urlscan.io logo urlscan.io
SecurityTrails logo

winintro.ru Open in urlscan Pro
185.64.76.74  Public Scan

Go To Rescan Add Verdict Report
URL: http://winintro.ru/
Submission: On October 19 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 5 countries across 19 domains to perform 90 HTTP transactions. The main IP is 185.64.76.74, located in Russian Federation and belongs to SERV-TECH, RU. The main domain is winintro.ru.
This is the only time winintro.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 185.64.76.74 208626 (SERV-TECH)
18 2a00:1450:400... 15169 (GOOGLE)
4 139.162.151.130 63949 (LINODE-AP...)
4 8 2a02:6b8::1:119 208722 (GLOBAL_DC)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
2 2 104.76.200.221 16625 (AKAMAI-AS)
4 142.250.185.194 15169 (GOOGLE)
1 34.98.67.61 396982 (GOOGLE-CL...)
1 35.186.253.211 15169 (GOOGLE)
1 185.64.190.78 62713 (AS-PUBMATIC)
1 1 69.173.144.165 26667 (RUBICONPR...)
2 2 104.18.19.126 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
90 20
6    185.64.76.74 (Russian Federation)

ASN208626 (SERV-TECH, RU)
PTR: cpanel14.coopertino.ru
winintro.ru
18    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.com
4    139.162.151.130 (Frankfurt am Main, Germany)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: reformal.ru
widget.reformal.ru
reformal.ru
log.reformal.ru
8    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
10    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
19    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
6    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
5    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    104.76.200.221 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
4    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
1    34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
34 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
415 KB
12 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
118 KB
11 gstatic.com
www.gstatic.com
fonts.gstatic.com
133 KB
6 winintro.ru
winintro.ru
28 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9943
2 KB
5 google.com
cse.google.com — Cisco Umbrella Rank: 2749
adservice.google.com — Cisco Umbrella Rank: 78
www.google.com — Cisco Umbrella Rank: 2
2 KB
4 reformal.ru
widget.reformal.ru
reformal.ru — Cisco Umbrella Rank: 559038
log.reformal.ru — Cisco Umbrella Rank: 992483
5 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 193
140 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
3 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 8724
1 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3510
57 KB
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439
2 KB
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 1445
1 KB
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 347
463 B
1 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 671
166 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1521
351 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 987
356 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 729
463 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 888
694 B
90 19
Domain Requested by
19 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
15 pagead2.googlesyndication.com winintro.ru
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.gstatic.com
tpc.googlesyndication.com
www.googletagservices.com
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
winintro.ru
googleads.g.doubleclick.net
6 www.gstatic.com googleads.g.doubleclick.net
6 winintro.ru winintro.ru
5 fonts.gstatic.com fonts.googleapis.com
5 mc.yandex.com 2 redirects winintro.ru
4 cm.g.doubleclick.net googleads.g.doubleclick.net
3 www.googletagservices.com googleads.g.doubleclick.net
3 fonts.googleapis.com googleads.g.doubleclick.net
3 adservice.google.com pagead2.googlesyndication.com
3 adservice.google.de pagead2.googlesyndication.com
3 mc.yandex.ru 2 redirects winintro.ru
2 ssum-sec.casalemedia.com 2 redirects
2 e.dlx.addthis.com 2 redirects
2 reformal.ru winintro.ru
1 www.google.com tpc.googlesyndication.com
1 pixel.rubiconproject.com 1 redirects
1 image6.pubmatic.com googleads.g.doubleclick.net
1 rtb.openx.net googleads.g.doubleclick.net
1 odr.mookie1.com googleads.g.doubleclick.net
1 cms.quantserve.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 log.reformal.ru winintro.ru
1 cse.google.com winintro.ru
1 widget.reformal.ru winintro.ru
90 26

This site contains links to these domains. Also see Links.

Domain
getadmx.com
reformal.ru
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-05-21 -
2022-10-31		 5 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh

This page contains 12 frames:

Primary Page: http://winintro.ru/
Frame ID: B7FA28141CB1E98FFBA1C84182480ED3
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221018/r20190131/zrt_lookup.html
Frame ID: 77E879056435168D52AF5C0F664D0589
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1748934517&adf=3025194257&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1666214426&rafmt=1&format=1200x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1666214426054&bpp=3&bdt=206&idt=254&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&correlator=608500544458&frm=20&pv=2&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=68&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=YkUSP7Virq&p=http%3A//winintro.ru&dtd=272
Frame ID: 0BF6FA9566FD3DED5FA47C76E492790B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&adk=1812271804&adf=1573534164&lmt=1666214426&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwinintro.ru%2F&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1666214426067&bpp=1&bdt=219&idt=265&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=608500544458&frm=20&pv=1&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=269
Frame ID: E7BBAA1B44347C1A7CEEBE4BF5867164
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&adk=2713721804&adf=1951942945&pi=t.aa~a.34750005~rp.3&daaos=1666167350205&w=514&fwrn=4&fwrnh=100&lmt=1666214427&rafmt=1&to=qs&pwprc=4552627395&format=514x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666214427030&bpp=1&bdt=1182&idt=0&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D472d282be8e1026c-2228c2b149ce007c%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_MamEc2aZNeIzLX9zM1anvLAIdtchA&gpic=UID%3D00000b7592c58d9a%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_Mb2tDxpJyNNLlDaFnoDsCPCjgFIDA&prev_fmts=1200x280%2C0x0&nras=2&correlator=608500544458&frm=20&pv=1&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=11&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aFrePh8R6p&p=http%3A//winintro.ru&dtd=9
Frame ID: 466054E80DC1D16ABDDADC76A98C73A2
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221018/r20110914/zrt_lookup.html?fsb=1
Frame ID: 160724A29814E8FB1C57C10AC15B3DFC
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
Frame ID: CA832C444E3A51F2B67BC182482EF53C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
Frame ID: F87BFA15EF5D02110CA7451DAF66F10C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9E58F928C3158FDE89A066AE953E0050
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
Frame ID: 41EF8099E1C4F9E2BF86F93B8A501CE5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 006BCA0B07F6FA8D07E1BCD57EF8FFDF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 938A4664FFA9B027AEE6EEAB9D23058F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Русская документация для Windows Server 2008 R2 и Windows 7 (Service Pack 1)

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

90
Requests

80 %
HTTPS

59 %
IPv6

19
Domains

26
Subdomains

20
IPs

5
Countries

904 kB
Transfer

2297 kB
Size

28
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://mc.yandex.ru/metrika/watch.js HTTP 302
  • https://mc.yandex.ru/metrika/watch.js
Request Chain 19
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9796.T5xybGlhHzAv_ISJg7wFEtgESmdIiRCrgSOTdBIp88psVHFtGlhgWelX_x086ieB.G_Ex82WhgGqcoyo-G29_jIlQeEU%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9796.3xzEGfKwunqDFnZbUKyJURQQkhNTEKKBx_9Jnb7Z7HvBXdAJbNDFV4zcNWMXPp3ugsM9ov9YjyL7_2wvg8ru6w%2C%2C.3xGFnRX83N5nNmXt_WMgsxOpNFw%2C
Request Chain 21
  • https://mc.yandex.com/watch/490927?wmode=7&page-url=http%3A%2F%2Fwinintro.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A8zdfc3pjszirvo7fx08h8%3Afp%3A10593%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1365623618310%3Ahid%3A244699591%3Az%3A0%3Ai%3A20221019212026%3Aet%3A1666214426%3Ac%3A1%3Arn%3A1064271089%3Arqn%3A1%3Au%3A1666214426888642442%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A341%2C77%2C10084%2C1%2C%2C0%2C%2C127%2C%2C%2C%2C%2C%3Acpf%3A1%3Antf%3A1%3Ans%3A1666214415343%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666214427%3At%3A%D0%A0%D1%83%D1%81%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B4%D0%BE%D0%BA%D1%83%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%86%D0%B8%D1%8F%20%D0%B4%D0%BB%D1%8F%20Windows%20Server%202008%20R2%20%D0%B8%20Windows%207%20(Service%20Pack%201)&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/490927/1?wmode=7&page-url=http%3A%2F%2Fwinintro.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A8zdfc3pjszirvo7fx08h8%3Afp%3A10593%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1365623618310%3Ahid%3A244699591%3Az%3A0%3Ai%3A20221019212026%3Aet%3A1666214426%3Ac%3A1%3Arn%3A1064271089%3Arqn%3A1%3Au%3A1666214426888642442%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A341%2C77%2C10084%2C1%2C%2C0%2C%2C127%2C%2C%2C%2C%2C%3Acpf%3A1%3Antf%3A1%3Ans%3A1666214415343%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666214427%3At%3A%D0%A0%D1%83%D1%81%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B4%D0%BE%D0%BA%D1%83%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%86%D0%B8%D1%8F%20%D0%B4%D0%BB%D1%8F%20Windows%20Server%202008%20R2%20%D0%B8%20Windows%207%20%28Service%20Pack%201%29&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Request Chain 77
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8hg6NyyqzIWb6Q5OlUyNxHnwrLTNYHWjTOVtWn-dh57GaB1mexQVmkIwidwtuwvLziRkmkrBlThUKaeSJAmKZZbCK4vqVaWA&google_gid=CAESEKew4Vj_12M__apmafclouY&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8hg6NyyqzIWb6Q5OlUyNxHnwrLTNYHWjTOVtWn-dh57GaB1mexQVmkIwidwtuwvLziRkmkrBlThUKaeSJAmKZZbCK4vqVaWA&google_gid=CAESEKew4Vj_12M__apmafclouY&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTkyMTIwMjgwMDAxMzI5OTczNzkyMA%3D%3D&google_push=AZmPxg8hg6NyyqzIWb6Q5OlUyNxHnwrLTNYHWjTOVtWn-dh57GaB1mexQVmkIwidwtuwvLziRkmkrBlThUKaeSJAmKZZbCK4vqVaWA
Request Chain 81
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECSXSRotx4vdm6ubff113aE&google_cver=1&google_push=AZmPxg91SxZH0AOO0iHAsJOrWkXM4HHhrQKgE47Eqi5GGuR7PUG-ydS3oj4uucpv0rnzenRyQ4ihw-SWeHplGYbhKS7WB73lgeZ-0Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlHNTFTVk8tMTItSzNHUA==&google_push=AZmPxg91SxZH0AOO0iHAsJOrWkXM4HHhrQKgE47Eqi5GGuR7PUG-ydS3oj4uucpv0rnzenRyQ4ihw-SWeHplGYbhKS7WB73lgeZ-0Q
Request Chain 82
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKkCiHGTIZI-N4C24muZhXo&google_cver=1&google_push=AZmPxg9zfX4w3tP6qqEJQHGjbs5BMW2AF2YiGkCa64ns4gEwlMPyUqNUtnvzBUnhyEs6iwz5LsEXvpSY4ooPbMm1Zdlklsz1BS_P_Q HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKkCiHGTIZI-N4C24muZhXo&google_push=AZmPxg9zfX4w3tP6qqEJQHGjbs5BMW2AF2YiGkCa64ns4gEwlMPyUqNUtnvzBUnhyEs6iwz5LsEXvpSY4ooPbMm1Zdlklsz1BS_P_Q&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKkCiHGTIZI-N4C24muZhXo&google_hm=Y1BqG-SlTx-xT4lJnI8FqQAABFwAAAAB&google_nid=index&google_push=AZmPxg9zfX4w3tP6qqEJQHGjbs5BMW2AF2YiGkCa64ns4gEwlMPyUqNUtnvzBUnhyEs6iwz5LsEXvpSY4ooPbMm1Zdlklsz1BS_P_Q

