdt=570&idt=333&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=534312875220&frm=20&pv=1&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=334

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2aeeb5f5ef203757fa4d587ffeb991c30c9bd90e56056b79c98c5e9f226f70cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vcruntime140-dll.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44666
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 16:59:53 GMT
expires: Tue, 19 Dec 2023 16:59:53 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
473 B 50ms
50ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:52 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 12 Dec 2023 08:38:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65781bea-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 19 Dec 2023 17:59:52 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 43ms
43ms Preflight
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 19 Dec 2023 16:59:52 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame FF77 90 B
134 B 48ms
48ms XHR
application/json+protobuf 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b11f3b13771351c6814e6dbb7afb7d1b0bdb710d50c0fd131e7370fa9b065659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 19 Dec 2023 16:59:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/26812653/
Redirect Chain

https://mc.yandex.com/watch/26812653?wmode=7&page-url=https%3A%2F%2Fvcruntime140-dll.ru%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22b%2Fh%2Fj%2Fk%2Fk%2Fk%2Fk%2Fk%2Fk%...
https://mc.yandex.com/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fvcruntime140-dll.ru%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22b%2Fh%2Fj%2Fk%2Fk%2Fk%2Fk%2Fk%2F...

427 B
519 B

49ms
49ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fvcruntime140-dll.ru%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22b%2Fh%2Fj%2Fk%2Fk%2Fk%2Fk%2Fk%2Fk%2Fk%2Fk%2Fl%2Ft%22%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3gtstpmsk4v16yqhe1wbp8d7%3Afp%3A1060%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A2%3Adp%3A1%3Als%3A954715064697%3Ahid%3A172115730%3Az%3A60%3Ai%3A20231219175952%3Aet%3A1703005193%3Ac%3A1%3Arn%3A665179643%3Arqn%3A1%3Au%3A1703005193566654365%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C116%2C112%2C2%2C488%2C0%2C%2C486%2C13%2C%2C%2C%2C1205%3Aco%3A0%3Acpf%3A1%3Ans%3A1703005190957%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703005193%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20vcruntime140.dll%20-%20%D0%A7%D1%82%D0%BE%20%D1%8D%D1%82%D0%BE%20%D0%B7%D0%B0%20%D0%BE%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20%D0%BA%D0%B0%D0%BA%20%D0%B8%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%8C%3F&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29lt%2810200%29aw%281%29rcm%281%29ti%281%29

Requested by

Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

75fff8f96dba56994183e47cfea60953bfb238199e77858d01b636d3eb57b80e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 19-Dec-2023 16:59:52 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vcruntime140-dll.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 427
x-xss-protection: 1; mode=block
expires: Tue, 19-Dec-2023 16:59:52 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:52 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 19-Dec-2023 16:59:52 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fvcruntime140-dll.ru%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22b%2Fh%2Fj%2Fk%2Fk%2Fk%2Fk%2Fk%2Fk%2Fk%2Fk%2Fl%2Ft%22%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3gtstpmsk4v16yqhe1wbp8d7%3Afp%3A1060%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A2%3Adp%3A1%3Als%3A954715064697%3Ahid%3A172115730%3Az%3A60%3Ai%3A20231219175952%3Aet%3A1703005193%3Ac%3A1%3Arn%3A665179643%3Arqn%3A1%3Au%3A1703005193566654365%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C116%2C112%2C2%2C488%2C0%2C%2C486%2C13%2C%2C%2C%2C1205%3Aco%3A0%3Acpf%3A1%3Ans%3A1703005190957%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703005193%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20vcruntime140.dll%20-%20%D0%A7%D1%82%D0%BE%20%D1%8D%D1%82%D0%BE%20%D0%B7%D0%B0%20%D0%BE%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20%D0%BA%D0%B0%D0%BA%20%D0%B8%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%8C%3F&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29lt%2810200%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: https://vcruntime140-dll.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 19-Dec-2023 16:59:52 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/48553934/
Redirect Chain

https://mc.yandex.com/watch/48553934?wmode=7&page-url=https%3A%2F%2Fvcruntime140-dll.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3gtstpmsk4v16yqhe1wbp8d7%3Afp%3A1060%3Afu%3A0%3Aen...
https://mc.yandex.com/watch/48553934/1?wmode=7&page-url=https%3A%2F%2Fvcruntime140-dll.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3gtstpmsk4v16yqhe1wbp8d7%3Afp%3A1060%3Afu%3A0%3A...

446 B
482 B

53ms
53ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/48553934/1?wmode=7&page-url=https%3A%2F%2Fvcruntime140-dll.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3gtstpmsk4v16yqhe1wbp8d7%3Afp%3A1060%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A77455174923%3Ahid%3A172115730%3Az%3A60%3Ai%3A20231219175952%3Aet%3A1703005193%3Ac%3A1%3Arn%3A71960032%3Arqn%3A1%3Au%3A1703005193566654365%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C116%2C112%2C2%2C488%2C0%2C%2C486%2C13%2C%2C%2C%2C1205%3Aco%3A0%3Acpf%3A1%3Ans%3A1703005190957%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703005193%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20vcruntime140.dll%20-%20%D0%A7%D1%82%D0%BE%20%D1%8D%D1%82%D0%BE%20%D0%B7%D0%B0%20%D0%BE%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20%D0%BA%D0%B0%D0%BA%20%D0%B8%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%8C%3F&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Requested by

Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

db231e4db4cb552e851c83690001c19ec4d53f0bd7619dbd87e77d67366c9cfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 19-Dec-2023 16:59:52 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vcruntime140-dll.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 446
x-xss-protection: 1; mode=block
expires: Tue, 19-Dec-2023 16:59:52 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:52 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 19-Dec-2023 16:59:52 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/48553934/1?wmode=7&page-url=https%3A%2F%2Fvcruntime140-dll.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3gtstpmsk4v16yqhe1wbp8d7%3Afp%3A1060%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A77455174923%3Ahid%3A172115730%3Az%3A60%3Ai%3A20231219175952%3Aet%3A1703005193%3Ac%3A1%3Arn%3A71960032%3Arqn%3A1%3Au%3A1703005193566654365%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C116%2C112%2C2%2C488%2C0%2C%2C486%2C13%2C%2C%2C%2C1205%3Aco%3A0%3Acpf%3A1%3Ans%3A1703005190957%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703005193%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20vcruntime140.dll%20-%20%D0%A7%D1%82%D0%BE%20%D1%8D%D1%82%D0%BE%20%D0%B7%D0%B0%20%D0%BE%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%20%D0%BA%D0%B0%D0%BA%20%D0%B8%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%8C%3F&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: https://vcruntime140-dll.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 19-Dec-2023 16:59:52 GMT

POST
H2 200 1
mc.yandex.com/watch/26812653/ 43 B
86 B 49ms
49ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26812653/1?page-url=https%3A%2F%2Fvcruntime140-dll.ru%2F&charset=utf-8&uah=chm%0A%3F0&hittoken=1703005192_a28aaf5c7851dee27764ab1dd59d543afebae9a658ebb31a987c54ec7f32e7d4&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3gtstpmsk4v16yqhe1wbp8d7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A2%3Adp%3A1%3Als%3A954715064697%3Ahid%3A172115730%3Az%3A60%3Ai%3A20231219175952%3Aet%3A1703005193%3Ac%3A1%3Arn%3A610549527%3Arqn%3A2%3Au%3A1703005193566654365%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Ans%3A1703005190957%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1703005193&t=gdpr(14)mc(p-1)clc(0-0-0)rqnt(2)lt(10200)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22services%22%3A%22vkontakte%2Codnoklassniki%2Cmoimir%2Ctwitter%22%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:52 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 19-Dec-2023 16:59:52 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://vcruntime140-dll.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 19-Dec-2023 16:59:52 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 67ms
66ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=4472337052011283&num=0&dvc=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885

Requested by

Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 68ms
66ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=4472337052011283&num=1&dvc=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885

Requested by

Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 67ms
66ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=4472337052011283&num=2&dvc=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885

