7zip-download.ru Open in urlscan Pro
2606:4700:3034::6815:1f7c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://7zip-download.ru/
Submission: On January 10 via manual (January 10th 2022, 2:52:03 pm UTC) from RU — Scanned from DE

Summary HTTP 143 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 23 IPs in 7 countries across 16 domains to perform 143 HTTP transactions. The main IP is 2606:4700:3034::6815:1f7c, located in United States and belongs to CLOUDFLARENET, US. The main domain is 7zip-download.ru.
TLS certificate: Issued by R3 on January 10th 2022. Valid for: 3 months.

This is the only time 7zip-download.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:303... 2606:4700:3034::6815:1f7c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3 9	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
14	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:401... 2a00:1450:4019:80c::2002	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.181.66 142.250.181.66	15169 (GOOGLE) (GOOGLE)
6 8	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
6 10	184.87.213.8 184.87.213.8	16625 (AKAMAI-AS) (AKAMAI-AS)
4 6	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
7	23.218.209.154 23.218.209.154	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.252.133.182 34.252.133.182	16509 (AMAZON-02) (AMAZON-02)
1	3.11.43.80 3.11.43.80	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
7	104.89.28.234 104.89.28.234	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
143	23

12 2606:4700:3034::6815:1f7c (United States)

ASN13335 (CLOUDFLARENET, US)

7zip-download.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4019:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fjr04s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.162 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 184.87.213.8 (Milan, Italy) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-213-8.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.221.53 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.218.209.154 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-154.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.133.182 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-133-182.eu-west-1.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.11.43.80 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-43-80.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.89.28.234 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-28-234.deploy.static.akamaitechnologies.com

havasfrorangedcmdisplay758646212611.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 94 tpc.googlesyndication.com — Cisco Umbrella Rank: 127	476 KB
27	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 245	164 KB
25	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276 cm.g.doubleclick.net — Cisco Umbrella Rank: 169	148 KB
12	7zip-download.ru 7zip-download.ru	295 KB
10	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496	9 KB
9	moatads.com z.moatads.com — Cisco Umbrella Rank: 348 geo.moatads.com — Cisco Umbrella Rank: 608 mb.moatads.com — Cisco Umbrella Rank: 566 px.moatads.com — Cisco Umbrella Rank: 393	111 KB
7	moatpixel.com havasfrorangedcmdisplay758646212611.s.moatpixel.com — Cisco Umbrella Rank: 186304	2 KB
7	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 29691	2 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	6 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 151	148 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 69 www.google.com — Cisco Umbrella Rank: 8	1 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	28 KB
2	google.fr adservice.google.fr — Cisco Umbrella Rank: 29086	914 B
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3317	66 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 745	648 B
143	16

	Domain	Requested by
27	s0.2mdn.net	7zip-download.ru s0.2mdn.net
23	tpc.googlesyndication.com	googleads.g.doubleclick.net 7zip-download.ru tpc.googlesyndication.com pagead2.googlesyndication.com
21	pagead2.googlesyndication.com	7zip-download.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com 7zip-download.ru googleads.g.doubleclick.net
12	7zip-download.ru	7zip-download.ru
10	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
7	havasfrorangedcmdisplay758646212611.s.moatpixel.com	googleads.g.doubleclick.net
7	mc.yandex.com	2 redirects 7zip-download.ru mc.yandex.ru
6	px.moatads.com	googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
4	googleads4.g.doubleclick.net	7zip-download.ru
4	www.googletagservices.com	7zip-download.ru googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.fr	pagead2.googlesyndication.com
2	mc.yandex.ru	1 redirects 7zip-download.ru
1	fonts.gstatic.com	fonts.googleapis.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	mb.moatads.com	z.moatads.com
1	geo.moatads.com	z.moatads.com
1	z.moatads.com	s0.2mdn.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
143	24

This site contains links to these domains. Also see Links.

Domain
vk.com
ok.ru
twitter.com
www.youtube.com
www.facebook.com

Subject Issuer	Validity	Valid
*.7zip-download.ru R3	`2022-01-10` - `2022-04-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://7zip-download.ru/
Frame ID: 862C08ECB590E99C8AE4777BF98CE360
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20190131/zrt_lookup.html
Frame ID: 62714E3660B722AE332F93013B81318A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7678251701655050&output=html&adk=1812271804&adf=3025194257&lmt=1641826318&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32&format=0x0&url=https%3A%2F%2F7zip-download.ru%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826318034&bpp=3&bdt=243&idt=91&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6952757924218&frm=20&pv=2&ga_vid=830560317.1641826318&ga_sid=1641826318&ga_hid=449088652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1915501816359424&pem=718&tmod=112&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=103
Frame ID: C1C3740A7AA41B38480A07C883CF04F6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7678251701655050&output=html&h=280&slotname=4425446158&adk=2843444959&adf=3159113135&pi=t.ma~as.4425446158&w=670&fwrn=4&fwrnh=100&lmt=1641826318&rafmt=1&psa=0&format=670x280&url=https%3A%2F%2F7zip-download.ru%2F&flash=0&fwr=0&fwrattr=true&rh=173&rw=670&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826318037&bpp=1&bdt=246&idt=107&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6952757924218&frm=20&pv=1&ga_vid=830560317.1641826318&ga_sid=1641826318&ga_hid=449088652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=1003&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1915501816359424&pem=718&tmod=112&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WEqParqW7l&p=https%3A//7zip-download.ru&dtd=114
Frame ID: 7BB9ED363A46D8B9241603759BA50697
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7678251701655050&output=html&h=280&slotname=3112364487&adk=4113227242&adf=201491406&pi=t.ma~as.3112364487&w=670&fwrn=4&fwrnh=100&lmt=1641826318&rafmt=1&psa=0&format=670x280&url=https%3A%2F%2F7zip-download.ru%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=670&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826318038&bpp=1&bdt=248&idt=141&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C670x280&nras=1&correlator=6952757924218&frm=20&pv=1&ga_vid=830560317.1641826318&ga_sid=1641826318&ga_hid=449088652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=3089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1915501816359424&pem=718&tmod=112&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Gj2xykG40E&p=https%3A//7zip-download.ru&dtd=144
Frame ID: B8EF142371743A716C7CA33AC88B7820
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7678251701655050&output=html&h=280&slotname=1799282819&adk=2983144549&adf=1034484111&pi=t.ma~as.1799282819&w=670&fwrn=4&fwrnh=100&lmt=1641826318&rafmt=1&psa=0&format=670x280&url=https%3A%2F%2F7zip-download.ru%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=670&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826318039&bpp=1&bdt=248&idt=150&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C670x280%2C670x280&nras=1&correlator=6952757924218&frm=20&pv=1&ga_vid=830560317.1641826318&ga_sid=1641826318&ga_hid=449088652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=4359&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1915501816359424&pem=718&tmod=112&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zvVpqQFeqR&p=https%3A//7zip-download.ru&dtd=152
Frame ID: B0A2469FC1EAB084F74D83253E4AE662
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8D539E6EF4904D3BE50C87A2D0D8C1BF
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRCX9ucBGIKe6L4BMAE&v=APEucNUgCyyfRol3CxsGfwcj8U_w4zhmo11Yl1XncDVotHPPP_BZlL6g4Gxp6zZjgr5B3VRPXXPlvWQDYwKjdHtza7D5Jdfg42nwbP_3_PUmZdE1acFTzAZZrV3vyP5tMw4yrClYMgS2YRXnn7xIak31zR3mAR3FzgVQRUbdUJNJDAElghw0wTc
Frame ID: 08538DAA301CC9971DE717CFC86975C4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CF5BSOOPre5hSaPAky9NQRwKYksv-XMBnXOuIi4oa5g73QBdHxFzp6ZD31Hl9TeEKrq8Xkyar5o8GK_8C7lb8kpwcof7jz_JeZz7yhFyN60Nub5ZezHawN24dJ_-GD51ibANnzDsGa0f2yD9rr99mDwXS6Qg&dbm_d=AKAmf-DGVVeJffYEKzGXl5fccg_wyTzi1ZYQjDmjrB7Xa9zWF6JpyOrIF-C8Mem2My0KPPrtR0VsudjtYoDCJ4UYXR05KAGaUnH0UX5YXTSzVps9WppbGXfEwTBtPCMU4Q0aslpM9BrA5OqHqSgmoT3dvGVMb90C_gYJAzGuVnXunYkZx_ki6tJlJs0bQQfnMaF6KNFzzU2eyJ9q5JanXcMMHlRufz2hMKdHNCtHMn_FR_JgITE-RWrcSpK91V9el_CgIyoEPbyxbgZ3eFUAFaLLTX93wr5ZCBuhlq7aN2_sgh6LJQYBc_E8nxr4Pn87_vomGJ6LLg7f8CpSdRsc7rOT_PrXrN6rZGwtOCrx4tYjTjAMykT6df-1Hl1n-KxC4worG0qE5boM7OzijYpvq6ml4MzJG9NGwvATNrAqDajpdkzqAvmquEqyUQ9AEyNfaduQ8u_8vKfFr9ZON03g6PsWYJvTRAmn9oUJkK4Iw3j8oG9nkH01ur6Hep7p1VTS2ZIHLBdBlYknTGBbbWucJDSUC4bk1nlmRR6hp8_J463nBHGdvCTI-R9A5mkSdJ43dNQUBqf6n7Z14gF1cr_k0fTfb1CpBXNR-1loPfwzadA1VU-5W3QtrupfPP66oHzPRHWFKtuggiGECrfFnCXgItolb2yIApMicH4iShDmfPr9sVq6Nq8sYlKyU9cDmP2h-545FGJY_fYamfrani502Oy2BaAqA0XYzDIPIsteKzbxfy5J_HI-6QrTIelNNqldRegJTd22WB4bmBRoMEHiF1I7C0Opr5TX1chtQL9m7sLbRz1ngvVyAmLVFdFZm3eIyR2xOjc1IH65_ShD9DLEYPRh9E0YagkEONPCTd6BcCc96zamTkLbpnZJAysFSvu9zDFJRd1iK44hWNEOESiI63aarB27wltHNN7OnD7493eT0IWJzmUqTK7n1O4Bh6cnlXS1e--llgHVuGuLOOEAkkxmWq9rekcqY4BKgxkoowhsFF__vQlISN2amxZyiFTxElHDKm1RnnUtyr2lz4wUBUv0D3Wv8gF9b5RUQccphBY75r1WCv8TLRe8tvLlGmUYzXhIxhJ2xlCk02ialx4E8Y9imCkfFZggu2WwvgSTsmMltGoMLxuWrm2JSDu_1GOwRwwAQzMl1ifdBtj2lhcOc8ZXgK8XFcapBpM7VPWUCbKYhIQrbe9eUBJoAbzDjzU4cmLY_EDw6l2yhl38iav2lyIneCT2qKGXalgOl7kH25VWj0OjzCWvkvBdcUrP2bRRaX0yZOcbH8tqUvKY15LRBK3kEFWD3Vp3SpfuyWZS3GNXbUebhA0I6RSTXpezKyXk6w5FE2EqPXqUWp2WCaNoSMGdh8axwBcrM2eITAoFwc3tFfmJp2lru3Xy0Zqj-qNJsoRtgp1q095Rb8U5Pw7pOb8Wkkloee2KqrEENJv2lCwu8An3BOW8GDdk-j5UzAoqUcvvDsvekXxN1LrhSlfrd_xzAhjAArpNFtgzSQi_3-LEmmfHCS1A72aTUzLlTPZg8M7_0AUWecZKNlARqUHAQWmXCqdfbiP0a5-2MCD5_Za3kRPF0IxTQRuV0IBxRePm-Ljv9A9WVcghk1cyFQ2CdyiV41zWJ3faepb4KnUBpCL8uXV5Oh8U-EjJASq0qcl6KhiJ5dr6Kjhq_PRzIrCGJkLMcT7tiOvCIeh3YZW46Db89F6YvC9m1BsmpqgXNJrd581Ru0ZKNoaL32_UvpaXor4_csLeYuwCObTHUIDBoH7YzmGvXEpfnT7vlS9sZ6V1Aclnx7wMBzoXZNXgFiVGk_P0HoDgQtXPXWTVu2eElphstbyBhJtPZ88ve1YGgPiN4jFUjZ50dKLnIuYylmChwGCtTplMM-Za5Ipn4haYhhLSz0UCpXLfmfxKeMRgLgbOxTePoMgO0D7tsABEFlzOfRUdTg2yllGaznTDXD5CiJ4I6oOqLO4-Yn6zxQOgbD3eH-PeQwrTzpvJFadZvWPmrbUeoJ44thnUxzTy5BY6JbBNcIKT_YWN8SjB2Jc_y-s8Lh52YX08BwYGHYlsJMD-gWRSMNBdEFonODWmGvGYvdDEIIoflLtINYSnyFcSkYXp0OJ7btRjoJxywVjrQ6plYTWVCh3G56fMmnD02LFlPh9PEvL2Y0WjxX5WcxlR4INZC4OQSRcEGtd5OvnCh30GcBax67nimYYl6fq0xgUFtna11oMCn20FSHOkZHFai4i95AO6clGoHmZqJvenrtxrNyRaMyZn9Yypl4QQQfI-b_pjW2uAr6BhWl6S37RxIIuxLsaHCrDQyoTe9GGuC0i6cBuRx7BI2pnLVa7yXEOwrmSPSeVcD341dswqZNBX7kylPs0K8WzlfKyhdcGv9taqKVqu1OsbANY18Me8W84EZqUY_WFWBQvmM8nBxKY7VHBA_IHmOrfiXLaEM3dZ-L5fC_k4PGbpGuNfyZxBSIwhQbVarhRL2BXO7qFz5NaxEniOV82v942BH-gcEsgE9f70UZfMjLPaDMFEGyvSy_nUW34IBLTqTzMtP-yvNT6D8-ECDb8g1dDKR9x-tGaPa32SI1gQXmDsNvT8pcjPPgtXSsDr2R1cktcey4bY-B9k5K9W-RUJP5vZAY3UzQQBmvXLkLw66grbVS1bjuXFfu1VYQ4SQRNq5SbDQOlSt9f_VwJFCKvqk_qHbyzU72sTHn2sS2189eBeq5ssJlgVVbZVNN32ygD_y-TYgDJnOhGvvaQeGTqB7wvI4saarnu4P0AGXyVM-w_19eqPyRP3dRWFityvn2KKZ27fRRu7YWpF3x01FXJLzUIe8oqIH8DNQjpJr2ioGI38g6bCVTREngQk6pggsJf2dZyIyxkXyCfEZkxUK6FAE8UuGIUR3kIvrkZ8g926gAvy1rL1j8KeF3vNP1OuXZ4AuRlBeqKVBwub5TlMV9ynxibGTRxoGRdjGkI1I1WHNfaqE3XsZN2K2oLQyieSkn14BHtgNhEtu-gAVbMwbcwgvYkoX2WTFZX52BnUbXI6qzwEQOvdWenbnnD1hgjnedMrCpFiWkDb2OTY87U1uGEhUzeEfPj428nusQc5xZ1iFoSHeynwKsEtHhtN-BGtJ_oyyz5QCfc&cid=CAASBORoYQQ&rfl=2%2Chttps%253A%252F%252F7zip-download.ru%252F%240
Frame ID: 3CD0794CCE05581ECBAC6C88FB8C69A1
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHR6uYCELDS8uoCGPTC770BMAE&v=APEucNV-cj6sy1cxZgZ8Qn9NkNVJewfV-h-lGL-_XV98QGanYmQbVPhFtQpGwOZWqVNnr5qw8A3_O0CgaEz4hNNKapOd-vYuyK4lv0RmUGqdJDoOlk05qg8M4fT8OzdJu8GLZBeDJqBmHjbkdIy_zqZaOm_H_2-0UpZJTbMXvmBSgScfQcsZsHs
Frame ID: 45B2D14F74D848967973301D429A5680
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js
Frame ID: B9D6B3D0DAD9539B634CD705EDBECE5D
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 012B9E4FA94C8B09E9904C29CE3281D3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E5C064728A0D71CAB6568ABB9BDCC612
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html
Frame ID: BFB0A0C50ECABD33DD960CCA8C4A44D3
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9140A6F8DB77C7AEC1A1D47BFB7C6EC7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/V_1BK8LT12tPAXVBd9VW07x8-6IwLId0KwHdjemGMHg.js
Frame ID: EB8EA2AE1548DB29D8A1BD60BDB09688
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/V_1BK8LT12tPAXVBd9VW07x8-6IwLId0KwHdjemGMHg.js
Frame ID: CEFA308408F56F132FF06D4F3A129561
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BD98B5EFA6EF9CD235C167F7E4AC799E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 31F936A26DDFF09510580D9F907EB76A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Скачать 7zip (7зип) - Бесплатно На Русском Языке

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

143
Requests

93 %
HTTPS

59 %
IPv6

16
Domains

24
Subdomains

23
IPs

7
Countries

1446 kB
Transfer

3333 kB
Size

21
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://vk.com/7zip_download

Search URL Search Domain Scan URL

URL: https://ok.ru/group/55573695692817/topics

Search URL Search Domain Scan URL

URL: https://twitter.com/7zip_download

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC7mPj-TfhrbFFaewaBlmaBg/videos

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/2140168972889765/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9514.KnyCPGe2wSPe8YiAhB6vOs01lILdcXeuJSHDZ0MMD4iP6E9-1CqAqQEJmYUQgxr0.YAcIohtKa-iEgeQgicwYjfF1Hwk%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9514.8AAcZYvMT42JI_dzzwU9s-0S_tKkyuhGDTQqIX-aVVP4SKZy4455ciN2X3riHh2MsgfLy2SEnRccOqI4D78R9A%2C%2C.lAuwYpQZio4nDSYKzXOdeOofGyM%2C