90 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
winintro.ru/ 		39 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://winintro.ru/
Protocol
HTTP/1.1
Server
185.64.76.74 , Russian Federation, ASN208626 (SERV-TECH, RU),
Reverse DNS
cpanel14.coopertino.ru
Software
nginx /
Resource Hash
8cd23ec8376bd245aa627149f0670262553432dac78a0570d6fad0811df79db4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 19 Oct 2022 21:20:25 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Nginx-Upstream-Cache-Status
EXPIRED
X-Server-Powered-By
Engintron
X-XSS-Protection
1; mode=block
helpindex.css
winintro.ru/files/ 		344 B
595 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://winintro.ru/files/helpindex.css
Requested by
Host: winintro.ru
URL: http://winintro.ru/
Protocol
HTTP/1.1
Server
185.64.76.74 , Russian Federation, ASN208626 (SERV-TECH, RU),
Reverse DNS
cpanel14.coopertino.ru
Software
nginx /
Resource Hash
e731c18f5159e2612625f471352650417c4557851c7518a28a76a5bc6896f1b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://winintro.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires
Fri, 18 Nov 2022 21:20:25 GMT
Date
Wed, 19 Oct 2022 21:20:25 GMT
X-Server-Powered-By
Engintron
X-Content-Type-Options
nosniff
Last-Modified
Mon, 11 Jul 2016 10:36:53 GMT
Server
nginx
Content-Encoding
gzip
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Nginx-Upstream-Cache-Status
STALE
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: winintro.ru
URL: http://winintro.ru/
Protocol
HTTP/1.1
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
024017583b2fb356491d4ba8dc12a85c2e4af548e63d850b333fa0be5752a7be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://winintro.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 19 Oct 2022 21:20:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
52010
X-XSS-Protection
0
Server
cafe
ETag
16343115547299065368
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600
Timing-Allow-Origin
*
Expires
Wed, 19 Oct 2022 21:20:25 GMT
tabn2v2.js
widget.reformal.ru/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://widget.reformal.ru/tabn2v2.js
Requested by
Host: winintro.ru
URL: http://winintro.ru/
Protocol
HTTP/1.1
Server
139.162.151.130 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
reformal.ru
Software
nginx/1.16.1 /
Resource Hash
f3e87e6819c1a049789173a1c52e62edb0051c1a0af081f4dcac6613c16a367e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://winintro.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 19 Oct 2022 21:20:25 GMT
Content-Encoding
gzip
Server
nginx/1.16.1
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
watch.js
mc.yandex.ru/metrika/
Redirect Chain
  • http://mc.yandex.ru/metrika/watch.js
  • https://mc.yandex.ru/metrika/watch.js
160 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: winintro.ru
URL: http://winintro.ru/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
6d0f9faf185c1f43001f2508f80abf686cfb1c00f58c6bf0fa807791b5fc65e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://winintro.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:20:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 07 Oct 2022 07:30:00 GMT
etag
"633fab48-e0cd"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
57549
expires
Wed, 19 Oct 2022 22:20:26 GMT