Requested by

Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 69ms
67ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=4472337052011283&num=3&dvc=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885

Requested by

Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 71ms
70ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1698704560960029&num=0&dvc=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885

Requested by

Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 69ms
67ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1698704560960029&num=1&dvc=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885

Requested by

Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 69ms
68ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1698704560960029&num=2&dvc=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885

Requested by

Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 69ms
68ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2167042873693400&num=0&dvc=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885

Requested by

Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 69ms
68ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2167042873693400&num=1&dvc=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885

Requested by

Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 70ms
69ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1186112850212965&num=0&dvc=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885

Requested by

Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B435 139 KB
45 KB 655ms
654ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&h=280&adk=1625554742&adf=4150002502&pi=t.aa~a.3467383289~i.3~rp.4&w=1090&fwrn=4&fwrnh=100&lmt=1618315212&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8216980806&ad_type=text_image&format=1090x280&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&fwr=0&pra=3&rh=200&rw=1090&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192929&bpp=1&bdt=1253&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=3&correlator=534312875220&frm=20&pv=1&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35e7c62dec2e0d58604632be7c5327e64a75ece36274cef5a60bace180bb663e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vcruntime140-dll.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45847
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 16:59:53 GMT
expires: Tue, 19 Dec 2023 16:59:53 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6EE5 122 KB
41 KB 720ms
720ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&h=280&adk=1625554742&adf=527327188&pi=t.aa~a.3467383289~i.5~rp.4&w=1090&fwrn=4&fwrnh=100&lmt=1618315212&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8216980806&ad_type=text_image&format=1090x280&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&fwr=0&pra=3&rh=200&rw=1090&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192929&bpp=1&bdt=1254&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280%2C1090x280&nras=4&correlator=534312875220&frm=20&pv=1&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8e7bef1b2ef62754c72089742bde52b989db545c0ee4c6ce06832ca04c7b582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vcruntime140-dll.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41865
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 16:59:53 GMT
expires: Tue, 19 Dec 2023 16:59:53 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 68ms
67ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=5&wpc=ca-pub-3464740811324747&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20231212_093518&sat=1702942116259&afm=0&as_count=0&d_count=0&ng_count=0&am_count=5&atf_count=1&mdns=0&alldns=0.175&allp=8&fd=(0%2C4%2C0)%2C(1%2C0%2C0)%2C(2%2C4%2C4)&pgh=8015&abl=false&rr=n&su=vcruntime140-dll.ru&pvc=1534503199222985&r=0.1&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885

Requested by

Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e21910fd923a6283b5d44b2382eabc86.js Show response
www.gstatic.com/mysidia/ Frame A7C2 9 KB
4 KB 118ms
38ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&h=280&adk=2816580624&adf=1397657714&pi=t.aa~a.2254042233~rp.1&w=1130&fwrn=4&fwrnh=100&lmt=1618315212&rafmt=1&to=qs&pwprc=8216980806&format=1130x280&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192246&bpp=2&bdt=570&idt=333&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=534312875220&frm=20&pv=1&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=334

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4064
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Mar 2024 01:04:19 GMT

GET
H2 200 eca8f43f04ace2cb887c6c133446ca43.js Show response
www.gstatic.com/mysidia/ Frame A7C2 11 KB
5 KB 115ms
36ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eca8f43f04ace2cb887c6c133446ca43.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2366f8ceefa49f15dbf946bb02a4cf52b6d2999f71712d3f52e8bd5f56e1988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 22:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4745
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 22:07:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A7C2 14 KB
1 KB 44ms
44ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Dec 2023 16:59:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 16:41:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Dec 2023 16:59:53 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A7C2 2 KB
903 B 37ms
36ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11437
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 13:49:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame A7C2 23 KB
9 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11437
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 13:49:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A7C2 3 KB
1 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:15:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13479
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 13:15:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A7C2 20 KB
9 KB 114ms
35ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 13:49:15 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A7C2 203 KB
65 KB 124ms
46ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 16:59:53 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame A7C2 37 KB
15 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 13:56:43 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 73A9 143 B
166 B 35ms
35ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&h=280&adk=2816580624&adf=1397657714&pi=t.aa~a.2254042233~rp.1&w=1130&fwrn=4&fwrnh=100&lmt=1618315212&rafmt=1&to=qs&pwprc=8216980806&format=1130x280&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192246&bpp=2&bdt=570&idt=333&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=534312875220&frm=20&pv=1&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=235&ady=196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=334
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1815
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 16:29:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A7C2 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dea8459f21b5c4582b6dc1c0d67b11fcabe9001bc0671496b5790936db26d732

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 73A9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

52ms
52ms

Document
text/html

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 16:59:53 GMT
expires: Tue, 19 Dec 2023 16:59:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 16:59:53 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame A7C2 33 KB
33 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 21:01:51 GMT
x-content-type-options: nosniff
age: 503882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Dec 2024 21:01:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B435 14 KB
1 KB 60ms
59ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&h=280&adk=1625554742&adf=4150002502&pi=t.aa~a.3467383289~i.3~rp.4&w=1090&fwrn=4&fwrnh=100&lmt=1618315212&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8216980806&ad_type=text_image&format=1090x280&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&fwr=0&pra=3&rh=200&rw=1090&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192929&bpp=1&bdt=1253&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=3&correlator=534312875220&frm=20&pv=1&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Dec 2023 16:59:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 15:50:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Dec 2023 16:59:53 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B435 2 KB
856 B 35ms
35ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11437
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 13:49:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame B435 23 KB
9 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11437
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 13:49:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B435 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:15:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13479
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 13:15:14 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FA51 1 KB
643 B 36ms
35ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73199
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Tue, 19 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B435 20 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 13:49:15 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B435 0
0 43ms
43ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSybOgo6GJmDrD7YIQBcw3iX0ynm0rD905TNZPz9k6d4Ao-LNXAZa-imGEPT78ZdSElxR66LBrcNrSvA5i5xoi6NQn4Vw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&h=280&adk=1625554742&adf=4150002502&pi=t.aa~a.3467383289~i.3~rp.4&w=1090&fwrn=4&fwrnh=100&lmt=1618315212&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8216980806&ad_type=text_image&format=1090x280&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&fwr=0&pra=3&rh=200&rw=1090&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192929&bpp=1&bdt=1253&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=3&correlator=534312875220&frm=20&pv=1&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/8713707925352896608/ Frame B435 30 KB
30 KB 44ms
44ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8713707925352896608/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd93394fd619f798a96b816d476d14b14051345cbf3b7edaaf2a8eb11720a925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 09:14:07 GMT
date: Tue, 19 Dec 2023 09:14:07 GMT
x-content-type-options: nosniff
age: 27946
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30392
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 19:07:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame B435 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B435 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B435 203 KB
64 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 16:59:53 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame B435 37 KB
15 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 13:56:43 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame FA51 35 B
464 B 42ms
10ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJVVQaG5BYbYWuaNqmSh260&google_cver=1&google_push=AXcoOmR7EfpRpUSzPZ8M31B1UPBJoKlYvkBhLVQ2UPMpqapCr_cSn0s5QTBFxu9LmxR3wYktATOQxANTacbOCKNebI9HGK57FHj-3ew

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:53 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FA51
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEAmIqGQwEw_CB_1daMhUdHM&google_cver=1&google_push=AXcoOmSiXB6-0Sn5yqwWgTXpHJMafByVAp72ICA3TJZ_deZb_FtsPoJIhWyefKa3_D2A-k7oX1ZnqaYiZFOQQwxc1-S9KZKNwYn-aoK6
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=565E3DA893694F808781ED76E7052F5A&google_push=AXcoOmSiXB6-0Sn5yqwWgTXpHJMafByVAp72ICA3TJZ_deZb_FtsPoJIhWyefKa3_D2A-k7oX1ZnqaYiZFOQQwx...