Request Chain 24

https://mc.yandex.com/watch/47214456?wmode=7&page-url=https%3A%2F%2F7zip-download.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A766%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A471592156943%3Ahid%3A187763525%3Az%3A0%3Ai%3A202201010145158%3Aet%3A1641826318%3Ac%3A1%3Arn%3A182153767%3Arqn%3A1%3Au%3A1641826318899493481%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1641826317217%3Ads%3A360%2C22%2C190%2C2%2C0%2C0%2C%2C180%2C1%2C%2C%2C%2C754%3Adsn%3A359%2C22%2C190%2C2%2C0%2C0%2C%2C181%2C1%2C%2C%2C%2C755%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1641826318%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%207zip%20(7%D0%B7%D0%B8%D0%BF)%20-%20%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%9D%D0%B0%20%D0%A0%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%D0%AF%D0%B7%D1%8B%D0%BA%D0%B5&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/47214456/1?wmode=7&page-url=https%3A%2F%2F7zip-download.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A766%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A471592156943%3Ahid%3A187763525%3Az%3A0%3Ai%3A202201010145158%3Aet%3A1641826318%3Ac%3A1%3Arn%3A182153767%3Arqn%3A1%3Au%3A1641826318899493481%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1641826317217%3Ads%3A360%2C22%2C190%2C2%2C0%2C0%2C%2C180%2C1%2C%2C%2C%2C754%3Adsn%3A359%2C22%2C190%2C2%2C0%2C0%2C%2C181%2C1%2C%2C%2C%2C755%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1641826318%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%207zip%20%287%D0%B7%D0%B8%D0%BF%29%20-%20%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%9D%D0%B0%20%D0%A0%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%D0%AF%D0%B7%D1%8B%D0%BA%D0%B5&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 46

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELQN5csc38dG1lQjNE4r3gA&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELQN5csc38dG1lQjNE4r3gA&google_cver=1&C=1

Request Chain 47

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YdxIDpe.XIhn7rw8l2EMZwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIomuTc7TYowIQvjFS_H8EI&google_cver=1&google_hm=2

Request Chain 48

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEE58nW0gSh7GzGkvffDA1Q8&google_cver=1

Request Chain 49

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkxMjc3MDk2NDk4MzU0MjU5NQ%3D%3D

Request Chain 50

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELQN5csc38dG1lQjNE4r3gA&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELQN5csc38dG1lQjNE4r3gA&google_cver=1&C=1

Request Chain 51

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YdxIDpe.XIhn7rw8l2EMZwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIomuTc7TYowIQvjFS_H8EI&google_cver=1&google_hm=2

Request Chain 52

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEE58nW0gSh7GzGkvffDA1Q8&google_cver=1

Request Chain 53

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkxMjc3MDk2NDk4MzU0MjU5NQ%3D%3D

Request Chain 115

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

143 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
7zip-download.ru/ 94 KB
16 KB 571ms
190ms Document
text/html 2606:4700:3034::6815:1f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://7zip-download.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1f7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb57947075f351dca867829f8dbd9fdf2933732d56aade04a1a7ef074ca33d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 10 Jan 2022 14:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vVS4Elvz0%2FYw%2Fa6TH6%2BsVyewM4J7%2BDq%2FoccsIFCTxOMputC2Sc7ozrZiWwrV0oP720vZ1eeMmnslM7QUCDATDGQsBEZC6dOiIceXVl%2BJWML3p9Fw24mXj3%2BeHmSavKVu4CK%2FK%2F1QGSbhWWMp3VKn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6cb6b9f50b0142e7-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 app2.css
7zip-download.ru/css/ 27 KB
6 KB 133ms
132ms Stylesheet
text/css 2606:4700:3034::6815:1f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://7zip-download.ru/css/app2.css

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1f7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7048c6a4a92c632e6e6730e4dc86341cde26fe9eba466c9cf2a7f675de1605f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:51:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 11 Dec 2021 21:48:32 GMT
server: cloudflare
etag: W/"61b51cb0-6af9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKGiGyokjsOJ%2Bwd96XUxfwbwJsjbl5NSOjMJs7n9CN9eIQM6uqzmRuY3IrCnh0mjLNkkqt9%2F0CWeL7oJFtH3VKMmKCZt6uiIMgQgMiwaWEHeIDbpBCr3vMxh31S2mtu8uDd9D6he81KWThaITVm5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000;
cf-ray: 6cb6b9f65e4c42e7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 app.js Show response
7zip-download.ru/js/ 1 KB
971 B 136ms
136ms Script
application/javascript 2606:4700:3034::6815:1f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://7zip-download.ru/js/app.js

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1f7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdf672d205467804f9feca068dcebf299473b1dc54ad850b71583f6230ea9137

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:51:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 11 Dec 2021 21:48:32 GMT
server: cloudflare
etag: W/"61b51cb0-489"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8IbjNeHwq3btPKjafOrtFHSAvY%2B51oPhH19BkK79ww3kaSPPPBUgbs4rB38NTFKLR3FM8EX6kk5gcocNExBH%2FuJj3BZXKmiwF7QjNmFf3yB%2FHU2sKI2tNZDlq60AIGHGiec9frmlQXZ1vRebuK51"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000;
cf-ray: 6cb6b9f65e4e42e7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 51ms
28ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7678251701655050

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5c2de329272a1468634c991e59589975c3439a0c80494a5624a21845f9ee31c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7zip-download.ru/
Origin: https://7zip-download.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:51:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51782
x-xss-protection: 0
server: cafe
etag: 10015073147845911627
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 10 Jan 2022 14:51:57 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 194 KB
66 KB 132ms
65ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

7dd8628b76c6beda76cf46db9ac1e54437ac90edc487c7f8e08b0c1f716656ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:51:58 GMT
content-encoding: br
last-modified: Tue, 28 Dec 2021 12:05:22 GMT
etag: "61cad352-10765"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 67429
expires: Mon, 10 Jan 2022 15:51:58 GMT

GET
H3 200 7zip-logo.png
7zip-download.ru/assets/img/ 129 KB
129 KB 153ms
152ms Image
image/png 2606:4700:3034::6815:1f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://7zip-download.ru/assets/img/7zip-logo.png

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1f7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed4260905a768b9df58ceabf274fc291515d0b24483dcace755cf5ebeb93dcc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:51:58 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 131629
last-modified: Sat, 11 Dec 2021 21:48:32 GMT
server: cloudflare
etag: "61b51cb0-2022d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qLl1x9nMoQxzQ%2Fc3XLZ%2BSOHs05t6H6gXXlZGxq46ETL4bPCbdiOj%2BKuJK%2BsYeuRR0VlqwbtPfhykkJLBgozfuOmn0mgT56hBO0EWh6JC8mA%2BPhxNBSoqAEZIbfvcGckPgDa8bXGTYFi%2B%2FJ%2B49Ii7"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cb6b9f75aea68e6-FRA

GET
H3 200 7zip-download-2.jpg
7zip-download.ru/wp-content/uploads/2020/05/ 19 KB
20 KB 145ms
144ms Image
image/jpeg 2606:4700:3034::6815:1f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://7zip-download.ru/wp-content/uploads/2020/05/7zip-download-2.jpg

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1f7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2ba3148743af8ab63eb48e7c7b13a6d960ca5fe228912c980de46ff14edca18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:51:58 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19330
last-modified: Sat, 11 Dec 2021 21:48:33 GMT
server: cloudflare
etag: "61b51cb1-4b82"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sTsRPB6RhRuliRMzIICIJdxjPLKIXTWDSq%2BGfCq5JUJY9hIh7epR5y6TmQOi%2FuC8hIIRNVNpL2t%2BXfvF%2FeHl%2Fx%2B40PbvEzlVwTO9toOERVeTWcuAP5Q6AoAE4lLoJDgidKyfdZQ3%2BGoYC1xnxS%2BM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cb6b9f75aee68e6-FRA

GET
H3 200 Risunok-1.jpg
7zip-download.ru/wp-content/uploads/2021/07/ 95 KB
96 KB 196ms
195ms Image
image/jpeg 2606:4700:3034::6815:1f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://7zip-download.ru/wp-content/uploads/2021/07/Risunok-1.jpg

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1f7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdcd09ebfd3b882fbdc69d48d957160020b6533005f09492d7956949e1e5e805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:51:58 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 97563
last-modified: Sat, 11 Dec 2021 21:48:33 GMT
server: cloudflare
etag: "61b51cb1-17d1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8vkKXhuor%2Bc6TqN50AxB%2FqYpg5j2Yzr8ufqt%2BEgck2KrhB49T%2FroFxSeOvBNijphDPcL14083Q9xUx0VZ%2FOIoObw09MiSBf0%2BDamJrhPqS2fz%2F2rlgeH3NNip2swo%2BbvAtYmkTK2fmcUEcTySUW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cb6b9f79bb968e6-FRA

GET
H3 200 Risunok-2.png
7zip-download.ru/wp-content/uploads/2021/07/ 16 KB
17 KB 160ms
160ms Image
image/png 2606:4700:3034::6815:1f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://7zip-download.ru/wp-content/uploads/2021/07/Risunok-2.png

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1f7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b91cb5abae1ac27cf23c937e3567fec2c7118776828980ed0ca1b9122733bc84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:51:58 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16314
last-modified: Sat, 11 Dec 2021 21:48:33 GMT
server: cloudflare
etag: "61b51cb1-3fba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3VSkcd5L11wsYwlj1GxZCh85sUQzUSrRIow8oX%2BuqX%2BlPjtYv9IKyPsNroH419PlQvTK5Zv8xqOxhnp870uoCFhIHwzO6yu4zUdt69XHvgTDZQ4EsnhPy7E0MhhSS%2FEWwFq79ETTyErgPjNqHG8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cb6b9f79bbc68e6-FRA

GET
H3 200 vk.png
7zip-download.ru/assets/img/ 1 KB
2 KB 132ms
131ms Image
image/png 2606:4700:3034::6815:1f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://7zip-download.ru/assets/img/vk.png

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1f7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f0793781035c16754b84b7a447ff1ac3d72f42a2378385cb63fb2b5e1215450

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:51:58 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1215
last-modified: Sat, 11 Dec 2021 21:48:32 GMT
server: cloudflare
etag: "61b51cb0-4bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvEGfLneJson9KSQymTQG%2BG%2FO4XcVKhjvOm8fQD4Hy0er5AEdKrxxcDhgq8%2B9R0WBbdGWf7HdxQak1OSl2vqEbRgYcN1y4yFKTHtZ0lsna%2BQLmAykCftLquproCh7PuevJ8LIwijCp8fHt2azap4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cb6b9f79bbd68e6-FRA

GET
H3 200 ok.png
7zip-download.ru/assets/img/ 2 KB
2 KB 131ms
130ms Image
image/png 2606:4700:3034::6815:1f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://7zip-download.ru/assets/img/ok.png

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1f7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

462c1a761f13fb8b93a74ee42539571a3273015f8e9972920787befa55864e8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:51:58 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1627
last-modified: Sat, 11 Dec 2021 21:48:32 GMT
server: cloudflare
etag: "61b51cb0-65b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XrLNHJ2H4IRIK9NXbCVmqB7qzElNwC%2FHpJHNNAnCn7HLFbO3sKFc6fhRVwgOmFT%2F9gB%2FA8Dw%2BDjjNJ4HtOGuFwcHJHDskaC3XI7pWmOyr6QhDe1jI%2F1NoT%2F76mf1V%2FtlIbVh%2BcYy1sofbnP1tZH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cb6b9f79bc168e6-FRA

GET
H3 200 twitter.png
7zip-download.ru/assets/img/ 1 KB
2 KB 133ms
132ms Image
image/png 2606:4700:3034::6815:1f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://7zip-download.ru/assets/img/twitter.png

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1f7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0150244654e985efc399fad2086eca9ecef55a1f5f31fa623d42e609847ce38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:51:58 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1390
last-modified: Sat, 11 Dec 2021 21:48:32 GMT
server: cloudflare
etag: "61b51cb0-56e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSkGcXEhqF3%2FL8UwHoh4YFCw2NyLmC6gfxxNzJwvadwstOHn7cQeviFZ0z9w2bBe9AF2FZoIc%2BfAwopQozXK9xephtWwz34dGCv5Q%2FoiGKG7EjGVrRVp7Z6x1omt81fGbE1nH9MEmz8rGDj4sMSy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cb6b9f79bc268e6-FRA

GET
H3 200 you.png
7zip-download.ru/assets/img/ 1 KB
2 KB 132ms
132ms Image
image/png 2606:4700:3034::6815:1f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://7zip-download.ru/assets/img/you.png

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1f7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2e9850adf749115ffae1cb5c4f9b2f3175fee912f410dcb5c6ec9a2cc340136

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:51:58 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1034
last-modified: Sat, 11 Dec 2021 21:48:32 GMT
server: cloudflare
etag: "61b51cb0-40a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=76rrG%2BlVGf9K9%2FJqRfa5g2t9ZzC9nmmYFbeMAqoNJldr9T69cmhlo0opneHuhNKX4gSy88yAaWBfJTOICJTvY9OIDeQxaDuFVz0DNFZJA%2FD%2FS9dQzn%2BayqIXjYv3w%2FG0r5qWaefEsY20JiG%2FD1ct"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cb6b9f79bc568e6-FRA

GET
H3 200 fb.png
7zip-download.ru/assets/img/ 2 KB
3 KB 132ms
131ms Image
image/png 2606:4700:3034::6815:1f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://7zip-download.ru/assets/img/fb.png

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:1f7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d3f7f1d4f112bf0cc6c4f4d8d412a05c2b8e458bf9a476824283f07da88a05c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:51:58 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2435
last-modified: Sat, 11 Dec 2021 21:48:32 GMT
server: cloudflare
etag: "61b51cb0-983"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1u511vAQaIz6DIgIiYk4SOfjcna8v3%2FdalViMCQdJ7JBngUqKyxJHJPJXiz8ChqnJ97xsj9mGODvnSyrzFdFf4gVVqEF4eTZ%2FY4robD5lpJ1ItoZvEqnCIE%2B2w7qeth5oXJDVH0Bj2iA65IGHymk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cb6b9f79bc668e6-FRA

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/ 282 KB
101 KB 51ms
35ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7678251701655050&plah=7zip-download.ru&bust=31063947

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7678251701655050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48ec8095112c5ec438e5fd5ab05b39d6d52d3655a5a8a19cd203c7d01f942b82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:51:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103755
x-xss-protection: 0
server: cafe
etag: 10891521394620492529
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 10 Jan 2022 14:51:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220104/r20190131/ Frame 6271 11 KB
5 KB 32ms
8ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220104/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7678251701655050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73271f83e0d89e09da51434a964dde15ced7b91331f3b96357eb05ee81a85567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 09 Jan 2022 16:07:57 GMT
expires: Sun, 23 Jan 2022 16:07:57 GMT
content-type: text/html; charset=UTF-8
etag: 2196020943555189384
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4873
x-xss-protection: 0
age: 81841
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 220 B
648 B 111ms
21ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=7zip-download.ru&callback=_gfp_s_&client=ca-pub-7678251701655050

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7678251701655050&plah=7zip-download.ru&bust=31063947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

08b8255422afa13ce685519306af309d8aee480a02e090034c587050f2e564d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:51:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 67ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=7zip-download.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 10 Jan 2022 14:51:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 44ms
19ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=7zip-download.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 10 Jan 2022 14:51:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C1C3 27 KB
12 KB 232ms
216ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7678251701655050&output=html&adk=1812271804&adf=3025194257&lmt=1641826318&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32&format=0x0&url=https%3A%2F%2F7zip-download.ru%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826318034&bpp=3&bdt=243&idt=91&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6952757924218&frm=20&pv=2&ga_vid=830560317.1641826318&ga_sid=1641826318&ga_hid=449088652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1915501816359424&pem=718&tmod=112&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=103

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b5ca7ec24938778b16cda1588fade6ef9506bc20688c9228a4a9976ca9bddbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 10 Jan 2022 14:51:58 GMT
server: cafe
content-length: 12027
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 10 Jan 2022 14:51:58 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7BB9 86 KB
30 KB 654ms
651ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7678251701655050&output=html&h=280&slotname=4425446158&adk=2843444959&adf=3159113135&pi=t.ma~as.4425446158&w=670&fwrn=4&fwrnh=100&lmt=1641826318&rafmt=1&psa=0&format=670x280&url=https%3A%2F%2F7zip-download.ru%2F&flash=0&fwr=0&fwrattr=true&rh=173&rw=670&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826318037&bpp=1&bdt=246&idt=107&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6952757924218&frm=20&pv=1&ga_vid=830560317.1641826318&ga_sid=1641826318&ga_hid=449088652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=1003&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1915501816359424&pem=718&tmod=112&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WEqParqW7l&p=https%3A//7zip-download.ru&dtd=114

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53feb655126cecdec28ea0453f4a4bc733a24cc14ed91aa14a80b5fafc923102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 10 Jan 2022 14:51:58 GMT
server: cafe
content-length: 30784
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 10 Jan 2022 14:51:58 GMT
cache-control: private

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9514.KnyCPGe2wSPe8YiAhB6vOs01lILdcXeuJSHDZ0MMD4iP6E9-1CqAqQEJmYUQgxr0.YAcIohtKa-iEgeQgicwYjfF1Hwk%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9514.8AAcZYvMT42JI_dzzwU9s-0S_tKkyuhGDTQqIX-aVVP4SKZy4455ciN2X3riHh2MsgfLy2SEnRccOqI4D78R9A%2C%2C.lAuwYpQZio4nDSYKzXOdeOofGyM%2C