Redirect headers

Location
https://mc.yandex.ru/metrika/watch.js
Content-Length
0
90.gif
winintro.ru/files/ 		69 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://winintro.ru/files/90.gif
Requested by
Host: winintro.ru
URL: http://winintro.ru/
Protocol
HTTP/1.1
Server
185.64.76.74 , Russian Federation, ASN208626 (SERV-TECH, RU),
Reverse DNS
cpanel14.coopertino.ru
Software
nginx /
Resource Hash
62200de6653947c8d8a7873631f78c2b8a564e40378b6b9d5713186cc1edcf8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://winintro.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires
Sun, 18 Dec 2022 21:20:25 GMT
Date
Wed, 19 Oct 2022 21:20:25 GMT
X-Server-Powered-By
Engintron
X-Content-Type-Options
nosniff
Last-Modified
Mon, 11 Jul 2016 10:36:52 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
69
X-XSS-Protection
1; mode=block
X-Nginx-Upstream-Cache-Status
STALE
cse.js
cse.google.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://cse.google.com/cse.js?cx=011017919958926383041:ajfvtnc_f9s
Requested by
Host: winintro.ru
URL: http://winintro.ru/
Protocol
HTTP/1.1
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://winintro.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
headerbgmain.png
winintro.ru/files/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://winintro.ru/files/headerbgmain.png
Requested by
Host: winintro.ru
URL: http://winintro.ru/
Protocol
HTTP/1.1
Server
185.64.76.74 , Russian Federation, ASN208626 (SERV-TECH, RU),
Reverse DNS
cpanel14.coopertino.ru
Software
nginx /
Resource Hash
f2530ebfa7dd0eb27e3cfaf23a514aa2dc9ee553ce716036113a28a0e28aeb6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://winintro.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires
Sun, 18 Dec 2022 21:20:25 GMT
Date
Wed, 19 Oct 2022 21:20:25 GMT
X-Server-Powered-By
Engintron
X-Content-Type-Options
nosniff
Last-Modified
Mon, 11 Jul 2016 10:36:53 GMT
Server
nginx
Content-Type
image/png
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15545
X-XSS-Protection
1; mode=block
X-Nginx-Upstream-Cache-Status
STALE
f_ru.gif
winintro.ru/files/ 		580 B
997 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://winintro.ru/files/f_ru.gif
Requested by
Host: winintro.ru
URL: http://winintro.ru/files/helpindex.css
Protocol
HTTP/1.1
Server
185.64.76.74 , Russian Federation, ASN208626 (SERV-TECH, RU),
Reverse DNS
cpanel14.coopertino.ru
Software
nginx /
Resource Hash
4a8eb3554b2b95adcc12d824a96898ed63071f1064e64f17ded9b371df4aa673
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://winintro.ru/files/helpindex.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires
Sun, 18 Dec 2022 21:20:26 GMT
Date
Wed, 19 Oct 2022 21:20:26 GMT
X-Server-Powered-By
Engintron
X-Content-Type-Options
nosniff
Last-Modified
Mon, 11 Jul 2016 10:36:53 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
580
X-XSS-Protection
1; mode=block
X-Nginx-Upstream-Cache-Status
STALE
f_en.gif
winintro.ru/files/ 		612 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://winintro.ru/files/f_en.gif
Requested by
Host: winintro.ru
URL: http://winintro.ru/files/helpindex.css
Protocol
HTTP/1.1
Server
185.64.76.74 , Russian Federation, ASN208626 (SERV-TECH, RU),
Reverse DNS
cpanel14.coopertino.ru
Software
nginx /
Resource Hash
2a87dc466b3bf04d2af3c5444cf285b3f4e8e03a954322b01433d11b90793db6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://winintro.ru/files/helpindex.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires
Sun, 18 Dec 2022 21:20:26 GMT
Date
Wed, 19 Oct 2022 21:20:26 GMT
X-Server-Powered-By
Engintron
X-Content-Type-Options
nosniff
Last-Modified
Mon, 11 Jul 2016 10:36:53 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
612
X-XSS-Protection
1; mode=block
X-Nginx-Upstream-Cache-Status
STALE
transp.gif
reformal.ru/i/ 		43 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://reformal.ru/i/transp.gif
Requested by
Host: winintro.ru
URL: http://winintro.ru/
Protocol
HTTP/1.1
Server
139.162.151.130 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
reformal.ru
Software
nginx/1.16.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://winintro.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 19 Oct 2022 21:20:26 GMT
Last-Modified
Fri, 20 Dec 2013 07:24:29 GMT
Server
nginx/1.16.1
ETag
"52b3f0ad-2b"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
st.php
log.reformal.ru/ 		43 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://log.reformal.ru/st.php?w=tabn2m4&domain=winintro
Requested by
Host: winintro.ru
URL: http://winintro.ru/
Protocol
HTTP/1.1
Server
139.162.151.130 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
reformal.ru
Software
nginx/1.16.1 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://winintro.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 19 Oct 2022 21:20:26 GMT
Server
nginx/1.16.1
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
winintro%7CaHR0cDovL3dpbmludHJvLnJ1Lw==%7C
reformal.ru/human_check/ 		43 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://reformal.ru/human_check/winintro%7CaHR0cDovL3dpbmludHJvLnJ1Lw==%7C
Requested by
Host: winintro.ru
URL: http://winintro.ru/
Protocol
HTTP/1.1
Server
139.162.151.130 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
reformal.ru
Software
nginx/1.16.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://winintro.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 19 Oct 2022 21:20:26 GMT
Last-Modified
Fri, 20 Dec 2013 07:24:29 GMT
Server
nginx/1.16.1
ETag
"52b3f0ad-2b"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/ 		353 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2339592383170032&plah=winintro.ru
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3b8cf7debb0ded44d36e562d289a88e7948f98395cce54e68e31e4b069e871a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://winintro.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:20:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118722
x-xss-protection
0
server
cafe
etag
8038899495807722303
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 21:20:26 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221018/r20190131/ Frame 77E8 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221018/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://winintro.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
9764
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 18:37:42 GMT
etag
9671129459699598864
expires
Wed, 02 Nov 2022 18:37:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		389 B
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=winintro.ru&callback=_gfp_s_&client=ca-pub-2339592383170032&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2339592383170032&plah=winintro.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e5dc6ca39f0003972e1604baa6ad3d4ee8bbce3fd70c93a49ec0e0615b28aba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://winintro.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:20:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=winintro.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2339592383170032&plah=winintro.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://winintro.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:20:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=winintro.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2339592383170032&plah=winintro.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://winintro.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:20:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0BF6 		98 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1748934517&adf=3025194257&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1666214426&rafmt=1&format=1200x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1666214426054&bpp=3&bdt=206&idt=254&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&correlator=608500544458&frm=20&pv=2&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=68&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=YkUSP7Virq&p=http%3A//winintro.ru&dtd=272
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2339592383170032&plah=winintro.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d062b2881cff682b8bc7fe2d24e923923497bd855bbac11b1f5f419647de1948
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://winintro.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
34241
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 21:20:27 GMT
expires
Wed, 19 Oct 2022 21:20:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E7BB 		137 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&adk=1812271804&adf=1573534164&lmt=1666214426&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwinintro.ru%2F&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1666214426067&bpp=1&bdt=219&idt=265&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=608500544458&frm=20&pv=1&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=269
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2339592383170032&plah=winintro.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69161014dbdd509937d3a01d169fb3e684055d35bf9c8bd70be0c4d68f99d148
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://winintro.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
39870
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 21:20:26 GMT
expires
Wed, 19 Oct 2022 21:20:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9796.T5xybGlhHzAv_ISJg7wFEtgESmdIiRCrgSOTdBIp88psVHFtGlhgWelX_x086ieB.G_Ex82WhgGqcoyo-G29_jIlQeEU%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9796.3xzEGfKwunqDFnZbUKyJURQQkhNTEKKBx_9Jnb7Z7HvBXdAJbNDFV4zcNWMXPp3ugsM9ov9YjyL7_2wvg8ru6w%2C%2C.3xGFnRX83N5nNmXt_WMgsxOpNFw%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9796.3xzEGfKwunqDFnZbUKyJURQQkhNTEKKBx_9Jnb7Z7HvBXdAJbNDFV4zcNWMXPp3ugsM9ov9YjyL7_2wvg8ru6w%2C%2C.3xGFnRX83N5nNmXt_WMgsxOpNFw%2C
Requested by
Host: winintro.ru
URL: http://winintro.ru/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://winintro.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:20:26 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9796.3xzEGfKwunqDFnZbUKyJURQQkhNTEKKBx_9Jnb7Z7HvBXdAJbNDFV4zcNWMXPp3ugsM9ov9YjyL7_2wvg8ru6w%2C%2C.3xGFnRX83N5nNmXt_WMgsxOpNFw%2C
date
Wed, 19 Oct 2022 21:20:26 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: winintro.ru
URL: http://winintro.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://winintro.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:20:26 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 07 Oct 2022 07:30:00 GMT
etag
"633fab48-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Wed, 19 Oct 2022 22:20:26 GMT
1
mc.yandex.com/watch/490927/
Redirect Chain
  • https://mc.yandex.com/watch/490927?wmode=7&page-url=http%3A%2F%2Fwinintro.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A8zdfc3pjszirvo7fx08h8%3Afp%3A10593%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
  • https://mc.yandex.com/watch/490927/1?wmode=7&page-url=http%3A%2F%2Fwinintro.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A8zdfc3pjszirvo7fx08h8%3Afp%3A10593%3Afu%3A0%3Aen%3Autf-8%3Ala%...
427 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/490927/1?wmode=7&page-url=http%3A%2F%2Fwinintro.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A8zdfc3pjszirvo7fx08h8%3Afp%3A10593%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1365623618310%3Ahid%3A244699591%3Az%3A0%3Ai%3A20221019212026%3Aet%3A1666214426%3Ac%3A1%3Arn%3A1064271089%3Arqn%3A1%3Au%3A1666214426888642442%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A341%2C77%2C10084%2C1%2C%2C0%2C%2C127%2C%2C%2C%2C%2C%3Acpf%3A1%3Antf%3A1%3Ans%3A1666214415343%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666214427%3At%3A%D0%A0%D1%83%D1%81%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B4%D0%BE%D0%BA%D1%83%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%86%D0%B8%D1%8F%20%D0%B4%D0%BB%D1%8F%20Windows%20Server%202008%20R2%20%D0%B8%20Windows%207%20%28Service%20Pack%201%29&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Requested by
Host: winintro.ru
URL: http://winintro.ru/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
5a86fea5ef8d86c563fc811a55802e1945e5391219e8f507a06fcef332a7bf43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://winintro.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:20:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 19-Oct-2022 21:20:26 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
http://winintro.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
427
x-xss-protection
1; mode=block
expires
Wed, 19-Oct-2022 21:20:26 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:20:26 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 19-Oct-2022 21:20:26 GMT
location
/watch/490927/1?wmode=7&page-url=http%3A%2F%2Fwinintro.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A8zdfc3pjszirvo7fx08h8%3Afp%3A10593%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1365623618310%3Ahid%3A244699591%3Az%3A0%3Ai%3A20221019212026%3Aet%3A1666214426%3Ac%3A1%3Arn%3A1064271089%3Arqn%3A1%3Au%3A1666214426888642442%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A341%2C77%2C10084%2C1%2C%2C0%2C%2C127%2C%2C%2C%2C%2C%3Acpf%3A1%3Antf%3A1%3Ans%3A1666214415343%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666214427%3At%3A%D0%A0%D1%83%D1%81%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B4%D0%BE%D0%BA%D1%83%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%86%D0%B8%D1%8F%20%D0%B4%D0%BB%D1%8F%20Windows%20Server%202008%20R2%20%D0%B8%20Windows%207%20%28Service%20Pack%201%29&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
access-control-allow-origin
http://winintro.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 19-Oct-2022 21:20:26 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/ 		151 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2339592383170032&plah=winintro.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
31303ffcbd1dcf6cac233c7f6fdbec00a372eb4e0aee71f9c169ab81f6ca4013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://winintro.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:20:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55056
x-xss-protection
0
server
cafe
etag
12628339228597260169
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Oct 2022 21:20:27 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=winintro.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2339592383170032&plah=winintro.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://winintro.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:20:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=winintro.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2339592383170032&plah=winintro.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://winintro.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:20:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4660 		99 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&adk=2713721804&adf=1951942945&pi=t.aa~a.34750005~rp.3&daaos=1666167350205&w=514&fwrn=4&fwrnh=100&lmt=1666214427&rafmt=1&to=qs&pwprc=4552627395&format=514x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666214427030&bpp=1&bdt=1182&idt=0&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D472d282be8e1026c-2228c2b149ce007c%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_MamEc2aZNeIzLX9zM1anvLAIdtchA&gpic=UID%3D00000b7592c58d9a%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_Mb2tDxpJyNNLlDaFnoDsCPCjgFIDA&prev_fmts=1200x280%2C0x0&nras=2&correlator=608500544458&frm=20&pv=1&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=11&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aFrePh8R6p&p=http%3A//winintro.ru&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2339592383170032&plah=winintro.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f029c445d676d5a7d9d4b69ae42771b0e62dd0b0c2ac9fd9568a53f22f74a583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://winintro.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
36237
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 21:20:27 GMT
expires
Wed, 19 Oct 2022 21:20:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=winintro.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2339592383170032&plah=winintro.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://winintro.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:20:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=winintro.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2339592383170032&plah=winintro.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://winintro.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:20:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221018/r20110914/ Frame 1607 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221018/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2339592383170032&plah=winintro.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://winintro.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