170 B
329 B

50ms
45ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=565E3DA893694F808781ED76E7052F5A&google_push=AXcoOmSiXB6-0Sn5yqwWgTXpHJMafByVAp72ICA3TJZ_deZb_FtsPoJIhWyefKa3_D2A-k7oX1ZnqaYiZFOQQwxc1-S9KZKNwYn-aoK6

Requested by

Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 19 Dec 2023 16:59:53 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=565E3DA893694F808781ED76E7052F5A&google_push=AXcoOmSiXB6-0Sn5yqwWgTXpHJMafByVAp72ICA3TJZ_deZb_FtsPoJIhWyefKa3_D2A-k7oX1ZnqaYiZFOQQwxc1-S9KZKNwYn-aoK6
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 18 Dec 2023 16:59:53 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame FA51 0
173 B 67ms
20ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEEUuX4Y-MCf3-27om1hJ3A&google_cver=1&google_push=AXcoOmTNte0t8SRR8YuFiTtcP385-FMoAJxHXEBQSGJ-m3fmph_NpPNYo1taxiVCMMIvJr_rj50hPdqJ4ogLPC_NDYOh6dIc-8qAuzVw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&h=280&adk=1625554742&adf=4150002502&pi=t.aa~a.3467383289~i.3~rp.4&w=1090&fwrn=4&fwrnh=100&lmt=1618315212&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8216980806&ad_type=text_image&format=1090x280&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&fwr=0&pra=3&rh=200&rw=1090&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192929&bpp=1&bdt=1253&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=3&correlator=534312875220&frm=20&pv=1&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:53 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FA51
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEI8AorDtcs_ARtV2lWbMbNU&google_cver=1&google_push=AXcoOmS5O8IHDumXC3-Oz_p9FNC2nTk12ntOLqt48CFPxwo46jw_u9dTE-JbbLSKJL1r4gik_fAEqmZ4eBv-g1peOJqy7fR...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS5O8IHDumXC3-Oz_p9FNC2nTk12ntOLqt48CFPxwo46jw_u9dTE-JbbLSKJL1r4gik_fAEqmZ4eBv-g1peOJqy7fR3bJvroazS&google_hm=eS1aTW5UZTRKRTJwRk...

170 B
232 B

46ms
46ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS5O8IHDumXC3-Oz_p9FNC2nTk12ntOLqt48CFPxwo46jw_u9dTE-JbbLSKJL1r4gik_fAEqmZ4eBv-g1peOJqy7fR3bJvroazS&google_hm=eS1aTW5UZTRKRTJwRktNSUE1Mmx4ZjkwR1BKQS42M09fN35B

Requested by

Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 19 Dec 2023 16:59:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS5O8IHDumXC3-Oz_p9FNC2nTk12ntOLqt48CFPxwo46jw_u9dTE-JbbLSKJL1r4gik_fAEqmZ4eBv-g1peOJqy7fR3bJvroazS&google_hm=eS1aTW5UZTRKRTJwRktNSUE1Mmx4ZjkwR1BKQS42M09fN35B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame FA51 43 B
363 B 58ms
14ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSCndkaQcfIhCDyxDurV0agx0Ft0ndIWy0pAezr9siEyfHN-Bdt86y8Euy6G6BlUc2UElpZ05TSglxpaDyIAGyidbZ_7GFHdC6n&google_gid=CAESEFk1cmoUFPiEvewpzlaz51w&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:53 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 212368
expires: Tue, 19 Dec 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FA51
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGjrpoLKqCZWxC2VntZ1aOM&google_cver=1&google_push=AXcoOmStWp0x0yaOH8JCnJ6NcPzQTUThp9aukTSB9wZkJrUrWM7WGMwjNkf7EQN8Yyw7vNiFK8_KUNTKCTZr...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmStWp0x0yaOH8JCnJ6NcPzQTUThp9aukTSB9wZkJrUrWM7WGMwjNkf7EQN8Yyw7vNiFK8_KUNTKCTZrRjAHD0h8xhgrGiOg8QM

170 B
232 B

113ms
50ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmStWp0x0yaOH8JCnJ6NcPzQTUThp9aukTSB9wZkJrUrWM7WGMwjNkf7EQN8Yyw7vNiFK8_KUNTKCTZrRjAHD0h8xhgrGiOg8QM

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmStWp0x0yaOH8JCnJ6NcPzQTUThp9aukTSB9wZkJrUrWM7WGMwjNkf7EQN8Yyw7vNiFK8_KUNTKCTZrRjAHD0h8xhgrGiOg8QM
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame FA51
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEO2r011UdS61...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQo0UWEcRwzVhcy3_o7LMpsSeNjK_pXy3WH3yxmq7SNMEs9UHDGWNT-uom71z6q5YfzQHXQOxAnzQcad2Be1rN6kZwm3TKkowclwQ
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

44ms
44ms

Image
image/gif

23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/
Protocol: H2
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 19 Dec 2023 16:59:53 GMT
pragma: no-cache
date: Tue, 19 Dec 2023 16:59:53 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame FA51 0
130 B 139ms
45ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lp6buuTGOjl911kQn-8YFHcL98h427lFdo7flXwRWHN7DQIEafF8cvyU3qmmagSvMy5sfDrA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame B435 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 263231032c6c85a5513c330d08cc3cef639e5a3ff22691a8f7b56df423aea7f7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame A7C2
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Ct-ymCMyBZZCcLZfR29gPrOK80AzFzu3SdJuM9KqAEM2OjLn9QRABILmczR1gleKQgqAHoAH9sqLFA8gBAakCAIgMvXBVsj6oAwHIA8sEqgTwAU_Q5Pn2Q6YhtKO-GqAM_5lyy9som-0-FeU...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211227968319129074872%22,%22debug_reporting%22:true,%22destination%22:%22https://dmgmori.com%22,%22event_report_window%22:%...

0
0

141ms
68ms

Fetch
text/css

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211227968319129074872%22,%22debug_reporting%22:true,%22destination%22:%22https://dmgmori.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22950573437%22],%2222%22:[%22true%22],%224%22:[%2212-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22304759390031753153%22}&andc=true

Requested by

Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:54 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11227968319129074872","debug_reporting":true,"destination":"https://dmgmori.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["950573437"],"22":["true"],"4":["12-19"],"6":["true"]},"priority":"500","source_event_id":"304759390031753153"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Dec 2023 16:59:54 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 19 Dec 2023 16:59:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11227968319129074872","debug_reporting":true,"destination":"https://dmgmori.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["950573437"],"22":["true"],"4":["12-19"],"6":["true"]},"priority":"500","source_event_id":"304759390031753153"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 6EE5 4 KB
655 B 47ms
47ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&h=280&adk=1625554742&adf=527327188&pi=t.aa~a.3467383289~i.5~rp.4&w=1090&fwrn=4&fwrnh=100&lmt=1618315212&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8216980806&ad_type=text_image&format=1090x280&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&fwr=0&pra=3&rh=200&rw=1090&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192929&bpp=1&bdt=1254&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280%2C1090x280&nras=4&correlator=534312875220&frm=20&pv=1&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Dec 2023 16:59:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 15:25:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Dec 2023 16:59:53 GMT

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 4F3B 51 KB
19 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 12:51:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Dec 2024 12:51:06 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 6EE5 2 KB
822 B 35ms
35ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&h=280&adk=1625554742&adf=527327188&pi=t.aa~a.3467383289~i.5~rp.4&w=1090&fwrn=4&fwrnh=100&lmt=1618315212&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8216980806&ad_type=text_image&format=1090x280&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&fwr=0&pra=3&rh=200&rw=1090&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192929&bpp=1&bdt=1254&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280%2C1090x280&nras=4&correlator=534312875220&frm=20&pv=1&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11437
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 13:49:16 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6EE5
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CCZ1DCcyBZc3pBpqt29gPirSp-ATIiNHmdNqWvN26EouR_4_4QRABILmczR1gleKQgqAHoAHxmqDQAcgBCagDAcgDywSqBPQBT9CiKWXunHx1vlmCKQmJeNFAWxSu8BNbesuR_BRP1Hd7XRu...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217184709602890545347%22,%22debug_reporting%22:true,%22destination%22:%22https://wavebrowser.co%22,%22event_report_window%2...

