urlscan.io logo urlscan.io
SecurityTrails logo

lexa0703011.bhuser.ru Open in urlscan Pro
91.219.194.21  Public Scan

Go To Rescan Add Verdict Report
URL: https://lexa0703011.bhuser.ru/
Submission: On February 14 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 35 HTTP transactions. The main IP is 91.219.194.21, located in Russian Federation and belongs to BEST-HOSTER, RU. The main domain is lexa0703011.bhuser.ru.
TLS certificate: Issued by R3 on February 14th 2023. Valid for: 3 months.
This is the only time lexa0703011.bhuser.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    91.219.194.21 (Russian Federation)

ASN49693 (BEST-HOSTER, RU)
PTR: piter21.dns-rus.net
lexa0703011.bhuser.ru
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
7    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
3    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 132
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
227 KB
9 gstatic.com
fonts.gstatic.com
csi.gstatic.com
182 KB
8 bhuser.ru
lexa0703011.bhuser.ru
1 MB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 129
www.google.com — Cisco Umbrella Rank: 18
2 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
5 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 114
2 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 5587
531 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1072
601 B
35 8
Domain Requested by
8 lexa0703011.bhuser.ru lexa0703011.bhuser.ru
7 fonts.gstatic.com fonts.googleapis.com
7 pagead2.googlesyndication.com lexa0703011.bhuser.ru
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 csi.gstatic.com pagead2.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 fonts.googleapis.com lexa0703011.bhuser.ru
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
35 11

This site contains no links.

Subject Issuer Validity Valid
lexa0703011.bhuser.ru
R3		 2023-02-14 -
2023-05-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://lexa0703011.bhuser.ru/
Frame ID: 742DE310962C4784EA94301B8CD131FC
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230209/r20190131/zrt_lookup.html
Frame ID: 668FBDE65600931B3345640DF2772DDF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2678727730814437&output=html&adk=1812271804&adf=3025194257&lmt=1676298338&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Flexa0703011.bhuser.ru%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676405831684&bpp=7&bdt=288&idt=291&shv=r20230209&mjsv=m202302080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1864365937695&rume=1&frm=20&pv=2&ga_vid=1912274814.1676405832&ga_sid=1676405832&ga_hid=1961344041&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31071756%2C31072227%2C44779794%2C31061691%2C31061693&oid=2&pvsid=3952334815449538&tmod=426948095&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=318
Frame ID: 757EAC139A0A7F32899DEEEF0EDA0E9F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FE481A852E171668C9D8F15E2990122F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 74C12483711F5320AE6641550A6BDDB4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

alfabetify

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

35
Requests

100 %
HTTPS

91 %
IPv6

8
Domains

11
Subdomains

11
IPs

3
Countries

1463 kB
Transfer

2999 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
lexa0703011.bhuser.ru/ 		2 KB
992 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lexa0703011.bhuser.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.219.194.21 , Russian Federation, ASN49693 (BEST-HOSTER, RU),
Reverse DNS
piter21.dns-rus.net
Software
Apache /
Resource Hash
69d30653ed0db3857d8e5e6a622399bab7ab7a2ea8259426f2024bafad309c95