10320
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 18:28:27 GMT
etag
9671129459699598864
expires
Wed, 02 Nov 2022 18:28:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 1607 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221018/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 19 Oct 2022 21:20:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 19:32:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Oct 2022 21:20:27 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/ Frame 1607 		2 KB
956 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221018/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 15:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22314
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Nov 2022 15:08:33 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 1607 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CRiQjGmpQY_PoFtnl-gaczr_wD8vMzYFtycSX7NAQwI23ARABIIOMikdglYKAgJgHoAHZ4cWAKcgBCagDAcgDywSqBNcBT9C4CaNLqT2ICYoKE0OPY1Bv98JaT9kZ1sr1bV7TEIrMQGqwj50uP5goe0Gl4TgqgeMbbMD87dkKlzBLXKBJFIyDXz2hE8JBmMXShkwdI5gdzrmfZACklj1IpxW2QBEzn1KHTL3sZPAFD5lZ1dGhOxzQCJmJtXERADzOApmt_LxnJFta34uKIh-leu-mQk7-1DkuXsbCv56ZtPzoi0JcmXe3U7z1Jk8K5rgs5f_RJIjPv1xpuH7iBIFfMmrP-p9FHO9xsXG6Ly2cJw5BOVFxxQEZh2G43WXABMepssiUBJIFBAgEGAGSBQQIBRgEoAYugAfZmZbgA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKWxBtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTIzMzk1OTIzODMxNzAwMzIYAA&sigh=rJbl4owVwuI&uach_m=[UACH]&cid=CAQSGwDq26N9edxKvLmx9qytbtjCP3y1HyiQIF0bFxgBIA4&template_id=5000
Requested by
Host: winintro.ru
URL: http://winintro.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20221018/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 19 Oct 2022 21:20:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 19 Oct 2022 21:20:27 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221018/r20110914/ Frame 1607 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221018/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221018/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 15:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22314
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9571
x-xss-protection
0
server
cafe
etag
15799940544776262544
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Nov 2022 15:08:33 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/ Frame 1607 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221018/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 15:08:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22310
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Nov 2022 15:08:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/ Frame 1607 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221018/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 15:08:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22310
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Nov 2022 15:08:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1607 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221018/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:20:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47415
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665574756386403"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Oct 2022 21:20:27 GMT
fed584b8ce81e04d8838584f2ea59ee6.js
www.gstatic.com/mysidia/ Frame 1607 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fed584b8ce81e04d8838584f2ea59ee6.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221018/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d52560a0b97222a18a95c89256d89765d3d821699eebc14213d531c2a93adb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 00:28:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
593528
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13787
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 23:46:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 11 Jan 2023 00:28:19 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/6144494683418223133/ Frame 1607 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6144494683418223133/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221018/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1214e00042fac0fa9faf6511c70a174855c3e728eb5497f1afe6c4b0b2b3128e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 19:27:36 GMT
x-content-type-options
nosniff
age
93171
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14538
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 12:55:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 18 Oct 2023 19:27:36 GMT
truncated
/ Frame 1607 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1607 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1607 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebfd59f059b257cbb69288822fcb8a2b089c7311cca6d8c9e9a298594de6e92b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 0BF6 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1748934517&adf=3025194257&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1666214426&rafmt=1&format=1200x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1666214426054&bpp=3&bdt=206&idt=254&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&correlator=608500544458&frm=20&pv=2&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=68&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=YkUSP7Virq&p=http%3A//winintro.ru&dtd=272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 19 Oct 2022 21:20:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 21:19:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Oct 2022 21:20:27 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/ Frame 0BF6 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1748934517&adf=3025194257&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1666214426&rafmt=1&format=1200x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1666214426054&bpp=3&bdt=206&idt=254&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&correlator=608500544458&frm=20&pv=2&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=68&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=YkUSP7Virq&p=http%3A//winintro.ru&dtd=272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 15:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22314
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Nov 2022 15:08:33 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 0BF6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C3FRpGmpQY-CdFuPpx_AP9NmokArIkdjvbIm9ppakEMCNtwEQASCDjIpHYJWCgICYB6ABkbKJ_ijIAQmpAlGSLCS_eLA-qAMByAPLBKoE1AFP0Fh589wC9NNC-hXpcGNHF0E1aNdyu09eO_3FmdlXm3fnHZXuf9U2puzUXQK6AwNZOssg9PZTxJZIrnbSdemAgtevloCEpRV0eN72kQ0vC6V335zpFQCHKbYQDnlmt7fyg-nJV0kO-Qrxa1pzrVwYB5q8Hw8FVqAiB4VsfdYI8PYl_0H4kyhWGfdLvDy0RFZM7Bru5ZT8FHpIhRiY8xGq2NxrOR5xnriMzRo5JWSyv0BFd1tJZA5iyWSIrEuNP6i0Wt5nr1cHsPovzH1MxKkOZgl58sAEzZDRj5EEkgUECAQYAZIFBAgFGASgBi6AB5Hq2d0DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ9PkR0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItMjMzOTU5MjM4MzE3MDAzMhgA&sigh=ZYrztZOp6xI&uach_m=[UACH]&cid=CAQSGwDq26N9ZCPJF5uv_hGyLQrUvOkQA3iwQHh8JBgBIA4&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1748934517&adf=3025194257&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1666214426&rafmt=1&format=1200x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1666214426054&bpp=3&bdt=206&idt=254&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&correlator=608500544458&frm=20&pv=2&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=68&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=YkUSP7Virq&p=http%3A//winintro.ru&dtd=272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1748934517&adf=3025194257&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1666214426&rafmt=1&format=1200x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1666214426054&bpp=3&bdt=206&idt=254&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&correlator=608500544458&frm=20&pv=2&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=68&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=YkUSP7Virq&p=http%3A//winintro.ru&dtd=272
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 19 Oct 2022 21:20:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221018/r20110914/ Frame 0BF6 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221018/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1748934517&adf=3025194257&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1666214426&rafmt=1&format=1200x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1666214426054&bpp=3&bdt=206&idt=254&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&correlator=608500544458&frm=20&pv=2&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=68&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=YkUSP7Virq&p=http%3A//winintro.ru&dtd=272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 15:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22314
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9571
x-xss-protection
0
server
cafe
etag
15799940544776262544
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Nov 2022 15:08:33 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/ Frame 0BF6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1748934517&adf=3025194257&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1666214426&rafmt=1&format=1200x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1666214426054&bpp=3&bdt=206&idt=254&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&correlator=608500544458&frm=20&pv=2&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=68&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=YkUSP7Virq&p=http%3A//winintro.ru&dtd=272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 15:08:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22310
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Nov 2022 15:08:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/ Frame 0BF6 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1748934517&adf=3025194257&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1666214426&rafmt=1&format=1200x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1666214426054&bpp=3&bdt=206&idt=254&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&correlator=608500544458&frm=20&pv=2&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=68&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=YkUSP7Virq&p=http%3A//winintro.ru&dtd=272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 15:08:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22310
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Nov 2022 15:08:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0BF6 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1748934517&adf=3025194257&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1666214426&rafmt=1&format=1200x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1666214426054&bpp=3&bdt=206&idt=254&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&correlator=608500544458&frm=20&pv=2&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=68&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=YkUSP7Virq&p=http%3A//winintro.ru&dtd=272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:20:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47415
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665574756386403"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Oct 2022 21:20:27 GMT
1d54d8cacad5994e062108e03542c880.js
www.gstatic.com/mysidia/ Frame 0BF6 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1748934517&adf=3025194257&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1666214426&rafmt=1&format=1200x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1666214426054&bpp=3&bdt=206&idt=254&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&correlator=608500544458&frm=20&pv=2&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=68&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=YkUSP7Virq&p=http%3A//winintro.ru&dtd=272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 06:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
484319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13786
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 20:37:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 06:48:28 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/14856283389919486831/ Frame 0BF6 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14856283389919486831/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1748934517&adf=3025194257&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1666214426&rafmt=1&format=1200x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1666214426054&bpp=3&bdt=206&idt=254&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&correlator=608500544458&frm=20&pv=2&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=68&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=YkUSP7Virq&p=http%3A//winintro.ru&dtd=272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d450a89121d8d051ed703142aa677315374f0c5bedb0ab8eb8c4117d7420ae5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 11:17:04 GMT
x-content-type-options
nosniff
age
209003
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18439
x-xss-protection
0
last-modified
Sun, 16 Oct 2022 17:00:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 17 Oct 2023 11:17:04 GMT
truncated
/ Frame 0BF6 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 0BF6 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
pagead2.googlesyndication.com/bg/ Frame CA83 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
Requested by
Host: winintro.ru
URL: http://winintro.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 14:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23901
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15945
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 14:42:06 GMT
truncated
/ Frame 0BF6 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a0565c03e05b3482a5fbd70fbaf26c55322a95f8083b9fc8bd3304d00f1a15a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 0BF6 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 22:13:37 GMT
x-content-type-options
nosniff
age
169610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 22:13:37 GMT
7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
pagead2.googlesyndication.com/bg/ Frame F87B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1748934517&adf=3025194257&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1666214426&rafmt=1&format=1200x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1666214426054&bpp=3&bdt=206&idt=254&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&correlator=608500544458&frm=20&pv=2&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=68&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=YkUSP7Virq&p=http%3A//winintro.ru&dtd=272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 14:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23901
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15945
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 14:42:06 GMT
cc2fa6f05f6b7ab36f626f2501931c3a.js
www.gstatic.com/mysidia/ Frame 4660 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/cc2fa6f05f6b7ab36f626f2501931c3a.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&adk=2713721804&adf=1951942945&pi=t.aa~a.34750005~rp.3&daaos=1666167350205&w=514&fwrn=4&fwrnh=100&lmt=1666214427&rafmt=1&to=qs&pwprc=4552627395&format=514x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666214427030&bpp=1&bdt=1182&idt=0&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D472d282be8e1026c-2228c2b149ce007c%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_MamEc2aZNeIzLX9zM1anvLAIdtchA&gpic=UID%3D00000b7592c58d9a%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_Mb2tDxpJyNNLlDaFnoDsCPCjgFIDA&prev_fmts=1200x280%2C0x0&nras=2&correlator=608500544458&frm=20&pv=1&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=11&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aFrePh8R6p&p=http%3A//winintro.ru&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5b7440eb01b4db530c8b12650e39b4a3bfb1b49b7518c76b08bb6e8b8434a2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 07:39:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
481266
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4312
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 23:46:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 07:39:21 GMT
bca10ddd16af34d21051a380f937ccd2.js