0
0

139ms
67ms

Fetch
text/css

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217184709602890545347%22,%22debug_reporting%22:true,%22destination%22:%22https://wavebrowser.co%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22436735345%22],%2222%22:[%22true%22],%224%22:[%2212-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223393932101944402369%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&h=280&adk=1625554742&adf=527327188&pi=t.aa~a.3467383289~i.5~rp.4&w=1090&fwrn=4&fwrnh=100&lmt=1618315212&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8216980806&ad_type=text_image&format=1090x280&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&fwr=0&pra=3&rh=200&rw=1090&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192929&bpp=1&bdt=1254&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280%2C1090x280&nras=4&correlator=534312875220&frm=20&pv=1&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:54 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"17184709602890545347","debug_reporting":true,"destination":"https://wavebrowser.co","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["436735345"],"22":["true"],"4":["12-19"],"6":["true"]},"priority":"500","source_event_id":"3393932101944402369"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Dec 2023 16:59:54 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 19 Dec 2023 16:59:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17184709602890545347","debug_reporting":true,"destination":"https://wavebrowser.co","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["436735345"],"22":["true"],"4":["12-19"],"6":["true"]},"priority":"500","source_event_id":"3393932101944402369"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 6EE5 23 KB
9 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&h=280&adk=1625554742&adf=527327188&pi=t.aa~a.3467383289~i.5~rp.4&w=1090&fwrn=4&fwrnh=100&lmt=1618315212&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8216980806&ad_type=text_image&format=1090x280&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&fwr=0&pra=3&rh=200&rw=1090&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192929&bpp=1&bdt=1254&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280%2C1090x280&nras=4&correlator=534312875220&frm=20&pv=1&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11437
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 13:49:16 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 6EE5 3 KB
1 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&h=280&adk=1625554742&adf=527327188&pi=t.aa~a.3467383289~i.5~rp.4&w=1090&fwrn=4&fwrnh=100&lmt=1618315212&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8216980806&ad_type=text_image&format=1090x280&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&fwr=0&pra=3&rh=200&rw=1090&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192929&bpp=1&bdt=1254&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280%2C1090x280&nras=4&correlator=534312875220&frm=20&pv=1&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:15:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13479
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 13:15:14 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AB85 1 KB
643 B 38ms
38ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&h=280&adk=1625554742&adf=527327188&pi=t.aa~a.3467383289~i.5~rp.4&w=1090&fwrn=4&fwrnh=100&lmt=1618315212&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8216980806&ad_type=text_image&format=1090x280&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&fwr=0&pra=3&rh=200&rw=1090&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192929&bpp=1&bdt=1254&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280%2C1090x280&nras=4&correlator=534312875220&frm=20&pv=1&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73199
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Tue, 19 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 6EE5 20 KB
8 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&h=280&adk=1625554742&adf=527327188&pi=t.aa~a.3467383289~i.5~rp.4&w=1090&fwrn=4&fwrnh=100&lmt=1618315212&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8216980806&ad_type=text_image&format=1090x280&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&fwr=0&pra=3&rh=200&rw=1090&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192929&bpp=1&bdt=1254&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280%2C1090x280&nras=4&correlator=534312875220&frm=20&pv=1&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 13:49:15 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6EE5 0
0 45ms
44ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRF9VzzzPSPYcyDCSesMdWEnya_RMRmXU4DH7jH1E1YBFb5QQvlybQ04MGGtxLnqtWUp5rQ4GiML9Meim9P_WLUX1ySyA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&h=280&adk=1625554742&adf=527327188&pi=t.aa~a.3467383289~i.5~rp.4&w=1090&fwrn=4&fwrnh=100&lmt=1618315212&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8216980806&ad_type=text_image&format=1090x280&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&fwr=0&pra=3&rh=200&rw=1090&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192929&bpp=1&bdt=1254&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280%2C1090x280&nras=4&correlator=534312875220&frm=20&pv=1&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6EE5 203 KB
64 KB 52ms
50ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&h=280&adk=1625554742&adf=527327188&pi=t.aa~a.3467383289~i.5~rp.4&w=1090&fwrn=4&fwrnh=100&lmt=1618315212&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8216980806&ad_type=text_image&format=1090x280&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&fwr=0&pra=3&rh=200&rw=1090&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192929&bpp=1&bdt=1254&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280%2C1090x280&nras=4&correlator=534312875220&frm=20&pv=1&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 16:59:53 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 6EE5 37 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&h=280&adk=1625554742&adf=527327188&pi=t.aa~a.3467383289~i.5~rp.4&w=1090&fwrn=4&fwrnh=100&lmt=1618315212&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8216980806&ad_type=text_image&format=1090x280&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&fwr=0&pra=3&rh=200&rw=1090&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192929&bpp=1&bdt=1254&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280%2C1090x280&nras=4&correlator=534312875220&frm=20&pv=1&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 13:56:43 GMT

GET
H3 200 7583829460692459382
tpc.googlesyndication.com/simgad/ Frame 6EE5 10 KB
10 KB 36ms
36ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7583829460692459382

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&h=280&adk=1625554742&adf=527327188&pi=t.aa~a.3467383289~i.5~rp.4&w=1090&fwrn=4&fwrnh=100&lmt=1618315212&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8216980806&ad_type=text_image&format=1090x280&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&fwr=0&pra=3&rh=200&rw=1090&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192929&bpp=1&bdt=1254&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280%2C1090x280&nras=4&correlator=534312875220&frm=20&pv=1&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c9e4d264676edbea65842a3c9cb6c7e9c5768f1a98ab6199651d0dc4b962d96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 18:18:13 GMT
x-content-type-options: nosniff
age: 600100
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10042
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 14:00:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Dec 2024 18:18:13 GMT

GET
H3 200 13454939609392551176
tpc.googlesyndication.com/simgad/ Frame 6EE5 5 KB
5 KB 44ms
44ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13454939609392551176?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&h=280&adk=1625554742&adf=527327188&pi=t.aa~a.3467383289~i.5~rp.4&w=1090&fwrn=4&fwrnh=100&lmt=1618315212&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8216980806&ad_type=text_image&format=1090x280&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&fwr=0&pra=3&rh=200&rw=1090&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192929&bpp=1&bdt=1254&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280%2C1090x280&nras=4&correlator=534312875220&frm=20&pv=1&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47e5fb3c1160e0628f8183a8e49ad11772fd5a09a8434369b97d17ea1a01a1e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 09:22:57 GMT
date: Tue, 19 Dec 2023 09:22:57 GMT
x-content-type-options: nosniff
age: 27416
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4948
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 19:27:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame B435 33 KB
33 KB 37ms
36ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 21:01:51 GMT
x-content-type-options: nosniff
age: 503882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Dec 2024 21:01:51 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B435
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CI_35CcyBZamBBpys29gPqvujuA7y16LcdJnLveiUEb_v6rKYHBABILmczR1gleKQgqAHoAG62-OYA8gBCagDAcgDywSqBPMBT9BnDaHbXxp6JOZqnXwmVwggXz-FOROjUSrqEb4GwCjJ41X...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213306744847274328055%22,%22debug_reporting%22:true,%22destination%22:%22https://infragistics.com%22,%22event_report_window...

0
0

138ms
67ms

Fetch
text/css

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213306744847274328055%22,%22debug_reporting%22:true,%22destination%22:%22https://infragistics.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22857271738%22],%2222%22:[%22true%22],%224%22:[%2212-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217920059991192296801%22}&andc=true

Requested by

Host: vcruntime140-dll.ru
URL: https://vcruntime140-dll.ru/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:54 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13306744847274328055","debug_reporting":true,"destination":"https://infragistics.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["857271738"],"22":["true"],"4":["12-19"],"6":["true"]},"priority":"500","source_event_id":"17920059991192296801"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Dec 2023 16:59:54 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 19 Dec 2023 16:59:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13306744847274328055","debug_reporting":true,"destination":"https://infragistics.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["857271738"],"22":["true"],"4":["12-19"],"6":["true"]},"priority":"500","source_event_id":"17920059991192296801"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 8C6E 51 KB
19 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 12:51:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Dec 2024 12:51:06 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 162ms
66ms Preflight
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 19 Dec 2023 16:59:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6EE5 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1c58a91ec234f733d144a8920f131d8127ad1f3683b7bbd4feaa7941ebb9e0f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame AB85
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELN3oa7Mq1wL1NJ2HcZb0Ek&google_cver=1&google_push=AXcoOmSPChbVzw0-JE6RIqb7ktHDGoopbUaDPslrZpslXPRNbNQ2hV87wX...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSPChbVzw0-JE6RIqb7ktHDGoopbUaDPslrZpslXPRNbNQ2hV87wXCOvh3-y0u7PPVb1zbtHLvfUCTj0Vj8OpW_uMH4E-Frtw&google_hm=1KkkaQh517...