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
br
content-length
877
content-type
text/html
date
Tue, 14 Feb 2023 20:17:11 GMT
last-modified
Mon, 13 Feb 2023 14:25:38 GMT
server
Apache
vary
Accept-Encoding
css2
fonts.googleapis.com/ 		5 KB
712 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Philosopher:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: lexa0703011.bhuser.ru
URL: https://lexa0703011.bhuser.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c19a56f6b0c70159ed8564d7dd8dcb9d2c39dee226f74de17d28fedc6ed6ab74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lexa0703011.bhuser.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Feb 2023 20:17:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 20:17:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Feb 2023 20:17:11 GMT
css2
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
Requested by
Host: lexa0703011.bhuser.ru
URL: https://lexa0703011.bhuser.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
54ade860668186a60816a95a13faa8ce43a79438c8f1c5a15e967853e02465c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lexa0703011.bhuser.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Feb 2023 20:17:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 18:26:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Feb 2023 20:17:11 GMT
chunk-vendors.831f11a8.js
lexa0703011.bhuser.ru/js/ 		523 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lexa0703011.bhuser.ru/js/chunk-vendors.831f11a8.js
Requested by
Host: lexa0703011.bhuser.ru
URL: https://lexa0703011.bhuser.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.219.194.21 , Russian Federation, ASN49693 (BEST-HOSTER, RU),
Reverse DNS
piter21.dns-rus.net
Software
Apache /
Resource Hash
cfe06ab10e23dcde1ee3cce11ff07831497fe30cc0471240e3bee5da0cea433d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lexa0703011.bhuser.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 20:17:11 GMT
content-encoding
br
last-modified
Mon, 13 Feb 2023 14:25:38 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
app.fb9d9c9b.js
lexa0703011.bhuser.ru/js/ 		104 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lexa0703011.bhuser.ru/js/app.fb9d9c9b.js
Requested by
Host: lexa0703011.bhuser.ru
URL: https://lexa0703011.bhuser.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.219.194.21 , Russian Federation, ASN49693 (BEST-HOSTER, RU),
Reverse DNS
piter21.dns-rus.net
Software
Apache /
Resource Hash
997e8ccf570fc16c3d87cde8bde41415b14420f3b4558496aaa799f1d8aa2b64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lexa0703011.bhuser.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 20:17:11 GMT
content-encoding
br
last-modified
Mon, 13 Feb 2023 14:25:38 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
31908
chunk-vendors.61278630.css
lexa0703011.bhuser.ru/css/ 		721 KB
89 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lexa0703011.bhuser.ru/css/chunk-vendors.61278630.css
Requested by
Host: lexa0703011.bhuser.ru
URL: https://lexa0703011.bhuser.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.219.194.21 , Russian Federation, ASN49693 (BEST-HOSTER, RU),
Reverse DNS
piter21.dns-rus.net
Software
Apache /
Resource Hash
8063c044bf26f9a4e4a7eacadac1cabafbcdc86a20a8871dcdf56846f8d212d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lexa0703011.bhuser.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 20:17:11 GMT
content-encoding
br
last-modified
Mon, 13 Feb 2023 14:25:38 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
text/css
app.3ea70ce3.css
lexa0703011.bhuser.ru/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lexa0703011.bhuser.ru/css/app.3ea70ce3.css
Requested by
Host: lexa0703011.bhuser.ru
URL: https://lexa0703011.bhuser.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.219.194.21 , Russian Federation, ASN49693 (BEST-HOSTER, RU),
Reverse DNS
piter21.dns-rus.net
Software
Apache /
Resource Hash
dc2546a10e463755d9dc9f117c6781e760f3481f5ac1ba86731d74d0047190b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lexa0703011.bhuser.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 20:17:11 GMT
content-encoding
br
last-modified
Mon, 13 Feb 2023 14:25:38 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1186
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2678727730814437
Requested by
Host: lexa0703011.bhuser.ru
URL: https://lexa0703011.bhuser.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6348af243da6a919bf96c9e952abc4259c5653d5c2e639bedf4a531e988de538
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lexa0703011.bhuser.ru/
Origin
https://lexa0703011.bhuser.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 20:17:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49766
x-xss-protection
0
server
cafe
etag
6960219691643561408
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 14 Feb 2023 20:17:11 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/ 		365 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2678727730814437&plah=lexa0703011.bhuser.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2678727730814437
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fb8191383698a3206de308ea6081e9beba16d1faafca7fe021d82484cb96599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lexa0703011.bhuser.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 20:17:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122940
x-xss-protection
0
server
cafe
etag
6407726422259951341
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 14 Feb 2023 20:17:11 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230209/r20190131/ Frame 668F 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230209/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2678727730814437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lexa0703011.bhuser.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
