urlscan.io logo urlscan.io
SecurityTrails logo

standoff-2.ru.uptodown.com Open in urlscan Pro
104.90.137.209  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://dw4.uptodown.com/dwn/CXd6q8y4o0cyDMe9p3CrEmaUUDoAOhmCcCmPPdOkFxZPuQRjPZWCxskXnycMukcs8LHGwZrq_M1NQaRMwwtzwazqACxO...
Effective URL: https://standoff-2.ru.uptodown.com/android
Submission: On February 04 via manual from IN — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 4 countries across 16 domains to perform 96 HTTP transactions. The main IP is 104.90.137.209, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is standoff-2.ru.uptodown.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 14th 2021. Valid for: a year.
This is the only time standoff-2.ru.uptodown.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    145.239.67.125 (France)

ASN16276 (OVH, FR)
PTR: dw4.uptodown.com
dw4.uptodown.com
23    104.90.137.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-137-209.deploy.static.akamaitechnologies.com
standoff-2.ru.uptodown.com
img.utdstc.com
stc.utdstc.com
4    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
9    2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    2606:4700:20::681a:478 (United States)

ASN13335 (CLOUDFLARENET, US)
ssm.codes
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
9    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com
1    2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
3    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
16    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.fr
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
Apex Domain
Subdomains		 Transfer
25 googlesyndication.com
6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
97 KB
22 utdstc.com
img.utdstc.com — Cisco Umbrella Rank: 91242
stc.utdstc.com — Cisco Umbrella Rank: 100461
178 KB
11 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
175 KB
9 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 324
216 KB
9 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 496
167 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 80
www.google.com — Cisco Umbrella Rank: 13
2 KB
4 gstatic.com
fonts.gstatic.com
101 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
75 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
98 KB
2 uptodown.com
dw4.uptodown.com
standoff-2.ru.uptodown.com
16 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
1 KB
1 google.fr
www.google.fr — Cisco Umbrella Rank: 12911
501 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 743
373 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8028
792 B
1 ssm.codes
ssm.codes — Cisco Umbrella Rank: 39108
55 KB
96 16
Domain Requested by
16 tpc.googlesyndication.com securepubads.g.doubleclick.net
standoff-2.ru.uptodown.com
6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com
tpc.googlesyndication.com
12 stc.utdstc.com standoff-2.ru.uptodown.com
10 img.utdstc.com standoff-2.ru.uptodown.com
6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com
9 cdn.ampproject.org ssm.codes
securepubads.g.doubleclick.net
9 cdn.cookielaw.org standoff-2.ru.uptodown.com
cdn.cookielaw.org
8 securepubads.g.doubleclick.net ssm.codes
securepubads.g.doubleclick.net
standoff-2.ru.uptodown.com
6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com
www.googletagservices.com
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
4 fonts.gstatic.com standoff-2.ru.uptodown.com
fonts.googleapis.com
3 www.google.com 1 redirects tpc.googlesyndication.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 googleads.g.doubleclick.net 6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com
2 www.googletagservices.com 6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com
2 www.googletagmanager.com standoff-2.ru.uptodown.com
www.googletagmanager.com
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 www.google.fr
1 stats.g.doubleclick.net www.google-analytics.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 ssm.codes standoff-2.ru.uptodown.com
1 standoff-2.ru.uptodown.com
1 dw4.uptodown.com 1 redirects
96 23
Subject Issuer Validity Valid
uptodown.com
DigiCert SHA2 Secure Server CA		 2021-09-14 -
2022-09-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-19 -
2022-06-18		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://standoff-2.ru.uptodown.com/android
Frame ID: 831EB0894B4420CCCFEC9E439B913982
Requests: 57 HTTP requests in this frame

Frame: https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 58FBC242C1BF56D711C4AE1C55DD52A9
Requests: 1 HTTP requests in this frame

Frame: https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 99E9CDE1B432B1A12B05D71516393BB4
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/520356270634422266/index.html
Frame ID: B72FF5DC27D8F9ABA8FBB98F94DA700B
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1B9F00CFAE115307C0F621F65FA4EDC2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 06E348E75C701F986E56E758833AA204
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9A201A6D8B0FDBDDB58E3C257640F7A0
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Frame ID: C73D4B0841E37A3EB5BC67A565F26315
Requests: 14 HTTP requests in this frame

Frame: https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 43E270286B9E136EFFBA3AA0715849F2
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Standoff 2 для Android - Скачайте APK с UptodownBack ButtonFilter Button

Page URL History Show full URLs

  1. https://dw4.uptodown.com/dwn/CXd6q8y4o0cyDMe9p3CrEmaUUDoAOhmCcCmPPdOkFxZPuQRjPZWCxskXnycMukcs8LHGwZrq... HTTP 302
    https://standoff-2.ru.uptodown.com/android Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

96
Requests

100 %
HTTPS

86 %
IPv6

16
Domains

23
Subdomains

21
IPs

4
Countries

1201 kB
Transfer

3582 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dw4.uptodown.com/dwn/CXd6q8y4o0cyDMe9p3CrEmaUUDoAOhmCcCmPPdOkFxZPuQRjPZWCxskXnycMukcs8LHGwZrq_M1NQaRMwwtzwazqACxOnPRQeeR9RajbVAdjs41viwL1pMdaV2oyr8Mk/3CsvYjQmyaW1F8OOSIzox0FF19opduUgDqpbzrWzgPZXahD3HPmf8wJ8ANqGDV5LYKcaWdFDHo3sj-xmUYNSL2hI9_b14XVIHqCrhcSEqZQUuTz49lA23GxnrzDNmaak/w6UB54a2EGiKMVi2iJCc7FvMKm5wOOMc0zsSsG1UXiZOP0CnqhVFLjNl4U4ipqJ3YTvTKtUfNzOB8IgRwonTHg==/standoff-2-0-18-1.xapk HTTP 302
    https://standoff-2.ru.uptodown.com/android Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

96 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request android
standoff-2.ru.uptodown.com/
Redirect Chain
  • https://dw4.uptodown.com/dwn/CXd6q8y4o0cyDMe9p3CrEmaUUDoAOhmCcCmPPdOkFxZPuQRjPZWCxskXnycMukcs8LHGwZrq_M1NQaRMwwtzwazqACxOnPRQeeR9RajbVAdjs41viwL1pMdaV2oyr8Mk/3CsvYjQmyaW1F8OOSIzox0FF19opduUgDqpbzrW...
  • https://standoff-2.ru.uptodown.com/android
82 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8edcb340abe8069cfc97ef5ff442537ce2691872b003798f8869472e87f88b4d
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

server
nginx
content-type
text/html;charset=UTF-8
strict-transport-security
max-age=16000000; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
content-encoding
gzip
cache-control
private, max-age=60
expires
Fri, 04 Feb 2022 08:57:40 GMT
date
Fri, 04 Feb 2022 08:56:40 GMT
content-length
15604
vary
Accept-Encoding