www.gstatic.com/mysidia/ Frame 4660 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&adk=2713721804&adf=1951942945&pi=t.aa~a.34750005~rp.3&daaos=1666167350205&w=514&fwrn=4&fwrnh=100&lmt=1666214427&rafmt=1&to=qs&pwprc=4552627395&format=514x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666214427030&bpp=1&bdt=1182&idt=0&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D472d282be8e1026c-2228c2b149ce007c%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_MamEc2aZNeIzLX9zM1anvLAIdtchA&gpic=UID%3D00000b7592c58d9a%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_Mb2tDxpJyNNLlDaFnoDsCPCjgFIDA&prev_fmts=1200x280%2C0x0&nras=2&correlator=608500544458&frm=20&pv=1&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=11&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aFrePh8R6p&p=http%3A//winintro.ru&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
781435863bd553fd2673b10b1dda8faad16ba7f9113560d4a9815615b8ddf5cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 07:12:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
482859
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7723
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 23:46:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 07:12:48 GMT
css
fonts.googleapis.com/ Frame 4660 		6 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&adk=2713721804&adf=1951942945&pi=t.aa~a.34750005~rp.3&daaos=1666167350205&w=514&fwrn=4&fwrnh=100&lmt=1666214427&rafmt=1&to=qs&pwprc=4552627395&format=514x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666214427030&bpp=1&bdt=1182&idt=0&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D472d282be8e1026c-2228c2b149ce007c%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_MamEc2aZNeIzLX9zM1anvLAIdtchA&gpic=UID%3D00000b7592c58d9a%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_Mb2tDxpJyNNLlDaFnoDsCPCjgFIDA&prev_fmts=1200x280%2C0x0&nras=2&correlator=608500544458&frm=20&pv=1&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=11&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aFrePh8R6p&p=http%3A//winintro.ru&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 19 Oct 2022 21:20:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 20:10:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Oct 2022 21:20:27 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/ Frame 4660 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&adk=2713721804&adf=1951942945&pi=t.aa~a.34750005~rp.3&daaos=1666167350205&w=514&fwrn=4&fwrnh=100&lmt=1666214427&rafmt=1&to=qs&pwprc=4552627395&format=514x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666214427030&bpp=1&bdt=1182&idt=0&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D472d282be8e1026c-2228c2b149ce007c%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_MamEc2aZNeIzLX9zM1anvLAIdtchA&gpic=UID%3D00000b7592c58d9a%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_Mb2tDxpJyNNLlDaFnoDsCPCjgFIDA&prev_fmts=1200x280%2C0x0&nras=2&correlator=608500544458&frm=20&pv=1&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=11&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aFrePh8R6p&p=http%3A//winintro.ru&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 15:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22314
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Nov 2022 15:08:33 GMT
1c8b28b3f1e45bd861fb75f2fad01d8e.js
www.gstatic.com/mysidia/ Frame 4660 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1c8b28b3f1e45bd861fb75f2fad01d8e.js?tag=analytics_pingback_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&adk=2713721804&adf=1951942945&pi=t.aa~a.34750005~rp.3&daaos=1666167350205&w=514&fwrn=4&fwrnh=100&lmt=1666214427&rafmt=1&to=qs&pwprc=4552627395&format=514x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666214427030&bpp=1&bdt=1182&idt=0&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D472d282be8e1026c-2228c2b149ce007c%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_MamEc2aZNeIzLX9zM1anvLAIdtchA&gpic=UID%3D00000b7592c58d9a%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_Mb2tDxpJyNNLlDaFnoDsCPCjgFIDA&prev_fmts=1200x280%2C0x0&nras=2&correlator=608500544458&frm=20&pv=1&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=11&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aFrePh8R6p&p=http%3A//winintro.ru&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87cdc9a4af3ce62dc6e491a4a393307f40a3c90bbac8ada4baafff7390775b8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 02:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
501200
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2262
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 23:46:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 02:07:07 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221018/r20110914/ Frame 4660 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221018/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&adk=2713721804&adf=1951942945&pi=t.aa~a.34750005~rp.3&daaos=1666167350205&w=514&fwrn=4&fwrnh=100&lmt=1666214427&rafmt=1&to=qs&pwprc=4552627395&format=514x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666214427030&bpp=1&bdt=1182&idt=0&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D472d282be8e1026c-2228c2b149ce007c%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_MamEc2aZNeIzLX9zM1anvLAIdtchA&gpic=UID%3D00000b7592c58d9a%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_Mb2tDxpJyNNLlDaFnoDsCPCjgFIDA&prev_fmts=1200x280%2C0x0&nras=2&correlator=608500544458&frm=20&pv=1&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=11&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aFrePh8R6p&p=http%3A//winintro.ru&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 15:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22314
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9571
x-xss-protection
0
server
cafe
etag
15799940544776262544
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Nov 2022 15:08:33 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/ Frame 4660 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&adk=2713721804&adf=1951942945&pi=t.aa~a.34750005~rp.3&daaos=1666167350205&w=514&fwrn=4&fwrnh=100&lmt=1666214427&rafmt=1&to=qs&pwprc=4552627395&format=514x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666214427030&bpp=1&bdt=1182&idt=0&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D472d282be8e1026c-2228c2b149ce007c%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_MamEc2aZNeIzLX9zM1anvLAIdtchA&gpic=UID%3D00000b7592c58d9a%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_Mb2tDxpJyNNLlDaFnoDsCPCjgFIDA&prev_fmts=1200x280%2C0x0&nras=2&correlator=608500544458&frm=20&pv=1&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=11&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aFrePh8R6p&p=http%3A//winintro.ru&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 15:08:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22310
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Nov 2022 15:08:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/ Frame 4660 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&adk=2713721804&adf=1951942945&pi=t.aa~a.34750005~rp.3&daaos=1666167350205&w=514&fwrn=4&fwrnh=100&lmt=1666214427&rafmt=1&to=qs&pwprc=4552627395&format=514x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666214427030&bpp=1&bdt=1182&idt=0&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D472d282be8e1026c-2228c2b149ce007c%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_MamEc2aZNeIzLX9zM1anvLAIdtchA&gpic=UID%3D00000b7592c58d9a%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_Mb2tDxpJyNNLlDaFnoDsCPCjgFIDA&prev_fmts=1200x280%2C0x0&nras=2&correlator=608500544458&frm=20&pv=1&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=11&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aFrePh8R6p&p=http%3A//winintro.ru&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 15:08:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22310
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Nov 2022 15:08:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4660 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&adk=2713721804&adf=1951942945&pi=t.aa~a.34750005~rp.3&daaos=1666167350205&w=514&fwrn=4&fwrnh=100&lmt=1666214427&rafmt=1&to=qs&pwprc=4552627395&format=514x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666214427030&bpp=1&bdt=1182&idt=0&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D472d282be8e1026c-2228c2b149ce007c%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_MamEc2aZNeIzLX9zM1anvLAIdtchA&gpic=UID%3D00000b7592c58d9a%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_Mb2tDxpJyNNLlDaFnoDsCPCjgFIDA&prev_fmts=1200x280%2C0x0&nras=2&correlator=608500544458&frm=20&pv=1&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=11&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aFrePh8R6p&p=http%3A//winintro.ru&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:20:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47415
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665574756386403"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Oct 2022 21:20:27 GMT
1d54d8cacad5994e062108e03542c880.js
www.gstatic.com/mysidia/ Frame 4660 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&adk=2713721804&adf=1951942945&pi=t.aa~a.34750005~rp.3&daaos=1666167350205&w=514&fwrn=4&fwrnh=100&lmt=1666214427&rafmt=1&to=qs&pwprc=4552627395&format=514x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666214427030&bpp=1&bdt=1182&idt=0&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D472d282be8e1026c-2228c2b149ce007c%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_MamEc2aZNeIzLX9zM1anvLAIdtchA&gpic=UID%3D00000b7592c58d9a%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_Mb2tDxpJyNNLlDaFnoDsCPCjgFIDA&prev_fmts=1200x280%2C0x0&nras=2&correlator=608500544458&frm=20&pv=1&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=11&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aFrePh8R6p&p=http%3A//winintro.ru&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 06:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
484319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13786
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 20:37:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 06:48:28 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/11050586734260834586/ Frame 4660 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11050586734260834586/downsize_200k_v1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&adk=2713721804&adf=1951942945&pi=t.aa~a.34750005~rp.3&daaos=1666167350205&w=514&fwrn=4&fwrnh=100&lmt=1666214427&rafmt=1&to=qs&pwprc=4552627395&format=514x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666214427030&bpp=1&bdt=1182&idt=0&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D472d282be8e1026c-2228c2b149ce007c%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_MamEc2aZNeIzLX9zM1anvLAIdtchA&gpic=UID%3D00000b7592c58d9a%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_Mb2tDxpJyNNLlDaFnoDsCPCjgFIDA&prev_fmts=1200x280%2C0x0&nras=2&correlator=608500544458&frm=20&pv=1&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=11&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aFrePh8R6p&p=http%3A//winintro.ru&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6914187121d436896b02bdccb1253f31f00d108b1df7860137b3fa86ed97cc0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 06:57:20 GMT
x-content-type-options
nosniff
age
397387
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9337
x-xss-protection
0
last-modified
Sun, 23 Jun 2019 15:50:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 15 Oct 2023 06:57:20 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/7815409131629202583/ Frame 4660 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7815409131629202583/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&adk=2713721804&adf=1951942945&pi=t.aa~a.34750005~rp.3&daaos=1666167350205&w=514&fwrn=4&fwrnh=100&lmt=1666214427&rafmt=1&to=qs&pwprc=4552627395&format=514x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666214427030&bpp=1&bdt=1182&idt=0&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D472d282be8e1026c-2228c2b149ce007c%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_MamEc2aZNeIzLX9zM1anvLAIdtchA&gpic=UID%3D00000b7592c58d9a%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_Mb2tDxpJyNNLlDaFnoDsCPCjgFIDA&prev_fmts=1200x280%2C0x0&nras=2&correlator=608500544458&frm=20&pv=1&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=11&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aFrePh8R6p&p=http%3A//winintro.ru&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
956a63224223cb7f8e2b410e3323151aaf02f58ea49bcd3a41d5dcab766cd25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 14:46:20 GMT
x-content-type-options
nosniff
age
23647
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8560
x-xss-protection
0
last-modified
Sat, 19 Mar 2022 09:28:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 19 Oct 2023 14:46:20 GMT
truncated
/ Frame 4660 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
adview
googleads.g.doubleclick.net/pagead/ Frame 4660 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CKwXkG2pQY4zSBdiPygX29jvZi-rsao-_lLyaDdrZHhABIIOMikdglYKAgJgHoAHPxez6AsgBCakCz_LV5eH3kj6oAwHIA8sEqgTGAU_QwEGner35chPP3WuzyCoe1AULJyaXCogVGmYwsZQQ4D8QS82ak0B9fzOTTsQ8s5TaZQZmh4lCwGiv17GFJZH8l8ixO2k8WLp0bZG1PQSI-sjN6IJIiXmFInqwNxynIeCdSQgyIgoo8SmU9sH51UjeokykSkOtUb0454K67Oa_MiR_6T2DCbVj-gziyPHFIY9rQ1-iVQdV3zs3AoQGcThsCCQN7pEnvfDEpgd3DT0uQfXtsdEDKCEzhy70s3AzC_RsRPD2AcAEycO6or8DkgUECAQYAZIFBAgFGASgBi6AB5m6k4UBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQz-oE0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMMiBQH0BUBmBYBgBcBshccChoIABIUcHViLTIzMzk1OTIzODMxNzAwMzIYAA&sigh=fTiyW7stpwc&uach_m=[UACH]&cid=CAQSOwDq26N9XZ0aO5RFEwuJXcq35q9XOdg5EUBSn2vQCARFzTb-O3I0cBUetQgJtiVc6iI2y6HKgyKJnpMzGAEgDg&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&adk=2713721804&adf=1951942945&pi=t.aa~a.34750005~rp.3&daaos=1666167350205&w=514&fwrn=4&fwrnh=100&lmt=1666214427&rafmt=1&to=qs&pwprc=4552627395&format=514x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666214427030&bpp=1&bdt=1182&idt=0&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D472d282be8e1026c-2228c2b149ce007c%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_MamEc2aZNeIzLX9zM1anvLAIdtchA&gpic=UID%3D00000b7592c58d9a%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_Mb2tDxpJyNNLlDaFnoDsCPCjgFIDA&prev_fmts=1200x280%2C0x0&nras=2&correlator=608500544458&frm=20&pv=1&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=11&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aFrePh8R6p&p=http%3A//winintro.ru&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&adk=2713721804&adf=1951942945&pi=t.aa~a.34750005~rp.3&daaos=1666167350205&w=514&fwrn=4&fwrnh=100&lmt=1666214427&rafmt=1&to=qs&pwprc=4552627395&format=514x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666214427030&bpp=1&bdt=1182&idt=0&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D472d282be8e1026c-2228c2b149ce007c%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_MamEc2aZNeIzLX9zM1anvLAIdtchA&gpic=UID%3D00000b7592c58d9a%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_Mb2tDxpJyNNLlDaFnoDsCPCjgFIDA&prev_fmts=1200x280%2C0x0&nras=2&correlator=608500544458&frm=20&pv=1&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=11&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aFrePh8R6p&p=http%3A//winintro.ru&dtd=9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 19 Oct 2022 21:20:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9E58 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&adk=2713721804&adf=1951942945&pi=t.aa~a.34750005~rp.3&daaos=1666167350205&w=514&fwrn=4&fwrnh=100&lmt=1666214427&rafmt=1&to=qs&pwprc=4552627395&format=514x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666214427030&bpp=1&bdt=1182&idt=0&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D472d282be8e1026c-2228c2b149ce007c%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_MamEc2aZNeIzLX9zM1anvLAIdtchA&gpic=UID%3D00000b7592c58d9a%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_Mb2tDxpJyNNLlDaFnoDsCPCjgFIDA&prev_fmts=1200x280%2C0x0&nras=2&correlator=608500544458&frm=20&pv=1&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=11&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aFrePh8R6p&p=http%3A//winintro.ru&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
45716
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 08:38:31 GMT
etag
48472445140208031
expires
Thu, 20 Oct 2022 08:38:31 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4660 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd863b6c52b1d0f0dfc8295841ef43761e5be41e083b2287c3c967a19e500651