75 B
75 B

33ms
33ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9514.8AAcZYvMT42JI_dzzwU9s-0S_tKkyuhGDTQqIX-aVVP4SKZy4455ciN2X3riHh2MsgfLy2SEnRccOqI4D78R9A%2C%2C.lAuwYpQZio4nDSYKzXOdeOofGyM%2C

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:51:58 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9514.8AAcZYvMT42JI_dzzwU9s-0S_tKkyuhGDTQqIX-aVVP4SKZy4455ciN2X3riHh2MsgfLy2SEnRccOqI4D78R9A%2C%2C.lAuwYpQZio4nDSYKzXOdeOofGyM%2C
date: Mon, 10 Jan 2022 14:51:58 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B8EF 91 KB
32 KB 503ms
502ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7678251701655050&output=html&h=280&slotname=3112364487&adk=4113227242&adf=201491406&pi=t.ma~as.3112364487&w=670&fwrn=4&fwrnh=100&lmt=1641826318&rafmt=1&psa=0&format=670x280&url=https%3A%2F%2F7zip-download.ru%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=670&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826318038&bpp=1&bdt=248&idt=141&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C670x280&nras=1&correlator=6952757924218&frm=20&pv=1&ga_vid=830560317.1641826318&ga_sid=1641826318&ga_hid=449088652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=3089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1915501816359424&pem=718&tmod=112&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Gj2xykG40E&p=https%3A//7zip-download.ru&dtd=144

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

369c0058506179f015ac37935be591df1a512f725cd831ec60618962fa5be0c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 10 Jan 2022 14:51:58 GMT
server: cafe
content-length: 32280
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 10 Jan 2022 14:51:58 GMT
cache-control: private

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 33ms
32ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:51:58 GMT
last-modified: Thu, 23 Dec 2021 16:10:01 GMT
etag: "61c47529-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 10 Jan 2022 15:51:58 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B0A2 78 KB
32 KB 275ms
275ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7678251701655050&output=html&h=280&slotname=1799282819&adk=2983144549&adf=1034484111&pi=t.ma~as.1799282819&w=670&fwrn=4&fwrnh=100&lmt=1641826318&rafmt=1&psa=0&format=670x280&url=https%3A%2F%2F7zip-download.ru%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=670&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826318039&bpp=1&bdt=248&idt=150&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C670x280%2C670x280&nras=1&correlator=6952757924218&frm=20&pv=1&ga_vid=830560317.1641826318&ga_sid=1641826318&ga_hid=449088652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=4359&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1915501816359424&pem=718&tmod=112&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zvVpqQFeqR&p=https%3A//7zip-download.ru&dtd=152

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

216b2022affac8251f5efa01bdf8948535349dd23662d3c5bc2097734153ec75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 10 Jan 2022 14:51:58 GMT
server: cafe
content-length: 32395
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 10 Jan 2022 14:51:58 GMT
cache-control: private

GET
H2

200

1 Show response
mc.yandex.com/watch/47214456/
Redirect Chain

https://mc.yandex.com/watch/47214456?wmode=7&page-url=https%3A%2F%2F7zip-download.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A766%3Afu%3A0%3Aen%3Autf-8%3Ala...
https://mc.yandex.com/watch/47214456/1?wmode=7&page-url=https%3A%2F%2F7zip-download.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A766%3Afu%3A0%3Aen%3Autf-8%3A...

385 B
467 B

33ms
33ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/47214456/1?wmode=7&page-url=https%3A%2F%2F7zip-download.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A766%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A471592156943%3Ahid%3A187763525%3Az%3A0%3Ai%3A202201010145158%3Aet%3A1641826318%3Ac%3A1%3Arn%3A182153767%3Arqn%3A1%3Au%3A1641826318899493481%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1641826317217%3Ads%3A360%2C22%2C190%2C2%2C0%2C0%2C%2C180%2C1%2C%2C%2C%2C754%3Adsn%3A359%2C22%2C190%2C2%2C0%2C0%2C%2C181%2C1%2C%2C%2C%2C755%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1641826318%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%207zip%20%287%D0%B7%D0%B8%D0%BF%29%20-%20%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%9D%D0%B0%20%D0%A0%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%D0%AF%D0%B7%D1%8B%D0%BA%D0%B5&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

3fee01f3e9d155f05d62314ec997fdae9c387e3a1826bc3bc86f2312bf67ac44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:51:58 GMT
x-content-type-options: nosniff
last-modified: Mon, 10-Jan-2022 14:51:58 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://7zip-download.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 385
x-xss-protection: 1; mode=block
expires: Mon, 10-Jan-2022 14:51:58 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:51:58 GMT
last-modified: Mon, 10-Jan-2022 14:51:58 GMT
location: /watch/47214456/1?wmode=7&page-url=https%3A%2F%2F7zip-download.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A766%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A471592156943%3Ahid%3A187763525%3Az%3A0%3Ai%3A202201010145158%3Aet%3A1641826318%3Ac%3A1%3Arn%3A182153767%3Arqn%3A1%3Au%3A1641826318899493481%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1641826317217%3Ads%3A360%2C22%2C190%2C2%2C0%2C0%2C%2C180%2C1%2C%2C%2C%2C754%3Adsn%3A359%2C22%2C190%2C2%2C0%2C0%2C%2C181%2C1%2C%2C%2C%2C755%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1641826318%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%207zip%20%287%D0%B7%D0%B8%D0%BF%29%20-%20%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%9D%D0%B0%20%D0%A0%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%D0%AF%D0%B7%D1%8B%D0%BA%D0%B5&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://7zip-download.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 10-Jan-2022 14:51:58 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/ 149 KB
53 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/reactive_library_fy2019.js?bust=31063947

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6802f4cac1a5cefa47cba0f67166f037d2e5bc916617b0bf33a0c35595f58982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:51:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54213
x-xss-protection: 0
server: cafe
etag: 11799602579423212933
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Jan 2022 14:51:58 GMT

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 32ms
17ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=7zip-download.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 10 Jan 2022 14:51:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 33ms
17ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=7zip-download.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 10 Jan 2022 14:51:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/ Frame 8D53 11 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73271f83e0d89e09da51434a964dde15ced7b91331f3b96357eb05ee81a85567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 09 Jan 2022 16:20:35 GMT
expires: Sun, 23 Jan 2022 16:20:35 GMT
content-type: text/html; charset=UTF-8
etag: 2196020943555189384
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4873
x-xss-protection: 0
age: 81083
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame B0A2 67 B
529 B 30ms
7ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7678251701655050&output=html&h=280&slotname=1799282819&adk=2983144549&adf=1034484111&pi=t.ma~as.1799282819&w=670&fwrn=4&fwrnh=100&lmt=1641826318&rafmt=1&psa=0&format=670x280&url=https%3A%2F%2F7zip-download.ru%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=670&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826318039&bpp=1&bdt=248&idt=150&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C670x280%2C670x280&nras=1&correlator=6952757924218&frm=20&pv=1&ga_vid=830560317.1641826318&ga_sid=1641826318&ga_hid=449088652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=4359&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1915501816359424&pem=718&tmod=112&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zvVpqQFeqR&p=https%3A//7zip-download.ru&dtd=152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 10 Jan 2022 05:32:01 GMT
x-content-type-options: nosniff
server: cafe
age: 33597
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Tue, 11 Jan 2022 05:32:01 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0853 624 B
300 B 34ms
33ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRCX9ucBGIKe6L4BMAE&v=APEucNUgCyyfRol3CxsGfwcj8U_w4zhmo11Yl1XncDVotHPPP_BZlL6g4Gxp6zZjgr5B3VRPXXPlvWQDYwKjdHtza7D5Jdfg42nwbP_3_PUmZdE1acFTzAZZrV3vyP5tMw4yrClYMgS2YRXnn7xIak31zR3mAR3FzgVQRUbdUJNJDAElghw0wTc

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 10 Jan 2022 14:51:58 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 10 Jan 2022 14:51:58 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3CD0 74 KB
30 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CF5BSOOPre5hSaPAky9NQRwKYksv-XMBnXOuIi4oa5g73QBdHxFzp6ZD31Hl9TeEKrq8Xkyar5o8GK_8C7lb8kpwcof7jz_JeZz7yhFyN60Nub5ZezHawN24dJ_-GD51ibANnzDsGa0f2yD9rr99mDwXS6Qg&dbm_d=AKAmf-DGVVeJffYEKzGXl5fccg_wyTzi1ZYQjDmjrB7Xa9zWF6JpyOrIF-C8Mem2My0KPPrtR0VsudjtYoDCJ4UYXR05KAGaUnH0UX5YXTSzVps9WppbGXfEwTBtPCMU4Q0aslpM9BrA5OqHqSgmoT3dvGVMb90C_gYJAzGuVnXunYkZx_ki6tJlJs0bQQfnMaF6KNFzzU2eyJ9q5JanXcMMHlRufz2hMKdHNCtHMn_FR_JgITE-RWrcSpK91V9el_CgIyoEPbyxbgZ3eFUAFaLLTX93wr5ZCBuhlq7aN2_sgh6LJQYBc_E8nxr4Pn87_vomGJ6LLg7f8CpSdRsc7rOT_PrXrN6rZGwtOCrx4tYjTjAMykT6df-1Hl1n-KxC4worG0qE5boM7OzijYpvq6ml4MzJG9NGwvATNrAqDajpdkzqAvmquEqyUQ9AEyNfaduQ8u_8vKfFr9ZON03g6PsWYJvTRAmn9oUJkK4Iw3j8oG9nkH01ur6Hep7p1VTS2ZIHLBdBlYknTGBbbWucJDSUC4bk1nlmRR6hp8_J463nBHGdvCTI-R9A5mkSdJ43dNQUBqf6n7Z14gF1cr_k0fTfb1CpBXNR-1loPfwzadA1VU-5W3QtrupfPP66oHzPRHWFKtuggiGECrfFnCXgItolb2yIApMicH4iShDmfPr9sVq6Nq8sYlKyU9cDmP2h-545FGJY_fYamfrani502Oy2BaAqA0XYzDIPIsteKzbxfy5J_HI-6QrTIelNNqldRegJTd22WB4bmBRoMEHiF1I7C0Opr5TX1chtQL9m7sLbRz1ngvVyAmLVFdFZm3eIyR2xOjc1IH65_ShD9DLEYPRh9E0YagkEONPCTd6BcCc96zamTkLbpnZJAysFSvu9zDFJRd1iK44hWNEOESiI63aarB27wltHNN7OnD7493eT0IWJzmUqTK7n1O4Bh6cnlXS1e--llgHVuGuLOOEAkkxmWq9rekcqY4BKgxkoowhsFF__vQlISN2amxZyiFTxElHDKm1RnnUtyr2lz4wUBUv0D3Wv8gF9b5RUQccphBY75r1WCv8TLRe8tvLlGmUYzXhIxhJ2xlCk02ialx4E8Y9imCkfFZggu2WwvgSTsmMltGoMLxuWrm2JSDu_1GOwRwwAQzMl1ifdBtj2lhcOc8ZXgK8XFcapBpM7VPWUCbKYhIQrbe9eUBJoAbzDjzU4cmLY_EDw6l2yhl38iav2lyIneCT2qKGXalgOl7kH25VWj0OjzCWvkvBdcUrP2bRRaX0yZOcbH8tqUvKY15LRBK3kEFWD3Vp3SpfuyWZS3GNXbUebhA0I6RSTXpezKyXk6w5FE2EqPXqUWp2WCaNoSMGdh8axwBcrM2eITAoFwc3tFfmJp2lru3Xy0Zqj-qNJsoRtgp1q095Rb8U5Pw7pOb8Wkkloee2KqrEENJv2lCwu8An3BOW8GDdk-j5UzAoqUcvvDsvekXxN1LrhSlfrd_xzAhjAArpNFtgzSQi_3-LEmmfHCS1A72aTUzLlTPZg8M7_0AUWecZKNlARqUHAQWmXCqdfbiP0a5-2MCD5_Za3kRPF0IxTQRuV0IBxRePm-Ljv9A9WVcghk1cyFQ2CdyiV41zWJ3faepb4KnUBpCL8uXV5Oh8U-EjJASq0qcl6KhiJ5dr6Kjhq_PRzIrCGJkLMcT7tiOvCIeh3YZW46Db89F6YvC9m1BsmpqgXNJrd581Ru0ZKNoaL32_UvpaXor4_csLeYuwCObTHUIDBoH7YzmGvXEpfnT7vlS9sZ6V1Aclnx7wMBzoXZNXgFiVGk_P0HoDgQtXPXWTVu2eElphstbyBhJtPZ88ve1YGgPiN4jFUjZ50dKLnIuYylmChwGCtTplMM-Za5Ipn4haYhhLSz0UCpXLfmfxKeMRgLgbOxTePoMgO0D7tsABEFlzOfRUdTg2yllGaznTDXD5CiJ4I6oOqLO4-Yn6zxQOgbD3eH-PeQwrTzpvJFadZvWPmrbUeoJ44thnUxzTy5BY6JbBNcIKT_YWN8SjB2Jc_y-s8Lh52YX08BwYGHYlsJMD-gWRSMNBdEFonODWmGvGYvdDEIIoflLtINYSnyFcSkYXp0OJ7btRjoJxywVjrQ6plYTWVCh3G56fMmnD02LFlPh9PEvL2Y0WjxX5WcxlR4INZC4OQSRcEGtd5OvnCh30GcBax67nimYYl6fq0xgUFtna11oMCn20FSHOkZHFai4i95AO6clGoHmZqJvenrtxrNyRaMyZn9Yypl4QQQfI-b_pjW2uAr6BhWl6S37RxIIuxLsaHCrDQyoTe9GGuC0i6cBuRx7BI2pnLVa7yXEOwrmSPSeVcD341dswqZNBX7kylPs0K8WzlfKyhdcGv9taqKVqu1OsbANY18Me8W84EZqUY_WFWBQvmM8nBxKY7VHBA_IHmOrfiXLaEM3dZ-L5fC_k4PGbpGuNfyZxBSIwhQbVarhRL2BXO7qFz5NaxEniOV82v942BH-gcEsgE9f70UZfMjLPaDMFEGyvSy_nUW34IBLTqTzMtP-yvNT6D8-ECDb8g1dDKR9x-tGaPa32SI1gQXmDsNvT8pcjPPgtXSsDr2R1cktcey4bY-B9k5K9W-RUJP5vZAY3UzQQBmvXLkLw66grbVS1bjuXFfu1VYQ4SQRNq5SbDQOlSt9f_VwJFCKvqk_qHbyzU72sTHn2sS2189eBeq5ssJlgVVbZVNN32ygD_y-TYgDJnOhGvvaQeGTqB7wvI4saarnu4P0AGXyVM-w_19eqPyRP3dRWFityvn2KKZ27fRRu7YWpF3x01FXJLzUIe8oqIH8DNQjpJr2ioGI38g6bCVTREngQk6pggsJf2dZyIyxkXyCfEZkxUK6FAE8UuGIUR3kIvrkZ8g926gAvy1rL1j8KeF3vNP1OuXZ4AuRlBeqKVBwub5TlMV9ynxibGTRxoGRdjGkI1I1WHNfaqE3XsZN2K2oLQyieSkn14BHtgNhEtu-gAVbMwbcwgvYkoX2WTFZX52BnUbXI6qzwEQOvdWenbnnD1hgjnedMrCpFiWkDb2OTY87U1uGEhUzeEfPj428nusQc5xZ1iFoSHeynwKsEtHhtN-BGtJ_oyyz5QCfc&cid=CAASBORoYQQ&rfl=2%2Chttps%253A%252F%252F7zip-download.ru%252F%240

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac3356110bd9dee831744e7ba4baee7122d35f5d0de085690f676c2369292d55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:51:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30918
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 3CD0 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1210
x-xss-protection: 0
server: cafe
etag: 9753579932288205849
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jan 2022 14:43:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3CD0 120 KB
37 KB 1153ms
811ms Script
text/javascript 2a00:1450:4019:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:51:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37632
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641385868096614"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 10 Jan 2022 14:51:59 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 3CD0 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6485
x-xss-protection: 0
server: cafe
etag: 13366392639478751132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jan 2022 14:49:04 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CD0 42 B
63 B 40ms
39ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DLpcA1TPY6IgmJT4LJkdqZPnZdw8WJZ7wD20YUBgRjtQjKD_a_YqsmFi8-B0gU1dvI6VguJ1o-EmKcMb8h5xo9tutsSeDSz7keSyo7Zc3PaquG0zM

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:51:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 45B2 624 B
300 B 23ms
22ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHR6uYCELDS8uoCGPTC770BMAE&v=APEucNV-cj6sy1cxZgZ8Qn9NkNVJewfV-h-lGL-_XV98QGanYmQbVPhFtQpGwOZWqVNnr5qw8A3_O0CgaEz4hNNKapOd-vYuyK4lv0RmUGqdJDoOlk05qg8M4fT8OzdJu8GLZBeDJqBmHjbkdIy_zqZaOm_H_2-0UpZJTbMXvmBSgScfQcsZsHs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7678251701655050&output=html&h=280&slotname=1799282819&adk=2983144549&adf=1034484111&pi=t.ma~as.1799282819&w=670&fwrn=4&fwrnh=100&lmt=1641826318&rafmt=1&psa=0&format=670x280&url=https%3A%2F%2F7zip-download.ru%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=670&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826318039&bpp=1&bdt=248&idt=150&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C670x280%2C670x280&nras=1&correlator=6952757924218&frm=20&pv=1&ga_vid=830560317.1641826318&ga_sid=1641826318&ga_hid=449088652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=4359&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1915501816359424&pem=718&tmod=112&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=zvVpqQFeqR&p=https%3A//7zip-download.ru&dtd=152