Redirect headers

server
nginx
date
Fri, 04 Feb 2022 08:56:40 GMT
content-type
text/html; charset=UTF-8
location
https://standoff-2.ru.uptodown.com/android
cache-control
no-cache, must-revalidate, max-age=0
379716f6b0af3b2c4b7fab6e75a4902e9db6dd5a455e388aa63369ead53a3298:200
img.utdstc.com/icon/379/716/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/icon/379/716/379716f6b0af3b2c4b7fab6e75a4902e9db6dd5a455e388aa63369ead53a3298:200
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
a78b1acb597ed68b5a0cff8852f9365b5acc458e134d83b6fda4b8f829d227cd
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 07 Dec 2021 07:18:57 GMT
server
nginx/1.14.2
etag
"61af0ae1-2982"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
private, max-age=8653
date
Fri, 04 Feb 2022 08:56:40 GMT
content-security-policy
default-src 'self'
accept-ranges
bytes
vary
Accept
content-length
10626
x-xss-protection
1; mode=block
expires
Fri, 04 Feb 2022 11:20:53 GMT
BngMUXZYTXPIvIBgJJSb6ufJ5qWr4xCCQ_k.woff2
fonts.gstatic.com/s/robotoslab/v16/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufJ5qWr4xCCQ_k.woff2
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d354a7f5b1102a2b479c16c639657aeea187f93973782775a6048fd2fb23a23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 20:02:47 GMT
x-content-type-options
nosniff
age
219233
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20724
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 18:18:34 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 20:02:47 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 04 Feb 2022 08:56:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
dMq6iJthjOyg56NOUFVpHQ==
age
7253
vary
Accept-Encoding
content-length
6508
x-ms-lease-status
unlocked
last-modified
Thu, 03 Feb 2022 03:33:29 GMT
server
cloudflare
etag
0x8D9E6C5F2678BEA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f241b5e8-501e-00a0-6bc2-181780000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d82afe79da33312-CDG
expires
Fri, 04 Feb 2022 12:56:40 GMT
uptodown.js
ssm.codes/smart-tag/ 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssm.codes/smart-tag/uptodown.js
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:478 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95fba311704b69ca7f5c9336fd3fec1d9e6800fc999c230326696497118c915d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 08:56:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
166
cf-polished
origSize=205455
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 02 Feb 2022 17:56:33 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rGl912RhE536fd7PoOmCxWC0a4CYh6iT48jz9rtwUJS6xBfmEPPgna30EwX68fLm5MLJ5JqEqqEZdH7vSKJIfe2hI1PQ0iLZnW2LHc8J%2BoTyaYee2U9X8v%2BRZTyOqNUnSP%2BxlCUflg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600
cf-ray
6d82afe6fc190877-CDG
cf-bgj
minify
vendor.css
stc.utdstc.com/1643908411468/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stc.utdstc.com/1643908411468/vendor.css
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
8d42b52d0ee5987a43c5763d7e433557ca6ac4c43a23445be5f9769762b8566b
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
etag
W/"61fc0e0f-12e6"
x-cache-status
MISS
content-length
1677
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 03 Feb 2022 17:17:03 GMT
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
date
Fri, 04 Feb 2022 08:56:40 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=15552000, public
content-security-policy
default-src 'self'
expires
Tue, 02 Aug 2022 17:39:29 GMT
detail.css
stc.utdstc.com/1643908411468/ 		39 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stc.utdstc.com/1643908411468/detail.css
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
68ec52c8ed5afc0227465d086630b9929b482909c70a40d0cb6ae45ac760746f
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
etag
W/"61fc0e0f-9ca4"
x-cache-status
MISS
content-length
6429
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 03 Feb 2022 17:17:03 GMT
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
date
Fri, 04 Feb 2022 08:56:40 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=15552000, public
content-security-policy
default-src 'self'
expires
Tue, 02 Aug 2022 17:39:29 GMT
vendor-ru.js
stc.utdstc.com/1643908411468/ 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stc.utdstc.com/1643908411468/vendor-ru.js
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
f804374205f0854ac486f90207fdc4f9f71b1480702ee21f0c70d8eae8a715f2
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
etag
W/"61fc0e0f-12eb1"
x-cache-status
MISS
content-length
25300
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 03 Feb 2022 17:17:03 GMT
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
date
Fri, 04 Feb 2022 08:56:40 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=15552000, public
content-security-policy
default-src 'self'
accept-ranges
bytes
expires
Tue, 02 Aug 2022 17:39:43 GMT
detail-ru.js
stc.utdstc.com/1643908411468/ 		62 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stc.utdstc.com/1643908411468/detail-ru.js
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
227f2598b22ebfef47701ad6ede03a9844d74cdc1b2ae9d5710f7a65338c813e
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
etag
W/"61fc0e0f-f7d0"
x-cache-status
MISS
content-length
13000
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 03 Feb 2022 17:17:03 GMT
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
date
Fri, 04 Feb 2022 08:56:40 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=15552000, public
content-security-policy
default-src 'self'
accept-ranges
bytes
expires
Tue, 02 Aug 2022 17:40:11 GMT
header-btn-menu.svg
stc.utdstc.com/img/ 		329 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stc.utdstc.com/img/header-btn-menu.svg
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
edf9aaeb4b02399681f93612ffecac6f2347009bffd52fb5eab056939c2399aa
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
etag
W/"6183e0e7-149"
x-cache-status
MISS
content-length
190
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 04 Nov 2021 13:32:23 GMT
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
date
Fri, 04 Feb 2022 08:56:40 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=15552000, public
content-security-policy
default-src 'self'
expires
Fri, 13 May 2022 09:05:25 GMT
logo.svg
stc.utdstc.com/img/ 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stc.utdstc.com/img/logo.svg
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
9d72f0312a1466baa268cc0ded170291c5037335cf124f840e4397dbfa850cc4
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
etag
W/"5f6867d7-fce"
x-cache-status
MISS
content-length
918
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 21 Sep 2020 08:44:07 GMT
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
date
Fri, 04 Feb 2022 08:56:40 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=15552000, public
content-security-policy
default-src 'self'
expires
Sun, 22 May 2022 09:36:49 GMT
header-btn-search.svg
stc.utdstc.com/img/ 		582 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stc.utdstc.com/img/header-btn-search.svg
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
3905e01fb4ee5610d7a1076f1c7794f9e41aa81a8d77d915cabeeaaf4fea3cc7
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
etag
W/"6183e0ff-246"
x-cache-status
MISS
content-length
319
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 04 Nov 2021 13:32:47 GMT
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
date
Fri, 04 Feb 2022 08:56:41 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=15552000, public
content-security-policy
default-src 'self'
expires
Fri, 13 May 2022 09:05:25 GMT
icon-star.svg
stc.utdstc.com/img/ 		506 B
682 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stc.utdstc.com/img/icon-star.svg
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
086082e9c25f074ab48a40655ad9c881dd4f90f10b94b69a3167ad0494932639
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
etag
W/"6184fac6-1fa"
x-cache-status
MISS
content-length
305
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Nov 2021 09:35:02 GMT
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
date
Fri, 04 Feb 2022 08:56:41 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=15552000, public
content-security-policy
default-src 'self'
expires
Sun, 22 May 2022 09:36:49 GMT
icon-comment.svg
stc.utdstc.com/img/ 		209 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stc.utdstc.com/img/icon-comment.svg
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
1392ed173851ca4cc26834f1b2556167e66620fb81c9dcd222af1bd02f390fe8
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
etag
W/"6184fad8-d1"
x-cache-status
MISS
content-length
169
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Nov 2021 09:35:20 GMT
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
date
Fri, 04 Feb 2022 08:56:41 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=15552000, public
content-security-policy
default-src 'self'
expires
Sun, 22 May 2022 09:36:49 GMT
icon-download.svg
stc.utdstc.com/img/ 		541 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stc.utdstc.com/img/icon-download.svg
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
c01524a3a9835d934fc9546e82fb2f72eb70ca3528328b537280f8d4d287a12d
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
etag
W/"6184fae5-21d"
x-cache-status
MISS
content-length
326
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Nov 2021 09:35:33 GMT
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
date
Fri, 04 Feb 2022 08:56:41 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=15552000, public
content-security-policy
default-src 'self'
expires
Sun, 22 May 2022 09:36:49 GMT
icon-shield.svg
stc.utdstc.com/img/ 		638 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stc.utdstc.com/img/icon-shield.svg
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
2c587010af5ec749079fd5a4d6c00d525c66f92da8e877f8ce89a05b4a0d7eeb
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
etag
W/"6184faf3-27e"
x-cache-status
MISS
content-length
365
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Nov 2021 09:35:47 GMT
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
date
Fri, 04 Feb 2022 08:56:41 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=15552000, public
content-security-policy
default-src 'self'
expires
Fri, 13 May 2022 09:05:25 GMT
js
www.googletagmanager.com/gtag/ 		92 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-313498-1
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e85ceeddc50b1322c08edb56e85fe82e922b33f5501a834c863f1f870946bba4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 08:56:41 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36989
x-xss-protection
0
expires
Fri, 04 Feb 2022 08:56:41 GMT
pubads_impl_2022020201.js
securepubads.g.doubleclick.net/gpt/ 		351 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020201.js
Requested by
Host: ssm.codes
URL: https://ssm.codes/smart-tag/uptodown.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
20ab3f5e0bcc3de5425a796cee46b47880f940263127ec918e773a047971316d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://standoff-2.ru.uptodown.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 02 Feb 2022 11:30:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163564
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122075
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 09:34:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 02 Feb 2023 11:30:36 GMT
v0.js
cdn.ampproject.org/ 		273 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: ssm.codes
URL: https://ssm.codes/smart-tag/uptodown.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abf66c29b32b2d1ec026140f3cc72b7cfffd86396abbe306b16fdf350e032fad
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71894
x-xss-protection
0
server
sffe
date
Fri, 04 Feb 2022 08:56:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"8bd4bb494fcd9a77"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 04 Feb 2022 08:56:41 GMT
amp-fx-flying-carpet-0.1.js
cdn.ampproject.org/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-fx-flying-carpet-0.1.js
Requested by
Host: ssm.codes
URL: https://ssm.codes/smart-tag/uptodown.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db565c7372c014bb708268e5f741b827d8f083af54fc09b8afb58703a09f463a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2750
x-xss-protection
0
server
sffe
date
Fri, 04 Feb 2022 08:56:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"056bfcf14f69d3c6"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 04 Feb 2022 08:56:41 GMT
amp-ad-0.1.js
cdn.ampproject.org/v0/ 		78 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-ad-0.1.js
Requested by
Host: ssm.codes
URL: https://ssm.codes/smart-tag/uptodown.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d7dd2bd5eaac02dc7527e36be4d53cd2e43cce63d6a3b4cb96efd4b1ead1b6e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21986
x-xss-protection
0
server
sffe
date
Fri, 04 Feb 2022 08:56:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"b56685f33d30428c"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 04 Feb 2022 08:56:41 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/v0/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js
Requested by
Host: ssm.codes
URL: https://ssm.codes/smart-tag/uptodown.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b548551eca0e4d7efc7e9f8aff5a214df175bc78d4f6de5f169e044a7c30ff3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10272
x-xss-protection
0
server
sffe
date
Fri, 04 Feb 2022 08:56:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"3d972da8868fab70"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 04 Feb 2022 08:56:41 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
fonts.gstatic.com/s/robotoslab/v16/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
282da86e1071d060a343341b75391a036a23e28adfc93e879fae9775e45bfd7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://standoff-2.ru.uptodown.com/
Origin
https://standoff-2.ru.uptodown.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 17:46:34 GMT
x-content-type-options
nosniff
age
227407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32784
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 18:11:38 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 17:46:34 GMT
BngMUXZYTXPIvIBgJJSb6ufJ5qWr4xCCQ_k.woff2
fonts.gstatic.com/s/robotoslab/v16/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufJ5qWr4xCCQ_k.woff2