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4660 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 16:44:52 GMT
x-content-type-options
nosniff
age
189335
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 16:44:52 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4660 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:36:30 GMT
x-content-type-options
nosniff
age
179037
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9644
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 19:36:30 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4660 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 20:40:44 GMT
x-content-type-options
nosniff
age
434383
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Oct 2023 20:40:44 GMT
KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4660 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 08:45:44 GMT
x-content-type-options
nosniff
age
131683
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9576
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Oct 2023 08:45:44 GMT
dpixel
cms.quantserve.com/ Frame 9E58 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBjqtZYblX0Tvtn5SGE7mIo&google_cver=1&google_push=AZmPxg9EtuRNyItJIRLnvjUi9YULGkY7EXsNZUzDWq5Ey-B2h2CVhRA2AI3wj-r9T-m_OrObU-VEekBQRG_BbRTe0q_YhmdonhhPXA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&adk=2713721804&adf=1951942945&pi=t.aa~a.34750005~rp.3&daaos=1666167350205&w=514&fwrn=4&fwrnh=100&lmt=1666214427&rafmt=1&to=qs&pwprc=4552627395&format=514x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666214427030&bpp=1&bdt=1182&idt=0&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D472d282be8e1026c-2228c2b149ce007c%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_MamEc2aZNeIzLX9zM1anvLAIdtchA&gpic=UID%3D00000b7592c58d9a%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_Mb2tDxpJyNNLlDaFnoDsCPCjgFIDA&prev_fmts=1200x280%2C0x0&nras=2&correlator=608500544458&frm=20&pv=1&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=11&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aFrePh8R6p&p=http%3A//winintro.ru&dtd=9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:20:27 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9E58
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8hg6Ny...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8hg6Ny...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTkyMTIwMjgwMDAxMzI5OTczNzkyMA%3D%3D&google_push=AZmPxg8hg6NyyqzIWb6Q5OlUyNxHnwrLTNYHWjTOVtWn-dh57GaB1mexQVmkIwidwtuwvL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTkyMTIwMjgwMDAxMzI5OTczNzkyMA%3D%3D&google_push=AZmPxg8hg6NyyqzIWb6Q5OlUyNxHnwrLTNYHWjTOVtWn-dh57GaB1mexQVmkIwidwtuwvLziRkmkrBlThUKaeSJAmKZZbCK4vqVaWA
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:20:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTkyMTIwMjgwMDAxMzI5OTczNzkyMA%3D%3D&google_push=AZmPxg8hg6NyyqzIWb6Q5OlUyNxHnwrLTNYHWjTOVtWn-dh57GaB1mexQVmkIwidwtuwvLziRkmkrBlThUKaeSJAmKZZbCK4vqVaWA
pragma
no-cache
date
Wed, 19 Oct 2022 21:20:28 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Wed, 19 Oct 2022 21:20:28 GMT
sync
odr.mookie1.com/t/v2/ Frame 9E58 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEH2b2q7BhIvYRy23Lw0hbwk&google_push=AZmPxg9ziOWPh_yKeJ4LvuVk6OEj-7giOmxKRyP2MqAIexQsghIgIkhrELGjHhEShlEEHqmy496EfwmLZX4irNZDSOG3dYrUfUz6Xg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&adk=2713721804&adf=1951942945&pi=t.aa~a.34750005~rp.3&daaos=1666167350205&w=514&fwrn=4&fwrnh=100&lmt=1666214427&rafmt=1&to=qs&pwprc=4552627395&format=514x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666214427030&bpp=1&bdt=1182&idt=0&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D472d282be8e1026c-2228c2b149ce007c%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_MamEc2aZNeIzLX9zM1anvLAIdtchA&gpic=UID%3D00000b7592c58d9a%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_Mb2tDxpJyNNLlDaFnoDsCPCjgFIDA&prev_fmts=1200x280%2C0x0&nras=2&correlator=608500544458&frm=20&pv=1&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=11&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aFrePh8R6p&p=http%3A//winintro.ru&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:20:27 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 9E58 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEL2DFOW07wdAE_AFoszix1g&google_cver=1&google_push=AZmPxg-BxXCtCSuhtqoscBHL2xd4R3t8MqLwEsTbnmT62eB2tmLAdkWSnNA-W4jWbAo7mUq396o9v2AxxcNnfaM1tTG9ntSTFJHD5A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&adk=2713721804&adf=1951942945&pi=t.aa~a.34750005~rp.3&daaos=1666167350205&w=514&fwrn=4&fwrnh=100&lmt=1666214427&rafmt=1&to=qs&pwprc=4552627395&format=514x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666214427030&bpp=1&bdt=1182&idt=0&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D472d282be8e1026c-2228c2b149ce007c%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_MamEc2aZNeIzLX9zM1anvLAIdtchA&gpic=UID%3D00000b7592c58d9a%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_Mb2tDxpJyNNLlDaFnoDsCPCjgFIDA&prev_fmts=1200x280%2C0x0&nras=2&correlator=608500544458&frm=20&pv=1&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=11&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aFrePh8R6p&p=http%3A//winintro.ru&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:20:27 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
38rbs8gbdltjabd8rclt924jnohc6nfm
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 9E58 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIeWxJzdTYw7ponqGh-JkCk&google_cver=1&google_push=AZmPxg_TYBErbYm1QSv0jvDGdRW8KYh1TQAQshHWHz4-IuKWfFvhDju7zRaxgGZblKCsevhnYy5VQ8Jb5AHIGGUI0UAU9-PpogjEFw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&adk=2713721804&adf=1951942945&pi=t.aa~a.34750005~rp.3&daaos=1666167350205&w=514&fwrn=4&fwrnh=100&lmt=1666214427&rafmt=1&to=qs&pwprc=4552627395&format=514x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666214427030&bpp=1&bdt=1182&idt=0&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D472d282be8e1026c-2228c2b149ce007c%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_MamEc2aZNeIzLX9zM1anvLAIdtchA&gpic=UID%3D00000b7592c58d9a%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_Mb2tDxpJyNNLlDaFnoDsCPCjgFIDA&prev_fmts=1200x280%2C0x0&nras=2&correlator=608500544458&frm=20&pv=1&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=11&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aFrePh8R6p&p=http%3A//winintro.ru&dtd=9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 19 Oct 2022 21:20:27 GMT
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 9E58
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECSXSRotx4vdm6ubff113aE&google_cver=1&google_push=AZmPxg91SxZH0AOO0iHAsJOrWkXM4HHhrQKgE47Eqi5GGuR7PUG-ydS3oj4uucpv0rnzenRyQ4i...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlHNTFTVk8tMTItSzNHUA==&google_push=AZmPxg91SxZH0AOO0iHAsJOrWkXM4HHhrQKgE47Eqi5GGuR7PUG-ydS3oj4uucpv0rnzenRyQ4ihw-SWeHplGYbhKS7WB73lgeZ-0Q
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlHNTFTVk8tMTItSzNHUA==&google_push=AZmPxg91SxZH0AOO0iHAsJOrWkXM4HHhrQKgE47Eqi5GGuR7PUG-ydS3oj4uucpv0rnzenRyQ4ihw-SWeHplGYbhKS7WB73lgeZ-0Q
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:20:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlHNTFTVk8tMTItSzNHUA==&google_push=AZmPxg91SxZH0AOO0iHAsJOrWkXM4HHhrQKgE47Eqi5GGuR7PUG-ydS3oj4uucpv0rnzenRyQ4ihw-SWeHplGYbhKS7WB73lgeZ-0Q
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
pixel
cm.g.doubleclick.net/ Frame 9E58
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKkCiHGTIZI-N4C24muZhXo&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKkCiHGTIZI-N4C24muZhXo&google_push=AZ...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKkCiHGTIZI-N4C24muZhXo&google_hm=Y1BqG-SlTx-xT4lJnI8FqQAABFwAAAAB&google_nid=index&google_push=AZmPxg9zfX4w3tP6qqEJQHGjbs5BMW2AF2YiG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKkCiHGTIZI-N4C24muZhXo&google_hm=Y1BqG-SlTx-xT4lJnI8FqQAABFwAAAAB&google_nid=index&google_push=AZmPxg9zfX4w3tP6qqEJQHGjbs5BMW2AF2YiGkCa64ns4gEwlMPyUqNUtnvzBUnhyEs6iwz5LsEXvpSY4ooPbMm1Zdlklsz1BS_P_Q
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:20:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:20:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ybLcLuOJp9UrJcKF4pFTVrsGGZcpbv9kSGgk4uYuQFMO8vQS9Xk%2FGYLcgcTjk88y%2BFuxBCCTkRiZzdUIVlhY63KG%2BzQuOF7TsAr28GsQihOp%2BBLO6DCzeXZtEdbCkhxVKc3bdmtj2c9Kqw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKkCiHGTIZI-N4C24muZhXo&google_hm=Y1BqG-SlTx-xT4lJnI8FqQAABFwAAAAB&google_nid=index&google_push=AZmPxg9zfX4w3tP6qqEJQHGjbs5BMW2AF2YiGkCa64ns4gEwlMPyUqNUtnvzBUnhyEs6iwz5LsEXvpSY4ooPbMm1Zdlklsz1BS_P_Q
cache-control
no-cache
cf-ray