170 B
232 B

47ms
47ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSPChbVzw0-JE6RIqb7ktHDGoopbUaDPslrZpslXPRNbNQ2hV87wXCOvh3-y0u7PPVb1zbtHLvfUCTj0Vj8OpW_uMH4E-Frtw&google_hm=1KkkaQh517PC7ZHTRf3_YA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&h=280&adk=1625554742&adf=527327188&pi=t.aa~a.3467383289~i.5~rp.4&w=1090&fwrn=4&fwrnh=100&lmt=1618315212&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8216980806&ad_type=text_image&format=1090x280&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&fwr=0&pra=3&rh=200&rw=1090&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192929&bpp=1&bdt=1254&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280%2C1090x280&nras=4&correlator=534312875220&frm=20&pv=1&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSPChbVzw0-JE6RIqb7ktHDGoopbUaDPslrZpslXPRNbNQ2hV87wXCOvh3-y0u7PPVb1zbtHLvfUCTj0Vj8OpW_uMH4E-Frtw&google_hm=1KkkaQh517PC7ZHTRf3_YA
pragma: no-cache
date: Tue, 19 Dec 2023 16:59:53 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame AB85
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDlvFKcnqZE0FnnG7Gh--nA&google_cver=1&google_push=AXcoOmTwkG7z4OC0HMjmg0qApXhr8mpkL58DgSQ096g9VDLtTdsvBosJNcgcUe65Rs0ldrgzVVVFw0IfcCpaZkNVSvZBn1B7KbTf1...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDlvFKcnqZE0FnnG7Gh--nA&google_cver=1&google_push=AXcoOmTwkG7z4OC0HMjmg0qApXhr8mpkL58DgSQ096g9VDLtTdsvBosJNcgcUe65Rs0ldrgzVVVFw0IfcCpaZkNVSvZBn1B7KbT...

43 B
449 B

197ms
179ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDlvFKcnqZE0FnnG7Gh--nA&google_cver=1&google_push=AXcoOmTwkG7z4OC0HMjmg0qApXhr8mpkL58DgSQ096g9VDLtTdsvBosJNcgcUe65Rs0ldrgzVVVFw0IfcCpaZkNVSvZBn1B7KbTf1Cg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTwkG7z4OC0HMjmg0qApXhr8mpkL58DgSQ096g9VDLtTdsvBosJNcgcUe65Rs0ldrgzVVVFw0IfcCpaZkNVSvZBn1B7KbTf1Cg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:54 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 838132de6dab4d7f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:53 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 243
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDlvFKcnqZE0FnnG7Gh--nA&google_cver=1&google_push=AXcoOmTwkG7z4OC0HMjmg0qApXhr8mpkL58DgSQ096g9VDLtTdsvBosJNcgcUe65Rs0ldrgzVVVFw0IfcCpaZkNVSvZBn1B7KbTf1Cg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTwkG7z4OC0HMjmg0qApXhr8mpkL58DgSQ096g9VDLtTdsvBosJNcgcUe65Rs0ldrgzVVVFw0IfcCpaZkNVSvZBn1B7KbTf1Cg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 838132dd3b704d7f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB85
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKHR2iraTqnDlE4jd9jc0P8&google_push=AXcoOmQNcoZbVdGQJOGh7ocw4f-_iLhjy33XovsCZ0cGoQeUVSVUBWKwZx...

170 B
188 B

45ms
45ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKHR2iraTqnDlE4jd9jc0P8&google_push=AXcoOmQNcoZbVdGQJOGh7ocw4f-_iLhjy33XovsCZ0cGoQeUVSVUBWKwZx4iKL9y2ng0uEGZGic_vjeuAsdrbekbf-rDwrbLv3Nycu4

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230047-FRA
pragma: no-cache
date: Tue, 19 Dec 2023 16:59:53 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1703005194.784647,VS0,VE99
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKHR2iraTqnDlE4jd9jc0P8&google_push=AXcoOmQNcoZbVdGQJOGh7ocw4f-_iLhjy33XovsCZ0cGoQeUVSVUBWKwZx4iKL9y2ng0uEGZGic_vjeuAsdrbekbf-rDwrbLv3Nycu4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame AB85
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEOGLynLFMmev4H2sRaKhD8c&google_cver=1&google_push=AXcoOmSTwLhSKEE6Ubc37I0wa43SSRW0b1GR36_TezVAKYynzzzaiXBEnVd2pysjDVJA-XlDhUFtiAk...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmSTwLhSKEE6Ubc37I0wa43SSRW0b1GR36_TezVAKYynzzzaiXBEnVd2pysjDVJA-XlDhUFtiAkHz7MAs5YnRNB71v5OoWurObQ&google_hm=p0d_HWKBTkK5V_...

170 B
232 B

47ms
47ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmSTwLhSKEE6Ubc37I0wa43SSRW0b1GR36_TezVAKYynzzzaiXBEnVd2pysjDVJA-XlDhUFtiAkHz7MAs5YnRNB71v5OoWurObQ&google_hm=p0d_HWKBTkK5V_qqEtCiTIg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&h=280&adk=1625554742&adf=527327188&pi=t.aa~a.3467383289~i.5~rp.4&w=1090&fwrn=4&fwrnh=100&lmt=1618315212&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8216980806&ad_type=text_image&format=1090x280&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&fwr=0&pra=3&rh=200&rw=1090&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192929&bpp=1&bdt=1254&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280%2C1090x280&nras=4&correlator=534312875220&frm=20&pv=1&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:52 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmSTwLhSKEE6Ubc37I0wa43SSRW0b1GR36_TezVAKYynzzzaiXBEnVd2pysjDVJA-XlDhUFtiAkHz7MAs5YnRNB71v5OoWurObQ&google_hm=p0d_HWKBTkK5V_qqEtCiTIg
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame AB85 43 B
146 B 295ms
7ms Image
image/gif 18.192.242.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEMyOGdywv1-nSdMDFrGPp3w&google_cver=1&google_push=AXcoOmSOpwhTFAezvYBudrMajWwvCpVZaAUEsl5RUZIm_RJRZv0UMV8Uc1lm-Z71gLd128YFkzGYuVEAkh-Y4X3Z4zahlmhTx6YAog
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&h=280&adk=1625554742&adf=527327188&pi=t.aa~a.3467383289~i.5~rp.4&w=1090&fwrn=4&fwrnh=100&lmt=1618315212&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8216980806&ad_type=text_image&format=1090x280&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&fwr=0&pra=3&rh=200&rw=1090&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192929&bpp=1&bdt=1254&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280%2C1090x280&nras=4&correlator=534312875220&frm=20&pv=1&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.242.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-242-138.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB85
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAvap9C-7kVrcYaHSkQTcag&google_cver=1&google_push=AXcoOmQ60NFcRcDP41JIR6jvvVxe1sEcyFcWubgOcJooFBSzYSrjLgqJtTmLc5HnP_1WxO1JVuUdKhJu...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAvap9C-7kVrcYaHSkQTcag&google_cver=1&google_push=AXcoOmQ60NFcRcDP41JIR6jvvVxe1sEcyFcWubgOcJooFBSzYSrjLgqJtTmLc5HnP_1WxO1JVuU...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzE2MTA1NzQwNTY4ODQ2ODQxOQ&google_push=AXcoOmQ60NFcRcDP41JIR6jvvVxe1sEcyFcWubgOcJooFBSzYSrjLgqJtTmLc5HnP_1WxO1JVuUdKh...