20952
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 14:27:59 GMT
etag
10353107486223812946
expires
Tue, 28 Feb 2023 14:27:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230209/r20110914/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230209/r20110914/rum_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2678727730814437&plah=lexa0703011.bhuser.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc4755d6c27f2b045bd8080023d5bf2d8319e22ab2abfe739dfe6ade2c199af0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lexa0703011.bhuser.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 06:44:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
48742
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21759
x-xss-protection
0
server
cafe
etag
14899131308019975956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 06:44:50 GMT
cookie.js
partner.googleadservices.com/gampad/ 		385 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=lexa0703011.bhuser.ru&callback=_gfp_s_&client=ca-pub-2678727730814437
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2678727730814437&plah=lexa0703011.bhuser.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
790ea2758ffc5377ac0202f63d36d6a8ea68adaf84e2fef0fff183fec93c9c4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lexa0703011.bhuser.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 20:17:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=lexa0703011.bhuser.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2678727730814437&plah=lexa0703011.bhuser.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lexa0703011.bhuser.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 20:17:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=lexa0703011.bhuser.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2678727730814437&plah=lexa0703011.bhuser.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lexa0703011.bhuser.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 20:17:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 757E 		603 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2678727730814437&output=html&adk=1812271804&adf=3025194257&lmt=1676298338&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Flexa0703011.bhuser.ru%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676405831684&bpp=7&bdt=288&idt=291&shv=r20230209&mjsv=m202302080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1864365937695&rume=1&frm=20&pv=2&ga_vid=1912274814.1676405832&ga_sid=1676405832&ga_hid=1961344041&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31071756%2C31072227%2C44779794%2C31061691%2C31061693&oid=2&pvsid=3952334815449538&tmod=426948095&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=318
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2678727730814437&plah=lexa0703011.bhuser.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lexa0703011.bhuser.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 20:17:12 GMT
expires
Tue, 14 Feb 2023 20:17:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
logo-v2.fde9216c.svg
lexa0703011.bhuser.ru/img/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lexa0703011.bhuser.ru/img/logo-v2.fde9216c.svg
Requested by
Host: lexa0703011.bhuser.ru
URL: https://lexa0703011.bhuser.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.219.194.21 , Russian Federation, ASN49693 (BEST-HOSTER, RU),
Reverse DNS
piter21.dns-rus.net
Software
Apache /
Resource Hash
84e35174c2b870d7538af5a312adab33b57b68fef9f9567cafdb8a94a323c40b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lexa0703011.bhuser.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 20:17:12 GMT
content-encoding
br
last-modified
Mon, 13 Feb 2023 14:25:38 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
2797
landing-banner.dd88b707.png
lexa0703011.bhuser.ru/img/ 		403 KB
403 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lexa0703011.bhuser.ru/img/landing-banner.dd88b707.png
Requested by
Host: lexa0703011.bhuser.ru
URL: https://lexa0703011.bhuser.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.219.194.21 , Russian Federation, ASN49693 (BEST-HOSTER, RU),
Reverse DNS
piter21.dns-rus.net
Software
Apache /
Resource Hash
448bfed776ffee4dc54daa42f01e017479cf4e5f287996c41dffec74468cd2c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lexa0703011.bhuser.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 20:17:12 GMT
last-modified
Mon, 13 Feb 2023 14:25:38 GMT
server
Apache
accept-ranges
bytes
content-length
412716
content-type
image/png
4iCv6KVjbNBYlgoCjC3jtGyNL4U.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jtGyNL4U.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bbeb7f7f618c8d82bce1600d57e67a9f6759bed1d00097935d1714440dcbdb7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lexa0703011.bhuser.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 17:05:38 GMT
x-content-type-options
nosniff
age
11494
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18672
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Feb 2024 17:05:38 GMT
materialdesignicons-webfont.2474c2c1.woff2
lexa0703011.bhuser.ru/fonts/ 		376 KB
369 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lexa0703011.bhuser.ru/fonts/materialdesignicons-webfont.2474c2c1.woff2
Requested by
Host: lexa0703011.bhuser.ru
URL: https://lexa0703011.bhuser.ru/css/chunk-vendors.61278630.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.219.194.21 , Russian Federation, ASN49693 (BEST-HOSTER, RU),
Reverse DNS
piter21.dns-rus.net
Software
Apache /
Resource Hash
e52d60f64267cdaa08422b50bab5d45bd35e662b03b9af75179ceae00ac5fc8b

Request headers

Referer
https://lexa0703011.bhuser.ru/css/chunk-vendors.61278630.css
Origin
https://lexa0703011.bhuser.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 20:17:12 GMT
content-encoding
br
last-modified
Mon, 13 Feb 2023 14:25:38 GMT
server
Apache
vary
Accept-Encoding
content-type
font/woff2
accept-ranges
bytes
content-length
377424
vEFK2_5QCwIS4_Dhez5jcWBrd_QZwtW_Wg.woff2
fonts.gstatic.com/s/philosopher/v19/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/philosopher/v19/vEFK2_5QCwIS4_Dhez5jcWBrd_QZwtW_Wg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Philosopher:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95a006da9185e705539e5bda196e9947f31aed05eb85e2ad04989c71a6f6dc4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lexa0703011.bhuser.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 04:14:20 GMT
x-content-type-options
nosniff
age
403372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20336
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Feb 2024 04:14:20 GMT
4iCv6KVjbNBYlgoC1CzjtGyNL4U.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjtGyNL4U.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92ca60a1917b9ebb08ee7ddf0860b217985b8468acf0de9ed41d90c3f5dda926
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lexa0703011.bhuser.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 10:37:25 GMT
x-content-type-options
nosniff
age
207587
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21128
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:04:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Feb 2024 10:37:25 GMT
4iCs6KVjbNBYlgoKew72j00.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKew72j00.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1400c92345dcd9dbf746acab2c60e8580aa959473e9e56c8772cadcf7734b76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lexa0703011.bhuser.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 10:53:26 GMT
x-content-type-options
nosniff
age
33826
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20860
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:15:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Feb 2024 10:53:26 GMT
4iCv6KVjbNBYlgoC1CzjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lexa0703011.bhuser.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 09:57:02 GMT
x-content-type-options
nosniff
age
469210
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38752
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:04:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Feb 2024 09:57:02 GMT
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lexa0703011.bhuser.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 19:27:16 GMT
x-content-type-options
nosniff
age
521396
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34852
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:31:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Feb 2024 19:27:16 GMT
4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lexa0703011.bhuser.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 13:59:25 GMT
x-content-type-options
nosniff
age
368267
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30480
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Feb 2024 13:59:25 GMT
csi
csi.gstatic.com/ 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~le4oqyko&c=3952334815449538&e=44759926%2C44759842%2C44759875%2C31071756%2C31072227%2C44779794%2C31061691%2C31061693&ctx=1&met.6=6.1_CgsY8AkgdioECAESAA
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20230209/r20110914/rum_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lexa0703011.bhuser.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 20:17:12 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230209&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2678727730814437&plah=lexa0703011.bhuser.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35cd802e21771aaecd73946283eb40e5a3176f77e81e8990f7abe3fc5de295ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lexa0703011.bhuser.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 20:17:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11041
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2678727730814437&plah=lexa0703011.bhuser.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lexa0703011.bhuser.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 20:17:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Feb 2023 20:17:12 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FE48 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lexa0703011.bhuser.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6289
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 18:32:23 GMT
expires
Wed, 14 Feb 2024 18:32:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 74C1 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1da7f59b669db31f3678c75d039272541c5af6cf05340e37e1e326fda7e29242
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TPBu_XWqbl8yrB3PUXQWOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lexa0703011.bhuser.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-TPBu_XWqbl8yrB3PUXQWOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 20:17:13 GMT
expires
Tue, 14 Feb 2023 20:17:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
pagead2.googlesyndication.com/bg/ Frame FE48 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EWloDjzMQOvRZmCEufFfn6ZrYQ_lvyXFrAdKlYrDV_0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1169680e3ccc40ebd1666084b9f15f9fa66b610fe5bf25c5ac074a958ac357fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 20:01:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
915
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14328
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 17:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Feb 2024 20:01:58 GMT
generate_204
tpc.googlesyndication.com/ Frame FE48 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?2mvTtA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 20:17:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 74C1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230209&jk=3952334815449538&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230209&jk=3952334815449538&bg=!CwilCFzNAAYuhb89DoU7ADkAdvg8WtnBhgiQSn1tzL4rWxm2fXQehSx3rD0I0T2IsczMK-Eok5JPEHyM5jBTcgamezFlagY0CwsCAAAAXlIAAAADaAEHmQKnDVGzA0iHbu2vGKskydtg2WrNG3bs-_-8kRDe4vcevErq489N7Z3AE1pUFroZ6X2ZJ2_3tjeTYmUpRbd3WgSck8LC5R3PfbXiRYUsHaBBmvxuRR-rlZXzfyCyeK10XLtpGOS3Z9tqvi24vMYFiR_0R3ov1r5N4IBVYmcqmo27maq5KFKz7O3pAxo1bJ38CEsXtNSGctCOPCtztlvADSLkHEF7WxerxdGSoiWW0WsH8KIioVGC9Ad1S26CI_7hw6XMCYLhEkAUSuUU2bz7nx7e3clHKuKuiIOx8g9_VGztGxt9A0hW8vpBRyTJTyetSvMmDhSKf9W056cQ6_KF1eqiO1h9x1TTGBHxtpnay0jOdF4oOoIeT-1BNwFSeDKQNmprXL9gSSGI7YiW-C8NnUTRPywha9RjMCuK-X-RwLiVbdJnSh4LPQJWrftbKFt2TUajNi9-1vUNSgFGSIqoH84ufplyVtf9Y4JPAbfjIGubqdPewSzDZNlh894iIpTZSCVCfQCyXf33Wt14sWmE4r3VcvsgHMpvrg51hP87OOmQzpojJb2qGMZBbbIWqt_y1WqxE8Zjemd7Gkk49lu2XmFnLn1VrgZcX3yj8eY1aRXsCNFKBkhPhmX6xqQG2d013_bV4SkAFXjnYrduDFHz_zlQpEHk6pFL6sfraRg3-ScAYaprRzpqMbaZtDyy6LG1rjt_1bfP81nnI3bGPhPwsmWZniiVldi-KZWFZc-Jo6mQVxOM_dIcf899zT89TPxK5knUp6H-8Tl37VDAUBas0jYKNAeb5ytwF-GF49bGT5fyytZyfum7ht7sYRebCcvfS_DhHhcxwEKnA2hs9IyUB_YVICLieDjblHywJvw7FCO-8WQn3XjKtQnzy_vAbFH0raZQTGArGktidg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lexa0703011.bhuser.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers
csi
csi.gstatic.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=2~le4oqyqn&c=3952334815449538&e=44759926%2C44759842%2C44759875%2C31071756%2C31072227%2C44779794%2C31061691%2C31061693&ctx=1&met.3=1001.m8_1__1~164.mc_1~165.m6_7~166.lp_10~1032.u8~326.ub_2~832.uf~868.uf~216.u8_8~215.u8_8~843.u7_9~779.ug~889.uw_1~639.v5~112.wx_2~246.12u_2~629.13i_1~113.1en_1&met.7=CBsQCMAB4v7PkgI~CBIQBxgBIIAEKIAEMJIFOJIBQIEESIIEUIIEWNkEYKkEaNoEcJIFeI8HgAHjBIgB3iuqAS8KLVBoaWxvc29waGVyOml0YWwsd2dodEAwLDQwMDswLDcwMDsxLDQwMDsxLDcwMLABAbgBA8ABsaC7qQo~CBIQBxgBIIEEKIEEMI4FOI0BaNoEcI0FePgIgAHMBogBgHOqAUIKQFVidW50dTppdGFsLHdnaHRAMCwzMDA7MCw0MDA7MCw1MDA7MCw3MDA7MSwzMDA7MSw0MDA7MSw1MDA7MSw3MDCwAQG4AQPAAbGgu6kK~CBsQCiCBBDjFAsABovnl9Q0~CBsQByCBBDjXBMABx5L0-Ag~CBsQByCBBDiRAcABh_fdigc~CAEQChgBIIEEKIEEMIgGOIcCQJIESJwEUJwEWPQEYMMEaPUEcM8FeJKHA4AB5oQDiAHbggmwAQG4AQPAAd6Ov5sB~CAMQChgBIJ8GKJ8GMLIIOJMCQKAGSKAGUKAGWPAGYKAGaPEGcNsHeOjCB4ABvMAHiAHJ6xawAQG4AQPAAcrJuvQN~CAwQBRgBILEGKLEGMLIHOIEBQLIGSLMGULMGWIoHYNoGaIoHcLEHeL4jgAGSIYgBrEywAQG4AQPAAeypjfAC~CBwQChgBIMUIKMUIMO8IOCpoxghw7gh4q6wBgAH_qQGIAZW-A7ABAbgBA8AB7_fPvAc~CBsQCiCBBDjmBcABhJGKnw0~CBsQChgBIMsIKMsIMIAKOLYBQMsISO0IUO0IWM0JYJsJaM0JcP8JeKUEgAH5AYgBgQOwAQG4AQPAAeSq4PAC~CC8QBxgBINUIKNUIMP8JOKsBQNUISPMIUPMIWM0JYJsJaM0JcP4JeJADgAFkiAFrsAEBuAEDwAHttbKwCg~CC8QBxgBINUIKNUIMPUJOKABQNUISOYIUOYIWMAJYI0JaMAJcPQJeJADgAFkiAFrsAEBuAEDwAGb_4nHBw~CAUQBRgBIOAIKOAIMLMKONMBaOIIcLIKeNoCgAEuiAHbBLABAbgBA8ABkMey8Ag~CBsQBiDVCjiTAcABnrHe7QM~CBsQARgBIPgKKPgKMK0MOLUBwAGkoPylBw~CBsQBiDgCjihAsABheij7Qg~CBsQCDibDsAB4v7PkgI~CBsQAiDlCjibA8ABqry2mwU~CCcQDRgBIJsOKJsOMPoOOF9onA5w9Q54zViAAaFWiAGmcrABAbgBA8AB8_LLrgs~CCcQChgBIPwOKPwOMJ4QOKIBwAHiwZvaBQ~CCcQBRgBIKYQKKYQMNgQODHAAZmVn6AL~CBsQBRgBIKgQKKgQMMwROKQBwAHPxtriAQ~CBwQBhgBIPoVKPoVMMgWOE7AAaHZ1rIJ&met.1=1.le4oqxnr~6.0~7.1~8.26~9.26~10.a2~11.5z~12.a2~13.e3~14.e4~15.e6~16.ww~17.128~18.128~19.1ei~20.1ei~21.1ej~22.136~23.136
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20230209/r20110914/rum_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lexa0703011.bhuser.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 20:17:13 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| oncontentvisibilityautostatechange object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| google_sa_impl object| google_rum_config object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| _google_rum_ns_ object| webpackChunkalfabetify boolean| __INTLIFY_PROD_DEVTOOLS__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ boolean| __VUE__ undefined| google_rum_values object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.bhuser.ru/ Name: __gads
Value: ID=15de3df0364ee8b9-22c3e19791dc0068:T=1676405832:RT=1676405832:S=ALNI_MZMvy54uCq3-IO-tkAI-hnNI4ngHQ
.bhuser.ru/ Name: __gpi
Value: UID=00000bb6fa152f86:T=1676405832:RT=1676405832:S=ALNI_MZpPJPvQqTyrcN97miB60cSekh_Zw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
lexa0703011.bhuser.ru
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
2001:4860:4802:32::3
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2004
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:831::2002
91.219.194.21
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
1169680e3ccc40ebd1666084b9f15f9fa66b610fe5bf25c5ac074a958ac357fd
1da7f59b669db31f3678c75d039272541c5af6cf05340e37e1e326fda7e29242
35cd802e21771aaecd73946283eb40e5a3176f77e81e8990f7abe3fc5de295ea
448bfed776ffee4dc54daa42f01e017479cf4e5f287996c41dffec74468cd2c6
4fb8191383698a3206de308ea6081e9beba16d1faafca7fe021d82484cb96599
54ade860668186a60816a95a13faa8ce43a79438c8f1c5a15e967853e02465c0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6348af243da6a919bf96c9e952abc4259c5653d5c2e639bedf4a531e988de538
69d30653ed0db3857d8e5e6a622399bab7ab7a2ea8259426f2024bafad309c95
790ea2758ffc5377ac0202f63d36d6a8ea68adaf84e2fef0fff183fec93c9c4c
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
8063c044bf26f9a4e4a7eacadac1cabafbcdc86a20a8871dcdf56846f8d212d8
84e35174c2b870d7538af5a312adab33b57b68fef9f9567cafdb8a94a323c40b
92ca60a1917b9ebb08ee7ddf0860b217985b8468acf0de9ed41d90c3f5dda926
95a006da9185e705539e5bda196e9947f31aed05eb85e2ad04989c71a6f6dc4b
997e8ccf570fc16c3d87cde8bde41415b14420f3b4558496aaa799f1d8aa2b64
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609
bbeb7f7f618c8d82bce1600d57e67a9f6759bed1d00097935d1714440dcbdb7b
bc4755d6c27f2b045bd8080023d5bf2d8319e22ab2abfe739dfe6ade2c199af0
c19a56f6b0c70159ed8564d7dd8dcb9d2c39dee226f74de17d28fedc6ed6ab74
cfe06ab10e23dcde1ee3cce11ff07831497fe30cc0471240e3bee5da0cea433d
dc2546a10e463755d9dc9f117c6781e760f3481f5ac1ba86731d74d0047190b8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52d60f64267cdaa08422b50bab5d45bd35e662b03b9af75179ceae00ac5fc8b
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
f1400c92345dcd9dbf746acab2c60e8580aa959473e9e56c8772cadcf7734b76