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 10 Jan 2022 14:51:58 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 10 Jan 2022 14:51:58 GMT

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame B9D6 19 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:42:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7894
x-xss-protection: 0
server: cafe
etag: 10405968765291005445
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jan 2022 14:42:06 GMT

GET
H2 200 6783951571557292410
s0.2mdn.net/simgad/ Frame B9D6 37 KB
38 KB 56ms
7ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/6783951571557292410

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d03f5a4be41744fc36104d13b1b443e7c4331365df7ac9a7b74eb632ce23256

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 13:52:51 GMT
x-content-type-options: nosniff
age: 521947
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38259
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 18:14:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Jan 2023 13:52:51 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220104/r20110914/elements/html/ Frame B9D6 6 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220104/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:39:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 722
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jan 2022 14:39:56 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B9D6 0
107 B 634ms
261ms Ping
image/gif 142.250.181.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuLyniI3SDBmmBE8htytsXUQmsfE4AlGVRKqOfU74-US1VyPkWFmc50vfm4Ywd5r5SV7KeIPTkRTFGF47tSlR8p3xNXuMCu1KxXZgfkoLs-6Oh-AxsguWiajtxhePAIQXnpJHurkAcEG10GF38XkhirN0QYLxLDbFzmReakM6q68y-d0RkP9ZY2D94sJnWbzjc21Yal3vZAksuTMzG6NIZjv4Xh4aU3ppf0AFAdu0z7Yyd_Ubb1vnfI10ahgiLaq3em0_X69rii31MKee8DXJ2fQbHr7m61YIV7VaR8J0xiFC_1i2CG2iSdU1itLSh--Bs9kFvOvtcEGG3sbSFNNKzzfoel9U6b9bYHHmRjLExQfRShDew88T8M5wwYR_tKx0AdIjLJGlB3odyuYBZhKiTuVocBYlSopvEoG6pLfGw4_TD-3am1Zn-MSGseSioDB1wphsSirUmXv7q3lISB5r8ZaG2lIfY3F3D9Fq-dGvUFEXBG0NECmQFRnJuHQq8FDkRd5U8_ONIJD2dhnV9lw_rC7n4bKVzEH8GJk5SZsPak-Ahd9P5E1xJ-ZRmRM37zzoYbXLkMqPjXB1_IVB69wvKAyHIR7JxeMF9JtmO6CTRbdk2SibuXaEwuP7yDSC2a-ktSabHuYU1pAg92P9cOw7LqkdyXs434g6irBH3aXgFEYgO8U9aAQA52iRjLy6UXLFznB9iI26a-fBuFgRxevHo90mq_8sQ5M_gQTJwIiu2Ku9ZTKKQxkSb8hiLjrPm5k3fP7uQUyxeK7RumB6E0lI4fa-FyVeK-hqwJBxfx0brJ1KrAJBfqTF1thWUfjX55ykdFZkLsIXW2NQcRbevQ_Ts9cwfrCeUrtc4N3Lkyc2fkPNkUp26Jk0UrlLQ9SSbf9C2xdexBETcqm8Xdb0ybYDVf8VssYOLih4hK0PpwkB2hAeBkaKSRT2g-HJ_PczxQImoaItx1duJrJwYg6JeQfCuxTaKR1BCiBCVmThrePc9Nyt2ipifGfhp0661Hhay6i7Ba0iSV_mLhDwTFd-D4vuiya1nlon76MIcUAtt852KoguyNac2manZrUO3Jpo-znzjQ2zYJyWDsvUb0QwAIeXNeGIqAv0vrSAMotsuYfzCCK5g&sai=AMfl-YSgFdWezz9evNDQRbHJEnXACVWOb689gnL8cD5Sida2jFAl1r66FSteQCddmq1SJmbvvhzbrrX6tVZ3MPuF6rCGd9BFatG7tXfL-NJlHH1d4tvCuKEs9FrAexBbtcuQFmmE6Qv4evwXKgBWjQ3qb9mcgN45ETSadWiTtVcJIXXpHeq9VfkNm_w&sig=Cg0ArKJSzMHmGxgY94gMEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220104.06035&adurl=

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fjr04s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 10 Jan 2022 14:51:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B9D6 41 KB
15 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 18:05:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161175
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Jan 2023 18:05:43 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame B9D6 2 KB
1 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1210
x-xss-protection: 0
server: cafe
etag: 9753579932288205849
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jan 2022 14:43:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B9D6 120 KB
37 KB 972ms
653ms Script
text/javascript 2a00:1450:4019:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:51:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37632
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641385868096614"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 10 Jan 2022 14:51:59 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame B9D6 15 KB
6 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6485
x-xss-protection: 0
server: cafe
etag: 13366392639478751132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jan 2022 14:49:04 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B9D6 42 B
63 B 46ms
46ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CzQXBa6v0ePFmAGRzKNNJGEnAZZaBb4znypJT0RAQ0UEK7UlPuAzg4ZBQQQtaylcM-jjEVpfsEH33k0WrsjyBI40bMftTH1Vc-fGBgwVAJOsLsG_4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:51:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0853
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELQN5csc38dG1lQjNE4r3gA&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELQN5csc38dG1lQjNE4r3gA&google_cver=1&C=1

43 B
1014 B

51ms
51ms

Image
image/gif

184.87.213.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELQN5csc38dG1lQjNE4r3gA&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRCX9ucBGIKe6L4BMAE&v=APEucNUgCyyfRol3CxsGfwcj8U_w4zhmo11Yl1XncDVotHPPP_BZlL6g4Gxp6zZjgr5B3VRPXXPlvWQDYwKjdHtza7D5Jdfg42nwbP_3_PUmZdE1acFTzAZZrV3vyP5tMw4yrClYMgS2YRXnn7xIak31zR3mAR3FzgVQRUbdUJNJDAElghw0wTc
Protocol: HTTP/1.1
Server: 184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 Jan 2022 14:51:58 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 10 Jan 2022 14:51:58 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 10 Jan 2022 14:51:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELQN5csc38dG1lQjNE4r3gA&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 10 Jan 2022 14:51:58 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0853
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YdxIDpe.XIhn7rw8l2EMZwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIomuTc7TYowIQvjFS_H8EI&google_cver=1&google_hm=2

43 B
894 B

34ms
33ms

Image
image/gif

184.87.213.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIomuTc7TYowIQvjFS_H8EI&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRCX9ucBGIKe6L4BMAE&v=APEucNUgCyyfRol3CxsGfwcj8U_w4zhmo11Yl1XncDVotHPPP_BZlL6g4Gxp6zZjgr5B3VRPXXPlvWQDYwKjdHtza7D5Jdfg42nwbP_3_PUmZdE1acFTzAZZrV3vyP5tMw4yrClYMgS2YRXnn7xIak31zR3mAR3FzgVQRUbdUJNJDAElghw0wTc
Protocol: HTTP/1.1
Server: 184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 Jan 2022 14:51:58 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 10 Jan 2022 14:51:58 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:51:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIomuTc7TYowIQvjFS_H8EI&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0853
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEE58nW0gSh7GzGkvffDA1Q8&google_cver=1

43 B
1006 B

45ms
15ms

Image
image/gif

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEE58nW0gSh7GzGkvffDA1Q8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRCX9ucBGIKe6L4BMAE&v=APEucNUgCyyfRol3CxsGfwcj8U_w4zhmo11Yl1XncDVotHPPP_BZlL6g4Gxp6zZjgr5B3VRPXXPlvWQDYwKjdHtza7D5Jdfg42nwbP_3_PUmZdE1acFTzAZZrV3vyP5tMw4yrClYMgS2YRXnn7xIak31zR3mAR3FzgVQRUbdUJNJDAElghw0wTc

Protocol

HTTP/1.1

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 Jan 2022 14:51:58 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ccf8c780-2e78-4166-acee-3da9973ac707
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:51:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEE58nW0gSh7GzGkvffDA1Q8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0853
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkxMjc3MDk2NDk4MzU0MjU5NQ%3D%3D

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkxMjc3MDk2NDk4MzU0MjU5NQ%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:51:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 10 Jan 2022 14:51:58 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5f4c78db-eb58-4053-a923-6dc03fb79b31
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkxMjc3MDk2NDk4MzU0MjU5NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 45B2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELQN5csc38dG1lQjNE4r3gA&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELQN5csc38dG1lQjNE4r3gA&google_cver=1&C=1

43 B
1014 B

32ms
32ms

Image
image/gif

184.87.213.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELQN5csc38dG1lQjNE4r3gA&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHR6uYCELDS8uoCGPTC770BMAE&v=APEucNV-cj6sy1cxZgZ8Qn9NkNVJewfV-h-lGL-_XV98QGanYmQbVPhFtQpGwOZWqVNnr5qw8A3_O0CgaEz4hNNKapOd-vYuyK4lv0RmUGqdJDoOlk05qg8M4fT8OzdJu8GLZBeDJqBmHjbkdIy_zqZaOm_H_2-0UpZJTbMXvmBSgScfQcsZsHs
Protocol: HTTP/1.1
Server: 184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 Jan 2022 14:51:58 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 10 Jan 2022 14:51:58 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 10 Jan 2022 14:51:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELQN5csc38dG1lQjNE4r3gA&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 10 Jan 2022 14:51:58 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 45B2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YdxIDpe.XIhn7rw8l2EMZwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIomuTc7TYowIQvjFS_H8EI&google_cver=1&google_hm=2

43 B
894 B

36ms
35ms

Image
image/gif

184.87.213.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIomuTc7TYowIQvjFS_H8EI&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHR6uYCELDS8uoCGPTC770BMAE&v=APEucNV-cj6sy1cxZgZ8Qn9NkNVJewfV-h-lGL-_XV98QGanYmQbVPhFtQpGwOZWqVNnr5qw8A3_O0CgaEz4hNNKapOd-vYuyK4lv0RmUGqdJDoOlk05qg8M4fT8OzdJu8GLZBeDJqBmHjbkdIy_zqZaOm_H_2-0UpZJTbMXvmBSgScfQcsZsHs
Protocol: HTTP/1.1
Server: 184.87.213.8 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 Jan 2022 14:51:58 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 10 Jan 2022 14:51:58 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:51:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIomuTc7TYowIQvjFS_H8EI&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 45B2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEE58nW0gSh7GzGkvffDA1Q8&google_cver=1

43 B
1006 B

140ms
111ms

Image
image/gif

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEE58nW0gSh7GzGkvffDA1Q8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPHR6uYCELDS8uoCGPTC770BMAE&v=APEucNV-cj6sy1cxZgZ8Qn9NkNVJewfV-h-lGL-_XV98QGanYmQbVPhFtQpGwOZWqVNnr5qw8A3_O0CgaEz4hNNKapOd-vYuyK4lv0RmUGqdJDoOlk05qg8M4fT8OzdJu8GLZBeDJqBmHjbkdIy_zqZaOm_H_2-0UpZJTbMXvmBSgScfQcsZsHs

Protocol

HTTP/1.1

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 Jan 2022 14:51:58 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: cb06397a-6a63-45d2-824d-b3578a5067c5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:51:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEE58nW0gSh7GzGkvffDA1Q8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 45B2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkxMjc3MDk2NDk4MzU0MjU5NQ%3D%3D

170 B
188 B

51ms
35ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkxMjc3MDk2NDk4MzU0MjU5NQ%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:51:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 10 Jan 2022 14:51:58 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8aa4fe93-09f4-49cc-9a31-f75aee49fc4f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkxMjc3MDk2NDk4MzU0MjU5NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 012B 22 KB
8 KB 13ms
12ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Sat, 08 Jan 2022 18:05:45 GMT
expires: Sun, 08 Jan 2023 18:05:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 161173
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 3CD0 106 KB
38 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 20:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64728
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 10 Jan 2022 20:53:10 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220104/r20110914/elements/html/ Frame 3CD0 8 KB
3 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220104/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CF5BSOOPre5hSaPAky9NQRwKYksv-XMBnXOuIi4oa5g73QBdHxFzp6ZD31Hl9TeEKrq8Xkyar5o8GK_8C7lb8kpwcof7jz_JeZz7yhFyN60Nub5ZezHawN24dJ_-GD51ibANnzDsGa0f2yD9rr99mDwXS6Qg&dbm_d=AKAmf-DGVVeJffYEKzGXl5fccg_wyTzi1ZYQjDmjrB7Xa9zWF6JpyOrIF-C8Mem2My0KPPrtR0VsudjtYoDCJ4UYXR05KAGaUnH0UX5YXTSzVps9WppbGXfEwTBtPCMU4Q0aslpM9BrA5OqHqSgmoT3dvGVMb90C_gYJAzGuVnXunYkZx_ki6tJlJs0bQQfnMaF6KNFzzU2eyJ9q5JanXcMMHlRufz2hMKdHNCtHMn_FR_JgITE-RWrcSpK91V9el_CgIyoEPbyxbgZ3eFUAFaLLTX93wr5ZCBuhlq7aN2_sgh6LJQYBc_E8nxr4Pn87_vomGJ6LLg7f8CpSdRsc7rOT_PrXrN6rZGwtOCrx4tYjTjAMykT6df-1Hl1n-KxC4worG0qE5boM7OzijYpvq6ml4MzJG9NGwvATNrAqDajpdkzqAvmquEqyUQ9AEyNfaduQ8u_8vKfFr9ZON03g6PsWYJvTRAmn9oUJkK4Iw3j8oG9nkH01ur6Hep7p1VTS2ZIHLBdBlYknTGBbbWucJDSUC4bk1nlmRR6hp8_J463nBHGdvCTI-R9A5mkSdJ43dNQUBqf6n7Z14gF1cr_k0fTfb1CpBXNR-1loPfwzadA1VU-5W3QtrupfPP66oHzPRHWFKtuggiGECrfFnCXgItolb2yIApMicH4iShDmfPr9sVq6Nq8sYlKyU9cDmP2h-545FGJY_fYamfrani502Oy2BaAqA0XYzDIPIsteKzbxfy5J_HI-6QrTIelNNqldRegJTd22WB4bmBRoMEHiF1I7C0Opr5TX1chtQL9m7sLbRz1ngvVyAmLVFdFZm3eIyR2xOjc1IH65_ShD9DLEYPRh9E0YagkEONPCTd6BcCc96zamTkLbpnZJAysFSvu9zDFJRd1iK44hWNEOESiI63aarB27wltHNN7OnD7493eT0IWJzmUqTK7n1O4Bh6cnlXS1e--llgHVuGuLOOEAkkxmWq9rekcqY4BKgxkoowhsFF__vQlISN2amxZyiFTxElHDKm1RnnUtyr2lz4wUBUv0D3Wv8gF9b5RUQccphBY75r1WCv8TLRe8tvLlGmUYzXhIxhJ2xlCk02ialx4E8Y9imCkfFZggu2WwvgSTsmMltGoMLxuWrm2JSDu_1GOwRwwAQzMl1ifdBtj2lhcOc8ZXgK8XFcapBpM7VPWUCbKYhIQrbe9eUBJoAbzDjzU4cmLY_EDw6l2yhl38iav2lyIneCT2qKGXalgOl7kH25VWj0OjzCWvkvBdcUrP2bRRaX0yZOcbH8tqUvKY15LRBK3kEFWD3Vp3SpfuyWZS3GNXbUebhA0I6RSTXpezKyXk6w5FE2EqPXqUWp2WCaNoSMGdh8axwBcrM2eITAoFwc3tFfmJp2lru3Xy0Zqj-qNJsoRtgp1q095Rb8U5Pw7pOb8Wkkloee2KqrEENJv2lCwu8An3BOW8GDdk-j5UzAoqUcvvDsvekXxN1LrhSlfrd_xzAhjAArpNFtgzSQi_3-LEmmfHCS1A72aTUzLlTPZg8M7_0AUWecZKNlARqUHAQWmXCqdfbiP0a5-2MCD5_Za3kRPF0IxTQRuV0IBxRePm-Ljv9A9WVcghk1cyFQ2CdyiV41zWJ3faepb4KnUBpCL8uXV5Oh8U-EjJASq0qcl6KhiJ5dr6Kjhq_PRzIrCGJkLMcT7tiOvCIeh3YZW46Db89F6YvC9m1BsmpqgXNJrd581Ru0ZKNoaL32_UvpaXor4_csLeYuwCObTHUIDBoH7YzmGvXEpfnT7vlS9sZ6V1Aclnx7wMBzoXZNXgFiVGk_P0HoDgQtXPXWTVu2eElphstbyBhJtPZ88ve1YGgPiN4jFUjZ50dKLnIuYylmChwGCtTplMM-Za5Ipn4haYhhLSz0UCpXLfmfxKeMRgLgbOxTePoMgO0D7tsABEFlzOfRUdTg2yllGaznTDXD5CiJ4I6oOqLO4-Yn6zxQOgbD3eH-PeQwrTzpvJFadZvWPmrbUeoJ44thnUxzTy5BY6JbBNcIKT_YWN8SjB2Jc_y-s8Lh52YX08BwYGHYlsJMD-gWRSMNBdEFonODWmGvGYvdDEIIoflLtINYSnyFcSkYXp0OJ7btRjoJxywVjrQ6plYTWVCh3G56fMmnD02LFlPh9PEvL2Y0WjxX5WcxlR4INZC4OQSRcEGtd5OvnCh30GcBax67nimYYl6fq0xgUFtna11oMCn20FSHOkZHFai4i95AO6clGoHmZqJvenrtxrNyRaMyZn9Yypl4QQQfI-b_pjW2uAr6BhWl6S37RxIIuxLsaHCrDQyoTe9GGuC0i6cBuRx7BI2pnLVa7yXEOwrmSPSeVcD341dswqZNBX7kylPs0K8WzlfKyhdcGv9taqKVqu1OsbANY18Me8W84EZqUY_WFWBQvmM8nBxKY7VHBA_IHmOrfiXLaEM3dZ-L5fC_k4PGbpGuNfyZxBSIwhQbVarhRL2BXO7qFz5NaxEniOV82v942BH-gcEsgE9f70UZfMjLPaDMFEGyvSy_nUW34IBLTqTzMtP-yvNT6D8-ECDb8g1dDKR9x-tGaPa32SI1gQXmDsNvT8pcjPPgtXSsDr2R1cktcey4bY-B9k5K9W-RUJP5vZAY3UzQQBmvXLkLw66grbVS1bjuXFfu1VYQ4SQRNq5SbDQOlSt9f_VwJFCKvqk_qHbyzU72sTHn2sS2189eBeq5ssJlgVVbZVNN32ygD_y-TYgDJnOhGvvaQeGTqB7wvI4saarnu4P0AGXyVM-w_19eqPyRP3dRWFityvn2KKZ27fRRu7YWpF3x01FXJLzUIe8oqIH8DNQjpJr2ioGI38g6bCVTREngQk6pggsJf2dZyIyxkXyCfEZkxUK6FAE8UuGIUR3kIvrkZ8g926gAvy1rL1j8KeF3vNP1OuXZ4AuRlBeqKVBwub5TlMV9ynxibGTRxoGRdjGkI1I1WHNfaqE3XsZN2K2oLQyieSkn14BHtgNhEtu-gAVbMwbcwgvYkoX2WTFZX52BnUbXI6qzwEQOvdWenbnnD1hgjnedMrCpFiWkDb2OTY87U1uGEhUzeEfPj428nusQc5xZ1iFoSHeynwKsEtHhtN-BGtJ_oyyz5QCfc&cid=CAASBORoYQQ&rfl=2%2Chttps%253A%252F%252F7zip-download.ru%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:30:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1314
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jan 2022 14:30:04 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame 3CD0 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f974e8d6e570fde2dd07cee4041a1b83dc62b583b47a817c2caa29ada0f1c7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:47:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9529
x-xss-protection: 0
server: cafe
etag: 16937460792814555877
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jan 2022 14:47:02 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3CD0 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 08 Jan 2022 18:05:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161175
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Jan 2023 18:05:43 GMT

GET
H3 200 V_1BK8LT12tPAXVBd9VW07x8-6IwLId0KwHdjemGMHg.js Show response
pagead2.googlesyndication.com/bg/ Frame 012B 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V_1BK8LT12tPAXVBd9VW07x8-6IwLId0KwHdjemGMHg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57fd412bc2d3d76b4f01754177d556d3bc7cfba2302c87742b01dd8de9863078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:40:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13406
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Jan 2023 13:40:10 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B9D6 0
524 B 558ms
255ms Ping
image/gif 142.250.181.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fjr04s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 10 Jan 2022 14:51:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E5C0 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Sat, 08 Jan 2022 18:05:45 GMT
expires: Sun, 08 Jan 2023 18:05:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 161173
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 moatad.js Show response
z.moatads.com/havasfrorangedcmdisplay758646212611/ Frame 3CD0 322 KB
108 KB 45ms
10ms Script
application/x-javascript 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/havasfrorangedcmdisplay758646212611/moatad.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 75e85ad2c1a5c4622224ae5f3e98fba945b105c206d4df6f7ee907920a71c7a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:51:58 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 16:30:23 GMT
server: AmazonS3
x-amz-request-id: NS6ZWCB4HRWRXBTP
etag: "a6d303a5ce2790633bf1105b58158151"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=35530
accept-ranges: bytes
content-length: 110445
x-amz-id-2: ff1QW1pLVoFwXV3R+0nNYlQJ/XM+5Z6xq9KKjzFPBg4GyD7N1tVmNBjaxyB6dApox4WBn5FId0I=

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12022715242204909100/ Frame BFB0 102 KB
26 KB 24ms
8ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12022715242204909100/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

713210f484c7c50c29df1c6daf5f12adf59ee52a42e76f83d9067047c04147fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Thu, 06 Jan 2022 11:32:10 GMT
expires: Fri, 06 Jan 2023 11:32:10 GMT
last-modified: Tue, 04 Jan 2022 14:36:22 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 26932
age: 357588
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3CD0 0
61 B 532ms
266ms Ping
image/gif 142.250.181.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssTisPCZmDwbitIpOK5CUQIWRi_oAvHeQQySgICl4kxy6x2UKr-SgT61_t95aKGNYc4mr2GM7EqWlf4PULknQ6xXhlcGjXwOp47YoDCX3wRxKtzhMCsRiA8gc9hYDhBeedWsqGHRKLY2YUMbG2Nn6gAV7-4lrUwtCoKoYxDtzSE4NWVftKTDv7Ni2BVhGKh-rah1bhZxlmqVfZ65uJ0olqqXH3ITDX-Mj_u2EhmMLpyN3Q4ivDrGj3pxkrxD3s4XnyOD6lyemsakK66Nmm2PWT02n6bRZMj3l_opRJY8lamzc6s0vWYURuUiDqY1CsKQEA5XnD5O8TxBeY_slqmtlpBxJiWrQwoKnQccaJh3mMfRFtGK3uRGpUXcrH49_WaRcFV0Vb1eH_dXt_OHuCAGTGDSn9w08rgKoiNesjtIgYApu0qUxTqZRaI8BY7aLz5wCFqMoxmHvmpUVeEV61LfN-eskwi9wvNA4CAEHThL70CNgmcAtfoejxF-aY5fzfP_-Vq8kyd5qGjFSqpOqTeH8YkPIEJL0P_Bf8VSxHQjDtu-gIDmh2fBL0UWMOL7hvRYUNmdA0TdttvSXrO7oDLChj6oU83jrnbYmptcmyzHIFLlONG4Bhdn14BkrrZXRRyn6U-i7QufRTEmjNc9mwaKHSj9ZV9e5YMqJd8CmQfFe-mdSwOYW6rUoas4yOoRd56J-f8Q4MUYYfOPubKn4mGWZMHztHo3VHRaQQwkPQ7gSB2GWuOrTKZFjoG8VVOotwjN5H-2g-88UEvT7Yxoz6iHysCkI7CW2DSnmAt-BXMKgca-GY0yqayuVUPk5h3967UHMB2WEaVLWIm98hA_il0ZGERPGsrXWY9mEpKr4DRcj9nKVDW3WGd5n7tW-VX7392ynIBEA_HFDTCPKVUzJ7XoyA5FqEATYaNBv-Pt2yWb529lgBN_w7NIpR1Lr03lsp7xlsUm2gCmJr7M6lRgf4tY3qZMMTrP9_i4Q991a3YHqrcqMvNSYojz1c5hF8CYHpwovDZ1Vo2RN1hntz28FLE5yJBpHV6syO8Y003SMdFypDQlZTy_EQvupD6PZ7RB4V-OGzyfIOI0r3K_O3wSAwOwyJ3ygwoS-KjGygXQDwMcuG2PAG3j5ljwcDQ1nop4TMn0IpXosWbBMqThGZXjnXTVI2OF1h858vexnNAvaT6-JUiW7U_KFP4fYQZa-BnBewE6M668ED7lUWA&sai=AMfl-YQm3slUOaY_eShDXs1cORf3f_akzbgrbgKO8NYw5Tw7mLMu8qFQbmc42ELpxiwOxWRuMU_ot99i40KVaqTuk3k__RewpmZJAC5kXEwJGVmDlKyoRxOyIsS_1S60rfTQB5SPZk3gutuMI9kWPaCGW1gYCizi&sig=Cg0ArKJSzAHax5dJSNYrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=64&cbvp=1&cstd=62&cisv=r20220104.50308&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fjr04s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 10 Jan 2022 14:51:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 1930610292164607830
tpc.googlesyndication.com/simgad/ Frame B8EF 38 KB
38 KB 61ms
61ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1930610292164607830?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm9q8bHFedLARqlw6CbiLkP3jx7DQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7678251701655050&output=html&h=280&slotname=3112364487&adk=4113227242&adf=201491406&pi=t.ma~as.3112364487&w=670&fwrn=4&fwrnh=100&lmt=1641826318&rafmt=1&psa=0&format=670x280&url=https%3A%2F%2F7zip-download.ru%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=670&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826318038&bpp=1&bdt=248&idt=141&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C670x280&nras=1&correlator=6952757924218&frm=20&pv=1&ga_vid=830560317.1641826318&ga_sid=1641826318&ga_hid=449088652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=3089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1915501816359424&pem=718&tmod=112&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Gj2xykG40E&p=https%3A//7zip-download.ru&dtd=144

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53ca65239148b774a49b98097beec080bda97f7f33627437159c14fc47f784ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:51:58 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39318
x-xss-protection: 0
last-modified: Fri, 02 Jul 2021 09:07:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Jan 2023 14:51:58 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame B8EF 19 KB
8 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:50:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7894
x-xss-protection: 0
server: cafe
etag: 10405968765291005445
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jan 2022 14:50:22 GMT

GET
H3 200 styles.min.css
s0.2mdn.net/sadbundle/12022715242204909100/ Frame BFB0 4 KB
1 KB 10ms
10ms Stylesheet
text/css 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12022715242204909100/styles.min.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8429e728bd94d2414dbaa7c9b070c87512f53295f89c170e1b164fb07106bf41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 11:32:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 357588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1353
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 14:36:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Jan 2023 11:32:10 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B8EF 0
0 55ms
54ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CaT1QDkjcYd7EDdONiQafgoOYD9TJs_dm3bL0nPwN67y3oYwOEAEg8ZXYS2D7AaAB7_WO2wPIAQKoAwHIA8kEqgTDAU_QT7nop52sIAYvUwK8PSMK6ycrioogrqwDI_YHeEd0fBUPZ9OM9W9TqqY6VhNZgJrV9o6WE7lx4HWW3cKSNDavpo6Regnd7YoifeKCjK1J3ZVkfOn8pcvh3z_N7cB0k47NS86_hLE9udy57Eu2vzV7_Lb09Zf-rXWLm1Ml9uXCZQGHq0FJwLWG-KR9Jo4wysHNflMk542drh9SI0MiHls853e1MwHEtiHqrPE1pox9vsIYq5RwPVYKmV_NNI41A3e2A8AEvof31LYCkgUECAQYAZIFBAgFGASgBgKAB562mymoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDztwLSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNzY3ODI1MTcwMTY1NTA1MBgA&sigh=J_fpfpbhvjI&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7678251701655050&output=html&h=280&slotname=3112364487&adk=4113227242&adf=201491406&pi=t.ma~as.3112364487&w=670&fwrn=4&fwrnh=100&lmt=1641826318&rafmt=1&psa=0&format=670x280&url=https%3A%2F%2F7zip-download.ru%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=670&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826318038&bpp=1&bdt=248&idt=141&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C670x280&nras=1&correlator=6952757924218&frm=20&pv=1&ga_vid=830560317.1641826318&ga_sid=1641826318&ga_hid=449088652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=3089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1915501816359424&pem=718&tmod=112&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Gj2xykG40E&p=https%3A//7zip-download.ru&dtd=144
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 10 Jan 2022 14:51:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame B8EF 2 KB
1 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1210
x-xss-protection: 0
server: cafe
etag: 9753579932288205849
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jan 2022 14:43:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B8EF 120 KB
37 KB 1077ms
923ms Script
text/javascript 2a00:1450:4019:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:51:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37632
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641385868096614"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 10 Jan 2022 14:51:59 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame B8EF 15 KB
6 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6485
x-xss-protection: 0
server: cafe
etag: 13366392639478751132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jan 2022 14:49:04 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame B8EF 27 KB
11 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf4e7ce8d3ef72d0c1df0b845ff9e3f7cfaa38c44de222afb3a31c6a2060075d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 09:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20709
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11451
x-xss-protection: 0
server: cafe
etag: 17863524699588884828
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jan 2022 09:06:49 GMT

GET
H3 200 txt1.png
s0.2mdn.net/sadbundle/12022715242204909100/img/ Frame BFB0 832 B
859 B 9ms
8ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12022715242204909100/img/txt1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

095cf251ca712c118a0498cfcf34e24679cfb126251a02ebc0f1e78393530281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 11:32:10 GMT
x-content-type-options: nosniff
age: 357588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 832
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 14:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Jan 2023 11:32:10 GMT

GET
H3 200 pastille.png
s0.2mdn.net/sadbundle/12022715242204909100/img/ Frame BFB0 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12022715242204909100/img/pastille.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1203fb47ba427097a11eb6ea862a41d292939039ff5db170ff4cfad7fd7cb464

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 11:32:10 GMT
x-content-type-options: nosniff
age: 357588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2792
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 14:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Jan 2023 11:32:10 GMT

GET
H3 200 box.png
s0.2mdn.net/sadbundle/12022715242204909100/img/ Frame BFB0 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12022715242204909100/img/box.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe02e1d3b8ee9bda28a1868227e2a876700e7cb9281482d4982c6577870c6473

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 11:32:10 GMT
x-content-type-options: nosniff
age: 357588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2141
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 14:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Jan 2023 11:32:10 GMT

GET
H3 200 txt2.png
s0.2mdn.net/sadbundle/12022715242204909100/img/ Frame BFB0 1 KB
1 KB 12ms
10ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12022715242204909100/img/txt2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f1e45a2f375ee150765d8a5984498397963021b804048dd410c438c974444f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 11:32:10 GMT
x-content-type-options: nosniff
age: 357588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1307
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 14:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Jan 2023 11:32:10 GMT

GET
H3 200 txt3.png
s0.2mdn.net/sadbundle/12022715242204909100/img/ Frame BFB0 524 B
551 B 12ms
10ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12022715242204909100/img/txt3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058dd7d3ba6dc0d575b24bc6d6a68528dd1c84c1135977eecf852d5bfa9a8a29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 11:32:10 GMT
x-content-type-options: nosniff
age: 357588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 524
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 14:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Jan 2023 11:32:10 GMT

GET
H3 200 mobile.png
s0.2mdn.net/sadbundle/12022715242204909100/img/ Frame BFB0 4 KB
4 KB 14ms
12ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12022715242204909100/img/mobile.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15e5a0418e165576861190e63d63dd59eeb0e4236752f7a5e23d493b993c8d78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 11:32:10 GMT
x-content-type-options: nosniff
age: 357588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4509
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 14:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Jan 2023 11:32:10 GMT

GET
H3 200 txt4.png
s0.2mdn.net/sadbundle/12022715242204909100/img/ Frame BFB0 914 B
941 B 13ms
11ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12022715242204909100/img/txt4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8cc34c6ccbed8bc9258a121e454c578633ec09c40c89ec221dec7dbb449c09f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 11:32:10 GMT
x-content-type-options: nosniff
age: 357588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 914
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 14:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Jan 2023 11:32:10 GMT

GET
H3 200 txt5.png
s0.2mdn.net/sadbundle/12022715242204909100/img/ Frame BFB0 1 KB
1 KB 20ms
18ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12022715242204909100/img/txt5.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faf539253910399c83e8c0ca96e95ef91e8031bedf0d2fce8766b7584273d736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 11:32:10 GMT
x-content-type-options: nosniff
age: 357588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1090
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 14:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Jan 2023 11:32:10 GMT

GET
H3 200 txt6.png
s0.2mdn.net/sadbundle/12022715242204909100/img/ Frame BFB0 892 B
919 B 22ms
20ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12022715242204909100/img/txt6.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35547778d9b76548dc16aa8c83b6ffcbb1ff83ce91a61825fb98b448792ecd7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 11:32:10 GMT
x-content-type-options: nosniff
age: 357588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 892
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 14:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Jan 2023 11:32:10 GMT

GET
H3 200 txt7.png
s0.2mdn.net/sadbundle/12022715242204909100/img/ Frame BFB0 772 B
799 B 18ms
17ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12022715242204909100/img/txt7.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

758f5bfc0096913527454e997e5e532bb648017fdf92674ceaf5ce4d7f584414

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 11:32:10 GMT
x-content-type-options: nosniff
age: 357588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 772
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 14:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Jan 2023 11:32:10 GMT

GET
H3 200 pastille1.png
s0.2mdn.net/sadbundle/12022715242204909100/img/ Frame BFB0 3 KB
3 KB 20ms
19ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12022715242204909100/img/pastille1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c995ea84b89ee0c781907b8f71bc0183069d75ea82bee4541434babc3ee2886

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 11:32:10 GMT
x-content-type-options: nosniff
age: 357588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2800
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 14:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Jan 2023 11:32:10 GMT

GET
H3 200 mobile1.png
s0.2mdn.net/sadbundle/12022715242204909100/img/ Frame BFB0 1 KB
2 KB 19ms
18ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12022715242204909100/img/mobile1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

933a12e2d0e7c28ee656a41e6611fed291116349b5049ac88943deb4d65ae0fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 11:32:10 GMT
x-content-type-options: nosniff
age: 357588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1516
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 14:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Jan 2023 11:32:10 GMT

GET
H3 200 box1.png
s0.2mdn.net/sadbundle/12022715242204909100/img/ Frame BFB0 1 KB
1 KB 19ms
17ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12022715242204909100/img/box1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2fe52468910c3a22a935a54948a9b17f34519006d27a9e7d8ebf82eedea8e30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 11:32:10 GMT
x-content-type-options: nosniff
age: 357588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1051
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 14:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Jan 2023 11:32:10 GMT

GET
H3 200 txt8.png
s0.2mdn.net/sadbundle/12022715242204909100/img/ Frame BFB0 679 B
706 B 19ms
17ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12022715242204909100/img/txt8.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7363c6f215a3618a270f07722e945843fe7ef7afa844d56c8f5ed232369851e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 11:32:10 GMT
x-content-type-options: nosniff
age: 357588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 679
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 14:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Jan 2023 11:32:10 GMT

GET
H3 200 txt9.png
s0.2mdn.net/sadbundle/12022715242204909100/img/ Frame BFB0 769 B
796 B 21ms
20ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12022715242204909100/img/txt9.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d35f0c428f99e330c502a0e288801a82542e203ee0e7713469a7cd53ed73419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 11:32:10 GMT
x-content-type-options: nosniff
age: 357588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 769
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 14:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Jan 2023 11:32:10 GMT

GET
H3 200 txt10.png
s0.2mdn.net/sadbundle/12022715242204909100/img/ Frame BFB0 503 B
530 B 18ms
16ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12022715242204909100/img/txt10.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

993b3b673281f17a87c02ea92e2adf679bf6fe911c4eeb2383cf2a4727a5619f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 11:32:10 GMT
x-content-type-options: nosniff
age: 357588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 503
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 14:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Jan 2023 11:32:10 GMT

GET
H3 200 txt11.png
s0.2mdn.net/sadbundle/12022715242204909100/img/ Frame BFB0 346 B
373 B 16ms
15ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12022715242204909100/img/txt11.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26570e7d49a36ba5c75a57fa2c8717842463f88a6da1d5006530ac51521a7dad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 11:32:10 GMT
x-content-type-options: nosniff
age: 357588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 346
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 14:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Jan 2023 11:32:10 GMT

GET
H3 200 Footer.png
s0.2mdn.net/sadbundle/12022715242204909100/img/ Frame BFB0 841 B
868 B 18ms
17ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12022715242204909100/img/Footer.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88b82a65ad8970dca788e91d5902b7b18d29633219b2c8f58faf661b5efd0ef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 11:32:10 GMT
x-content-type-options: nosniff
age: 357588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 841
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 14:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Jan 2023 11:32:10 GMT

GET
H3 200 prod.png
s0.2mdn.net/sadbundle/12022715242204909100/img/ Frame BFB0 2 KB
2 KB 17ms
16ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12022715242204909100/img/prod.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77aeb010cc91bfa11147b15dd6ba3405aa1185cd19b64c8bb2ba016834b72917

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 11:32:10 GMT
x-content-type-options: nosniff
age: 357588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2091
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 14:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Jan 2023 11:32:10 GMT

GET
H3 200 cartouche.png
s0.2mdn.net/sadbundle/12022715242204909100/img/ Frame BFB0 617 B
644 B 17ms
15ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12022715242204909100/img/cartouche.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1fbc2f69d2ef93d1cc600791d371d2d98ce337f87d97f4e87ea192501eb56ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 11:32:10 GMT
x-content-type-options: nosniff
age: 357588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 617
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 14:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Jan 2023 11:32:10 GMT

GET
H3 200 txt.png
s0.2mdn.net/sadbundle/12022715242204909100/img/ Frame BFB0 904 B
931 B 16ms
15ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12022715242204909100/img/txt.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58f042bdf1d7e50cc406e981b897f0e522f1010eeb6223d017cf9fd5db2a4da5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 11:32:10 GMT
x-content-type-options: nosniff
age: 357588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 904
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 14:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Jan 2023 11:32:10 GMT

GET
H3 200 ml.png
s0.2mdn.net/sadbundle/12022715242204909100/img/ Frame BFB0 6 KB
6 KB 15ms
13ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12022715242204909100/img/ml.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a72192b63d786df3ec7a0ea2e2fc79e996aefc5daa49ae0035696a63678643ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 11:32:10 GMT
x-content-type-options: nosniff
age: 357588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6353
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 14:36:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Jan 2023 11:32:10 GMT

GET
H3 200 scripts.min.js Show response
s0.2mdn.net/sadbundle/12022715242204909100/ Frame BFB0 70 KB
26 KB 8ms
7ms Script
application/x-javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12022715242204909100/scripts.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c3aafd8e11e796ef6f1fe69ebde7ea936499dc5dc6bc5c7f095ce6b75de5aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12022715242204909100/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 11:32:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 357588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26931
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 14:36:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Jan 2023 11:32:10 GMT

GET
H3 200 V_1BK8LT12tPAXVBd9VW07x8-6IwLId0KwHdjemGMHg.js Show response
pagead2.googlesyndication.com/bg/ Frame E5C0 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V_1BK8LT12tPAXVBd9VW07x8-6IwLId0KwHdjemGMHg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57fd412bc2d3d76b4f01754177d556d3bc7cfba2302c87742b01dd8de9863078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:40:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13406
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Jan 2023 13:40:10 GMT

GET
DATA 200
OK truncated
/ Frame BFB0 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9140 143 B
163 B 9ms
8ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7678251701655050&output=html&h=280&slotname=3112364487&adk=4113227242&adf=201491406&pi=t.ma~as.3112364487&w=670&fwrn=4&fwrnh=100&lmt=1641826318&rafmt=1&psa=0&format=670x280&url=https%3A%2F%2F7zip-download.ru%2F&flash=0&fwr=0&fwrattr=true&rh=280&rw=670&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826318038&bpp=1&bdt=248&idt=141&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C670x280&nras=1&correlator=6952757924218&frm=20&pv=1&ga_vid=830560317.1641826318&ga_sid=1641826318&ga_hid=449088652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=3089&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1915501816359424&pem=718&tmod=112&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Gj2xykG40E&p=https%3A//7zip-download.ru&dtd=144

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 10 Jan 2022 14:04:55 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2823
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 n.js Show response
geo.moatads.com/ Frame 8D53 84 B
258 B 172ms
36ms Script
text/html 34.252.133.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=3719689544&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-4UGDNwRTPmOps3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-hTUy9DU1NqKUTA%3D%3D&sc=1&os=1-mA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1005&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2F7zip-download.ru&lp=https%3A%2F%2F7zip-download.ru&t=1641826318772&de=587938785939&m=0&ar=cc97a930ec1-clean&iw=b5a7f16&q=2&cb=0&ym=0&cu=1641826318772&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=27011009%3A4440622%3A325146501%3A164591496&zMoatMarket=FR&zMoatADV=8364571&zMoatDBMCampID=15702624366&zMoatDBMIOID=25818120&zMoatDBMCreaID=400166658&zGSRS=1&zGSRC=1&gu=https%3A%2F%2F7zip-download.ru%2F&id=0&ii=3&bo=7zip-download.ru&bd=7zip-download.ru&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=havasfrorangedcmdisplay758646212611&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A87&jk=-1&jm=-1&fs=195926&na=2021405881&cs=0&ord=1641826318772&jv=163431109&callback=DOMlessLLDcallback_18056801
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/havasfrorangedcmdisplay758646212611/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.133.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-133-182.eu-west-1.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: 1aab7955e72249e78f1582ae79f402aa6c698a5ee9937b36aeabf7759aff3d9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:51:59 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "2a7e350086ac908c709f46e1799f94f7d8f6ab05"
content-length: 84
content-type: text/html; charset=UTF-8

GET
H2 200 v2 Show response
mb.moatads.com/s/ Frame 8D53 153 B
328 B 166ms
30ms Script
text/html 3.11.43.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/s/v2?url=https%3A%2F%2F7zip-download.ru%2F&pcode=havasfrorangedcmdisplay758646212611&ord=1641826318772&jv=1554168131&callback=BrandSafetyNadoscallback_18056801
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/havasfrorangedcmdisplay758646212611/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.43.80 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-43-80.eu-west-2.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: 76c0df7333db860371ba5c2266c78d240c1b9ae0a859cc891786a561d6408454

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:51:59 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "2b3a0840f665e500ef0bda0a0f1e64b680950ca6"
content-length: 153
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ Frame 8D53 43 B
260 B 16ms
7ms Image
image/gif 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2F7zip-download.ru&lp=https%3A%2F%2F7zip-download.ru&t=1641826318772&de=587938785939&m=0&ar=cc97a930ec1-clean&iw=b5a7f16&q=3&cb=0&ym=0&cu=1641826318772&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=27011009%3A4440622%3A325146501%3A164591496&zMoatMarket=FR&zMoatADV=8364571&zMoatDBMCampID=15702624366&zMoatDBMIOID=25818120&zMoatDBMCreaID=400166658&zGSRS=1&zGSRC=1&gu=https%3A%2F%2F7zip-download.ru%2F&id=0&ii=3&bo=7zip-download.ru&bd=7zip-download.ru&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=havasfrorangedcmdisplay758646212611&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A87&jk=-1&jm=-1&fs=195926&na=1260397204&cs=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:51:58 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 10 Jan 2022 14:51:58 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3CD0 0
60 B 257ms
255ms Ping
image/gif 142.250.181.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssTisPCZmDwbitIpOK5CUQIWRi_oAvHeQQySgICl4kxy6x2UKr-SgT61_t95aKGNYc4mr2GM7EqWlf4PULknQ6xXhlcGjXwOp47YoDCX3wRxKtzhMCsRiA8gc9hYDhBeedWsqGHRKLY2YUMbG2Nn6gAV7-4lrUwtCoKoYxDtzSE4NWVftKTDv7Ni2BVhGKh-rah1bhZxlmqVfZ65uJ0olqqXH3ITDX-Mj_u2EhmMLpyN3Q4ivDrGj3pxkrxD3s4XnyOD6lyemsakK66Nmm2PWT02n6bRZMj3l_opRJY8lamzc6s0vWYURuUiDqY1CsKQEA5XnD5O8TxBeY_slqmtlpBxJiWrQwoKnQccaJh3mMfRFtGK3uRGpUXcrH49_WaRcFV0Vb1eH_dXt_OHuCAGTGDSn9w08rgKoiNesjtIgYApu0qUxTqZRaI8BY7aLz5wCFqMoxmHvmpUVeEV61LfN-eskwi9wvNA4CAEHThL70CNgmcAtfoejxF-aY5fzfP_-Vq8kyd5qGjFSqpOqTeH8YkPIEJL0P_Bf8VSxHQjDtu-gIDmh2fBL0UWMOL7hvRYUNmdA0TdttvSXrO7oDLChj6oU83jrnbYmptcmyzHIFLlONG4Bhdn14BkrrZXRRyn6U-i7QufRTEmjNc9mwaKHSj9ZV9e5YMqJd8CmQfFe-mdSwOYW6rUoas4yOoRd56J-f8Q4MUYYfOPubKn4mGWZMHztHo3VHRaQQwkPQ7gSB2GWuOrTKZFjoG8VVOotwjN5H-2g-88UEvT7Yxoz6iHysCkI7CW2DSnmAt-BXMKgca-GY0yqayuVUPk5h3967UHMB2WEaVLWIm98hA_il0ZGERPGsrXWY9mEpKr4DRcj9nKVDW3WGd5n7tW-VX7392ynIBEA_HFDTCPKVUzJ7XoyA5FqEATYaNBv-Pt2yWb529lgBN_w7NIpR1Lr03lsp7xlsUm2gCmJr7M6lRgf4tY3qZMMTrP9_i4Q991a3YHqrcqMvNSYojz1c5hF8CYHpwovDZ1Vo2RN1hntz28FLE5yJBpHV6syO8Y003SMdFypDQlZTy_EQvupD6PZ7RB4V-OGzyfIOI0r3K_O3wSAwOwyJ3ygwoS-KjGygXQDwMcuG2PAG3j5ljwcDQ1nop4TMn0IpXosWbBMqThGZXjnXTVI2OF1h858vexnNAvaT6-JUiW7U_KFP4fYQZa-BnBewE6M668ED7lUWA&sai=AMfl-YQm3slUOaY_eShDXs1cORf3f_akzbgrbgKO8NYw5Tw7mLMu8qFQbmc42ELpxiwOxWRuMU_ot99i40KVaqTuk3k__RewpmZJAC5kXEwJGVmDlKyoRxOyIsS_1S60rfTQB5SPZk3gutuMI9kWPaCGW1gYCizi&sig=Cg0ArKJSzAHax5dJSNYrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=329&vt=11&dtpt=265&dett=3&cstd=62&cisv=r20220104.50308&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: 7zip-download.ru
URL: https://7zip-download.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fjr04s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 10 Jan 2022 14:51:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 pixel.gif
px.moatads.com/ Frame 8D53 43 B
260 B 14ms
13ms Image
image/gif 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2Fsadbundle%2F12022715242204909100%2Findex.html&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=3719689544&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-4UGDNwRTPmOps3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-hTUy9DU1NqKUTA%3D%3D&sc=1&os=1-mA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1005&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2F7zip-download.ru%2F&id=0&ii=3&f=1&j=https%3A%2F%2F7zip-download.ru&lp=https%3A%2F%2F7zip-download.ru&t=1641826318772&de=587938785939&cu=1641826318772&m=107&ar=cc97a930ec1-clean&iw=b5a7f16&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A87&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=89&cd=0&ah=89&am=0&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=27011009%3A4440622%3A325146501%3A164591496&bo=7zip-download.ru&bd=7zip-download.ru&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8364571&zMoatDBMCampID=15702624366&zMoatDBMIOID=25818120&zMoatDBMCreaID=400166658&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jk=-1&jm=-1&tc=0&fs=195926&na=2047257405&cs=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:51:58 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 10 Jan 2022 14:51:58 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7BB9 4 KB
1 KB 44ms
17ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7678251701655050&output=html&h=280&slotname=4425446158&adk=2843444959&adf=3159113135&pi=t.ma~as.4425446158&w=670&fwrn=4&fwrnh=100&lmt=1641826318&rafmt=1&psa=0&format=670x280&url=https%3A%2F%2F7zip-download.ru%2F&flash=0&fwr=0&fwrattr=true&rh=173&rw=670&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826318037&bpp=1&bdt=246&idt=107&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6952757924218&frm=20&pv=1&ga_vid=830560317.1641826318&ga_sid=1641826318&ga_hid=449088652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=1003&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1915501816359424&pem=718&tmod=112&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WEqParqW7l&p=https%3A//7zip-download.ru&dtd=114

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 13:53:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 10 Jan 2022 14:51:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Jan 2022 14:51:59 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 7BB9 1 KB
880 B 9ms
9ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jan 2022 14:42:56 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame 7BB9 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:50:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7894
x-xss-protection: 0
server: cafe
etag: 10405968765291005445
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jan 2022 14:50:22 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 7BB9 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:43:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1210
x-xss-protection: 0
server: cafe
etag: 9753579932288205849
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jan 2022 14:43:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7BB9 120 KB
37 KB 880ms
879ms Script
text/javascript 2a00:1450:4019:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:51:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37632
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641385868096614"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 10 Jan 2022 14:51:59 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 7BB9 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6485
x-xss-protection: 0
server: cafe
etag: 13366392639478751132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jan 2022 14:49:04 GMT

GET
H2 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame 7BB9 27 KB
12 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 10 Apr 2022 13:17:55 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10568657186033072659/ Frame 7BB9 6 KB
7 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10568657186033072659/downsize_200k_v1?w=200&h=200

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4e141685c35f42bc6c6191d47d6bb012044e1e7d3205bf7298e2bb23e9b879e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 13:50:25 GMT
x-content-type-options: nosniff
age: 435694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6653
x-xss-protection: 0
last-modified: Mon, 16 Sep 2019 22:56:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 05 Jan 2023 13:50:25 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15757597862907311081/ Frame 7BB9 12 KB
12 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15757597862907311081/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1354e5639ca082d871688aa03044c6b32e25d49b53a76e83cdf46d704e9049fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 11:44:48 GMT
x-content-type-options: nosniff
age: 529631
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12609
x-xss-protection: 0
last-modified: Sat, 06 Feb 2021 21:02:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 04 Jan 2023 11:44:48 GMT

GET
DATA 200
OK truncated
/ Frame 7BB9 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7BB9 0
0 48ms
48ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ChYleDkjcYbCEDO6UiQaa2IugBPrem61m88G7m8gOg6Da1Y0OEAEg8ZXYS2D7AaABm9KC4gPIAQmpAnfcMZMyBLM-qAMByAPLBKoE6QFP0IHd61LYGeRlpUeRZKvj0QxVLwgcC_1xZZ0LmU-5X-HKxPUBkLOoVg6dIYWI7SIeHz4sYGQb4sr3JBE5L2D_NLlwKolh1fHRcj8Y1XUp73uRMF7S4InyO32zKBkSI2TfY7WZqizXIE7jJlUgXuRAa2u4v0TnOY0QRTiksy_u9f_QmTq19TppKpGwKmXEynME1qgqxccweKAxm6frGTtxZh4o14-Oh9DMbbtZbzLU5c-QzITKfJbf01NtuE56lD15scwpwcEehE72g5NcQOxkpC7oAow8BZqpwz9LPzkFQ1uSwr4J-T_xH8AEiKLH1IcCkgUECAQYAZIFBAgFGASgBi6AB_zW9QuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCT1QnSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNzY3ODI1MTcwMTY1NTA1MBgA&sigh=dqhHoMIiH9w&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7678251701655050&output=html&h=280&slotname=4425446158&adk=2843444959&adf=3159113135&pi=t.ma~as.4425446158&w=670&fwrn=4&fwrnh=100&lmt=1641826318&rafmt=1&psa=0&format=670x280&url=https%3A%2F%2F7zip-download.ru%2F&flash=0&fwr=0&fwrattr=true&rh=173&rw=670&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641826318037&bpp=1&bdt=246&idt=107&shv=r20220104&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6952757924218&frm=20&pv=1&ga_vid=830560317.1641826318&ga_sid=1641826318&ga_hid=449088652&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=1003&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063947&oid=2&pvsid=1915501816359424&pem=718&tmod=112&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=WEqParqW7l&p=https%3A//7zip-download.ru&dtd=114
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 10 Jan 2022 14:51:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9140
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

77ms
76ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 10 Jan 2022 14:51:59 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 10 Jan 2022 14:51:59 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 10 Jan 2022 14:51:59 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 8D53 43 B
253 B 109ms
19ms Image
image/gif 104.89.28.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=89&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=7zip-download.ru&L1id=27011009&L2id=4440622&L3id=325146501&L4id=164591496&S1id=7zip-download.ru&S2id=7zip-download.ru&ord=1641826318772&r=587938785939&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatADV=8364571&url=https%253A%252F%252F7zip-download.ru%252F&bedc=1&q=1&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.28.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-28-234.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:51:59 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 10 Jan 2022 14:51:59 GMT

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 8D53 43 B
253 B 111ms
21ms Image
image/gif 104.89.28.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=89&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=7zip-download.ru&L1id=27011009&L2id=4440622&L3id=325146501&L4id=164591496&S1id=7zip-download.ru&S2id=7zip-download.ru&ord=1641826318772&r=587938785939&t=bs&os=0&fi2=0&div1=0&ait=0&zMoatADV=8364571&url=https%253A%252F%252F7zip-download.ru%252F&bedc=1&q=2&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.28.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-28-234.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:51:59 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 10 Jan 2022 14:51:59 GMT

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 8D53 43 B
253 B 112ms
22ms Image
image/gif 104.89.28.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=70&fi=0&apd=229&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=7zip-download.ru&L1id=27011009&L2id=4440622&L3id=325146501&L4id=164591496&S1id=7zip-download.ru&S2id=7zip-download.ru&ord=1641826318772&r=587938785939&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatADV=8364571&url=https%253A%252F%252F7zip-download.ru%252F&bedc=1&q=3&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.28.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-28-234.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:51:59 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 10 Jan 2022 14:51:59 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 012B 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BeDAnDkjcYajkDce0iQalxoKoDAAAAAA4AeAEAg&bg=!eHulez_NAAbDtiZlw7Y7ACkAdvg8Wgnk1lOiurO3vauYVIKX-7329Cv_PipMm57qO7kQ__q0n9YI9QIAAAFkUgAAABloAQcKAKXetT8RFIqlVdvAnuoGeYxmMr7wCRL8NvyotkjuwzMRCIDwHA3snWtG17iupHRnDwwhPFLAPtpreCKtT5myrRRovwL2x9DyBLj2OTJ6isok1cb4QUrpsE_ynOTJklgxsdxRulz78RresDxVagm0xMwvttmNB-yKtC_UJpnJkHODT2sbbfzdYQiR1vTM9fvLtfdTJhQHJTbVMp6fwZN3zl3QqZbN1dOZAsjFK2e2YQZkDAYzIqK1MI3gk_vCIqlUPvVJv7ul29fIcwE-Vc6L59KBs8x7GJtSiVNVkruzCKpPKqqeHEZTTuv0sM8AGAjSNtVNTrwk-NtPK2Wd0i6xrdKdox5w9GkM4mkmM8gll5m4eRRvi5Oj1z2R7gwnGYTXoG0jyoWPP7MAke1Qxc4yqi13YW2vrmdT5U8oTbA8pkQNWrBfe_P_WApIayolnLjpdWqTz1AtUckunu7jq3_cLoe0bpBpdwGD4uvkun2zU8dKZV2uZ7JfbIsqhTnbzvXsNbazlfjipqNuHYt_pir5WKnqK5-UqsrAEtZQ9XUBVKoFGfePUKCLtYi3JArTCwjI-w9zvw5dZJnJXsK8jrq4XutcrxDrbNoHJ1HPLlVwN7Sa9fDeSABFXu-ITfpx9lkScvAW5tnMwZrLyKPxvsF4ZAIa8LvzL-hsPCIWku6Gyh7b-mE82DvPCqh-Ou8vy4EA4UAFRhBwq5xiswLUCpfOAzizB8AoCpO7x792l-oOjVs6-Kt50w0iuVYt-NAo2PMck1olJTFZEHHbIkmFy898P0-9F3MIatFES0DFQpQKap9_YomPGlUKuLkLK2CI2VevH46ghybkUaIOQzdRhIqKk5_hpS7LWTBwhKkItYxKCzmMiVbCBYHU_0wIj-V9rmyqevcpqru-8ulbXoKl9XVKHZsdixz1QfhkmdqKuG4uoINNOAhkdTkDjeDgQ5GdlIGnD6oFXld_Zb3TeluaJftDfWKXKNTWOaUplYAVpWnEJTmyaQBR8Uz1ZAYdieKDl6jD_09X8fZUILQOZswhpSEIAevyXb2GImKu58bE9W0rLMtAG4qxZKvpOk2P8RM1E9g3HmIRyaopGPDUBgFuG5I3X2mC34xDhpQ3ljL3WDc6sNz9_q-X9US4V0vOA7_HKks6AD73AwNJbU-nolzIkyJ41MQe

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:51:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E5C0 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6ZhkDkjcYZLhIcOk3gObv6DoAQAAAAA4AeAEAg&bg=!8POl87fNAAbDtiZlw7Y7ACkAdvg8Wv1x0hcU_zuOG6K7rJChu_Lrke_J-LDMHHjpQ_o0Ngg6TRUrqQIAAACqUgAAAA1oAQcKAIHWWBnPLCNsb6BaaxzQRsYBrR8aaHsbOvJ3-X6513qzLaYv8Xpgjt8GmKiI53ah8uvDRUlcWieq41lCT3dM_gNpB90MmSJnYHosqWe6jX_SDeCF2ZreznYnapoyQNk-6bscbbxpXoc82xwXVglpeNBEAJo-kRo8szGzZbUwOeIfpYeZAtRhrYkrijAP0F8qQSF5Q9D93YZYIGp-PzxTfrHbMdW-CUbyLo-uEnpL4l4j2veKRJBvm28Jjyvr-x1C6qPOJ5-9OXNaZA4OupZWejRo17fMG8pKl93DOFq1fvUMx0OKzmaplTU_dSLNEi4OK_-HwElZ1tXA2l0sYxoJXmtyUYcHHSP22V2fF45fhInnbeaPi_fTekw39edJep-rTwVTwIQe2iXLpHbhxhtL7dXPn1CdiuMfSQkyhMUkEgEa4b51ie141LQtFelx5QP1_Z2Gz2xKa39tapQmReTS9l9YfbFrq_-x50KX11-ZsWROKavWa94iqx4ASxHDSKTc_WTf47pf5WWMp0kenH-VIYZiFr8rvAF7ClKNe727WOaEQ-xkDuM5MGhoXQ_J1gbluoifXjWARn1q99w-IV539xmKitO5qZHQnhOxg1htgVn89s1zo5EvE2Kk-k784FT0MjUWGTGwEh-3h9t7OgBW_I8ZrjV4_abOQpC2FQDu9wdnX24ODgJgktzZILR0MSHHCDWtf4P6xIAm6BTc5NvNZL66pNr4mDwCJ2SR4kjfyQdzKntcVL_hmduNlKXRMLqQvQwobZooPG6G9lad0t1rQa5tSP-3lsQQPojk3zHDFlTjEXljvEyCQCpo-TbUK_mF8xyxaV22Lzu0MpDWk-Ytmk0bDG5qYL42jXM96IbYSgJWNrpiuhG19odlM_ME_SwPbJPHeLTksQo3ipbl9msL84jn8zKtOeleRTP9N5FNWImYFzfSVB0MSX4BHNGoVvpWUte54bebCoCtE75mMHlJ8rnTR7_pojPrxFBuPG3vyWXskurX3W3QS5WIhwaN8Ca2-VZio0qRBkuCvKj4-lQODFbWbca0t1waVyN3cihcU92adK1ozQau4eOWGaP56XyoaBNf31ipLlCW6GXkm6deLSNY8Dz6Hm5a1rRPjbUvrXoQkB3tg-RDdhKz

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:51:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 8D53 43 B
253 B 10ms
9ms Image
image/gif 104.89.28.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=271&fi=0&apd=430&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=7zip-download.ru&L1id=27011009&L2id=4440622&L3id=325146501&L4id=164591496&S1id=7zip-download.ru&S2id=7zip-download.ru&ord=1641826318772&r=587938785939&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatADV=8364571&url=https%253A%252F%252F7zip-download.ru%252F&bedc=1&q=4&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.28.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-28-234.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:51:59 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 10 Jan 2022 14:51:59 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 8D53 43 B
260 B 9ms
9ms Image
image/gif 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=3719689544&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-4UGDNwRTPmOps3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-hTUy9DU1NqKUTA%3D%3D&sc=1&os=1-mA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1005&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2F7zip-download.ru%2F&id=0&ii=3&f=1&j=https%3A%2F%2F7zip-download.ru&lp=https%3A%2F%2F7zip-download.ru&t=1641826318772&de=587938785939&cu=1641826318772&m=643&ar=cc97a930ec1-clean&iw=b5a7f16&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=196&lg=1&lh=55&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=99&vx=-%3A99%3A-&pe=0%3A-%3A-%3A0%3A87&aa=0&ad=472&cn=0&gk=101&gl=0&ik=101&ic=101&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=430&cd=89&ah=430&am=89&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=27011009%3A4440622%3A325146501%3A164591496&bo=7zip-download.ru&bd=7zip-download.ru&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8364571&zMoatDBMCampID=15702624366&zMoatDBMIOID=25818120&zMoatDBMCreaID=400166658&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=4&jm=-1&tc=0&fs=195926&na=158550381&cs=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:51:59 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 10 Jan 2022 14:51:59 GMT

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 8D53 43 B
253 B 10ms
9ms Image
image/gif 104.89.28.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=472&fi=1&apd=631&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=7zip-download.ru&L1id=27011009&L2id=4440622&L3id=325146501&L4id=164591496&S1id=7zip-download.ru&S2id=7zip-download.ru&ord=1641826318772&r=587938785939&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatADV=8364571&url=https%253A%252F%252F7zip-download.ru%252F&bedc=1&q=5&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.28.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-28-234.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:51:59 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 10 Jan 2022 14:51:59 GMT

GET
DATA 200
OK truncated
/ Frame B9D6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36a4d900942c9d877617c4a7d2bd19c56b6b314ed58c55a7168f88029b37feaa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3CD0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 876d9183a839e9ebec71a862e9edc1411aab76023c07b48068777775a0f1736e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B8EF 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eff14f230cc98b79a19ee495997b64aaec40e080c1455b32407aeb5e72dfdcd3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 V_1BK8LT12tPAXVBd9VW07x8-6IwLId0KwHdjemGMHg.js Show response
pagead2.googlesyndication.com/bg/ Frame EB8E 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V_1BK8LT12tPAXVBd9VW07x8-6IwLId0KwHdjemGMHg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57fd412bc2d3d76b4f01754177d556d3bc7cfba2302c87742b01dd8de9863078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:40:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13406
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Jan 2023 13:40:10 GMT

GET
DATA 200
OK truncated
/ Frame 7BB9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee143c148306e3f3eebfe0307833c12892751a76d085af237bddba60cabdab65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 7BB9 15 KB
16 KB 38ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 420940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 05 Jan 2023 17:56:19 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 40ms
24ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220104&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a47d7d32fa816a2dc32057be6fbf9c819ab296f47cfbd47b47bb288d246f934a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 10 Jan 2022 14:52:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8549
x-xss-protection: 0

GET
H3 200 V_1BK8LT12tPAXVBd9VW07x8-6IwLId0KwHdjemGMHg.js Show response
pagead2.googlesyndication.com/bg/ Frame CEFA 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V_1BK8LT12tPAXVBd9VW07x8-6IwLId0KwHdjemGMHg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57fd412bc2d3d76b4f01754177d556d3bc7cfba2302c87742b01dd8de9863078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:40:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13406
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Jan 2023 13:40:10 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 8D53 43 B
260 B 10ms
10ms Image
image/gif 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=3719689544&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-4UGDNwRTPmOps3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-hTUy9DU1NqKUTA%3D%3D&sc=1&os=1-mA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1005&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2F7zip-download.ru%2F&id=0&ii=3&f=1&j=https%3A%2F%2F7zip-download.ru&lp=https%3A%2F%2F7zip-download.ru&t=1641826318772&de=587938785939&cu=1641826318772&m=1255&ar=cc97a930ec1-clean&iw=b5a7f16&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=196&lg=1&lh=55&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A1343%3A87&aa=1&ad=1085&cn=472&gk=714&gl=101&ik=714&ic=714&ez=1&co=1085&cp=1044&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1044&cd=430&ah=1044&am=430&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=27011009%3A4440622%3A325146501%3A164591496&bo=7zip-download.ru&bd=7zip-download.ru&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8364571&zMoatDBMCampID=15702624366&zMoatDBMIOID=25818120&zMoatDBMCreaID=400166658&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=5&jm=-1&tc=0&fs=195926&na=1530174259&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:52:00 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 10 Jan 2022 14:52:00 GMT

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 8D53 43 B
253 B 8ms
8ms Image
image/gif 104.89.28.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1044&tet=1085&fi=1&apd=1244&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=7zip-download.ru&L1id=27011009&L2id=4440622&L3id=325146501&L4id=164591496&S1id=7zip-download.ru&S2id=7zip-download.ru&ord=1641826318772&r=587938785939&t=iv&os=1&fi2=0&div1=0&ait=0&zMoatADV=8364571&url=https%253A%252F%252F7zip-download.ru%252F&bedc=1&q=6&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.28.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-28-234.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:52:00 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 10 Jan 2022 14:52:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:52:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 10 Jan 2022 14:52:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BD98 13 KB
5 KB 10ms
10ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/

Response headers

cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Mon, 10 Jan 2022 14:45:37 GMT
expires: Tue, 10 Jan 2023 14:45:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 383
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 31F9 783 B
534 B 41ms
18ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f4d9e7057fcc6b63f48fd28bffe95c3eadb26a098497218db1ece1177f2e508c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-d9y+1XxfNH+waolUWmJWVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 10 Jan 2022 14:52:00 GMT
date: Mon, 10 Jan 2022 14:52:00 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-d9y+1XxfNH+waolUWmJWVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 V_1BK8LT12tPAXVBd9VW07x8-6IwLId0KwHdjemGMHg.js Show response
pagead2.googlesyndication.com/bg/ Frame BD98 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V_1BK8LT12tPAXVBd9VW07x8-6IwLId0KwHdjemGMHg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57fd412bc2d3d76b4f01754177d556d3bc7cfba2302c87742b01dd8de9863078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 13:40:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13406
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Jan 2023 13:40:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 31F9 0
0 43ms
43ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220104&jk=1915501816359424&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BD98 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bYI8ZQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 14:52:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220104&jk=1915501816359424&bg=!WlmlWR3NAAbDtiZlw7Y7ACkAdvg8Wpms_GK-38la-otUtnof-HJpFfTBKWEjhOalPglNcy4f5knYIwIAAABeUgAAAApoAQcKAOc49p2u3Lvw1bkBlgGHP5Vbd5gaWnUbD_HSdODsiAQCKQL1MUoF9VVKgdfrxf0TC_S6cHNpzJJeG7CPKpSwCT6ftpznmBlvs1g3yClwSz8VE6QMPS3hj3shM3qUWmOw6r5uugKqQrg9k-UjUFFq0i4F3L_uv2Wxh54hLbLLeOEtMKiU7btEx7q0k99-4WlXAkI_NLZssFi-GXyoZzMT8N8_JJJ8Xq56ncKnINMkPaf5xBXHvwc4NRUQl7fhCbdYjqGlP09u85JYmuF0NBgD5dXGsK99VAuTNkkMQB2XgCJw9uYKSIM8fFyZAn-CPl8IQXvF-N-l54sl165nyGgJAdZH4s29XRh7568rhmE_0CyTaguB6bsxUYatHL2g2BsJrWnyHjSo8zoTtnoRIkUr4s_Gj7jAY1yZBvYz-0xB2_GOR8Fp1_MbeA1coiuacTJdlZykpjXVjKsPNGVz_vy8wNg-BR58DArc8gR79uyY5oHMdXQgmWH2ynUzV3NcSJ--NAQ0LYgUp8oL6PP3EOPcpEaHG02sN1cpPYtqtOOhzIbB62UPihi57WiLsSUJ5iqtpgS7d-6Pl_IdUnjZ-ERpS4qeli39kriFEXpD9AcM1_TMgLcNz2OsLmpgXcai_ZW_Tx9DdhP0NqMs-cgixBFvDYkzzFTQ_UJGCQxnyRdTr7_9ydlYqL_34rHJ8VwclzjG6Krx2lccj-RXH_VpbLOM3MbZYqIn_NHM3lbxIYQUXMtXO901jJhAnMRhKAr62V8bQazHWAYep7v186tyPKOG8rzalItkJgGMQnxLFeDl60ZmDJZTh7J88V1HajyIo805z9ONHDC1VXGMrW2lc3_ZoNRRGcUtI6TFipdt0q5EoU3T20TNSJHNJj1ejqq-aFiIWzYfB84_q0hLQD6Dax9Ps2DkNn4V_2AC_cmT8Qi8J5O5RqYDPrxm2t7ioMfDcA9HDXR02kVUzV8aDUa66OohNNgPOLbigqajX90xtp1YuEaBabmL0eXyIppLwKCxt79_5wdaWxZUZ2Oce42KDv8GQ9WI2hG-gu6oczpS6ZKWgyAZzWVqb69ZJN0o31e1Hia0DQ_hQatnLQavoGFy1XqQBhlw6PJr0dlZxjANK76I1_XyVd3wNBS2IyWWYoEcqTIFHPNhXLXSBnKvVFo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://7zip-download.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:52:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 47214456 Show response
mc.yandex.com/webvisor/ 43 B
148 B 34ms
34ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/47214456?wmode=0&wv-part=1&wv-hit=187763525&page-url=https%3A%2F%2F7zip-download.ru%2F&rn=842831098&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1641826320%3Aw%3A1600x1200%3Av%3A722%3Az%3A0%3Ai%3A202201010145200%3Au%3A1641826318899493481%3Avf%3Aykcyjkqfph1z85b6in%3Awe%3A1%3Ast%3A1641826320&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://7zip-download.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:52:00 GMT
last-modified: Mon, 10-Jan-2022 14:52:00 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://7zip-download.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 10-Jan-2022 14:52:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 8D53 43 B
260 B 8ms
7ms Image
image/gif 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=3719689544&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-4UGDNwRTPmOps3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-hTUy9DU1NqKUTA%3D%3D&sc=1&os=1-mA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1005&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2F7zip-download.ru%2F&id=0&ii=3&f=1&j=https%3A%2F%2F7zip-download.ru&lp=https%3A%2F%2F7zip-download.ru&t=1641826318772&de=587938785939&cu=1641826318772&m=1660&ar=cc97a930ec1-clean&iw=b5a7f16&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=196&lg=1&lh=55&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A1343%3A87&aa=1&ad=1490&cn=1085&gn=1&gk=1119&gl=714&ik=1119&ic=1119&ez=1&co=1085&cp=1044&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1448&cd=1044&ah=1448&am=1044&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=27011009%3A4440622%3A325146501%3A164591496&bo=7zip-download.ru&bd=7zip-download.ru&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8364571&zMoatDBMCampID=15702624366&zMoatDBMIOID=25818120&zMoatDBMCreaID=400166658&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=6&jm=-1&tc=0&fs=195926&na=1064495174&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:52:00 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 10 Jan 2022 14:52:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 8D53 43 B
260 B 8ms
7ms Image
image/gif 23.218.209.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=3719689544&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-4UGDNwRTPmOps3zWES0UEhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-hTUy9DU1NqKUTA%3D%3D&sc=1&os=1-mA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1005&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=728&zGSRS=1&zGSRC=1&gu=https%3A%2F%2F7zip-download.ru%2F&id=0&ii=3&f=1&j=https%3A%2F%2F7zip-download.ru&lp=https%3A%2F%2F7zip-download.ru&t=1641826318772&de=587938785939&cu=1641826318772&m=1661&ar=cc97a930ec1-clean&iw=b5a7f16&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=196&lg=1&lh=55&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A1343%3A87&aa=1&ad=1490&cn=1490&gn=1&gk=1119&gl=1119&ik=1119&ic=1119&ez=1&co=1085&cp=1044&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1448&cd=1448&ah=1448&am=1448&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=27011009%3A4440622%3A325146501%3A164591496&bo=7zip-download.ru&bd=7zip-download.ru&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8364571&zMoatDBMCampID=15702624366&zMoatDBMIOID=25818120&zMoatDBMCreaID=400166658&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=6&jm=-1&tc=0&fs=195926&na=1625160635&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.154 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-154.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:52:00 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 10 Jan 2022 14:52:00 GMT

POST
H2 200 47214456 Show response
mc.yandex.com/webvisor/ 43 B
73 B 179ms
37ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/47214456?wmode=0&wv-part=1&wv-hit=187763525&page-url=https%3A%2F%2F7zip-download.ru%2F&rn=774576192&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1641826321%3Aw%3A1600x1200%3Av%3A722%3Az%3A0%3Ai%3A202201010145200%3Au%3A1641826318899493481%3Avf%3Aykcyjkqfph1z85b6in%3Awe%3A1%3Ast%3A1641826321&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://7zip-download.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:52:00 GMT
last-modified: Mon, 10-Jan-2022 14:52:00 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://7zip-download.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 10-Jan-2022 14:52:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3CD0 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuw8GgPFP4tTdjAXuLSbOZrp9dnh0K4lLTFsVGR64ebaWadgCp6lLxRtzmKwpHmEHAlk5z6VDCftSJcVuNL1MMh0mxSFXI56qN4j3yL3crJK6vWWhrbDA&sai=AMfl-YTpOMItQ16H0yTI8vPWC3zmBgLzIdQve8sMRgQBnkTbwm5mVsItzwk1FRPSL_95V3oEmtcyFMGUr9OC&sig=Cg0ArKJSzCpX83YDHRoLEAE&cid=CAASBORoYQQ&id=lidar2&mcvt=1004&p=0,0,90,728&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20220105&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641826318529&rpt=1288&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:52:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7BB9 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvP-OmmI9lguk2lhsgwAfpGD9QIx4FC1m-Wq5bklifkr_xox8H3Eny77fhI8pHEU3qI9iWDjOwTwhIijgL-jWSOMKGEv1f3DtEkbk9HhZhaiFBnBo1x4A&sai=AMfl-YTjCbVtbqVGRZn_T5ECroAjcsavDIP3KOs9v38GDNznAfQ_Jau68QgXArwODWea2ZpxfVWY8jBhp6DE&sig=Cg0ArKJSzIwZrzhVSPRyEAE&id=lidar2&mcvt=1001&p=0,0,280,670&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20220105&bin=7&avms=nio&bs=0,0&mc=0.81&if=1&app=0&itpl=22&adk=2843444959&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641826318153&rpt=1859&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:52:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame 8D53 43 B
253 B 10ms
10ms Image
image/gif 104.89.28.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1044&tet=2093&fi=1&apd=2252&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=7zip-download.ru&L1id=27011009&L2id=4440622&L3id=325146501&L4id=164591496&S1id=7zip-download.ru&S2id=7zip-download.ru&ord=1641826318772&r=587938785939&t=civ&os=1&fi2=0&div1=1&ait=0&zMoatADV=8364571&url=https%253A%252F%252F7zip-download.ru%252F&bedc=1&q=7&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.28.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-28-234.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 14:52:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 10 Jan 2022 14:52:01 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.7zip-download.ru/	1970-01-20 08:49:22	Name: _ym_uid Value: 1641826318899493481
.7zip-download.ru/	1970-01-20 08:49:22	Name: _ym_d Value: 1641826318
.mc.yandex.com/	1970-01-20 00:03:46	Name: sync_cookie_csrf Value: 2040601475fake
.7zip-download.ru/	1970-01-20 00:04:58	Name: _ym_isad Value: 2
.7zip-download.ru/	1970-01-20 09:25:22	Name: __gads Value: ID=d15340b6ffe2ebb6-22b3575719cd0062:T=1641826318:RT=1641826318:S=ALNI_Ma19g5MlMFKTXMbLBLVvJi-6FFUWA
.mc.yandex.ru/	1970-01-20 00:03:46	Name: sync_cookie_csrf Value: 2381463542fake
.yandex.com/	1970-01-20 08:49:22	Name: yandexuid Value: 5274549631641826318
.yandex.com/	1970-01-20 08:49:22	Name: yuidss Value: 5274549631641826318
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2568979291641826318
.yandex.com/	1970-01-23 15:39:46	Name: i Value: wev4gKZhWxxt1cSQIDP4kMd5Vv3SeqsuYxEYBkM8TlNq0+9ohXaX0AYXOfmXJixGYLJxXSeoOjtL0yO/53c5OV0Sxik=
.yandex.com/	1970-01-20 08:49:22	Name: ymex Value: 1673362318.yrts.1641826318#1673362318.yrtsi.1641826318
.7zip-download.ru/	1970-01-20 00:03:48	Name: _ym_visorc Value: w
.doubleclick.net/	1970-01-20 09:25:22	Name: IDE Value: AHWqTUnQEKRXTJFwpJijyUQkNrm6opDlrP1DPrxEl6g_J9ee_w6aYNRD2eKhfI9Ha8U
.adnxs.com/	1970-01-20 02:13:22	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$Md8#T)!]tbPl1M>e)ZlrFUfJ+tGXxpC[G>1)9%iP+aY3XlK%2#?QpfcVOlASOS-yl[%nugO%v4VB%nm)()i[m`
.adnxs.com/	1970-01-20 02:13:22	Name: uuid2 Value: 6912770964983542595
.casalemedia.com/	1970-01-20 02:13:22	Name: CMPS Value: 3240
.casalemedia.com/	1970-01-20 00:05:12	Name: CMST Value: YdxIDmHcSA4A
.casalemedia.com/	1970-01-20 08:49:22	Name: CMID Value: YdxIDlKzW.i20epsG8XGggAA
.casalemedia.com/	1970-01-20 02:13:22	Name: CMPRO Value: 1124
.casalemedia.com/	1970-01-20 08:49:22	Name: CMRUM3 Value: 2d61dc480e2760CAESEIomuTc7TYowIQvjFS_H8EI
.doubleclick.net/	1970-01-20 00:03:49	Name: DSID Value: NO_DATA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9514.8AAcZYvMT42JI_dzzwU9s-0S_tKkyuhGDTQqIX-aVVP4SKZy4455ciN2X3riHh2MsgfLy2SEnRccOqI4D78R9A%2C%2C.lAuwYpQZio4nDSYKzXOdeOofGyM%2C Message: Failed to load resource: the server responded with a status of 400 ()
javascript	warning	(Line 2) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7zip-download.ru
adservice.google.com
adservice.google.fr
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
geo.moatads.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
havasfrorangedcmdisplay758646212611.s.moatpixel.com
ib.adnxs.com
mb.moatads.com
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
px.moatads.com
s0.2mdn.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
z.moatads.com
104.89.28.234
142.250.181.66
142.250.184.194
142.250.185.162
184.87.213.8
185.33.221.53
23.218.209.154
2606:4700:3034::6815:1f7c
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2004
2a00:1450:4001:810::2006
2a00:1450:4001:811::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:831::2002
2a00:1450:4019:80c::2002
2a02:6b8::1:119
3.11.43.80
34.252.133.182
058dd7d3ba6dc0d575b24bc6d6a68528dd1c84c1135977eecf852d5bfa9a8a29
08b8255422afa13ce685519306af309d8aee480a02e090034c587050f2e564d9
095cf251ca712c118a0498cfcf34e24679cfb126251a02ebc0f1e78393530281
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d35f0c428f99e330c502a0e288801a82542e203ee0e7713469a7cd53ed73419
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1203fb47ba427097a11eb6ea862a41d292939039ff5db170ff4cfad7fd7cb464
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1354e5639ca082d871688aa03044c6b32e25d49b53a76e83cdf46d704e9049fa
15e5a0418e165576861190e63d63dd59eeb0e4236752f7a5e23d493b993c8d78
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1aab7955e72249e78f1582ae79f402aa6c698a5ee9937b36aeabf7759aff3d9b
216b2022affac8251f5efa01bdf8948535349dd23662d3c5bc2097734153ec75
26570e7d49a36ba5c75a57fa2c8717842463f88a6da1d5006530ac51521a7dad
2d03f5a4be41744fc36104d13b1b443e7c4331365df7ac9a7b74eb632ce23256
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2d3f7f1d4f112bf0cc6c4f4d8d412a05c2b8e458bf9a476824283f07da88a05c
2fe52468910c3a22a935a54948a9b17f34519006d27a9e7d8ebf82eedea8e30a
35547778d9b76548dc16aa8c83b6ffcbb1ff83ce91a61825fb98b448792ecd7a
369c0058506179f015ac37935be591df1a512f725cd831ec60618962fa5be0c9
36a4d900942c9d877617c4a7d2bd19c56b6b314ed58c55a7168f88029b37feaa
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
3c995ea84b89ee0c781907b8f71bc0183069d75ea82bee4541434babc3ee2886
3fee01f3e9d155f05d62314ec997fdae9c387e3a1826bc3bc86f2312bf67ac44
462c1a761f13fb8b93a74ee42539571a3273015f8e9972920787befa55864e8d
48ec8095112c5ec438e5fd5ab05b39d6d52d3655a5a8a19cd203c7d01f942b82
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53ca65239148b774a49b98097beec080bda97f7f33627437159c14fc47f784ef
53f1e45a2f375ee150765d8a5984498397963021b804048dd410c438c974444f
53feb655126cecdec28ea0453f4a4bc733a24cc14ed91aa14a80b5fafc923102
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57fd412bc2d3d76b4f01754177d556d3bc7cfba2302c87742b01dd8de9863078
58f042bdf1d7e50cc406e981b897f0e522f1010eeb6223d017cf9fd5db2a4da5
5f0793781035c16754b84b7a447ff1ac3d72f42a2378385cb63fb2b5e1215450
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511
6802f4cac1a5cefa47cba0f67166f037d2e5bc916617b0bf33a0c35595f58982
713210f484c7c50c29df1c6daf5f12adf59ee52a42e76f83d9067047c04147fb
73271f83e0d89e09da51434a964dde15ced7b91331f3b96357eb05ee81a85567
7363c6f215a3618a270f07722e945843fe7ef7afa844d56c8f5ed232369851e7
758f5bfc0096913527454e997e5e532bb648017fdf92674ceaf5ce4d7f584414
75e85ad2c1a5c4622224ae5f3e98fba945b105c206d4df6f7ee907920a71c7a9
76c0df7333db860371ba5c2266c78d240c1b9ae0a859cc891786a561d6408454
77aeb010cc91bfa11147b15dd6ba3405aa1185cd19b64c8bb2ba016834b72917
7b5ca7ec24938778b16cda1588fade6ef9506bc20688c9228a4a9976ca9bddbb
7dd8628b76c6beda76cf46db9ac1e54437ac90edc487c7f8e08b0c1f716656ac
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8429e728bd94d2414dbaa7c9b070c87512f53295f89c170e1b164fb07106bf41
876d9183a839e9ebec71a862e9edc1411aab76023c07b48068777775a0f1736e
88b82a65ad8970dca788e91d5902b7b18d29633219b2c8f58faf661b5efd0ef5
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
933a12e2d0e7c28ee656a41e6611fed291116349b5049ac88943deb4d65ae0fa
993b3b673281f17a87c02ea92e2adf679bf6fe911c4eeb2383cf2a4727a5619f
9c3aafd8e11e796ef6f1fe69ebde7ea936499dc5dc6bc5c7f095ce6b75de5aa8
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0150244654e985efc399fad2086eca9ecef55a1f5f31fa623d42e609847ce38
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a2ba3148743af8ab63eb48e7c7b13a6d960ca5fe228912c980de46ff14edca18
a47d7d32fa816a2dc32057be6fbf9c819ab296f47cfbd47b47bb288d246f934a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5c2de329272a1468634c991e59589975c3439a0c80494a5624a21845f9ee31c
a72192b63d786df3ec7a0ea2e2fc79e996aefc5daa49ae0035696a63678643ce
ac3356110bd9dee831744e7ba4baee7122d35f5d0de085690f676c2369292d55
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b91cb5abae1ac27cf23c937e3567fec2c7118776828980ed0ca1b9122733bc84
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bf4e7ce8d3ef72d0c1df0b845ff9e3f7cfaa38c44de222afb3a31c6a2060075d
c1fbc2f69d2ef93d1cc600791d371d2d98ce337f87d97f4e87ea192501eb56ff
cb57947075f351dca867829f8dbd9fdf2933732d56aade04a1a7ef074ca33d69
cdf672d205467804f9feca068dcebf299473b1dc54ad850b71583f6230ea9137
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2e9850adf749115ffae1cb5c4f9b2f3175fee912f410dcb5c6ec9a2cc340136
d4e141685c35f42bc6c6191d47d6bb012044e1e7d3205bf7298e2bb23e9b879e
d7048c6a4a92c632e6e6730e4dc86341cde26fe9eba466c9cf2a7f675de1605f
d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
e8cc34c6ccbed8bc9258a121e454c578633ec09c40c89ec221dec7dbb449c09f
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
ed4260905a768b9df58ceabf274fc291515d0b24483dcace755cf5ebeb93dcc7
ee143c148306e3f3eebfe0307833c12892751a76d085af237bddba60cabdab65
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff14f230cc98b79a19ee495997b64aaec40e080c1455b32407aeb5e72dfdcd3
f4d9e7057fcc6b63f48fd28bffe95c3eadb26a098497218db1ece1177f2e508c
f974e8d6e570fde2dd07cee4041a1b83dc62b583b47a817c2caa29ada0f1c7e5
faf539253910399c83e8c0ca96e95ef91e8031bedf0d2fce8766b7584273d736
fdcd09ebfd3b882fbdc69d48d957160020b6533005f09492d7956949e1e5e805
fe02e1d3b8ee9bda28a1868227e2a876700e7cb9281482d4982c6577870c6473

7zip-download.ru Open in urlscan Pro 2606:4700:3034::6815:1f7c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

143 Requests

93 %HTTPS

59 %IPv6

16 Domains

24 Subdomains

23 IPs

7 Countries

1446 kBTransfer

3333 kBSize

21 Cookies

5 Outgoing links

Redirected requests

143 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

7zip-download.ru Open in urlscan Pro
2606:4700:3034::6815:1f7c Public Scan

Screenshot
Live screenshot

Full Image

143
Requests

93 %
HTTPS

59 %
IPv6

16
Domains

24
Subdomains

23
IPs

7
Countries

1446 kB
Transfer

3333 kB
Size

21
Cookies

143 HTTP transactions
6 data transactions