170 B
188 B

46ms
46ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzE2MTA1NzQwNTY4ODQ2ODQxOQ&google_push=AXcoOmQ60NFcRcDP41JIR6jvvVxe1sEcyFcWubgOcJooFBSzYSrjLgqJtTmLc5HnP_1WxO1JVuUdKhJu6kHATGP37pWBXTZb-4MCecA

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzE2MTA1NzQwNTY4ODQ2ODQxOQ&google_push=AXcoOmQ60NFcRcDP41JIR6jvvVxe1sEcyFcWubgOcJooFBSzYSrjLgqJtTmLc5HnP_1WxO1JVuUdKhJu6kHATGP37pWBXTZb-4MCecA
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB85
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAvap9C-7kVrcYaHSkQTcag&google_cver=1&google_push=AXcoOmRwydhGV7YdVR1awdNnx2RfRtEdXmMSApKMo4qt4LtiFUZN4OsKMfZ76ySChvE_ApEtVxdA4Zv6...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAvap9C-7kVrcYaHSkQTcag&google_cver=1&google_push=AXcoOmRwydhGV7YdVR1awdNnx2RfRtEdXmMSApKMo4qt4LtiFUZN4OsKMfZ76ySChvE_ApEtVxd...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg2NzE4NjM3NzMwODU1OTA5NA&google_push=AXcoOmRwydhGV7YdVR1awdNnx2RfRtEdXmMSApKMo4qt4LtiFUZN4OsKMfZ76ySChvE_ApEtVxdA4Z...

170 B
188 B

47ms
47ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg2NzE4NjM3NzMwODU1OTA5NA&google_push=AXcoOmRwydhGV7YdVR1awdNnx2RfRtEdXmMSApKMo4qt4LtiFUZN4OsKMfZ76ySChvE_ApEtVxdA4Zv61upfYIvddaINqjmrlY6wNw

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg2NzE4NjM3NzMwODU1OTA5NA&google_push=AXcoOmRwydhGV7YdVR1awdNnx2RfRtEdXmMSApKMo4qt4LtiFUZN4OsKMfZ76ySChvE_ApEtVxdA4Zv61upfYIvddaINqjmrlY6wNw
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame AB85 0
49 B 46ms
46ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KbApPbvcEASvCoqRYlJRDPmS5brymmpf5gY_aDzksbPh3O9oCyk9u01-wwnr32NN65hicp

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&h=280&adk=1625554742&adf=527327188&pi=t.aa~a.3467383289~i.5~rp.4&w=1090&fwrn=4&fwrnh=100&lmt=1618315212&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8216980806&ad_type=text_image&format=1090x280&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&fwr=0&pra=3&rh=200&rw=1090&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192929&bpp=1&bdt=1254&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280%2C1090x280&nras=4&correlator=534312875220&frm=20&pv=1&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 160ms
67ms Preflight
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 19 Dec 2023 16:59:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6EE5 16 KB
16 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 17:38:05 GMT
x-content-type-options: nosniff
age: 84108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 17:38:05 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6EE5 15 KB
15 KB 37ms
37ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:54:09 GMT
x-content-type-options: nosniff
age: 29144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 08:54:09 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 112ms
68ms Preflight
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 19 Dec 2023 16:59:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 152ms
79ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

253ccbe936b3fa18d1e75d37e5aad7ab47f62cd210e322084c0cbe2f91ca29e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12116
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 4E62 51 KB
19 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3464740811324747&output=html&h=280&adk=1625554742&adf=527327188&pi=t.aa~a.3467383289~i.5~rp.4&w=1090&fwrn=4&fwrnh=100&lmt=1618315212&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8216980806&ad_type=text_image&format=1090x280&url=https%3A%2F%2Fvcruntime140-dll.ru%2F&ea=0&fwr=0&pra=3&rh=200&rw=1090&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005192929&bpp=1&bdt=1254&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280%2C1090x280&nras=4&correlator=534312875220&frm=20&pv=1&ga_vid=1069398248.1703005193&ga_sid=1703005193&ga_hid=630160682&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1600&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080104%2C44798934%2C44807406%2C95320868%2C95320885&oid=2&pvsid=1534503199222985&tmod=100120747&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 12:51:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 101327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Dec 2024 12:51:06 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 16:59:54 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3ACC 13 KB
5 KB 36ms
36ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vcruntime140-dll.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 28204
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 09:09:50 GMT
expires: Wed, 18 Dec 2024 09:09:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6BF8 829 B
560 B 45ms
45ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