75cc8ecf6d539bf2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 9E58 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LCUxLcYot98KHXRHP0vozpC4w0EzWV0LIyjXQaymJCw0t4xTGb7z3IHn2wlILvQcv5ljI3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&adk=2713721804&adf=1951942945&pi=t.aa~a.34750005~rp.3&daaos=1666167350205&w=514&fwrn=4&fwrnh=100&lmt=1666214427&rafmt=1&to=qs&pwprc=4552627395&format=514x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666214427030&bpp=1&bdt=1182&idt=0&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D472d282be8e1026c-2228c2b149ce007c%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_MamEc2aZNeIzLX9zM1anvLAIdtchA&gpic=UID%3D00000b7592c58d9a%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_Mb2tDxpJyNNLlDaFnoDsCPCjgFIDA&prev_fmts=1200x280%2C0x0&nras=2&correlator=608500544458&frm=20&pv=1&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=11&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aFrePh8R6p&p=http%3A//winintro.ru&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:20:27 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4660 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoLCAEqB3NxdWFyZUQKCggCKgZzZXJ2ZXIKGggEKhZteXNpZGlhX2FuYWx5dGljc19leHAyCg0QKyEAAAAAAAAgQDAECg0QAyEAAAAAABCHQDAECg0QCiEAAABAMzMZQDAECg0QDSEAAAAAAAAAADAECg0QHioHNTE0eDI4MDAECg0QGSoHNTE0eDI4MDAECg0QDiEAAAAAAAAAADAECg0QBCEAAEBmZkqHQDAECg0QDyEAAAAAAAAAADAECg0QKyEAAAAAAAAwQDAECg0QBSEAAAAAAEyHQDAECg0QECEAAAAAINfhQDAECg0QESEAAAAAgBfUQDAECg0QEiEAAAAAAAAcQDAECg0QEyEAAAAAAAAIQDAECg0QFyEAAICZmWmIQDAEEhpDTXpMcjdpYzdmb0NGZGlIc2dvZGR2c09BQSIcc2NyZWFtL3Rocm9uZV9pbWFnZV9sb2dvX29jaCgR
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:20:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221018&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2339592383170032&plah=winintro.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fb4d847b6b42239eb6a2e44978f7b2cff503c3b427d9482f986cfac8f8c42dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://winintro.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:20:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11191
x-xss-protection
0
7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
pagead2.googlesyndication.com/bg/ Frame 41EF 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&adk=2713721804&adf=1951942945&pi=t.aa~a.34750005~rp.3&daaos=1666167350205&w=514&fwrn=4&fwrnh=100&lmt=1666214427&rafmt=1&to=qs&pwprc=4552627395&format=514x280&url=http%3A%2F%2Fwinintro.ru%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1666214427030&bpp=1&bdt=1182&idt=0&shv=r20221018&mjsv=m202210110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D472d282be8e1026c-2228c2b149ce007c%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_MamEc2aZNeIzLX9zM1anvLAIdtchA&gpic=UID%3D00000b7592c58d9a%3AT%3D1666214426%3ART%3D1666214426%3AS%3DALNI_Mb2tDxpJyNNLlDaFnoDsCPCjgFIDA&prev_fmts=1200x280%2C0x0&nras=2&correlator=608500544458&frm=20&pv=1&ga_vid=341378049.1666214426&ga_sid=1666214426&ga_hid=1169452204&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=11&ady=2587&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761793%2C42531706&oid=2&pvsid=238350116680050&tmod=742478877&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=aFrePh8R6p&p=http%3A//winintro.ru&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 14:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15945
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 14:42:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4660 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoLCAEqB3NxdWFyZUQKCggCKgZzZXJ2ZXIKGggEKhZteXNpZGlhX2FuYWx5dGljc19leHAyCg0QFCEAAAAAICLkQDAECg0QFSEAAAAAAAAsQDAECg0QFiEAAAAAAAAUQDAECg0QGCEAAMDMzNSNQDAECg0QMiEAAAAAmJnZPzAECg0QMyEAAAAAzMzsPzAECg0QNCEAAAAAzMzsPzAECg0QNSEAAAAAzMzsPzAECg0QNiEAAAAAzMzsPzAECg0QNyEAAAAAzMzsPzAECg0QOCEAAAAAMzPzPzAECg0QOSEAAAAAALiEQDAECg0QOiEAAEBmZmaFQDAECg0QOyEAAEBmZmaIQDAECg0QPCEAAEBmZmaIQDAECg0QPSEAAICZmWmIQDAECg0QPiEAAMDMzJSNQDAECg0QPyEAAMDMzJSNQDAECg0QQCEAAAAAAOiNQDAEEhpDTXpMcjdpYzdmb0NGZGlIc2dvZGR2c09BQSIcc2NyZWFtL3Rocm9uZV9pbWFnZV9sb2dvX29jaCgR
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:20:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2339592383170032&plah=winintro.ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://winintro.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:20:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Oct 2022 21:20:28 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 006B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://winintro.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
12154
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 17:57:54 GMT
expires
Thu, 19 Oct 2023 17:57:54 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 938A 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7b4267a7bc7e8aab59e201b1b300b73beae5855d1ea2da8a73b66964dcf007cf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0v2jLhFxBiHg_ujde7FFhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://winintro.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-0v2jLhFxBiHg_ujde7FFhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 21:20:28 GMT
expires
Wed, 19 Oct 2022 21:20:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
pagead2.googlesyndication.com/bg/ Frame 006B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 14:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15945
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 14:42:06 GMT
generate_204
tpc.googlesyndication.com/ Frame 006B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?kEt_Ug
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:20:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 938A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221018&jk=238350116680050&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 1607 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstksEG-pGjA7bpuNurjT-5ZY4Yw8-uCZrib_YKFlknEq0CkCEMYj1TxhZPXFbo7LznLBqBoxY-n5RwmW9hgK6yD07IFP12yjzXbPbuz4mN6BWG5cH04DePN8CF9bw6gRv88ovD1Tw&sai=AMfl-YRCiuk2jzufI10JjrG5E6odaLick536LpE8EH__X89XbovW3LmDSGXjiOcAD0lh74gnFjEn13u1kIYVfRQ&sig=Cg0ArKJSzC24WpK4N7pQEAE&cid=CAQSGwDq26N9edxKvLmx9qytbtjCP3y1HyiQIF0bFxgBIA4&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=103,780,1001,1095,1095&tos=103,677,221,94,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1666214427197&rpt=297&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:20:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0BF6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssyQ8V99ZrKTSYpwOrrilWMJQatQrNUvNkLgUh5Aa3Dr2jcfWT37AKQxIItK5RYVt5ZBoucsyHr20LoNFQTYcmlGkbPYiSSzuHAYWer_okDet4N0u_9EEYEJJYKH3JY2EFv0zyBRQ&sai=AMfl-YQYl14MPxkxa2xaBgZWgklFpJyTIYgbk9k45WkDYV8TSmVNhIB1tg8YHFMD5uMEt4uE1fbunm6qU_gQJ8w&sig=Cg0ArKJSzMk2R3vGpubuEAE&cid=CAQSGwDq26N9ZCPJF5uv_hGyLQrUvOkQA3iwQHh8JBgBIA4&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1748934517&rs=2&la=1&cr=0&vs=4&r=v&rst=1666214426327&rpt=1302&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:20:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221018&jk=238350116680050&bg=!uLulu__NAAYeOJy_Pjg7ACkAdvg8Wrx-Yk4N8RriFn_P-o7CWTaTOcv5_fBJNx-JV89VTQ96IlsvzwIAAABnUgAAAAJoAQeZAqpjImI4VsdbsKZ15EWvtdejoFObVWGyM1BwMH7L52IccSgOwaLzreEGOKJjr49NkhA3TZfemrFRsKaXhAMYlProOtGaSFtEz9rEj7VM00bnwCMq6wbMJbkr7jfS2zDIgDUu0QwpN2WVQw17qUZQaDfTxZx_t0FllSXvrXyUOjB8aYr58rbejHQadKPoFxcdrEjim82-7QNXuLXpVrzeaiBXNZiI7FgVEBZuISWrsI42KouLKWcxTtQ11_wbHZbeBS9Cx3FMq9UzSMu9jnNjANQ9DhD-cTLyGxdY7aBF9jCFgd9A0CQYeQrC4Zp7W0CNRt7subPZWYGG0m3Cz3hgrreFIAHumaU-9BIq5W3rNDosLoQtL2u44t3t-hD_fXVhrMNtUkN9SjFgG4r4NtCY1Mcau6H0sJOa4Dy0VgmHCMMs8N12s-dfhGzYXHi2W1TwHXIWIWp8SVe89qOSHmoVnAS6Ig55n5zavOFNj0c_AN0yBGBXA1V36O9p0JDbUAn58zB8Ld_ktTiuAaPBPJIEoKWBPW_ecQWaFyuJdxWaq6Y_ta5eg9a7FxJ_cVuXaRCIPVZVxorzg4tAB8BgIwmQBqovlZo5wdYaKJEX0f9gK4Taqvyz5KWQPwHI-emaPtk5MmNArxKS66XHx4UtbK8V6fiuySbjnybBQE0ScsIiBEapaVZXUirwa46Ho8272gkAgpfT5gqNqi69RzcMxH1sWar_cPGhNhYdACuKEG9B1X-gv7avbV_VAfH-aHh14b0LQe9M-otaPX1bJI-PwzDDclnjiK-tgTPht9qU9FIWHR6g4JyBL3ZSL_vJj09l5eCY06z-S9Ya9sl9OWiDG_dkDeUYWd7KM5H9G_nAAAHemkA66WZ0-SyRlq_df8X0OSkF9WdhzN3SGb7IO1Uo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://winintro.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| adsbygoogle string| reformal_wdg_w string| reformal_wdg_h string| reformal_wdg_domain number| reformal_wdg_mode string| reformal_wdg_title string| reformal_wdg_ltitle string| reformal_wdg_lfont string| reformal_wdg_lsize string| reformal_wdg_color string| reformal_wdg_bcolor string| reformal_wdg_tcolor string| reformal_wdg_align string| reformal_wdg_charset number| reformal_wdg_waction string| reformal_wdg_vcolor string| reformal_wdg_cmline string| reformal_wdg_glcolor string| reformal_wdg_tbcolor function| ref_ud boolean| isIE6 string| dref_w string| dref_h number| dref_mode string| dref_title string| dref_ltitle string| dref_lfont string| dref_lsize string| dref_color string| dref_bcolor string| dref_tcolor string| dref_align string| dref_charset number| dref_waction string| dref_vcolor string| dref_cmline string| dref_glcolor string| dref_tbcolor string| dref_tcolor_aw4 number| dref_ext_img number| dref_ext_img_m undefined| v string| dref_ext_cms string| vlink object| MyOtziv function| r_compact function| r_utf8encode object| hc string| out_link function| MyOtzivCl string| str undefined| pageTracker object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| Ya object| yaCounter490927 object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