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d354a7f5b1102a2b479c16c639657aeea187f93973782775a6048fd2fb23a23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://standoff-2.ru.uptodown.com/
Origin
https://standoff-2.ru.uptodown.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 20:02:47 GMT
x-content-type-options
nosniff
age
219234
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20724
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 18:18:34 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 20:02:47 GMT
fe8404ab-f4df-40dd-b535-5d69e11408c8.json
cdn.cookielaw.org/consent/fe8404ab-f4df-40dd-b535-5d69e11408c8/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/fe8404ab-f4df-40dd-b535-5d69e11408c8/fe8404ab-f4df-40dd-b535-5d69e11408c8.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b643d5ebc5e58fba3d24cbf62e8bfd4ab3f47a9f344e5c7059d9691c9395cc70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 04 Feb 2022 08:56:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
rww2rs18Aetsty0ET9+h2A==
age
12451
vary
Accept-Encoding
content-length
1884
x-ms-lease-status
unlocked
last-modified
Fri, 17 Dec 2021 07:28:18 GMT
server
cloudflare
etag
0x8D9C12ECC075364
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5f264c7f-f01e-0043-29c7-11f20f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d82afe8fd0939db-CDG
expires
Fri, 04 Feb 2022 12:56:41 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=standoff-2.ru.uptodown.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 04 Feb 2022 08:56:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=standoff-2.ru.uptodown.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 04 Feb 2022 08:56:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
menu-android.svg
stc.utdstc.com/img/ 		1 KB
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stc.utdstc.com/img/menu-android.svg
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
612b39042629b8942e046dbe26168e15e1012ccf8d403c1f49abc757dec3fee5
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-encoding
gzip
etag
W/"6183e121-53f"
x-cache-status
MISS
content-length
529
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 04 Nov 2021 13:33:21 GMT
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
date
Fri, 04 Feb 2022 08:56:41 GMT
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=15552000, public
content-security-policy
default-src 'self'
expires
Fri, 13 May 2022 09:05:25 GMT
b0BIcnzp6jU.jpg
img.utdstc.com/videos/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/videos/b0BIcnzp6jU.jpg
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
403527fc33bc524c8d9e39115d0728c9e895fc91c7edf8c8bcf631dd24d99e43
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
server
nginx/1.14.2
date
Fri, 04 Feb 2022 08:56:41 GMT
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
private, max-age=9104869
content-security-policy
default-src 'self'
vary
Accept
content-length
18398
x-xss-protection
1; mode=block
expires
Fri, 20 May 2022 18:04:30 GMT
OlANAXahNDo.jpg
img.utdstc.com/videos/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/videos/OlANAXahNDo.jpg
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
f22e3215bb72d8a8112c9478f01eb6612fa5723ca556c5127e387cba5e7e790e
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
server
nginx/1.14.2
date
Fri, 04 Feb 2022 08:56:41 GMT
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
private, max-age=9104921
content-security-policy
default-src 'self'
vary
Accept
content-length
16560
x-xss-protection
1; mode=block
expires
Fri, 20 May 2022 18:05:22 GMT
97834724d7b7ee0c191c3ce4a0a16e6a322adfd5920cae38bc72587fb1004b13:200
img.utdstc.com/screen/978/347/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/screen/978/347/97834724d7b7ee0c191c3ce4a0a16e6a322adfd5920cae38bc72587fb1004b13:200
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
4d41e5dad5d4f654541feec74f656bad6c842c34204f3567cd2003099ed9196d
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 19 Apr 2021 16:34:56 GMT
server
nginx/1.14.2
etag
"607db130-347e"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
private, max-age=12138
date
Fri, 04 Feb 2022 08:56:41 GMT
content-security-policy
default-src 'self'
accept-ranges
bytes
vary
Accept
content-length
13438
x-xss-protection
1; mode=block
expires
Fri, 04 Feb 2022 12:18:59 GMT
9af0c65c7a3546dfc6ccde4c2e749ea138b48e0e40d7e8b47b651068ce48b497:200
img.utdstc.com/screen/9af/0c6/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/screen/9af/0c6/9af0c65c7a3546dfc6ccde4c2e749ea138b48e0e40d7e8b47b651068ce48b497:200
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
563f57a7401016846d1378cb12e2cfaa3e168d4ffa959ff282edd03d8d9f61b4
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 19 Apr 2021 16:59:17 GMT
server
nginx/1.14.2
etag
"607db6e5-3116"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
private, max-age=3044
date
Fri, 04 Feb 2022 08:56:41 GMT
content-security-policy
default-src 'self'
accept-ranges
bytes
vary
Accept
content-length
12566
x-xss-protection
1; mode=block
expires
Fri, 04 Feb 2022 09:47:25 GMT
9dab23407157cfbb795f9619c7d836083cf49271197ce5e8f461261ec21563a1:200
img.utdstc.com/screen/9da/b23/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/screen/9da/b23/9dab23407157cfbb795f9619c7d836083cf49271197ce5e8f461261ec21563a1:200
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
72a41c55d6666b76cef61cff72cd0bd9bb4bf4d54729d0906db250cf59a506fe
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 19 Apr 2021 16:42:47 GMT
server
nginx/1.14.2
etag
"607db307-3ad4"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
private, max-age=3082
date
Fri, 04 Feb 2022 08:56:41 GMT
content-security-policy
default-src 'self'
accept-ranges
bytes
vary
Accept
content-length
15060
x-xss-protection
1; mode=block
expires
Fri, 04 Feb 2022 09:48:03 GMT
f07ca4a47d2bbf1c60ad7a13264b21d16f3f0df316eb09c515eeb64cb4e97fbf:200
img.utdstc.com/screen/f07/ca4/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/screen/f07/ca4/f07ca4a47d2bbf1c60ad7a13264b21d16f3f0df316eb09c515eeb64cb4e97fbf:200
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
72f29fb214833cd75513830d1659e1d6b917073dacbd13903293cc6ddf6903c7
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 19 Apr 2021 19:43:08 GMT
server
nginx/1.14.2
etag
"607ddd4c-1ebe"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
private, max-age=3062
date
Fri, 04 Feb 2022 08:56:41 GMT
content-security-policy
default-src 'self'
accept-ranges
bytes
vary
Accept
content-length
7870
x-xss-protection
1; mode=block
expires
Fri, 04 Feb 2022 09:47:43 GMT
d10e880026645aff8a0c6b685e5bf123e5a9d4f283d182619746efb4d5a338ce:200
img.utdstc.com/screen/d10/e88/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/screen/d10/e88/d10e880026645aff8a0c6b685e5bf123e5a9d4f283d182619746efb4d5a338ce:200
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
40e070c3a04e9d6920f79672e52f410396fe31bbd3e9f49e74d5950910e3a7ac
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 19 Apr 2021 18:05:54 GMT
server
nginx/1.14.2
etag
"607dc682-2d00"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
private, max-age=2980
date
Fri, 04 Feb 2022 08:56:41 GMT
content-security-policy
default-src 'self'
accept-ranges
bytes
vary
Accept
content-length
11520
x-xss-protection
1; mode=block
expires
Fri, 04 Feb 2022 09:46:21 GMT
738fad80694726c17f0294385debc996461b948e47fc5380a88bc8e1d8639dba:200
img.utdstc.com/screen/738/fad/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/screen/738/fad/738fad80694726c17f0294385debc996461b948e47fc5380a88bc8e1d8639dba:200
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
41ddcc983bcfd66a21aebfa85f5a27da8de8d5d5f6287e9108c31c7a1bebc2cd
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 19 Apr 2021 16:10:31 GMT
server
nginx/1.14.2
etag
"607dab77-24f2"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
private, max-age=2972
date
Fri, 04 Feb 2022 08:56:41 GMT
content-security-policy
default-src 'self'
accept-ranges
bytes
vary
Accept
content-length
9458
x-xss-protection
1; mode=block
expires
Fri, 04 Feb 2022 09:46:13 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3772679972597111&correlator=4454310794850509&output=ldjh&impl=fifs&eid=21065724%2C31062931&vrg=2022020201&ptt=17&sc=1&sfv=1-0-38&ecs=20220204&iu_parts=1060150%2CLeaderboard_App_Info&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C468x60%7C980x250%7C980x90&fluid=height&cust_params=ssmasdomain%3Dstandoff-2.ru.uptodown.com%26ssmasin%3D1%26ssmashour%3D8&cookie_enabled=1&bc=31&abxe=1&dt=1643965001155&lmt=1643965001&dlt=1643965000716&idt=307&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=340&adks=3987757971&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fstandoff-2.ru.uptodown.com%2Fandroid&vis=1&stss=1&scr_x=0&scr_y=0&psz=970x15&msz=970x0&ga_vid=654583131.1643965001&ga_sid=1643965001&ga_hid=1467130634&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
65d6d71e8ab9efe3fbf717817a06747918a0546678b6f9060d73475ee2de2048
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 08:56:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9309
x-xss-protection
0
google-lineitem-id
5536508575
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138330785659
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://standoff-2.ru.uptodown.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 58FB 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 04 Feb 2022 08:56:41 GMT
expires
Sat, 04 Feb 2023 08:56:41 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		163 B
373 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f39a9aae1a3970b1087e2dd27728d22fa2aa750c0743e548ccfcfbf36e72097f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 08:56:41 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6d82afe9adff39a5-CDG
ads
securepubads.g.doubleclick.net/gampad/ 		55 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3772679972597111&correlator=4454310794850509&output=ldjh&impl=fifs&eid=21065724%2C31062931&vrg=2022020201&ptt=17&sc=1&sfv=1-0-38&ecs=20220204&iu_parts=1060150%2CMPU_content_2_App_Info&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C468x60%7C336x280%7C300x250%7C980x250&fluid=height&cust_params=ssmasdomain%3Dstandoff-2.ru.uptodown.com%26ssmasin%3D1%26ssmashour%3D8&cookie_enabled=1&bc=31&abxe=1&dt=1643965001177&lmt=1643965001&dlt=1643965000716&idt=307&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=1549&adks=3340696288&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fstandoff-2.ru.uptodown.com%2Fandroid&vis=1&stss=1&scr_x=0&scr_y=0&psz=970x0&msz=970x0&ga_vid=654583131.1643965001&ga_sid=1643965001&ga_hid=1467130634&ga_fc=false&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
45d55c56e37d1d552fe1d3b19d843e61f372942e95b227fd9bf538c6702f7f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 08:56:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12363
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://standoff-2.ru.uptodown.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		101 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3772679972597111&correlator=4454310794850509&output=ldjh&impl=fifs&eid=21065724%2C31062931&vrg=2022020201&ptt=17&sc=1&sfv=1-0-38&ecs=20220204&iu_parts=1060150%2CMPU_content_App_Info&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C336x280%7C300x600%7C300x250&fluid=height&cust_params=ssmasdomain%3Dstandoff-2.ru.uptodown.com%26ssmasin%3D1%26ssmashour%3D8&cookie_enabled=1&bc=31&abxe=1&dt=1643965001180&lmt=1643965001&dlt=1643965000716&idt=307&frm=20&biw=1600&bih=1200&oid=2&adxs=334&adys=790&adks=1410691853&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fstandoff-2.ru.uptodown.com%2Fandroid&vis=1&stss=1&scr_x=0&scr_y=0&psz=360x0&msz=360x0&ga_vid=654583131.1643965001&ga_sid=1643965001&ga_hid=1467130634&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
c489399aa76ec63e093e0cd000b032656e35563a0e064a7dda0ef64043f5c6da
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/520356270634422266/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/520356270634422266/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLqBsO_W5fUCFSXauwgdCvsAFw&gqi=&layout=/sadbundle/%24csp%253Der3%24/520356270634422266/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/520356270634422266/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/520356270634422266/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLqBsO_W5fUCFSXauwgdCvsAFw&gqi=&layout=/sadbundle/%24csp%253Der3%24/520356270634422266/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33567
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Fri, 04 Feb 2022 08:56:41 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://standoff-2.ru.uptodown.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DW5XRK7GYT&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-313498-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d69577738d872a09e8cd5cd986e0fb549ce34048abf7cc3b5e3e0f25b995b71d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 08:56:41 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62459
x-xss-protection
0
expires
Fri, 04 Feb 2022 08:56:41 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.25.0/ 		318 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe035b6ff2394b9fc9b4dad0acc9050d633269a5efa7cfeac7e6b8fdc12b7065
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 04 Feb 2022 08:56:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
wv3c0qnkBhaWE//T4i2BGA==
age
11954
vary
Accept-Encoding
content-length
77456
x-ms-lease-status
unlocked
last-modified
Fri, 22 Oct 2021 16:52:46 GMT
server
cloudflare
etag
0x8D9957C5F8AA42D
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9ce670a2-d01e-015b-5892-da99cf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d82afea3a563312-CDG
collect
www.google-analytics.com/g/ 		0
179 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-DW5XRK7GYT&gtm=2oe220&_p=1467130634&sr=1600x1200&ul=en-us&cid=654583131.1643965001&_s=1&dl=https%3A%2F%2Fstandoff-2.ru.uptodown.com%2Fandroid&dt=Standoff%202%20%D0%B4%D0%BB%D1%8F%20Android%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20APK%20%D1%81%20Uptodown&sid=1643965001&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DW5XRK7GYT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://standoff-2.ru.uptodown.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 04 Feb 2022 08:56:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://standoff-2.ru.uptodown.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-313498-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3109
date
Fri, 04 Feb 2022 08:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 04 Feb 2022 10:04:52 GMT
en.json
cdn.cookielaw.org/consent/fe8404ab-f4df-40dd-b535-5d69e11408c8/94924637-c1e5-4c85-810e-08532d82add4/ 		46 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/fe8404ab-f4df-40dd-b535-5d69e11408c8/94924637-c1e5-4c85-810e-08532d82add4/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
465060aafa2f8175137e65e80292a14b544cf34ccab65ce49fb028a763024404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 04 Feb 2022 08:56:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
u21ME32j6hYb4S+vChIfLQ==
age
12451
vary
Accept-Encoding
content-length
10315
x-ms-lease-status
unlocked
last-modified
Fri, 17 Dec 2021 07:28:30 GMT
server
cloudflare
etag
0x8D9C12ED3749894
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a2fde1eb-501e-00a0-7c88-191780000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d82afeaafc239db-CDG
expires
Fri, 04 Feb 2022 12:56:41 GMT
iab2Data.json
cdn.cookielaw.org/vendorlist/ 		275 KB
38 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/vendorlist/iab2Data.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd3a6aa18ddd0015c9680303e4656a9aa0fea2b1f7ea7f061bf07ffcac910ca4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 04 Feb 2022 08:56:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
U+gpYQDbluzqe7vTwT2C0Q==
age
12451
vary
Accept-Encoding
content-length
38875
x-ms-lease-status
unlocked
last-modified
Fri, 04 Feb 2022 01:00:05 GMT
server
cloudflare
etag
0x8D9E779AEAA80C2
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e9c0162f-a01e-00fa-4888-191101000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d82afeaafc539db-CDG
otTCF.js
cdn.cookielaw.org/scripttemplates/6.25.0/ 		68 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.25.0/otTCF.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8592cb7471c1b07f3e828af105858e795e1122adfce21be5e6ec43054d5be2fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 04 Feb 2022 08:56:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
YXJYn5Vw+11yZ/srS1Yf2Q==
age
9362899
vary
Accept-Encoding
content-length
14952
x-ms-lease-status
unlocked
last-modified
Thu, 14 Oct 2021 05:25:47 GMT
server
cloudflare
etag
0x8D98ED3140A205E
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ed3d74df-201e-00e0-046c-c43e6e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d82afeaab393312-CDG
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/6.25.0/assets/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.25.0/assets/otCenterRounded.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b26a37736a1c5a3e268b492a0b89a278c88208bdf6ea88543c0720c0317854c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 04 Feb 2022 08:56:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
GusGKeZw4BFJM/nj45byyg==
age
12451
vary
Accept-Encoding
content-length
2584
x-ms-lease-status
unlocked
last-modified
Fri, 22 Oct 2021 16:52:37 GMT
server
cloudflare
etag
0x8D9957C5AAAE362
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
7f09b31e-601e-0009-2db1-17c268000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d82afeb38ac39db-CDG
otPcTab.json
cdn.cookielaw.org/scripttemplates/6.25.0/assets/v2/ 		47 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.25.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4efca4768dedb757f956b51f3620d1521be4e8f065080515489defc83c2de704
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 04 Feb 2022 08:56:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
HVRygTYMrq20E07mjabR6A==
age
12450
vary
Accept-Encoding
content-length
11929
x-ms-lease-status
unlocked
last-modified
Fri, 22 Oct 2021 16:52:39 GMT
server
cloudflare
etag
0x8D9957C5B4EFA5E
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
20728c1c-c01e-0122-1034-02f085000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6d82afeb38b039db-CDG
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.25.0/assets/ 		20 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.25.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 04 Feb 2022 08:56:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Ye6OeZcNyuFoWog7CYs00A==
age
12450
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Fri, 22 Oct 2021 16:52:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
fa37d5a2-001e-007f-18b1-1746d4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
6d82afeb38b239db-CDG
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1467130634&t=pageview&_s=1&dl=https%3A%2F%2Fstandoff-2.ru.uptodown.com%2Fandroid&ul=en-us&de=UTF-8&dt=Standoff%202%20%D0%B4%D0%BB%D1%8F%20Android%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D0%B9%D1%82%D0%B5%20APK%20%D1%81%20Uptodown&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1097109086&gjid=1652597421&cid=654583131.1643965001&tid=UA-313498-1&_gid=2100583165.1643965001&_r=1&gtm=2ou220&z=142681140
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://standoff-2.ru.uptodown.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Feb 2022 08:56:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://standoff-2.ru.uptodown.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c93ee381fe0971d7736f87fbfb3868bf877c1c1b0b7540f45ede747fdb6fb179
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 04 Feb 2022 08:56:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9964
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		4 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-313498-1&cid=654583131.1643965001&jid=1097109086&gjid=1652597421&_gid=2100583165.1643965001&_u=YADAAUAAAAAAAC~&z=1071989816
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://standoff-2.ru.uptodown.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 04 Feb 2022 08:56:41 GMT
content-type
text/plain
access-control-allow-origin
https://standoff-2.ru.uptodown.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 99E9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 04 Feb 2022 08:56:41 GMT
expires
Sat, 04 Feb 2023 08:56:41 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 08:56:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 04 Feb 2022 08:56:41 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-313498-1&cid=654583131.1643965001&jid=1097109086&_u=YADAAUAAAAAAAC~&z=1353625371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Feb 2022 08:56:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-313498-1&cid=654583131.1643965001&jid=1097109086&_u=YADAAUAAAAAAAC~&z=1353625371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Feb 2022 08:56:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/520356270634422266/ Frame B72F 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/520356270634422266/index.html
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50b9b8a1b3012ad5f54f2924118a02589109211e18e1efb76f2b7623581ce49f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin
*
content-length
587
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
date
Mon, 31 Jan 2022 12:18:35 GMT
expires
Tue, 31 Jan 2023 12:18:35 GMT
cache-control
public, max-age=31536000
age
333486
last-modified
Tue, 10 Mar 2020 16:37:36 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 99E9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CXyfTSer8Yfq4DqW07_UPivaDuAHtnvv2Z6_MjdOlD-LKreqTDhABIIbUzh5g-_n2gogKoAGb0oLiA8gBCakCdnHR95I8sz7gAgCoAwHIAwiqBIICT9AGLR2OKf9zNaAbhHoxjIedka6um-wlQEFfTL9MSpa7aF6Hi0qziYB6fd8YXGftMDiK1adISXnOKg_kWRWW2UmdPAJnNsKV4tkFgocOaleLTTV-0OGY6o-AFkyaqPBUtfZx_9DuTp0iljiY3VjrmlnDGW1fbRCidaUw7TLgb1Md4Aphyfx5awZg9_DN3ShqOsj5bCC-TKAPYWqqtyNDVKyiXx8HW2P79sjqFB-53RzjLszhGuebsbDT63x4WpVGq7m113IXjaH8-TJmjgzjXxtM17XLmiCh7ZEDCWETterM8vDRnxKUG1lwQGK6ts1APLgSFq3d-Kox8LooJMrUHGbnwATg25DFhgTgBAGSBQQIBBgBkgUECAUYBKAGLoAH_Nb1C6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEPWwFdIICQiI4YAQEAEYHYAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi0xNDQwMDAxNDI2NzYxNjI3GP6GCQ&sigh=jtdpF0JRj7c&uach_m=[UACH]&template_id=419
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/ Frame 99E9 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/abg_lite_fy2019.js
Requested by
Host: 6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com
URL: https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76d507787e9cb8cc91e5cf3f2aae4a816e9466a7164df455e377f47cff68bef3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 08:55:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7737
x-xss-protection
0
server
cafe
etag
11249816806015362922
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 18 Feb 2022 08:55:10 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 99E9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js
Requested by
Host: 6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com
URL: https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 08:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
118
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 18 Feb 2022 08:54:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 99E9 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com
URL: https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 08:56:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643806174374025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 04 Feb 2022 08:56:41 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 99E9 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com
URL: https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 08:55:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6204
x-xss-protection
0
server
cafe
etag
12229469669374805284
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 18 Feb 2022 08:55:50 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame B72F 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/520356270634422266/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 13:42:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 04 Feb 2022 13:42:50 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B72F 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/520356270634422266/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 14:22:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66875
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 04 Feb 2022 14:22:06 GMT
style.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/520356270634422266/files/ Frame B72F 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/520356270634422266/files/style.css
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/520356270634422266/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bbe6f0fa51cd5ac8d352a2b34d6520b64c046fedbcdb559a220b358e295addc0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
333486
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1879
x-xss-protection
0
last-modified
Tue, 10 Mar 2020 16:37:36 GMT
server
sffe
date
Mon, 31 Jan 2022 12:18:35 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 31 Jan 2023 12:18:35 GMT
Logo-PVOD.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/520356270634422266/files/ Frame B72F 		714 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/520356270634422266/files/Logo-PVOD.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/520356270634422266/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aad3c44466a0ffa5deea84501c8fd351e36e534d2d0fd7ba11d00a1ad89f98ee
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
519003
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
714
x-xss-protection
0
last-modified
Tue, 10 Mar 2020 16:37:36 GMT
server
sffe
date
Sat, 29 Jan 2022 08:46:38 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 29 Jan 2023 08:46:38 GMT
script.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/520356270634422266/files/ Frame B72F 		997 B
391 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/520356270634422266/files/script.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/520356270634422266/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a92f9f16bf35947c1786f8b28379142d3f33e4906da15f989385be6a4e3fc37
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
330134
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
361
x-xss-protection
0
last-modified
Tue, 10 Mar 2020 16:37:36 GMT
server
sffe
date
Mon, 31 Jan 2022 13:14:27 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 31 Jan 2023 13:14:27 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1B9F 		143 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com
URL: https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Fri, 04 Feb 2022 08:03:04 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
3217
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 06E3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 04 Feb 2022 08:46:20 GMT
expires
Sat, 04 Feb 2023 08:46:20 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
621
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 9A20 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
889a50cd895cd9452110b0266c63748a327666ddb8030a8f387105b6339ac831
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eqoWtfFGU6LPNYGa8R9euQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 04 Feb 2022 08:56:41 GMT
date
Fri, 04 Feb 2022 08:56:41 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-eqoWtfFGU6LPNYGa8R9euQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1B9F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com
URL: https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 04 Feb 2022 08:56:42 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 04 Feb 2022 08:56:42 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 04 Feb 2022 08:56:41 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mdqKvlGwTeSXiP4SbDG4fPc0JxjBpG49JTgeDIKrRjQ.js
pagead2.googlesyndication.com/bg/ Frame 06E3 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mdqKvlGwTeSXiP4SbDG4fPc0JxjBpG49JTgeDIKrRjQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99da8abe51b04de49788fe126c31b87cf7342718c1a46e3d25381e0c82ab4634
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 08:51:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
292
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13677
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Feb 2023 08:51:49 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9A20 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020201&jk=3772679972597111&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
truncated
/ Frame 99E9 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8dd696d56ba80786eca79e5390163afbf57fb65a460ea092f63e819345768fe3

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012201141909000/ Frame C73D 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
53123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61542
x-xss-protection
0
server
sffe
date
Thu, 03 Feb 2022 18:11:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"00d9ef7efeb287da"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 03 Feb 2023 18:11:18 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame C73D 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
53123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5698
x-xss-protection
0
server
sffe
date
Thu, 03 Feb 2022 18:11:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"919adc590e0ff503"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 03 Feb 2023 18:11:18 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame C73D 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
53123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29570
x-xss-protection
0
server
sffe
date
Thu, 03 Feb 2022 18:11:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c52208c2e07002d5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 03 Feb 2023 18:11:18 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame C73D 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
53123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1851
x-xss-protection
0
server
sffe
date
Thu, 03 Feb 2022 18:11:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"76a8c96b6aaec2c9"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 03 Feb 2023 18:11:18 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame C73D 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
53123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13611
x-xss-protection
0
server
sffe
date
Thu, 03 Feb 2022 18:11:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7aefe3fe93cc7383"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 03 Feb 2023 18:11:18 GMT
css
fonts.googleapis.com/ Frame C73D 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 07:25:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 04 Feb 2022 08:56:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 04 Feb 2022 08:56:42 GMT
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C73D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 18:06:10 GMT
x-content-type-options
nosniff
server
cafe
age
53431
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6726277462267614359
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3041
x-xss-protection
0
expires
Fri, 04 Feb 2022 18:06:10 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C73D 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 16:59:05 GMT
x-content-type-options
nosniff
server
cafe
age
57456
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 04 Feb 2022 16:59:05 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame C73D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C5zuqSer8YdzHH82i7_UPqryp0AzajuGYZ_XW-6yYD--tlPSuLhABIIbUzh5g-_n2gogKoAGb0oLiA8gBCakCoapW1Ag6sz7gAgCoAwHIAwqqBIgCT9DIjtIMppTd3kMp2v5z7g023rrWv7DqRS8FSZAViXVlZfjTsPskMg0MrHIELMxw-D6C9xD0lKTNB5PsmRLhzzjDhlRK-CGoI6p4scNuZELhKOQRBZyM-HZiO6hsgvmwnOraRDekSDALkPP_PligcS1vVDjWfgbbMNVx47oDl6Va64CJ-gW9P1E0rvNZBE2uYTy_VRGwpmFDG10dsBT2s7niXuur7fxSkRmBp20sla9hfFstek53jEAq3huugSB1PM_hYybZhyaORUpDDNaph9FznnqgVEHKflA4w_KTEEuG_9j6bznxJD7JGN0nPW5FAQJrX9YahHNEJKZAirm_PRQE32-p5k9ywASOhcrT4wPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH_Nb1C6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEIbABtIICQiI4YAQEAEYHYAKA8gLAbgTiCfYEw2IFATQFQGAFwGyFx4KHAgAEhRwdWItMTQ0MDAwMTQyNjc2MTYyNxj-hgk&sigh=vzJRdF963nM&uach_m=[UACH]&template_id=5000&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 06E3 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?RRMh_Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 08:56:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/15757597862907311081/ Frame C73D 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15757597862907311081/downsize_200k_v1?w=400&h=209
Requested by
Host: standoff-2.ru.uptodown.com
URL: https://standoff-2.ru.uptodown.com/android
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b61bc406a835a79e3d37ebe3eb6a6de4c3c55e5643ea2eb73f8b7ee4bf7cca9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 10:54:57 GMT
x-content-type-options
nosniff
age
165705
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7767
x-xss-protection
0
last-modified
Sat, 06 Feb 2021 21:02:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 02 Feb 2023 10:54:57 GMT
truncated
/ Frame C73D 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame C73D 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame C73D 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd4599faf43c28b5f13ec3539e19b03e23f3823dab2943885ca10e48d06bb081

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame C73D 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://standoff-2.ru.uptodown.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 18:12:51 GMT
x-content-type-options
nosniff
age
225831
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28196
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 17:53:50 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Feb 2023 18:12:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020201&jk=3772679972597111&bg=!aGulay_NAAYZkRhwGZE7ACkAdvg8WhQ10yUoNVH75J1se03m--RHJAV-LlvRFk0CzGk5yB4RH-s8vAIAAACYUgAAAAFoAQeZAtLIGAGWqurwxqiej2dCGzxMnBlmQFjWulRWQlYFUYI4jG780yr33ZRAFHKQX_BSzV67esP9jtYKALE6OudJ3Ipf27sGGFrzONF3BOtKFBi0Hmf7XFziXefRpRQtAjKdDfFywpONp37Ibu8XhSLxHwGwd6DHyfEi9whZzCPWeH1HWWCHJxEoLBO46Fsdt5CdMzVKnemKdWx1J3QBT6e8JDLBCjLTXQ2M_E7hyUka-59kQGvuzKCP7_wZkcIg7aJX3zV-2T49nCCRRoJVYtb-bTF2M7hrVcqfM9v3cHNITm2UW3aKEjs9BOYjDqLJmtJNjAZZkOLj8T3dzGQ9wfCTbPJARxEJCvRe6MRGAShXopm_kyF8wNzUh6kLnAqySgzqCHMrl-ZiRiQvkPapR3KC5TILeAPHpI6kC53UTSgBjO9-ZB9mqgEGOUCsjOeaYxZXjEciofMpjaZUgSjtkR4ADPigQPM1pAZYr_HMVy3yPB-zymFUikmudmOI6CXqdRm_3rNSdvgzOqV4PeVc2YPYolXKeOFsoay-RfW02j-qs1OgElPB6QS3-TteELM6qsETtyx1GPY6hBda5gWVvGSmi_C2I4Ga1HyCbKVkD70XLVXd7Vd2cPSdLklVti3iJbAxwPcRAdNMmqsp8hW0inPLMJSPIbSaK6AER_U_-TfVow6bgBSSzFV7w5D3bs8BYyTW5HTcMfIZJ-gfMEXqJD9NbgRbabSNTdh9H375nM965f6JXy77I5Hp-1l5USxZNfzQq2zjYGM6yNoUXrwNtiMPMpd_kxqbOcfvyMFMOVcQ-UjZKnPVVoPPpemSNlDdXnryyydmY31zndQi1bAs10t4B1Kej5NEEOEFX9NuQmyNukwtwHN3HOKrHr3meFq1PiyL8y14EgTGfSEawKABAbyzoVGwRIPICvMmNr5MCYi04OVZokRtNDbFOHBfQb6JXz9fvkAgTg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Feb 2022 08:56:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 43E2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://standoff-2.ru.uptodown.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 04 Feb 2022 08:56:41 GMT
expires
Sat, 04 Feb 2023 08:56:41 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 43E2 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com
URL: https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 20:10:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45948
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 03 Feb 2023 20:10:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 43E2 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com
URL: https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 08:56:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643806174374025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 04 Feb 2022 08:56:42 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 43E2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVW9JOyrowVEeeeTBdLItgk7Pkm1VgFqKsNg-69u4aFz0jOoNSkWBso5ebZhs97tKW6jgHkWHG-CeoUTkFOIdamJWewH_UU8dfgtz8gwLVWkrUlz-FMl4zIIgY7e2cBwTr-xV8uOT5s_W5uar6XIBtPhCYbctfO0opLYRhG3F0TWECPBdSWja1zWgHZmmFC3bTp2mDIAlON47a-WOeLIJRx6OR1fM0JYXIFUOdq5GuQz4z_LmbbCaXljpYwqE4RJSCYRddSx0ubD-ZewaGQJlpB5oHiRSwJhczweP6PDYbTmZaURREF5vq2BYmvT7MICplEAbBbAVT3A&sai=AMfl-YS1Uu7oDVAIgmdFZqA-9Kgl5SWMuo5u3tyG-nY3NwOJUXsU-Gu9f2RpdmwDG7o6J_C2G_wQXXPQlfJGZzswcy_DQicHYHtw0XPHt9aLCns4Fa4FA--iDJ7FOVzn1wc&sig=Cg0ArKJSzC-OYkufn7BjEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com
URL: https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 04 Feb 2022 08:56:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Opera_EN_728x90.png
img.utdstc.com/apps/cache/ Frame 43E2 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/apps/cache/Opera_EN_728x90.png
Requested by
Host: 6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com
URL: https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-137-209.deploy.static.akamaitechnologies.com
Software
nginx/1.14.2 /
Resource Hash
1f6b7df655e7ddac6cbb59556e4c820e537dc41f2793cd9dae44cefaa863cdfc
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 27 Oct 2020 09:31:40 GMT
server
nginx/1.14.2
etag
"5f97e8fc-24d6"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
private, max-age=9249428
date
Fri, 04 Feb 2022 08:56:42 GMT
content-security-policy
default-src 'self'
accept-ranges
bytes
vary
Accept
content-length
9430
x-xss-protection
1; mode=block
expires
Sun, 22 May 2022 10:13:50 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 43E2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3LoUaI0eZrZv6NEmDTpJypFDXldSXb1dLKe5U3rRUYMkiGqEx9B6230ZYKuq-KYzIcZWZmIe7xRaoJDnWVvFbjfMqeD1wUStf9DYELD4rXMEetAk1LQkSxY8DuZ6w0xuvHlMcmFdBHvOJe3cB0uOtTvkhMs7yIlYopUvcxSqG5pe-T8yuZw4KTPUHuUPphPU8breN8UdbU5xrRH1ncpFkW0AyEqDpX1McB64ethlJicAvSsmBbwTkax9vQ2hqNqcaWiZsy4E8fhZ3BLS--kDuZefsHM7IsL89DmKcXUUI967zXyHM7-fLoy0X483C7Ph_fVTAAy2kkL6p&sai=AMfl-YTPa_aaLuGtM7_Jhzbt2N99iTmiw6MwvLmWfV6doxheOPE__o895FRhGNlhlguZ0Z9LS4cCp1PylNrk2pjg1E94C1Vzngdk3pt78x93KjA02gefPUUV313N6jVEFPE&sig=Cg0ArKJSzPH5IBOvU571EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 04 Feb 2022 08:56:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 04 Feb 2022 08:56:42 GMT
truncated
/ Frame 43E2 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d326da085a0fd7a96a1ab5b2c4600ea1129a51850a5409f0e33589b8742c9166

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 99E9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsup4wJsAruNUozik4xbBXQYc4vQChewjhRO5eWgDmBGHMYg4PTAFdgOE5ym34qwYdU9wfLX3NVqftymLVlUOda64B84xgswr2T4Kzfd_rdwnqWJWbbCdg&sai=AMfl-YTLIKzi3B_Y0DF7vgTNHXkDngmOSQ4CR5Zop3u5eUMldX9neWXq5V8TBgI7-66vXlNgOc5dfXgMWmFTS9P1zwFgIuDl1VZ9Ot6X2nNgB7sNWWZBr6lQ6iAsD9vaBOQ&sig=Cg0ArKJSzOYq_lnIBd5xEAE&id=lidar2&mcvt=1000&p=790,352,1390,652&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20220202&bin=7&avms=nio&bs=0,0&mc=0.68&if=1&app=0&itpl=2&adk=1410691853&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643965001582&rpt=322&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Feb 2022 08:56:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 43E2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvuMhVkg6YxAY33gIJbMybYJ_px43E4lxAAyT3dInFViZxTaKWbnVOXq_mFT4Tsyon0EbmY93kzOmwkhIrwknu21npVAKzjLK9htl9tAJebqmMnfOQp&sig=Cg0ArKJSzFkJMa3kqmJnEAE&id=lidar2&mcvt=1001&p=340,436,434,1164&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20220202&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=19&adk=3987757971&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643965002227&rpt=313&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Feb 2022 08:56:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| OptanonWrapper object| ssm_config object| googletag object| ggeac object| google_js_reporting_queue object| regeneratorRuntime function| setImmediate function| clearImmediate function| track function| showRtbAds boolean| smartTagLoaded object| ssmSmartTag undefined| google_measure_js_timing function| gtag object| dataLayer object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| webpackJsonp object| lazySizes object| adlazy object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| jsonFeed object| google_tag_manager object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| __tcfapi object| otStubData object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| otTCF object| otIabModule object| Optanon object| OneTrust object| gaplugins object| gaData object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests

11 Cookies

Domain/Path Name / Value
.standoff-2.ru.uptodown.com/ Name: utd_red_lang
Value: ru
.standoff-2.ru.uptodown.com/ Name: utd_red_platform
Value: android
.uptodown.com/ Name: _ga_DW5XRK7GYT
Value: GS1.1.1643965001.1.0.1643965001.0
.uptodown.com/ Name: _ga
Value: GA1.2.654583131.1643965001
.uptodown.com/ Name: _gid
Value: GA1.2.2100583165.1643965001
.uptodown.com/ Name: _gat_gtag_UA_313498_1
Value: 1
.uptodown.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Fri+Feb+04+2022+08%3A56%3A41+GMT%2B0000+(GMT)&version=6.25.0&hosts=&landingPath=https%3A%2F%2Fstandoff-2.ru.uptodown.com%2Fandroid&groups=STACK42%3A0
.doubleclick.net/ Name: IDE
Value: AHWqTUlXmlvW1TGMTfgPx3i3TbFp9nis9GZZP864I0WIXAdyLNhzzky6P5LwLBb5k7U
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.uptodown.com/ Name: __gads
Value: ID=3f2c646b81480017-221821fe34cd006c:T=1643965001:S=ALNI_MZxG0lz4GNNVF950-q3NSQvQOPxpw

7 Console Messages

Source Level URL
Text
javascript warning URL: https://ssm.codes/smart-tag/uptodown.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020201.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ssm.codes/smart-tag/uptodown.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020201.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://standoff-2.ru.uptodown.com/android
Message:
A preload for 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufJ5qWr4xCCQ_k.woff2' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://standoff-2.ru.uptodown.com/android
Message:
A preload for 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufJ5qWr4xCCQ_k.woff2' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://standoff-2.ru.uptodown.com/android
Message:
A preload for 'https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufJ5qWr4xCCQ_k.woff2' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs
Message:
Unrecognized feature: 'attribution-reporting'.
javascript warning URL: https://standoff-2.ru.uptodown.com/android
Message:
The resource https://fonts.gstatic.com/s/robotoslab/v16/BngMUXZYTXPIvIBgJJSb6ufJ5qWr4xCCQ_k.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6e0c660509ab0f8d20b748b203596c65.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
cdn.ampproject.org
cdn.cookielaw.org
dw4.uptodown.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
img.utdstc.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
ssm.codes
standoff-2.ru.uptodown.com
stats.g.doubleclick.net
stc.utdstc.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.fr
www.googletagmanager.com
www.googletagservices.com
104.90.137.209
142.250.184.226
145.239.67.125
2606:4700:10::6814:b944
2606:4700:20::681a:478
2606:4700::6810:9440
2a00:1450:4001:801::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2001
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9a
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
086082e9c25f074ab48a40655ad9c881dd4f90f10b94b69a3167ad0494932639
0a92f9f16bf35947c1786f8b28379142d3f33e4906da15f989385be6a4e3fc37
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
1392ed173851ca4cc26834f1b2556167e66620fb81c9dcd222af1bd02f390fe8
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1f6b7df655e7ddac6cbb59556e4c820e537dc41f2793cd9dae44cefaa863cdfc
20ab3f5e0bcc3de5425a796cee46b47880f940263127ec918e773a047971316d
227f2598b22ebfef47701ad6ede03a9844d74cdc1b2ae9d5710f7a65338c813e
282da86e1071d060a343341b75391a036a23e28adfc93e879fae9775e45bfd7d
2c587010af5ec749079fd5a4d6c00d525c66f92da8e877f8ce89a05b4a0d7eeb
2d354a7f5b1102a2b479c16c639657aeea187f93973782775a6048fd2fb23a23
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
3905e01fb4ee5610d7a1076f1c7794f9e41aa81a8d77d915cabeeaaf4fea3cc7
3b61bc406a835a79e3d37ebe3eb6a6de4c3c55e5643ea2eb73f8b7ee4bf7cca9
3d7dd2bd5eaac02dc7527e36be4d53cd2e43cce63d6a3b4cb96efd4b1ead1b6e
403527fc33bc524c8d9e39115d0728c9e895fc91c7edf8c8bcf631dd24d99e43
40e070c3a04e9d6920f79672e52f410396fe31bbd3e9f49e74d5950910e3a7ac
41ddcc983bcfd66a21aebfa85f5a27da8de8d5d5f6287e9108c31c7a1bebc2cd
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45d55c56e37d1d552fe1d3b19d843e61f372942e95b227fd9bf538c6702f7f29
465060aafa2f8175137e65e80292a14b544cf34ccab65ce49fb028a763024404
4b548551eca0e4d7efc7e9f8aff5a214df175bc78d4f6de5f169e044a7c30ff3
4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c
4d41e5dad5d4f654541feec74f656bad6c842c34204f3567cd2003099ed9196d
4efca4768dedb757f956b51f3620d1521be4e8f065080515489defc83c2de704
50b9b8a1b3012ad5f54f2924118a02589109211e18e1efb76f2b7623581ce49f
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563f57a7401016846d1378cb12e2cfaa3e168d4ffa959ff282edd03d8d9f61b4
612b39042629b8942e046dbe26168e15e1012ccf8d403c1f49abc757dec3fee5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65d6d71e8ab9efe3fbf717817a06747918a0546678b6f9060d73475ee2de2048
68ec52c8ed5afc0227465d086630b9929b482909c70a40d0cb6ae45ac760746f
72a41c55d6666b76cef61cff72cd0bd9bb4bf4d54729d0906db250cf59a506fe
72f29fb214833cd75513830d1659e1d6b917073dacbd13903293cc6ddf6903c7
76d507787e9cb8cc91e5cf3f2aae4a816e9466a7164df455e377f47cff68bef3
80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d
8592cb7471c1b07f3e828af105858e795e1122adfce21be5e6ec43054d5be2fa
889a50cd895cd9452110b0266c63748a327666ddb8030a8f387105b6339ac831
8d42b52d0ee5987a43c5763d7e433557ca6ac4c43a23445be5f9769762b8566b
8dd696d56ba80786eca79e5390163afbf57fb65a460ea092f63e819345768fe3
8edcb340abe8069cfc97ef5ff442537ce2691872b003798f8869472e87f88b4d
95fba311704b69ca7f5c9336fd3fec1d9e6800fc999c230326696497118c915d
99da8abe51b04de49788fe126c31b87cf7342718c1a46e3d25381e0c82ab4634
9d72f0312a1466baa268cc0ded170291c5037335cf124f840e4397dbfa850cc4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a78b1acb597ed68b5a0cff8852f9365b5acc458e134d83b6fda4b8f829d227cd
a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa
aad3c44466a0ffa5deea84501c8fd351e36e534d2d0fd7ba11d00a1ad89f98ee
abf66c29b32b2d1ec026140f3cc72b7cfffd86396abbe306b16fdf350e032fad
b26a37736a1c5a3e268b492a0b89a278c88208bdf6ea88543c0720c0317854c8
b643d5ebc5e58fba3d24cbf62e8bfd4ab3f47a9f344e5c7059d9691c9395cc70
bbe6f0fa51cd5ac8d352a2b34d6520b64c046fedbcdb559a220b358e295addc0
c01524a3a9835d934fc9546e82fb2f72eb70ca3528328b537280f8d4d287a12d
c489399aa76ec63e093e0cd000b032656e35563a0e064a7dda0ef64043f5c6da
c93ee381fe0971d7736f87fbfb3868bf877c1c1b0b7540f45ede747fdb6fb179
cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250
cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864
cd4599faf43c28b5f13ec3539e19b03e23f3823dab2943885ca10e48d06bb081
d326da085a0fd7a96a1ab5b2c4600ea1129a51850a5409f0e33589b8742c9166
d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d69577738d872a09e8cd5cd986e0fb549ce34048abf7cc3b5e3e0f25b995b71d
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740
db565c7372c014bb708268e5f741b827d8f083af54fc09b8afb58703a09f463a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e85ceeddc50b1322c08edb56e85fe82e922b33f5501a834c863f1f870946bba4
ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d
edf9aaeb4b02399681f93612ffecac6f2347009bffd52fb5eab056939c2399aa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22e3215bb72d8a8112c9478f01eb6612fa5723ca556c5127e387cba5e7e790e
f39a9aae1a3970b1087e2dd27728d22fa2aa750c0743e548ccfcfbf36e72097f
f804374205f0854ac486f90207fdc4f9f71b1480702ee21f0c70d8eae8a715f2
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
fd3a6aa18ddd0015c9680303e4656a9aa0fea2b1f7ea7f061bf07ffcac910ca4
fe035b6ff2394b9fc9b4dad0acc9050d633269a5efa7cfeac7e6b8fdc12b7065
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6