700064690fd9f243eb34781b751ec940fc1fe126b2fcd79a3981dc97792dcdd9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gvBO_--TG1jYTQdonF08Ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vcruntime140-dll.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-gvBO_--TG1jYTQdonF08Ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 16:59:54 GMT
expires: Tue, 19 Dec 2023 16:59:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 3ACC 39 KB
15 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 11:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 11:16:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6BF8 0
0 66ms
66ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=1534503199222985&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3ACC 0
10 B 35ms
35ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_zphhA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:59:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame FF77 28 B
54 B 51ms
51ms XHR
application/json 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
X-Goog-Request-Time: 1703005194553
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Fw3_8sFZ5Pk
X-YouTube-Client-Version: 1.20231212.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtiY01KS0w0eXRGWSiImIesBjIKCgJERRIEEgAgOg%3D%3D
X-YouTube-Ad-Signals: dt=1703005192321&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 19 Dec 2023 16:59:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Tue, 19 Dec 2023 16:59:54 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A7C2 42 B
64 B 70ms
70ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvpRYAcJQ31xtKKCu_S6CCu3-Xou5nCGcyhS8SEejEvmKrwa_TDn-xXPHtYP9KosFlQfm3PjsraKHZQZcmf2v2AyzUd1K3CYxiYvqMLB5ZI0A-A6WavBYue4GuKeWjmTse8PeIYhNM5M9S_70FDyfXk2UI1eyJtMU9ZtEIjHfcKQWO3CPdpOqw&sai=AMfl-YRXb_9782iSC61sk6ZkXRaIR3WtlMilMtGR9i6-aZxgkZvwcRdtVRwAeLWGFR7frhHBaUKOLRFdaxmSd_6lFBzmy5FUNuHybHLeRAs0dOST6gapNppSWmR8-tkokeNzBywYQWiTnft63Jnfq17ljg&sig=Cg0ArKJSzBvngT-x2dIoEAE&cid=CAQSTwAvHhf_rlT96FmFneQUPbZEY_dV13eXMsre3DkMjMFAMg8xdtmmLiUADIjDXRriWCcA1O4cQ3S9-VaJrCfPegnHpc9vhc4AiFt773zzzhIYAQ&id=lidar2&mcvt=1000&p=0,0,280,1130&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2816580624&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703005192581&rpt=1086&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 16:59:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 70ms
70ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=1534503199222985&bg=!np2lndLNAAY3kmNgF5I7ADQBe5WfOOgHpL5h_nJ_NnNK07tXnfmnsbQnW5kcnLLXfnWM8B1yGkrb_H2M3dzCxFUeLnjaAgAAAEJSAAAAAWgBBwoAe83u3zqsRO5c5KqhGM3oDK-lScyZq-IHpe19ntRNhrkdgGI-KaZNSroZeslZl88688rE26roBHuxkT6-4_c1xnwVxI0iGawcnLatHLu51P0Qf3Do4YXl-YwN-xQm5LwVXY8kI9WZk5PMPLyViG0crZhxCVblFVci509slJkC-QP0L6VErmfydOPHkF1Ab1fcPXRmSYkJusTAUoubrS9d7PzGvL4H8_-YGeFqF2G_Nirvfd5Ccnlsf4MDtMxxVwaNeNMQBop7kmUqRIymAuz3OqFFyeNGzV-x36nPIKJwkcq7JowvvMqRcVs-Z1-6stjPXiq9nhGeELae32gf5Ier8Dyd7Aens3yXE6EfkHZDhAupvChjaRZgIOTE-TBkzysNjNwPRsbOAv4CzXIcIc2o5zFMtDfTan6WGll-h4yrI8Rn76Islph_OBilAyG2LXJIRoEWcp9w4gk8SdFlA3aSOln0GcNTeqK3UBArTx-96PUXRyND3jocfgarAtsBRzZunJoSsNVUpQJxnPOWCGrpNWvXkptqEv7TnT7WYQ_HiDp0e1dMqD--3kbOeJzav-ojNrR2pRkhna1ax_mzGnaXPDsOGjXAIUB4ZYC8sukDC-XRN3UsGDhvj6Ch2S0nbIjPzFv6yyB9nc8fCDzH6wt2KpZ3IuMtQFGu8IKXy8fPUpFYmjHJe7BBzTBXOdpibxE_-bxdOqw8BcNAcSogzRKeZV1LkJq5JtuSyxZbCM71AnSDM4xVGGkANH5RFEQGsumCDVTvhy1Q7BEwSgUP9So9QaWzC9W1AtW-1lLHPkFPQ4kDHeb5rrpX_3N3OUyOYf1eczVmhWcK64ji2TEJvpUN99WpSrr1GxGWCrjEl75XMHjMNRtd8VxZFgXi_4B9sJg5SGviP7Oa-ed-vfIrao3W9K9Zs0neIcGEQAdUxm7RWb1ew6fZR5KI1HdGMiaGN3OnmOGo8cwQG7ka25dqzonn7HZRx95ytzXaliUlt-01XHLjyUUiK8kiOPi3vjnEUZWtDiVYlJgJeO_EhEwvae2z0nkEi2nDRaf-YaMxVufjw12q3TymcV0wTbURSKXFfGbgAFKYteJIKCjYL_Z-JfdB6XTeyiWzjWv92IplWB23pFQrxlV4Qa7gJPaIgTaxigCteaThD4sU1ieZAiR4qMRUneo9qOk0TlZD
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vcruntime140-dll.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: nX23kBGM8Ck
.youtube.com/	1970-01-20 21:22:37	Name: VISITOR_INFO1_LIVE Value: bcMJKL4ytFY
.vcruntime140-dll.ru/	1970-01-21 01:49:01	Name: _ym_uid Value: 1703005193566654365
.vcruntime140-dll.ru/	1970-01-21 01:49:01	Name: _ym_d Value: 1703005193
.mc.yandex.com/	1970-01-20 17:03:25	Name: sync_cookie_csrf Value: 111357725fake
.yandex.com/	1970-01-21 02:39:25	Name: i Value: WR88BbUcy5jKt9Bx7x5r0nWzYk+o0Tx7KlzxQGp1awuF1NG6fy5B0URST29PYHL2oQHSD1juAVetqOJTA2QsDuN6R9U=
.yandex.com/	1970-01-21 01:49:01	Name: yandexuid Value: 3814149881703005192
.vcruntime140-dll.ru/	1970-01-20 17:04:37	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 17:03:25	Name: sync_cookie_csrf Value: 884502647fake
.mc.yandex.com/	1970-01-20 17:04:51	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 02:39:25	Name: yandexuid Value: 3814149881703005192
.yandex.ru/	1970-01-21 02:39:25	Name: yuidss Value: 3814149881703005192
.yandex.ru/	1970-01-21 02:39:25	Name: i Value: WR88BbUcy5jKt9Bx7x5r0nWzYk+o0Tx7KlzxQGp1awuF1NG6fy5B0URST29PYHL2oQHSD1juAVetqOJTA2QsDuN6R9U=
.yandex.ru/	1970-01-21 02:39:25	Name: yp Value: 1703091592.yu.9755541491703005192
.yandex.ru/	1970-01-21 01:49:01	Name: ymex Value: 1705597192.oyu.9755541491703005192
.yandex.com/	1970-01-21 01:49:01	Name: yuidss Value: 3814149881703005192
.yandex.com/	1970-01-21 01:49:01	Name: ymex Value: 1734541192.yrts.1703005192
.yandex.com/	1970-01-21 01:49:01	Name: bh Value: KgI/MA==
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1738907001703005192
.vcruntime140-dll.ru/	1970-01-21 02:25:01	Name: __gads Value: ID=fd967e15865bc4cd:T=1703005192:RT=1703005192:S=ALNI_Mbb6NOzCqGJp9Xy6UNwvenWt_VHAg
.vcruntime140-dll.ru/	1970-01-21 02:25:01	Name: __gpi Value: UID=00000d21bad693d3:T=1703005192:RT=1703005192:S=ALNI_MbWXykrQhjeueLV-VXP9ekOjUuq0Q
.doubleclick.net/	1970-01-20 17:03:28	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 02:25:01	Name: IDE Value: AHWqTUkRHTY67Blq7wO6alxM4ZHh8IrmquifvUQxANtvTlRd7x5fXTxgS8J3pDLdFp0
.quantserve.com/	1970-01-20 19:13:01	Name: d Value: EGsBCQHZKoEA
.quantserve.com/	1970-01-21 02:33:39	Name: mc Value: 6581cc09-a88ef-1a501-ca97a
.blismedia.com/	1970-01-21 01:49:05	Name: b Value: 6581CC0913CCB70E2A9BB9B8BLIS
.simpli.fi/	1970-01-21 01:50:27	Name: suid Value: 565E3DA893694F808781ED76E7052F5A
.yahoo.com/	1970-01-21 01:49:22	Name: A3 Value: d=AQABBAnMgWUCEBA8Qc6rbRUBCWykJO-lu9EFEgEBAQEdg2WLZQAAAAAA_eMAAA&S=AQAAAnNV7SxvCYdM_H4txBvGcPI
.ctnsnet.com/	1970-01-21 01:49:01	Name: cid_a7477f1d62814e42b957faaa12d0a24c Value: 1
.ctnsnet.com/	1970-01-21 01:49:01	Name: gid_CAESEOGLynLFMmev4H2sRaKhD8c Value: 1
.adform.net/	1970-01-20 17:48:03	Name: C Value: 1
.everesttech.net/	1970-01-21 01:49:01	Name: everest_g_v2 Value: g_surferid~ZYHMCQAIJJlnCQBH
.adform.net/	1970-01-20 18:29:49	Name: uid Value: 3161057405688468419
.googleadservices.com/	1970-01-20 19:13:01	Name: ar_debug Value: 1
.tribalfusion.com/	1970-01-20 19:13:01	Name: ANON_ID Value: arntXLNZaiMjAmemFnSwbRDS4lY8yQA1bT2lO60Qd391rMReaeh0FFv3ZdQY3AxJMH6rGpW7eZchHDdjP3kL039UvbyqAKB

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
googleads.g.doubleclick.net
ipac.ctnsnet.com
it-tehnik.ru
jnn-pa.googleapis.com
mc.yandex.com
mc.yandex.ru
onetag-sys.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
s.tribalfusion.com
static.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
vcruntime140-dll.ru
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
yastatic.net
142.250.184.194
151.101.130.49
172.217.16.130
178.250.1.9
18.192.242.138
23.32.185.35
2600:9000:225e:1600:11:a4de:2580:93a1
2606:4700::6812:19ad
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:802::2002
2a00:1450:4001:802::2004
2a00:1450:4001:803::2001
2a00:1450:4001:808::200e
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:830::2003
2a00:1450:4001:831::200a
2a02:6b8:20::215
2a02:6b8::1:119
2a05:d018:d29:3602:b72b:cd0:cea1:c93f
34.96.105.8
35.186.193.173
35.204.74.118
37.157.3.26
51.38.120.206
81.200.116.208
87.236.16.218
00e2768a2298a27c65f487c38443c821db861cd1decd09fc9d0268b8f462f5aa
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c71106628b235959659a80caca8df6f9e8dfc9eac825605e79d2738726f287d
0c9e4d264676edbea65842a3c9cb6c7e9c5768f1a98ab6199651d0dc4b962d96
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f256bebcc7927e6a8f6d590bb1463f65e33d67873cdcf0708f538bfcf82ab7c
10105af423c3dcf46d274e7c2b1fba727d64543722aa114a35f6a7536f719cb8
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1
1a275afec75ad4968444f347276b7c576a9fd0a4d6f06cb7a1fd0fd43e4a047d
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
253ccbe936b3fa18d1e75d37e5aad7ab47f62cd210e322084c0cbe2f91ca29e2
25cdcd78bfaa228c563e223c2bd5516612d369cdccda34c7367f26e7f860ce8f
263231032c6c85a5513c330d08cc3cef639e5a3ff22691a8f7b56df423aea7f7
273f57ca0bb782190a8a76646cc5af8f5bc1b757a3f96cd81e5ba5dd1e83a239
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
2a6bb5c3e685d7a455dcef8e345cbb537cb2af4e77cc2193c86e6c2fcf69809a
2aeeb5f5ef203757fa4d587ffeb991c30c9bd90e56056b79c98c5e9f226f70cf
2c31daae8b67df28286a285cba84cafe86ff3d2a9043bb26deb93d41156de489
2f0871fbcae00bf918fd72376da512d070f688247b31b93e8181b207556f386a
2f527f213eb8854d203bd3f7d97d5a2d37cc126840a1d8d8b566d37fa7b823c9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32f9c09189248fc7081865c0e1b536205384f9d96c5a75e0ccb484e2a74a6f6a
35e7c62dec2e0d58604632be7c5327e64a75ece36274cef5a60bace180bb663e
3c9f933d72a7bd02697d7107a9f1ab3d66cba302fc93adb24b1d826f44a99e45
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb14959b30b76820df27eddae54d89807523ad15627db1677cfc3918a5e554c
40f09dcdb226fb60428bfe107e02f6c50db1561694264b0144e0155f9f3e4140
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
440c2994b4085022c2627bff0050d133d674b777306ce4fb876cf8877ce70b28
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
47e5fb3c1160e0628f8183a8e49ad11772fd5a09a8434369b97d17ea1a01a1e1
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4a3eca77ff9d440fabfc4e66dee7087633e455f7b6846e1ba26b71824837270b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fbb0bf2ff9704a952c288ccc5438b2f6e7c9753b19299c2f2e7fcb59ba6edb2
5301bbead54523dd82d645f1f4f51054844036477a493e1cc48257fbeb4b7399
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
57df901ddd718ea67fc2c55f827e20fef7a5fae5145e9149e79eb065f9a097b9
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6bbe1d6c47ae44a6c20c4a6ff228fdf15b387edfeb7d7535567c239705298a0d
6c16fcf17b9e066a762a2f648f0fb5b404ef628ca318b1bd97d7c364652a7f1a
700064690fd9f243eb34781b751ec940fc1fe126b2fcd79a3981dc97792dcdd9
71afafd6cbf9f8256229bb61ab5e50a8a5fad057a5e311c2e3eb698e01f18260
723aa7e4d231c81a010c84b8703f0078c2510814c5da2e9ee4d2949c7e48e747
75fff8f96dba56994183e47cfea60953bfb238199e77858d01b636d3eb57b80e
78bf2174c142170fb833d75665bbb4626ba20a35e524ac5ab0060463512666ad
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
825dc17f49ca9b050b073867d0860e756bd4d97aaba6dd3cf444ebd0bc90298a
82b82e943496c99d9d425239a44177e78cc41cf80acf0312a69b4561fce97fd1
838439f7800886796f6c8dd2b1bb6eeebfccdc9b05f89c489140c10edff3ab28
84b2ada91ae5c7971c95e2ef86fe50b851d2edf4de551b61d94031960f2de0b1
8734c970c670d52e2a115ab506d983ec6702613db1528af5fff769f3ed117754
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8e83bcf0315f708e646d547688191140b0fbf240f230225e7e4cc136d8133fe3
91af9470c746ca950a0ebe1dfc53f7ec96deb86723da7f23c4a0c61c88210fca
92bc0c6e7a92e4c25222de29e66ebb67feb254e3dff491a5f6a899a0729ceb96
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9be7e931e5978b27a1428050d2045f7759ae34424b2a60a021d57a7af6d981f6
9e92b02c607537badcaa2104a66b8964dc659afee390d2b2515071bc4c91a1c3
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2366f8ceefa49f15dbf946bb02a4cf52b6d2999f71712d3f52e8bd5f56e1988
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aec8baf0f56ad6481043f64acfac2823acba0c0218394cc89444d43ca23b9f73
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b11f3b13771351c6814e6dbb7afb7d1b0bdb710d50c0fd131e7370fa9b065659
b2ffe03c81d3ea4360413f1a246d4b9b2a032fbfd6a6a88bf374f38bebd8bb34
b87f65a4f1dede81da14989488d2bda81ed33f0efc75a6b1393b796656e62884
b8b34054874c5aa9b958c029817c4f878c873b1312379e8882bdcdefb1758626
b8cfedea93ac99d7b64e9477a841535ed7f6f752cbe06eb6fe8f66eec13e4688
b8e7bef1b2ef62754c72089742bde52b989db545c0ee4c6ce06832ca04c7b582
c4548b548dc9ec0ddfecfb43202c659a5cb13f1b1b852ce667372ed88674780f
c4a3e09c02acac77ace5d2236bac1ec8efbc42dcba66b407a73fb0adb5f87ba1
c99dfc8bc253b502b7b586e9bc538f8ff16d404329102068a0f50cf5aaa8dc69
cd93394fd619f798a96b816d476d14b14051345cbf3b7edaaf2a8eb11720a925
cf8123045ef80b8be3f0c4af6ce6b9aec01099cb573ac467e0b6fc596fc29f1d
d1c58a91ec234f733d144a8920f131d8127ad1f3683b7bbd4feaa7941ebb9e0f
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
db231e4db4cb552e851c83690001c19ec4d53f0bd7619dbd87e77d67366c9cfb
dd74220782dbe570d4fbc18ef6fbab8c40a91207de49924d09779622efeb6807
dea8459f21b5c4582b6dc1c0d67b11fcabe9001bc0671496b5790936db26d732
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e197d53fe7df60cf0d734093501fc6d16ee9ba1bc2dd0fc6e8b80aad3bf7a304
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e832ca82e692bd71c3163d5d52b14a5e27c53574df19423aa1bfcc8657adf67b
e9e4b3ee93f851e62156c181e2f75236a75591c3393a46f4f34400589e902bbe
eda5d16e8ff221ed19df7cf856547f10c3855a5c411734a709a580399b1d5e3a
ee11928e9a31b92c22b88f0c49dae1f791043fe071dacf46b848efe85254c003
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f243c4151df8fe5a2d6585c08c0ceb8888a4f04fda74a8887e20a46aa45d674c
f6048ed879451b183c6eef0699d35989cb844967569a295f2580d226ecc3e83f
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f8ed7cb7ac6dc9850cffba6d02a3e222269f9ac3cdde0cfbead7734149281f0f
f944d4ca5dae5802d9219fce97fe6aa892c18e0f64e98b314f4873bc5fa2cf61
fa0512a478d0b22c10cd4b42a386e9e3a6321e221f44eb9ed93d828b4a2d86bc

vcruntime140-dll.ru Open in urlscan Pro 81.200.116.208 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

149 Requests

89 %HTTPS

57 %IPv6

26 Domains

32 Subdomains

25 IPs

7 Countries

2520 kBTransfer

6693 kBSize

35 Cookies

6 Outgoing links

Page URL History

Redirected requests

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 18 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

vcruntime140-dll.ru Open in urlscan Pro
81.200.116.208 Public Scan

Screenshot
Live screenshot

Full Image

149
Requests

89 %
HTTPS

57 %
IPv6

26
Domains

32
Subdomains

25
IPs

7
Countries

2520 kB
Transfer

6693 kB
Size

35
Cookies

149 HTTP transactions
18 data transactions