28 Cookies

Domain/Path Name / Value
.winintro.ru/ Name: _ym_uid
Value: 1666214426888642442
.winintro.ru/ Name: _ym_d
Value: 1666214426
.winintro.ru/ Name: __gads
Value: ID=472d282be8e1026c-2228c2b149ce007c:T=1666214426:RT=1666214426:S=ALNI_MamEc2aZNeIzLX9zM1anvLAIdtchA
.winintro.ru/ Name: __gpi
Value: UID=00000b7592c58d9a:T=1666214426:RT=1666214426:S=ALNI_Mb2tDxpJyNNLlDaFnoDsCPCjgFIDA
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2286973320fake
.winintro.ru/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1323270372fake
.yandex.com/ Name: yandexuid
Value: 34968221666214426
.yandex.com/ Name: yuidss
Value: 34968221666214426
mc.yandex.com/ Name: yabs-sid
Value: 580681281666214426
.yandex.com/ Name: i
Value: jd30Gcg4M9d7SHhmg+uI7LiC5B/HGd36RV/0ZZ+3rjEoIhBpbjk72q/Qg4JPtJrQpErcH8hgyDyTwIiXshfPRNSVV/k=
.yandex.com/ Name: ymex
Value: 1697750426.yrts.1666214426#1697750426.yrtsi.1666214426
.doubleclick.net/ Name: IDE
Value: AHWqTUlDLSeFJJzuD3f6Kb_9oxp5tUvL7IHMvOnnDW4zpxqij2U8QP1Wk3O9mXel0J8
.quantserve.com/ Name: d
Value: EBABCQGvJ4EA
.quantserve.com/ Name: mc
Value: 63506a1b-e88ac-35bc4-8b2bf
.casalemedia.com/ Name: CMID
Value: Y1BqG.SlTx.xT4lJnI8FqQAA
.casalemedia.com/ Name: CMPS
Value: 1116
.casalemedia.com/ Name: CMPRO
Value: 1116
.casalemedia.com/ Name: CMTS
Value: 5169
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: na_id
Value: 2022101921202800013299737920
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 63506a1c1cc1257b
.addthis.com/ Name: ouid
Value: 63506a1c0001fef4f04a7765646086e853a0310b303d26c645ac
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20221019
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0

3 Console Messages

Source Level URL
Text
network error URL: http://cse.google.com/cse.js?cx=011017919958926383041:ajfvtnc_f9s
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9796.3xzEGfKwunqDFnZbUKyJURQQkhNTEKKBx_9Jnb7Z7HvBXdAJbNDFV4zcNWMXPp3ugsM9ov9YjyL7_2wvg8ru6w%2C%2C.3xGFnRX83N5nNmXt_WMgsxOpNFw%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20221018/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271801&client=ca-pub-2339592383170032&fa=1&ifi=4&uci=a!4&btvi=2&xpc=d4o8LshnDf&p=http%3A//winintro.ru
Message:
The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cm.g.doubleclick.net
cms.quantserve.com
cse.google.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
log.reformal.ru
mc.yandex.com
mc.yandex.ru
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
reformal.ru
rtb.openx.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
widget.reformal.ru
winintro.ru
www.google.com
www.googletagservices.com
www.gstatic.com
104.18.19.126
104.76.200.221
139.162.151.130
142.250.185.194
185.64.190.78
185.64.76.74
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:800::2002
2a00:1450:4001:801::2003
2a00:1450:4001:802::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a02:6b8::1:119
34.98.67.61
35.186.253.211
69.173.144.165
024017583b2fb356491d4ba8dc12a85c2e4af548e63d850b333fa0be5752a7be
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1214e00042fac0fa9faf6511c70a174855c3e728eb5497f1afe6c4b0b2b3128e
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
2a87dc466b3bf04d2af3c5444cf285b3f4e8e03a954322b01433d11b90793db6
2d52560a0b97222a18a95c89256d89765d3d821699eebc14213d531c2a93adb5
31303ffcbd1dcf6cac233c7f6fdbec00a372eb4e0aee71f9c169ab81f6ca4013
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101
3b8cf7debb0ded44d36e562d289a88e7948f98395cce54e68e31e4b069e871a8
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4a8eb3554b2b95adcc12d824a96898ed63071f1064e64f17ded9b371df4aa673
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb4d847b6b42239eb6a2e44978f7b2cff503c3b427d9482f986cfac8f8c42dd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a0565c03e05b3482a5fbd70fbaf26c55322a95f8083b9fc8bd3304d00f1a15a
5a86fea5ef8d86c563fc811a55802e1945e5391219e8f507a06fcef332a7bf43
5e5dc6ca39f0003972e1604baa6ad3d4ee8bbce3fd70c93a49ec0e0615b28aba
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62200de6653947c8d8a7873631f78c2b8a564e40378b6b9d5713186cc1edcf8b
6914187121d436896b02bdccb1253f31f00d108b1df7860137b3fa86ed97cc0b
69161014dbdd509937d3a01d169fb3e684055d35bf9c8bd70be0c4d68f99d148
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6d0f9faf185c1f43001f2508f80abf686cfb1c00f58c6bf0fa807791b5fc65e2
781435863bd553fd2673b10b1dda8faad16ba7f9113560d4a9815615b8ddf5cd
7b4267a7bc7e8aab59e201b1b300b73beae5855d1ea2da8a73b66964dcf007cf
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
87cdc9a4af3ce62dc6e491a4a393307f40a3c90bbac8ada4baafff7390775b8c
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cd23ec8376bd245aa627149f0670262553432dac78a0570d6fad0811df79db4
956a63224223cb7f8e2b410e3323151aaf02f58ea49bcd3a41d5dcab766cd25e
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d450a89121d8d051ed703142aa677315374f0c5bedb0ab8eb8c4117d7420ae5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5b7440eb01b4db530c8b12650e39b4a3bfb1b49b7518c76b08bb6e8b8434a2f
bd863b6c52b1d0f0dfc8295841ef43761e5be41e083b2287c3c967a19e500651
d062b2881cff682b8bc7fe2d24e923923497bd855bbac11b1f5f419647de1948
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e731c18f5159e2612625f471352650417c4557851c7518a28a76a5bc6896f1b6
ebfd59f059b257cbb69288822fcb8a2b089c7311cca6d8c9e9a298594de6e92b
ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f029c445d676d5a7d9d4b69ae42771b0e62dd0b0c2ac9fd9568a53f22f74a583
f2530ebfa7dd0eb27e3cfaf23a514aa2dc9ee553ce716036113a28a0e28aeb6b
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f3e87e6819c1a049789173a1c52e62edb0051c1a0af081f4dcac6613c16a367e
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef