zoomapp.ru Open in urlscan Pro
185.246.64.175 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://zoomapp.ru/
Effective URL:
https://zoomapp.ru/
Submission Tags: falconsandbox
Submission: On July 24 via api (July 24th 2022, 8:04:34 am UTC) from US — Scanned from DE

Summary HTTP 147 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 32 IPs in 6 countries across 27 domains to perform 147 HTTP transactions. The main IP is 185.246.64.175, located in Russian Federation and belongs to RU-JSCIOT, RU. The main domain is zoomapp.ru.
TLS certificate: Issued by R3 on May 5th 2022. Valid for: 3 months.

This is the only time zoomapp.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	185.246.64.175 185.246.64.175	29182 (RU-JSCIOT) (RU-JSCIOT)
13	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
1	88.99.234.26 88.99.234.26	24940 (HETZNER-AS) (HETZNER-AS)
1	88.208.46.156 88.208.46.156	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	88.208.46.222 88.208.46.222	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
17	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::16b 2a02:6b8::16b	208722 (GLOBAL_DC) (GLOBAL_DC)
5	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
1	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
1	195.201.8.30 195.201.8.30	24940 (HETZNER-AS) (HETZNER-AS)
1 2	194.190.76.41 194.190.76.41	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	65.109.23.99 65.109.23.99	24940 (HETZNER-AS) (HETZNER-AS)
1	193.3.184.136 193.3.184.136	50214 (QWARTA) (QWARTA)
1	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	195.209.111.22 195.209.111.22	52007 (ADRIVER-AS) (ADRIVER-AS)
3 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
4	88.208.46.30 88.208.46.30	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
5	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
4 5	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
147	32

27 185.246.64.175 (Russian Federation) 1 redirects

ASN29182 (RU-JSCIOT, RU)
PTR: sergoot1.fvds.ru

zoomapp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.234.26 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: digitalcaramel.com

ads.digitalcaramel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.208.46.156 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

bandidandy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.208.46.222 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

determineapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::16b (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.8.30 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.8.201.195.clients.your-server.de

yhb.p.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.76.41 (Russian Federation) 1 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp1.senders.rutube.ru

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

adfox-c2s-ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.109.23.99 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.99.23.109.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.3.184.136 (Russian Federation)

ASN50214 (QWARTA, RU)
PTR: asrv320.qwarta.ru

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

hb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.209.111.22 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)

pb.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.208.46.30 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

clairpixum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	483 KB
27	zoomapp.ru 1 redirects zoomapp.ru	987 KB
17	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 56	152 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com	203 KB
7	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 10582	3 KB
7	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 96 www.google.com — Cisco Umbrella Rank: 10	2 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72	5 KB
6	yandex.ru 1 redirects yandex.ru — Cisco Umbrella Rank: 1309 matchid.adfox.yandex.ru — Cisco Umbrella Rank: 28577 mc.yandex.ru — Cisco Umbrella Rank: 3701	236 KB
5	yastatic.net yastatic.net — Cisco Umbrella Rank: 6631	153 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	170 KB
4	clairpixum.com clairpixum.com	18 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8252	957 B
2	adhigh.net 1 redirects px.adhigh.net — Cisco Umbrella Rank: 13703	730 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	108 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2841	343 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 873	643 B
1	adriver.ru pb.adriver.ru — Cisco Umbrella Rank: 39320	298 B
1	adtelligent.com hb.adtelligent.com — Cisco Umbrella Rank: 199722	221 B
1	sape.ru ssp-rtb.sape.ru — Cisco Umbrella Rank: 33693	449 B
1	bidvol.com ssp.bidvol.com — Cisco Umbrella Rank: 31420	471 B
1	creativecdn.com adfox-c2s-ams.creativecdn.com — Cisco Umbrella Rank: 63670	204 B
1	otm-r.com yhb.p.otm-r.com — Cisco Umbrella Rank: 48178	248 B
1	betweendigital.com ads.betweendigital.com — Cisco Umbrella Rank: 2101	8 KB
1	determineapp.com determineapp.com	550 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 424	11 KB
1	bandidandy.com bandidandy.com	7 KB
1	digitalcaramel.com ads.digitalcaramel.com — Cisco Umbrella Rank: 127502	1 KB
147	27

	Domain	Requested by
27	tpc.googlesyndication.com	googleads.g.doubleclick.net zoomapp.ru tpc.googlesyndication.com pagead2.googlesyndication.com
27	zoomapp.ru	1 redirects zoomapp.ru
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com zoomapp.ru googleads.g.doubleclick.net
13	pagead2.googlesyndication.com	zoomapp.ru pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
9	www.gstatic.com	googleads.g.doubleclick.net
7	mc.yandex.com	2 redirects zoomapp.ru mc.yandex.ru
6	fonts.googleapis.com	client zoomapp.ru googleads.g.doubleclick.net
5	www.google.com	4 redirects tpc.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
5	yastatic.net	yandex.ru
4	www.googletagservices.com	googleads.g.doubleclick.net
4	clairpixum.com	zoomapp.ru clairpixum.com
3	mc.yandex.ru	1 redirects zoomapp.ru yandex.ru
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	px.adhigh.net	1 redirects zoomapp.ru
2	www.googletagmanager.com	zoomapp.ru
2	yandex.ru	zoomapp.ru
1	region1.google-analytics.com	www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pb.adriver.ru	yandex.ru
1	hb.adtelligent.com	yandex.ru
1	ssp-rtb.sape.ru	yandex.ru
1	ssp.bidvol.com	yandex.ru
1	adfox-c2s-ams.creativecdn.com	yandex.ru
1	yhb.p.otm-r.com	yandex.ru
1	ads.betweendigital.com	yandex.ru
1	matchid.adfox.yandex.ru	yandex.ru
1	determineapp.com	bandidandy.com
1	cdn.jsdelivr.net	zoomapp.ru
1	bandidandy.com	zoomapp.ru
1	ads.digitalcaramel.com	zoomapp.ru
147	32

This site contains links to these domains. Also see Links.

Domain
zoom.us
www.skype.com
discord.com
www.microsoft.com
play.google.com
apps.apple.com
chrome.google.com
addons.mozilla.org
itunes.apple.com

Subject Issuer	Validity	Valid
zoomapp.ru R3	`2022-05-05` - `2022-08-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2022-09-01`	6 months	crt.sh
caramel.am R3	`2022-07-10` - `2022-10-08`	3 months	crt.sh
bandidandy.com R3	`2022-06-07` - `2022-09-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
determineapp.com R3	`2022-06-22` - `2022-09-20`	3 months	crt.sh
matchid.adfox.yandex.ru GlobalSign RSA OV SSL CA 2018	`2022-07-18` - `2023-01-10`	6 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-04-01` - `2022-09-29`	6 months	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.p.otm-r.com AlphaSSL CA - SHA256 - G2	`2022-02-03` - `2023-03-07`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
ssp.bidvol.com R3	`2022-06-29` - `2022-09-27`	3 months	crt.sh
*.sape.ru R3	`2022-07-20` - `2022-10-18`	3 months	crt.sh
hb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-06-09` - `2022-09-07`	3 months	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
clairpixum.com R3	`2022-06-15` - `2022-09-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://zoomapp.ru/
Frame ID: 4AF79EE61CE34C4823A29DB0ADDC6BAA
Requests: 81 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20190131/zrt_lookup.html
Frame ID: EC6B415FB1E6879DB74CFB96D8B86C62
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202568105730570&output=html&h=280&slotname=5705747582&adk=540886628&adf=3055222944&pi=t.ma~as.5705747582&w=1000&fwrn=4&fwrnh=100&lmt=1658649869&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Fzoomapp.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658649869041&bpp=3&bdt=244&idt=215&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&correlator=7989944222235&frm=20&pv=2&ga_vid=1540385871.1658649869&ga_sid=1658649869&ga_hid=396887661&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531608&oid=2&pvsid=4114582118053799&tmod=548650271&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Aq0HELcjqn&p=https%3A//zoomapp.ru&dtd=261
Frame ID: 092C466CF647E75C39C1ACC4010C28D9
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202568105730570&output=html&h=400&slotname=5705747582&adk=3962687852&adf=422286093&pi=t.ma~as.5705747582&w=580&fwrn=4&fwrnh=100&lmt=1658649869&rafmt=12&psa=0&format=580x400&url=https%3A%2F%2Fzoomapp.ru%2F&fwr=0&fwrattr=true&rh=400&rw=580&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658649869044&bpp=1&bdt=248&idt=288&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=7989944222235&frm=20&pv=1&ga_vid=1540385871.1658649869&ga_sid=1658649869&ga_hid=396887661&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=3760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531608&oid=2&pvsid=4114582118053799&tmod=548650271&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8RcMsprUKQ&p=https%3A//zoomapp.ru&dtd=291
Frame ID: 445613D96410C9E02605BA778D310ECD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202568105730570&output=html&adk=1812271804&adf=3025194257&lmt=1658649869&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fzoomapp.ru%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658649869210&bpp=1&bdt=413&idt=165&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280%2C580x400&nras=1&correlator=7989944222235&frm=20&pv=1&ga_vid=1540385871.1658649869&ga_sid=1658649869&ga_hid=396887661&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531608&oid=2&pvsid=4114582118053799&tmod=548650271&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&dtd=170
Frame ID: 75F6716AA5892EB9F469637057A51160
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486
Frame ID: 1BDDC8438B1011BBA094434BE67D1828
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cmd24Df3cYuyKGfrX1fAP4rG7WPjQju9qxsfPwYUQ3auDwvAiEAEg8aHiYmCV4pCCoAegAe6YpO0ByAEJqQIJ9Axn3_qpPqgDAcgDSKoExAFP0H9LV3GNJ-OOM0U1vzdB_MQQ2wcOtkZXCoHQNygUUWqMpOxGTwQ7e3nGgGI3TU30vOlWHuwyFEdZ6UYpwIA80woSmysWg9HwohLpI6X4hQKBVcaACCYFg7okBy999Ugdp1q5_rrJwDdZTayB3qg6RaYcoVT5pDFZ_-z7gEVv7sVf3z3VfhJrJfb41es8Zkte_HsViRY4arjFaGHIZDRuszHGaeieCZGJOTuzlTEnFaAEHHhU0PPWDe7pgG1KUEFQ4e0qwASssqyGogSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH-ubbkgKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC12gjSCBEIgOGAcBABGB8yAusCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi03MjAyNTY4MTA1NzMwNTcwGAA&sigh=KSuug-BBiLI&uach_m=[UACH]&template_id=419
Frame ID: 7FC90E0A3FE92C8B6659F8E8EFE1EDB3
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1B3CA6BF53DD1AB945E66A37CBA5522A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9294757DBF019132257A19E9A761A64A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8021E5D4FDC5F9356D5D9733D2ACB85E
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4CB432206F167D559076432302C64B71
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 143EF6E40A3B748E5BC0069535800F4B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D2438493A32A59AEDCE8600B5C1C7E28
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1330D56C0297B6B4C9AD87802A256454
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
Frame ID: AD28BD78749FB6BC8D434822F0151C4F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
Frame ID: 6977BCD586A7DE29DC46FB188966483A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
Frame ID: 92BAB0BC4DDB9619C0FFC89B7547B51D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 93907252AEC0CB5C88F268FA58066AB7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1181ADB54BF8CD7A6D955628A9DAE02F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Скачать Zoom бесплатно — видеоконференции, вебинары, демонстрация экрана и многое другое

Page URL History Show full URLs

http://zoomapp.ru/ HTTP 301
https://zoomapp.ru/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

147
Requests

98 %
HTTPS

58 %
IPv6

27
Domains

32
Subdomains

32
IPs

6
Countries

2550 kB
Transfer

5648 kB
Size

30
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://zoom.us/pricing
Title: этой странице

Search URL Search Domain Scan URL

URL: https://zoom.us/
Title: zoom.us

Search URL Search Domain Scan URL

URL: https://www.skype.com/
Title: www.skype.com

Search URL Search Domain Scan URL

URL: https://discord.com/
Title: discord.com

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/ru-ru/microsoft-365/microsoft-teams/group-chat-software
Title: www.microsoft.com

Search URL Search Domain Scan URL

URL: https://zoom.us/download?os=linux
Title: эту страницу

Search URL Search Domain Scan URL

URL: https://zoom.us/signup
Title: https://zoom.us/signup

Search URL Search Domain Scan URL

URL: https://zoom.us/client/latest/ZoomInstaller.exe

Search URL Search Domain Scan URL

URL: https://zoom.us/client/latest/Zoom.pkg
Title: Mac OS

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=us.zoom.videomeetings
Title: Android

Search URL Search Domain Scan URL

URL: https://zoom.us/client/latest/zoom.apk
Title: APK для Android

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/id546505307
Title: iOS

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/zoom-scheduler/kgjfgplpablkjnlkjmjdecgdpfankdle?hl=en&gl=US&authuser=1
Title: Google Chrome

Search URL Search Domain Scan URL

URL: https://addons.mozilla.org/en-US/firefox/addon/zoom-new-scheduler/?src=search
Title: Firefox

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=us.zoom.zrc
Title: Android

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/zoompresence/id900259081?ls=1&mt=8
Title: iOS

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/store/apps/9nh8747bw3bc
Title: Windows

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://zoomapp.ru/ HTTP 301
https://zoomapp.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://px.adhigh.net/rtb/yandex_hb HTTP 307
https://px.adhigh.net/rtb/yandex_hb?bounced=1

Request Chain 71

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9709.V-ancdkMiA6LiClX0CGiISSdY14okYNXIjEpGrhOMFLLYFLDxZGnhr-CdeOhvWZn.o558p8HMIuGX9gDR-zXj-ef86i4%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9709.SkFwD9Brr8l7gD3q76VkmfHji6nMPFvqqyL6PcicOceMCcp45doGWvMDwZzbxgZ5obfpG6z60WSsbzQd3zZ3Su3mt-RaufwwYbV6POhM9EM%2C.Fud8YjrRMS-JRubHNH6UoOWMHqc%2C

Request Chain 75

https://mc.yandex.com/watch/61990360?wmode=7&page-url=https%3A%2F%2Fzoomapp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afp%3A783%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A841%3Acn%3A1%3Adp%3A0%3Als%3A1518968221736%3Ahid%3A164484612%3Az%3A0%3Ai%3A20220724080429%3Aet%3A1658649869%3Ac%3A1%3Arn%3A603462177%3Arqn%3A1%3Au%3A16586498691070391339%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1658649868183%3Ads%3A0%2C100%2C238%2C1%2C274%2C0%2C%2C414%2C1%2C%2C%2C%2C1027%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1658649870%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Zoom%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%E2%80%94%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%D0%BA%D0%BE%D0%BD%D1%84%D0%B5%D1%80%D0%B5%D0%BD%D1%86%D0%B8%D0%B8%2C%20%D0%B2%D0%B5%D0%B1%D0%B8%D0%BD%D0%B0%D1%80%D1%8B%2C%20%D0%B4%D0%B5%D0%BC%D0%BE%D0%BD%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%20%D1%8D%D0%BA%D1%80%D0%B0%D0%BD%D0%B0%20%D0%B8%20%D0%BC%D0%BD%D0%BE%D0%B3%D0%BE%D0%B5%20%D0%B4%D1%80%D1%83%D0%B3%D0%BE%D0%B5&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/61990360/1?wmode=7&page-url=https%3A%2F%2Fzoomapp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afp%3A783%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A841%3Acn%3A1%3Adp%3A0%3Als%3A1518968221736%3Ahid%3A164484612%3Az%3A0%3Ai%3A20220724080429%3Aet%3A1658649869%3Ac%3A1%3Arn%3A603462177%3Arqn%3A1%3Au%3A16586498691070391339%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1658649868183%3Ads%3A0%2C100%2C238%2C1%2C274%2C0%2C%2C414%2C1%2C%2C%2C%2C1027%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1658649870%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Zoom%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%E2%80%94%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%D0%BA%D0%BE%D0%BD%D1%84%D0%B5%D1%80%D0%B5%D0%BD%D1%86%D0%B8%D0%B8%2C%20%D0%B2%D0%B5%D0%B1%D0%B8%D0%BD%D0%B0%D1%80%D1%8B%2C%20%D0%B4%D0%B5%D0%BC%D0%BE%D0%BD%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%20%D1%8D%D0%BA%D1%80%D0%B0%D0%BD%D0%B0%20%D0%B8%20%D0%BC%D0%BD%D0%BE%D0%B3%D0%BE%D0%B5%20%D0%B4%D1%80%D1%83%D0%B3%D0%BE%D0%B5&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Request Chain 95

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 122

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 136

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 138

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

147 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
zoomapp.ru/
Redirect Chain

http://zoomapp.ru/
https://zoomapp.ru/

99 KB
27 KB

338ms
238ms

Document
text/html

185.246.64.175
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://zoomapp.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.246.64.175 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

sergoot1.fvds.ru

Software

nginx/1.19.10 / PHP/7.3.28

Resource Hash

b3b0fe675c25128e954b8c20c4bc525bd711c3a294e08fa098b04393f95844b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, proxy-revalidate, s-maxage=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 08:04:28 GMT
link: <https://zoomapp.ru/wp-json/>; rel="https://api.w.org/" <https://zoomapp.ru/wp-json/wp/v2/pages/476>; rel="alternate"; type="application/json"
server: nginx/1.19.10
strict-transport-security: max-age=31536000;
x-cache: BYPASS
x-powered-by: PHP/7.3.28

Redirect headers

Connection: keep-alive
Content-Type: text/html
Date: Sun, 24 Jul 2022 08:04:28 GMT
Location: https://zoomapp.ru:443/
Server: nginx/1.19.10
Transfer-Encoding: chunked

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
56 KB 161ms
72ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a6f8e2c0e042b3e5e73ca1cbb5102e2b6fa7542c527c758e78b18720bef0505

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56745
x-xss-protection: 0
server: cafe
etag: 17197252848207999936
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 24 Jul 2022 08:04:28 GMT

GET
H2 200 header-bidding.js Show response
yandex.ru/ads/system/ 122 KB
32 KB 189ms
67ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/header-bidding.js

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

4be74101162d4ed978851bd6dd595e849e4209b55cdfbf43bf39fdaee81a4192

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1658649868949205-17762314600623044321-sas2-0946-sas-l7-balancer-8080-BAL-956
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 24 Jul 2022 09:04:28 GMT

GET
H2 200 zoomapp.ru.js Show response
ads.digitalcaramel.com/js/ 4 KB
1 KB 48ms
11ms Script
application/javascript 88.99.234.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.digitalcaramel.com/js/zoomapp.ru.js

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.99.234.26 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

digitalcaramel.com

Software

nginx /

Resource Hash

9eac796639f0a4a2afff67aa4b97d89b53774c00697e675702b3ce4bab66760e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Jul 2022 12:02:49 GMT
server: nginx
etag: W/"62ceb469-e59"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=15724800; includeSubdomains; preload
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 287 KB
77 KB 73ms
69ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f7547629c4deac5b39e359d22c9ced4e67652d470c2a5af4e2be363ed593bcd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1658649868949470-7799496171825392144-sas2-0946-sas-l7-balancer-8080-BAL-4816
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 24 Jul 2022 09:04:28 GMT

GET
H2 200 wmac_47cd75eaec4b74cb6954ceff8e6c28a9.css
zoomapp.ru/wp-content/cache/wmac/css/ 70 KB
21 KB 53ms
51ms Stylesheet
text/css 185.246.64.175
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://zoomapp.ru/wp-content/cache/wmac/css/wmac_47cd75eaec4b74cb6954ceff8e6c28a9.css

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.246.64.175 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

sergoot1.fvds.ru

Software

nginx/1.19.10 /

Resource Hash

34886085d28d117cb2cb5338d85ba1aa412482dbb2214b35616c0c8f254041ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:28 GMT
content-encoding: gzip
last-modified: Wed, 09 Mar 2022 19:23:08 GMT
server: nginx/1.19.10
etag: W/"6228fe9c-116e2"
strict-transport-security: max-age=31536000;
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
zoomapp.ru/wp-includes/js/jquery/ 87 KB
31 KB 56ms
55ms Script
application/javascript 185.246.64.175
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://zoomapp.ru/wp-includes/js/jquery/jquery.min.js

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.246.64.175 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

sergoot1.fvds.ru

Software

nginx/1.19.10 /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:28 GMT
content-encoding: gzip
last-modified: Thu, 31 Dec 2020 05:21:31 GMT
server: nginx/1.19.10
etag: W/"5fed5fdb-15d98"
strict-transport-security: max-age=31536000;
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
zoomapp.ru/wp-includes/js/jquery/ 11 KB
4 KB 100ms
99ms Script
application/javascript 185.246.64.175
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://zoomapp.ru/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.246.64.175 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

sergoot1.fvds.ru

Software

nginx/1.19.10 /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:28 GMT
content-encoding: gzip
last-modified: Thu, 31 Dec 2020 05:21:31 GMT
server: nginx/1.19.10
etag: W/"5fed5fdb-2bd8"
strict-transport-security: max-age=31536000;
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css-lazy-load.min.js Show response
zoomapp.ru/wp-content/plugins/clearfy/assets/js/ 1014 B
739 B 100ms
100ms Script
application/javascript 185.246.64.175
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://zoomapp.ru/wp-content/plugins/clearfy/assets/js/css-lazy-load.min.js

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.246.64.175 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

sergoot1.fvds.ru

Software

nginx/1.19.10 /

Resource Hash

9cf322ba61df85137ce954428f4f9adff3b760ea6f1d7e07584bf9b599cb1cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:28 GMT
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 17:43:02 GMT
server: nginx/1.19.10
etag: W/"603d27a6-3f6"
strict-transport-security: max-age=31536000;
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zoom-icon-logo.png
zoomapp.ru/wp-content/uploads/2020/04/ 9 KB
9 KB 58ms
55ms Image
image/png 185.246.64.175
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zoomapp.ru/wp-content/uploads/2020/04/zoom-icon-logo.png

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.246.64.175 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

sergoot1.fvds.ru

Software

nginx/1.19.10 /

Resource Hash

eaada7cfe45e4bab846bfbc04c110d37488a112491577c4fb4697a0b7d584efa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:28 GMT
last-modified: Mon, 08 Jun 2020 08:21:11 GMT
server: nginx/1.19.10
etag: "5eddf4f7-248d"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 9357
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK mSetupWidget Show response
bandidandy.com/api/scripts/ 20 KB
7 KB 77ms
28ms Script
text/javascript 88.208.46.156
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bandidandy.com/api/scripts/mSetupWidget?id=195
Requested by: Host: zoomapp.ru
URL: https://zoomapp.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.156 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: openresty / PHP/8.0.8
Resource Hash: 46c85589c7a6925f7b761645f0fedc71c600c6f4f2add8251ef447a1bec7e585

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 08:04:28 GMT
Content-Encoding: gzip
Server: openresty
Connection: keep-alive
X-Powered-By: PHP/8.0.8
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H2 200 rating_on.gif
zoomapp.ru/wp-content/plugins/wp-postratings/images/stars_custom/ 299 B
513 B 59ms
56ms Image
image/gif 185.246.64.175
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zoomapp.ru/wp-content/plugins/wp-postratings/images/stars_custom/rating_on.gif

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.246.64.175 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

sergoot1.fvds.ru

Software

nginx/1.19.10 /

Resource Hash

daa281d8f7d5b1d8227ae6dfbcd8fff976757e3595e1006afdcd78e4a3d91448

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:28 GMT
last-modified: Thu, 31 Dec 2020 05:23:03 GMT
server: nginx/1.19.10
etag: "5fed6037-12b"
strict-transport-security: max-age=31536000;
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 299
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rating_off.gif
zoomapp.ru/wp-content/plugins/wp-postratings/images/stars_custom/ 349 B
564 B 59ms
56ms Image
image/gif 185.246.64.175
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zoomapp.ru/wp-content/plugins/wp-postratings/images/stars_custom/rating_off.gif

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.246.64.175 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

sergoot1.fvds.ru

Software

nginx/1.19.10 /

Resource Hash

e69d2d23bf605f9e4abc56ea65a42b2ca5b43a04a880f8dec9fd972075d2ac65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:28 GMT
last-modified: Thu, 31 Dec 2020 05:23:03 GMT
server: nginx/1.19.10
etag: "5fed6037-15d"
strict-transport-security: max-age=31536000;
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 349
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loading.gif
zoomapp.ru/wp-content/plugins/wp-postratings/images/ 770 B
984 B 98ms
95ms Image
image/gif 185.246.64.175
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zoomapp.ru/wp-content/plugins/wp-postratings/images/loading.gif

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.246.64.175 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

sergoot1.fvds.ru

Software

nginx/1.19.10 /

Resource Hash

561d133e612d60ea988fd5ab8819c6ea9c2336c8a3e3a054ac78a1bab3a73178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:28 GMT
last-modified: Thu, 31 Dec 2020 05:22:41 GMT
server: nginx/1.19.10
etag: "5fed6021-302"
strict-transport-security: max-age=31536000;
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 770
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dashicons.min.css
zoomapp.ru/wp-includes/css/ 58 KB
35 KB 55ms
50ms Stylesheet
text/css 185.246.64.175
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://zoomapp.ru/wp-includes/css/dashicons.min.css

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.246.64.175 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

sergoot1.fvds.ru

Software

nginx/1.19.10 /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:28 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 09:26:12 GMT
server: nginx/1.19.10
etag: W/"607806b4-e688"
strict-transport-security: max-age=31536000;
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.cookie.min.js Show response
zoomapp.ru/wp-content/plugins/social-by-webnavoz/js/ 1 KB
918 B 57ms
53ms Script
application/javascript 185.246.64.175
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://zoomapp.ru/wp-content/plugins/social-by-webnavoz/js/jquery.cookie.min.js

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.246.64.175 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

sergoot1.fvds.ru

Software

nginx/1.19.10 /

Resource Hash

d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:28 GMT
content-encoding: gzip
last-modified: Tue, 14 Apr 2020 11:18:23 GMT
server: nginx/1.19.10
etag: W/"5e959bff-514"
strict-transport-security: max-age=31536000;
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wmac_single_4f0295030c507ca88c345145ecd4482d.js Show response
zoomapp.ru/wp-content/cache/wmac/js/ 947 B
775 B 58ms
53ms Script
application/javascript 185.246.64.175
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://zoomapp.ru/wp-content/cache/wmac/js/wmac_single_4f0295030c507ca88c345145ecd4482d.js

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.246.64.175 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

sergoot1.fvds.ru

Software

nginx/1.19.10 /

Resource Hash

37a0fa99582830c1adc3a216669dc1d4fbcf57309e1b4ebb0d1a6b26f6aeef1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:28 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 17:09:15 GMT
server: nginx/1.19.10
etag: W/"61e6f43b-3b3"
strict-transport-security: max-age=31536000;
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 front.min.js Show response
zoomapp.ru/wp-content/plugins/table-of-contents-plus/ 6 KB
3 KB 58ms
54ms Script
application/javascript 185.246.64.175
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://zoomapp.ru/wp-content/plugins/table-of-contents-plus/front.min.js

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.246.64.175 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

sergoot1.fvds.ru

Software

nginx/1.19.10 /

Resource Hash

4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:28 GMT
content-encoding: gzip
last-modified: Tue, 14 Apr 2020 10:50:32 GMT
server: nginx/1.19.10
etag: W/"5e959578-17cb"
strict-transport-security: max-age=31536000;
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wmac_single_830dae7fb9dfd5ac1879a83dd028083d.js Show response
zoomapp.ru/wp-content/cache/wmac/js/ 3 KB
962 B 58ms
54ms Script
application/javascript 185.246.64.175
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://zoomapp.ru/wp-content/cache/wmac/js/wmac_single_830dae7fb9dfd5ac1879a83dd028083d.js

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.246.64.175 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

sergoot1.fvds.ru

Software

nginx/1.19.10 /

Resource Hash

816c9c121e9f737df79aa48aee9e1e4fd4aa50a787e152c36a68def2b0072fc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:28 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 17:09:15 GMT
server: nginx/1.19.10
etag: W/"61e6f43b-cf9"
strict-transport-security: max-age=31536000;
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slick-carousel@1.8.1 Show response
cdn.jsdelivr.net/npm/ 42 KB
11 KB 39ms
18ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
fastly-original-body-size: 10429
age: 10795280
x-jsd-version: 1.8.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19162-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68PDpMdkEVsZim2k2zLa2PysrvokoiMGKdPyXd57k4EqR1IAJJEQEzlPnLltSqvR3UcX6mO21BV2Gsa2ZjEZq5q0LmzcrseLyalOzGVhz0Njt7TtxfKxE4aGTwHjS8JhN1ScMamWI1sxIMMDWvo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 72fb2530ef149a35-FRA

GET
H2 200 wmac_single_5b85af2c35f2a05b7865895e839ed828.js Show response
zoomapp.ru/wp-content/cache/wmac/js/ 5 KB
2 KB 58ms
54ms Script
application/javascript 185.246.64.175
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://zoomapp.ru/wp-content/cache/wmac/js/wmac_single_5b85af2c35f2a05b7865895e839ed828.js

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.246.64.175 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

sergoot1.fvds.ru

Software

nginx/1.19.10 /

Resource Hash

d8a0caab095830fbdfda36728b2151ac2282cb626d6036f76ecec6508e56842c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:28 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 17:09:15 GMT
server: nginx/1.19.10
etag: W/"61e6f43b-1266"
strict-transport-security: max-age=31536000;
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-embed.min.js Show response
zoomapp.ru/wp-includes/js/ 1 KB
986 B 58ms
55ms Script
application/javascript 185.246.64.175
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://zoomapp.ru/wp-includes/js/wp-embed.min.js

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.246.64.175 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

sergoot1.fvds.ru

Software

nginx/1.19.10 /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:28 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 09:25:44 GMT
server: nginx/1.19.10
etag: W/"601bbd98-592"
strict-transport-security: max-age=31536000;
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
71 KB 175ms
60ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PRPGBDVZW7

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

78c1fb882939d47dea2051a07b921b8d90c4abd1689499101bde76312a8e47fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:29 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72044
x-xss-protection: 0
expires: Sun, 24 Jul 2022 08:04:29 GMT

GET
DATA 200
OK truncated
/ 65 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eae45f94c29d3a062b0308f734b58970f32f3556d52ccec5ead8f49d3c84aa4f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7713b5fe29e6ca24d6b340550f6929b15b263333e2c9e300989a9361dd45ec61

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Kartinka-Videokonferentsiya-v-Zoom-768x452.png
zoomapp.ru/wp-content/uploads/2020/04/ 409 KB
409 KB 66ms
65ms Image
image/png 185.246.64.175
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zoomapp.ru/wp-content/uploads/2020/04/Kartinka-Videokonferentsiya-v-Zoom-768x452.png

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.246.64.175 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

sergoot1.fvds.ru

Software

nginx/1.19.10 /

Resource Hash

1032424abbb1498d4cdbf2244d441bfb8f3892efa3c41854da64ed6c584dfe9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:28 GMT
last-modified: Thu, 16 Apr 2020 02:11:54 GMT
server: nginx/1.19.10
etag: "5e97beea-66335"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 418613
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Kartinka-Razlichnye-versii-Zoom-768x547.png
zoomapp.ru/wp-content/uploads/2020/04/ 179 KB
180 KB 77ms
76ms Image
image/png 185.246.64.175
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zoomapp.ru/wp-content/uploads/2020/04/Kartinka-Razlichnye-versii-Zoom-768x547.png

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.246.64.175 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

sergoot1.fvds.ru

Software

nginx/1.19.10 /

Resource Hash

5e341bd2b4c416d54ba8ce6bdfb07c081b935b06d662e51156f081810ccd1730

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:28 GMT
last-modified: Thu, 16 Apr 2020 02:11:55 GMT
server: nginx/1.19.10
etag: "5e97beeb-2cdf2"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 183794
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Vklyuchenie-video-v-rezhime-HD-v-nastrojkah-Zum.png
zoomapp.ru/wp-content/uploads/2021/01/ 122 KB
123 KB 77ms
77ms Image
image/png 185.246.64.175
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zoomapp.ru/wp-content/uploads/2021/01/Vklyuchenie-video-v-rezhime-HD-v-nastrojkah-Zum.png

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.246.64.175 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

sergoot1.fvds.ru

Software

nginx/1.19.10 /

Resource Hash

57be727f582ecbedb56d921be5c0b9155e220245ddff672477cb8ad1bccf5e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:28 GMT
last-modified: Wed, 06 Jan 2021 12:55:13 GMT
server: nginx/1.19.10
etag: "5ff5b331-1e944"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 125252
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Integratsiya-s-kalendarem-Google-v-Zoom.png
zoomapp.ru/wp-content/uploads/2021/01/ 64 KB
64 KB 78ms
77ms Image
image/png 185.246.64.175
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zoomapp.ru/wp-content/uploads/2021/01/Integratsiya-s-kalendarem-Google-v-Zoom.png

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.246.64.175 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

sergoot1.fvds.ru

Software

nginx/1.19.10 /

Resource Hash

4d6b307d78eebda6f4fc7c7168508d1f7fe285313e3519ff03f4d53015057dc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:28 GMT
last-modified: Wed, 06 Jan 2021 12:52:32 GMT
server: nginx/1.19.10
etag: "5ff5b290-ff4d"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 65357
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Goryachie-klavishi-Zoom.png
zoomapp.ru/wp-content/uploads/2021/01/ 70 KB
70 KB 78ms
78ms Image
image/png 185.246.64.175
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zoomapp.ru/wp-content/uploads/2021/01/Goryachie-klavishi-Zoom.png

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.246.64.175 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

sergoot1.fvds.ru

Software

nginx/1.19.10 /

Resource Hash

2c7a7eee7356efceb72e0a3dac26fe294623e405ab3b9cabaf731e4e9bd91e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:28 GMT
last-modified: Wed, 06 Jan 2021 13:08:55 GMT
server: nginx/1.19.10
etag: "5ff5b667-1162c"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 71212
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 934 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 422e1a759acbe143c92042a3ad98b9cfe8721ecd05e258d8963b4e76c85ce533

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 165ms
72ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

efa5f8df07811ca584265a7f3b44e74687496ae792370392f6fec18f4c1ea30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 06:47:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Jul 2022 08:04:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Jul 2022 08:04:29 GMT

GET
H/1.1 200
OK getslugv3 Show response
determineapp.com/api/ 73 B
550 B 59ms
17ms XHR
text/html 88.208.46.222
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://determineapp.com/api/getslugv3?partner_apikey=1cb091744269584ad3c3984f27736227&bl=0&raw=zoom&tag=zoom&rnd=d6f0536221844c3581a5d7a9f67e670c&d=0&err=0&rfr=https%3A%2F%2Fzoomapp.ru%2F
Requested by: Host: bandidandy.com
URL: https://bandidandy.com/api/scripts/mSetupWidget?id=195
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.208.46.222 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 83abc3a657df1a1259360a0fe635d15d6a64ff18a48e715dbba8ff85d45f0c72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 08:04:29 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/ 341 KB
120 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7202568105730570&plah=zoomapp.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2f1661ddb7866b5dff4351ca4fd3f02a47702f91527a3f8ed05376dbb47c2ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123109
x-xss-protection: 0
server: cafe
etag: 13273732510787528541
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 24 Jul 2022 08:04:29 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220721/r20190131/ Frame EC6B 10 KB
5 KB 150ms
37ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220721/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zoomapp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 58917
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Jul 2022 15:42:32 GMT
etag: 8616628553774171045
expires: Sat, 06 Aug 2022 15:42:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 477 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d74b7089a68f822f535c265ed9b4faf167417defaeed5985d00f7d1f8d83007

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 88 B
369 B 290ms
58ms XHR
application/json 2a02:6b8::16b
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

9f8c8dc5b836748756a99ee028592680bb200ef3474996162bbbde74c72977b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: https://zoomapp.ru
date: Sun, 24 Jul 2022 08:04:29 GMT
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 88
x-content-type-options: nosniff
content-type: application/json

GET
H2 200 9a588310742adbc44f55.js Show response
yastatic.net/partner-code-bundles/599290/ 37 KB
10 KB 142ms
39ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/599290/9a588310742adbc44f55.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

3bdab4da5017468f0ddfc1a51edc3772a13aa064c83df984c152729075714847

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://zoomapp.ru/
Origin: https://zoomapp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:29 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 10038
last-modified: Fri, 17 Jun 2022 13:53:09 GMT
server: nginx/1.17.9
etag: "b3fb60d15c0a59a3cf542d7daeab0766"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jul 2052 14:39:03 GMT

POST
H2 200 adjson Show response
ads.betweendigital.com/ 12 KB
8 KB 179ms
94ms XHR
application/json 188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: a1c3c07ec75ae00bb8452aae6a102513520a24fd1c4a1e11ec71595baf5d2d79

Request headers

Referer: https://zoomapp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://zoomapp.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 200 yhb Show response
yhb.p.otm-r.com/ 11 B
248 B 95ms
23ms XHR
text/plain 195.201.8.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yhb.p.otm-r.com/yhb
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.8.30 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.8.201.195.clients.your-server.de
Software: nginx/1.21.6 /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://zoomapp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://zoomapp.ru
date: Sun, 24 Jul 2022 08:04:29 GMT
access-control-allow-credentials: true
server: nginx/1.21.6
content-length: 11
vary: Origin
content-type: text/plain; charset=utf-8

POST
H2

200

yandex_hb Show response
px.adhigh.net/rtb/
Redirect Chain

https://px.adhigh.net/rtb/yandex_hb
https://px.adhigh.net/rtb/yandex_hb?bounced=1

11 B
314 B

51ms
51ms

XHR
application/json

194.190.76.41
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.adhigh.net/rtb/yandex_hb?bounced=1
Requested by: Host: zoomapp.ru
URL: https://zoomapp.ru/
Protocol: H2
Server: 194.190.76.41 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: smtp1.senders.rutube.ru
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 08:04:29 GMT
server: nginx
x-backend-id: f11-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://zoomapp.ru
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 11
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Jul 2022 08:04:29 GMT
server: nginx
access-control-allow-origin: https://zoomapp.ru
x-backend-id: f11-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://px.adhigh.net/rtb/yandex_hb?bounced=1
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
204 B 125ms
40ms XHR
application/json 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zoomapp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://zoomapp.ru
date: Sun, 24 Jul 2022 08:04:29 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H2 200 pl999 Show response
ssp.bidvol.com/rtb/ 11 B
471 B 144ms
38ms XHR
application/json 65.109.23.99
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.bidvol.com/rtb/pl999
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.109.23.99 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.99.23.109.65.clients.your-server.de
Software: nginx/1.23.0 /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://zoomapp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 08:04:29 GMT
server: nginx/1.23.0
surrogate-control: no-store
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://zoomapp.ru
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
content-length: 11
x-request-id: f45e6004-6562-46d7-afbc-3a6833d52f7d
expires: 0

POST
H/1.1 200
OK adfoxhb Show response
ssp-rtb.sape.ru/ 11 B
449 B 307ms
130ms XHR
application/json 193.3.184.136
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/adfoxhb
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.3.184.136 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv320.qwarta.ru
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://zoomapp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 24 Jul 2022 08:04:29 GMT
Server: openresty
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://zoomapp.ru
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 11

POST
H/1.1 204
No Content auction Show response
hb.adtelligent.com/v3/ 0
221 B 178ms
17ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adtelligent.com/v3/auction
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zoomapp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://zoomapp.ru
Date: Sun, 24 Jul 2022 08:04:28 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
298 B 596ms
64ms XHR
text/plain 195.209.111.22
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.22 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zoomapp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://zoomapp.ru
Pragma: no-cache
Date: Sun, 24 Jul 2022 08:04:29 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 204 KB
70 KB 204ms
98ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

9e64760d7802c3b98152c8ba9ea87a2ffc111897a2d9e0f109766a4d36bb52e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:29 GMT
content-encoding: br
last-modified: Fri, 15 Jul 2022 13:30:34 GMT
etag: "62d141ca-1182c"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71724
expires: Sun, 24 Jul 2022 09:04:29 GMT

GET
H2 200 rating_over.gif
zoomapp.ru/wp-content/plugins/wp-postratings/images/stars_custom/ 299 B
513 B 49ms
48ms Image
image/gif 185.246.64.175
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zoomapp.ru/wp-content/plugins/wp-postratings/images/stars_custom/rating_over.gif

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.246.64.175 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

sergoot1.fvds.ru

Software

nginx/1.19.10 /

Resource Hash

daa281d8f7d5b1d8227ae6dfbcd8fff976757e3595e1006afdcd78e4a3d91448

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:29 GMT
last-modified: Thu, 31 Dec 2020 05:23:03 GMT
server: nginx/1.19.10
etag: "5fed6037-12b"
strict-transport-security: max-age=31536000;
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 299
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 98 KB
37 KB 147ms
67ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TCS9ZZ

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d75ccf41f4c6f860a0163ba3e4504785425b25df90bd04dbf79ef576f26a416

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38260
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 24 Jul 2022 08:04:29 GMT

GET
H/1.1 200
OK 414988.js Show response
clairpixum.com/ 28 KB
12 KB 86ms
35ms Script
application/javascript 88.208.46.30
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://clairpixum.com/414988.js
Requested by: Host: zoomapp.ru
URL: https://zoomapp.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.30 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 141b659e564dc4587f7944852f55ee0353982cdcb450824f2ee939852c46d6b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 08:04:29 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 vk.png
zoomapp.ru/wp-content/plugins/social-by-webnavoz/i/ 600 B
815 B 49ms
48ms Image
image/png 185.246.64.175
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zoomapp.ru/wp-content/plugins/social-by-webnavoz/i/vk.png

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/wp-content/cache/wmac/css/wmac_47cd75eaec4b74cb6954ceff8e6c28a9.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.246.64.175 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

sergoot1.fvds.ru

Software

nginx/1.19.10 /

Resource Hash

a6158e7113c81bcd3012fc9a5bd4749e13083932d7a88e13f5848c395f858527

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/wp-content/cache/wmac/css/wmac_47cd75eaec4b74cb6954ceff8e6c28a9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:29 GMT
last-modified: Tue, 14 Apr 2020 11:18:22 GMT
server: nginx/1.19.10
etag: "5e959bfe-258"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 600
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fb.png
zoomapp.ru/wp-content/plugins/social-by-webnavoz/i/ 450 B
664 B 49ms
49ms Image
image/png 185.246.64.175
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zoomapp.ru/wp-content/plugins/social-by-webnavoz/i/fb.png

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/wp-content/cache/wmac/css/wmac_47cd75eaec4b74cb6954ceff8e6c28a9.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.246.64.175 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

sergoot1.fvds.ru

Software

nginx/1.19.10 /

Resource Hash

faaf15be463ae138468851da424e83ebf2ec7dab1a73276d27c820a37b8dbd42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/wp-content/cache/wmac/css/wmac_47cd75eaec4b74cb6954ceff8e6c28a9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:29 GMT
last-modified: Tue, 14 Apr 2020 11:18:22 GMT
server: nginx/1.19.10
etag: "5e959bfe-1c2"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 450
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ok.png
zoomapp.ru/wp-content/plugins/social-by-webnavoz/i/ 610 B
824 B 50ms
49ms Image
image/png 185.246.64.175
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zoomapp.ru/wp-content/plugins/social-by-webnavoz/i/ok.png

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/wp-content/cache/wmac/css/wmac_47cd75eaec4b74cb6954ceff8e6c28a9.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.246.64.175 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

sergoot1.fvds.ru

Software

nginx/1.19.10 /

Resource Hash

1c346662aca38b09450788889b64def5438c217f0c56ddc8232e3b864f177eef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/wp-content/cache/wmac/css/wmac_47cd75eaec4b74cb6954ceff8e6c28a9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:29 GMT
last-modified: Tue, 14 Apr 2020 11:18:22 GMT
server: nginx/1.19.10
etag: "5e959bfe-262"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 610
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tw.png
zoomapp.ru/wp-content/plugins/social-by-webnavoz/i/ 602 B
816 B 50ms
50ms Image
image/png 185.246.64.175
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zoomapp.ru/wp-content/plugins/social-by-webnavoz/i/tw.png

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/wp-content/cache/wmac/css/wmac_47cd75eaec4b74cb6954ceff8e6c28a9.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.246.64.175 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

sergoot1.fvds.ru

Software

nginx/1.19.10 /

Resource Hash

9996fb1e7ac9a0f42fa2e2c5502c03973534653253c54753776ca50745850a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/wp-content/cache/wmac/css/wmac_47cd75eaec4b74cb6954ceff8e6c28a9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:29 GMT
last-modified: Tue, 14 Apr 2020 11:18:22 GMT
server: nginx/1.19.10
etag: "5e959bfe-25a"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 602
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 137ms
41ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://zoomapp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 23:10:25 GMT
x-content-type-options: nosniff
age: 464044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 23:10:25 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v29/ 24 KB
24 KB 190ms
95ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b800f039c220f9ae4506d735f9ff593d6872c7a8ad4050da17dd8f2dcd76b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://zoomapp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 17:48:55 GMT
x-content-type-options: nosniff
age: 483334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 17:48:55 GMT

GET
H2 200 52f9bd45539f6123f02d.js Show response
yastatic.net/partner-code-bundles/619502/ 13 KB
5 KB 35ms
34ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/619502/52f9bd45539f6123f02d.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

c9cce10c2ed7f85f2313a6809602edc58f92b13ab43ec3f40a0a82144f29e399

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://zoomapp.ru/
Origin: https://zoomapp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:29 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4471
last-modified: Fri, 22 Jul 2022 16:24:57 GMT
server: nginx/1.17.9
etag: "fe4ee19285b9cbc6b638ef8102494b7f"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jul 2052 14:36:26 GMT

GET
H2 200 61d5ea78516863352060.js Show response
yastatic.net/partner-code-bundles/619502/ 86 KB
18 KB 48ms
48ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/619502/61d5ea78516863352060.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

67795270b27ccc739cfeae9070c1a04e1a4b399f1bc1c5bb947c320435a08a6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://zoomapp.ru/
Origin: https://zoomapp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:29 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 17859
last-modified: Fri, 22 Jul 2022 16:24:57 GMT
server: nginx/1.17.9
etag: "f069425c54e6e688ead968a6be99903a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jul 2052 14:36:24 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 67ms
66ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://zoomapp.ru/
Origin: https://zoomapp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:29 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jul 2052 14:36:20 GMT

GET
H2 200 a31302baa8b0a06ce884.js Show response
yastatic.net/partner-code-bundles/619502/ 543 KB
110 KB 92ms
92ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/619502/a31302baa8b0a06ce884.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

3aba6220ea374e92ea3fca0de855e7b8ddf69c7c99aa579e3dd4059820309375

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://zoomapp.ru/
Origin: https://zoomapp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:29 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 112015
last-modified: Fri, 22 Jul 2022 16:24:58 GMT
server: nginx/1.17.9
etag: "42c6d3e443a0179bc855c8c38a53febc"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jul 2052 14:36:26 GMT

GET
H3 200 css
fonts.googleapis.com/ 10 KB
712 B 131ms
46ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,400i,500,600,700&subset=cyrillic

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/wp-content/plugins/clearfy/assets/js/css-lazy-load.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d6b7781daf33341ee83cd2f3271cfd2f00fadf92c12ea8a76e8f5d2e6b225c48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 08:04:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Jul 2022 08:04:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Jul 2022 08:04:29 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 214 B
643 B 190ms
49ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=zoomapp.ru&callback=_gfp_s_&client=ca-pub-7202568105730570

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7202568105730570&plah=zoomapp.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ff5a70645a4ea83dabb7e9ca235c235be0c25b804325a5bce205dce0c5846c79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 164ms
47ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=zoomapp.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Jul 2022 08:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 145ms
45ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=zoomapp.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Jul 2022 08:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 092C 93 KB
32 KB 508ms
434ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202568105730570&output=html&h=280&slotname=5705747582&adk=540886628&adf=3055222944&pi=t.ma~as.5705747582&w=1000&fwrn=4&fwrnh=100&lmt=1658649869&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Fzoomapp.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658649869041&bpp=3&bdt=244&idt=215&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&correlator=7989944222235&frm=20&pv=2&ga_vid=1540385871.1658649869&ga_sid=1658649869&ga_hid=396887661&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531608&oid=2&pvsid=4114582118053799&tmod=548650271&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Aq0HELcjqn&p=https%3A//zoomapp.ru&dtd=261

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7123354ff5da30c76e9de61bec690cc3c7fe78d908d2ba942c14c4bbe1a715a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zoomapp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32896
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 08:04:29 GMT
expires: Sun, 24 Jul 2022 08:04:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
343 B 107ms
38ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-PRPGBDVZW7&gtm=2oe7k0&_p=396887661&_z=ccd.v9B&cid=1540385871.1658649869&ul=en-us&sr=1600x1200&_s=1&sid=1658649869&sct=1&seg=0&dl=https%3A%2F%2Fzoomapp.ru%2F&dt=%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Zoom%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%E2%80%94%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%D0%BA%D0%BE%D0%BD%D1%84%D0%B5%D1%80%D0%B5%D0%BD%D1%86%D0%B8%D0%B8%2C%20%D0%B2%D0%B5%D0%B1%D0%B8%D0%BD%D0%B0%D1%80%D1%8B%2C%20%D0%B4%D0%B5%D0%BC%D0%BE%D0%BD%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%20%D1%8D%D0%BA%D1%80%D0%B0%D0%BD%D0%B0%20%D0%B8%20%D0%BC%D0%BD%D0%BE%D0%B3%D0%BE%D0%B5%20%D0%B4%D1%80%D1%83%D0%B3%D0%BE%D0%B5&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PRPGBDVZW7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 08:04:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zoomapp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4456 132 KB
42 KB 587ms
545ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202568105730570&output=html&h=400&slotname=5705747582&adk=3962687852&adf=422286093&pi=t.ma~as.5705747582&w=580&fwrn=4&fwrnh=100&lmt=1658649869&rafmt=12&psa=0&format=580x400&url=https%3A%2F%2Fzoomapp.ru%2F&fwr=0&fwrattr=true&rh=400&rw=580&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658649869044&bpp=1&bdt=248&idt=288&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=7989944222235&frm=20&pv=1&ga_vid=1540385871.1658649869&ga_sid=1658649869&ga_hid=396887661&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=3760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531608&oid=2&pvsid=4114582118053799&tmod=548650271&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8RcMsprUKQ&p=https%3A//zoomapp.ru&dtd=291

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad26b9e9b194b10bc2c15c558fa953bedc62dfc44034bf422abf215924f39696

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKzFl6KIkfkCFfprFQgd4tgOCw&gqi=Df3cYpmFGIuD9u8PnqSR0A0&layout=/sadbundle/%24csp%253Der3%24/3142959514070662682/300x250_EN/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zoomapp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 43439
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKzFl6KIkfkCFfprFQgd4tgOCw&gqi=Df3cYpmFGIuD9u8PnqSR0A0&layout=/sadbundle/%24csp%253Der3%24/3142959514070662682/300x250_EN/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 08:04:29 GMT
expires: Sun, 24 Jul 2022 08:04:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK 30199 Show response
clairpixum.com/ 5 KB
6 KB 55ms
55ms Fetch
application/json 88.208.46.30
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://clairpixum.com/30199
Requested by: Host: clairpixum.com
URL: https://clairpixum.com/414988.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.30 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: a4c3f34f9f1d5ad21b9bd45344e529515c791a759067106b6b0ffa02fcca120e

Request headers

Referer: https://zoomapp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 24 Jul 2022 08:04:29 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://zoomapp.ru
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 0

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 158 KB
56 KB 216ms
100ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

a77170d13a770ebf02ddf85667af72f6a2d210a1dedfacfc45b70293994feba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://zoomapp.ru/
Origin: https://zoomapp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:29 GMT
content-encoding: br
last-modified: Fri, 15 Jul 2022 13:30:34 GMT
etag: "62d141ca-dd8c"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 56716
expires: Sun, 24 Jul 2022 09:04:29 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 75F6 257 KB
64 KB 509ms
509ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202568105730570&output=html&adk=1812271804&adf=3025194257&lmt=1658649869&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fzoomapp.ru%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658649869210&bpp=1&bdt=413&idt=165&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280%2C580x400&nras=1&correlator=7989944222235&frm=20&pv=1&ga_vid=1540385871.1658649869&ga_sid=1658649869&ga_hid=396887661&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531608&oid=2&pvsid=4114582118053799&tmod=548650271&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&dtd=170

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d06300118d3c303d9c1dc967742a275dd480678314e454949ecf7c02dcc470e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zoomapp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 65154
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 08:04:29 GMT
expires: Sun, 24 Jul 2022 08:04:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 143ms
54ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,400i,500,600,700&subset=cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://zoomapp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 03:24:20 GMT
x-content-type-options: nosniff
age: 276009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jul 2023 03:24:20 GMT

GET
H3 200 JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v25/ 21 KB
21 KB 129ms
42ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,400i,500,600,700&subset=cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://zoomapp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 14:52:56 GMT
x-content-type-options: nosniff
age: 321093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21276
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 14:52:56 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9709.V-ancdkMiA6LiClX0CGiISSdY14okYNXIjEpGrhOMFLLYFLDxZGnhr-CdeOhvWZn.o558p8HMIuGX9gDR-zXj-ef86i4%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9709.SkFwD9Brr8l7gD3q76VkmfHji6nMPFvqqyL6PcicOceMCcp45doGWvMDwZzbxgZ5obfpG6z60WSsbzQd3zZ3Su3mt-RaufwwYbV6POhM9EM%2C.Fud8YjrRMS-JRubHNH6UoOWMHqc%2C

43 B
333 B

63ms
62ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9709.SkFwD9Brr8l7gD3q76VkmfHji6nMPFvqqyL6PcicOceMCcp45doGWvMDwZzbxgZ5obfpG6z60WSsbzQd3zZ3Su3mt-RaufwwYbV6POhM9EM%2C.Fud8YjrRMS-JRubHNH6UoOWMHqc%2C

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:29 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9709.SkFwD9Brr8l7gD3q76VkmfHji6nMPFvqqyL6PcicOceMCcp45doGWvMDwZzbxgZ5obfpG6z60WSsbzQd3zZ3Su3mt-RaufwwYbV6POhM9EM%2C.Fud8YjrRMS-JRubHNH6UoOWMHqc%2C
date: Sun, 24 Jul 2022 08:04:29 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
111 B 155ms
63ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:29 GMT
last-modified: Fri, 15 Jul 2022 13:30:34 GMT
etag: "62d141ca-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 24 Jul 2022 09:04:29 GMT

POST
H/1.1 200
OK set
clairpixum.com/event/ 0
0 29ms
24ms Fetch
text/html 88.208.46.30
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://clairpixum.com/event/set
Requested by: Host: clairpixum.com
URL: https://clairpixum.com/414988.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.30 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://zoomapp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 24 Jul 2022 08:04:29 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://zoomapp.ru
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control

POST
H/1.1 200
OK set
clairpixum.com/event/ 0
0 65ms
36ms Fetch
text/html 88.208.46.30
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://clairpixum.com/event/set
Requested by: Host: clairpixum.com
URL: https://clairpixum.com/414988.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.30 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://zoomapp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 24 Jul 2022 08:04:29 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://zoomapp.ru
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control

GET
H2

200

1 Show response
mc.yandex.com/watch/61990360/
Redirect Chain

https://mc.yandex.com/watch/61990360?wmode=7&page-url=https%3A%2F%2Fzoomapp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afp%3A783%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
https://mc.yandex.com/watch/61990360/1?wmode=7&page-url=https%3A%2F%2Fzoomapp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afp%3A783%3Afu%3A0%3Aen%3Autf-8%3Ala%...

350 B
793 B

46ms
46ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/61990360/1?wmode=7&page-url=https%3A%2F%2Fzoomapp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afp%3A783%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A841%3Acn%3A1%3Adp%3A0%3Als%3A1518968221736%3Ahid%3A164484612%3Az%3A0%3Ai%3A20220724080429%3Aet%3A1658649869%3Ac%3A1%3Arn%3A603462177%3Arqn%3A1%3Au%3A16586498691070391339%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1658649868183%3Ads%3A0%2C100%2C238%2C1%2C274%2C0%2C%2C414%2C1%2C%2C%2C%2C1027%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1658649870%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Zoom%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%E2%80%94%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%D0%BA%D0%BE%D0%BD%D1%84%D0%B5%D1%80%D0%B5%D0%BD%D1%86%D0%B8%D0%B8%2C%20%D0%B2%D0%B5%D0%B1%D0%B8%D0%BD%D0%B0%D1%80%D1%8B%2C%20%D0%B4%D0%B5%D0%BC%D0%BE%D0%BD%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%20%D1%8D%D0%BA%D1%80%D0%B0%D0%BD%D0%B0%20%D0%B8%20%D0%BC%D0%BD%D0%BE%D0%B3%D0%BE%D0%B5%20%D0%B4%D1%80%D1%83%D0%B3%D0%BE%D0%B5&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

16dfadd36c4e239668111e8c47fa4ac62585885587435c1e972a32360e0b4158

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 08:04:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 24-Jul-2022 08:04:29 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://zoomapp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Sun, 24-Jul-2022 08:04:29 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Jul 2022 08:04:29 GMT
last-modified: Sun, 24-Jul-2022 08:04:29 GMT
location: /watch/61990360/1?wmode=7&page-url=https%3A%2F%2Fzoomapp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark502dexbw1k%3Afp%3A783%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A841%3Acn%3A1%3Adp%3A0%3Als%3A1518968221736%3Ahid%3A164484612%3Az%3A0%3Ai%3A20220724080429%3Aet%3A1658649869%3Ac%3A1%3Arn%3A603462177%3Arqn%3A1%3Au%3A16586498691070391339%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1658649868183%3Ads%3A0%2C100%2C238%2C1%2C274%2C0%2C%2C414%2C1%2C%2C%2C%2C1027%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1658649870%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Zoom%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%E2%80%94%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%D0%BA%D0%BE%D0%BD%D1%84%D0%B5%D1%80%D0%B5%D0%BD%D1%86%D0%B8%D0%B8%2C%20%D0%B2%D0%B5%D0%B1%D0%B8%D0%BD%D0%B0%D1%80%D1%8B%2C%20%D0%B4%D0%B5%D0%BC%D0%BE%D0%BD%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%20%D1%8D%D0%BA%D1%80%D0%B0%D0%BD%D0%B0%20%D0%B8%20%D0%BC%D0%BD%D0%BE%D0%B3%D0%BE%D0%B5%20%D0%B4%D1%80%D1%83%D0%B3%D0%BE%D0%B5&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://zoomapp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 24-Jul-2022 08:04:29 GMT

GET
H2 200 dfafa4fd47dd86b7cbcd5aa280f1fc74.js Show response
www.gstatic.com/mysidia/ Frame 092C 10 KB
5 KB 137ms
42ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dfafa4fd47dd86b7cbcd5aa280f1fc74.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202568105730570&output=html&h=280&slotname=5705747582&adk=540886628&adf=3055222944&pi=t.ma~as.5705747582&w=1000&fwrn=4&fwrnh=100&lmt=1658649869&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Fzoomapp.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658649869041&bpp=3&bdt=244&idt=215&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&correlator=7989944222235&frm=20&pv=2&ga_vid=1540385871.1658649869&ga_sid=1658649869&ga_hid=396887661&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531608&oid=2&pvsid=4114582118053799&tmod=548650271&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Aq0HELcjqn&p=https%3A//zoomapp.ru&dtd=261

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f7f8fc77f71c162c7907a35dda7b01cc2d098685b2a1554e6514655911af8e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 13:55:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4359
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 23:08:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 13:55:47 GMT

GET
H2 200 4c3be841d2249c2a90c31a8670fa811e.js Show response
www.gstatic.com/mysidia/ Frame 092C 10 KB
4 KB 138ms
42ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4c3be841d2249c2a90c31a8670fa811e.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67cd2d215dfe5c7b17cfa9b3ee43c744ae069d1aae2f0d371898a90f59b0876f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 19:31:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 477153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4278
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 00:22:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 16 Oct 2022 19:31:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 092C 8 KB
893 B 45ms
44ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 07:17:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Jul 2022 08:04:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Jul 2022 08:04:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 092C 2 KB
902 B 194ms
100ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 07:59:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 07:59:33 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame 092C 21 KB
9 KB 129ms
36ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 07:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 516
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8663
x-xss-protection: 0
server: cafe
etag: 1576890815193688712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 07:55:53 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 092C 3 KB
1 KB 185ms
94ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 07:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 07:58:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 092C 138 KB
43 KB 138ms
47ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43235
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658317440141293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Jul 2022 08:04:29 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 092C 17 KB
7 KB 134ms
43ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 235
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 13288730413591369063
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 08:00:34 GMT

GET
H3 200 b8b39a8a01d591fbf8e8e88b2bbf8fd4.js Show response
www.gstatic.com/mysidia/ Frame 092C 30 KB
13 KB 210ms
91ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b8b39a8a01d591fbf8e8e88b2bbf8fd4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 06:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12830
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 00:22:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 17 Oct 2022 06:21:57 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/ 149 KB
53 KB 94ms
94ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4aca6deba48ee3adcc4e3d947759776ebb558b4a08b91869c7c664fcc45597eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54112
x-xss-protection: 0
server: cafe
etag: 902937838762929463
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Jul 2022 08:04:29 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/ Frame 1BDD 7 KB
2 KB 176ms
71ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85c37e81334cc0c7312c570008eb072018cf0a3ae8b9598c27fe61bdec6d5c5e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1959
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=0
content-encoding: gzip
content-length: 1717
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 07:31:51 GMT
expires: Sun, 24 Jul 2022 07:31:51 GMT
last-modified: Tue, 12 Jul 2022 13:38:08 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7FC9 0
0 98ms
97ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cmd24Df3cYuyKGfrX1fAP4rG7WPjQju9qxsfPwYUQ3auDwvAiEAEg8aHiYmCV4pCCoAegAe6YpO0ByAEJqQIJ9Axn3_qpPqgDAcgDSKoExAFP0H9LV3GNJ-OOM0U1vzdB_MQQ2wcOtkZXCoHQNygUUWqMpOxGTwQ7e3nGgGI3TU30vOlWHuwyFEdZ6UYpwIA80woSmysWg9HwohLpI6X4hQKBVcaACCYFg7okBy999Ugdp1q5_rrJwDdZTayB3qg6RaYcoVT5pDFZ_-z7gEVv7sVf3z3VfhJrJfb41es8Zkte_HsViRY4arjFaGHIZDRuszHGaeieCZGJOTuzlTEnFaAEHHhU0PPWDe7pgG1KUEFQ4e0qwASssqyGogSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH-ubbkgKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC12gjSCBEIgOGAcBABGB8yAusCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi03MjAyNTY4MTA1NzMwNTcwGAA&sigh=KSuug-BBiLI&uach_m=[UACH]&template_id=419

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202568105730570&output=html&h=400&slotname=5705747582&adk=3962687852&adf=422286093&pi=t.ma~as.5705747582&w=580&fwrn=4&fwrnh=100&lmt=1658649869&rafmt=12&psa=0&format=580x400&url=https%3A%2F%2Fzoomapp.ru%2F&fwr=0&fwrattr=true&rh=400&rw=580&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658649869044&bpp=1&bdt=248&idt=288&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=7989944222235&frm=20&pv=1&ga_vid=1540385871.1658649869&ga_sid=1658649869&ga_hid=396887661&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=3760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531608&oid=2&pvsid=4114582118053799&tmod=548650271&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8RcMsprUKQ&p=https%3A//zoomapp.ru&dtd=291
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 24 Jul 2022 08:04:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 24 Jul 2022 08:04:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame 7FC9 21 KB
8 KB 176ms
72ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202568105730570&output=html&h=400&slotname=5705747582&adk=3962687852&adf=422286093&pi=t.ma~as.5705747582&w=580&fwrn=4&fwrnh=100&lmt=1658649869&rafmt=12&psa=0&format=580x400&url=https%3A%2F%2Fzoomapp.ru%2F&fwr=0&fwrattr=true&rh=400&rw=580&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658649869044&bpp=1&bdt=248&idt=288&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=7989944222235&frm=20&pv=1&ga_vid=1540385871.1658649869&ga_sid=1658649869&ga_hid=396887661&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=3760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531608&oid=2&pvsid=4114582118053799&tmod=548650271&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8RcMsprUKQ&p=https%3A//zoomapp.ru&dtd=291

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 07:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8663
x-xss-protection: 0
server: cafe
etag: 1576890815193688712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 07:55:53 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 7FC9 3 KB
1 KB 205ms
102ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 07:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 07:58:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7FC9 138 KB
42 KB 239ms
126ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43235
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658317440141293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Jul 2022 08:04:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 7FC9 17 KB
7 KB 161ms
60ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 07:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 787
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 13288730413591369063
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 07:51:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 092C 0
0 102ms
101ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ClyfSDf3cYvrPGPig7_UPpOaV4Auh2qapa6CT6MrPEIz0_sGUDhABIPGh4mJgleKQgqAHoAHS7frBKMgBAagDAcgDwwSqBMgBT9B118EuK7E9Qn0GIuZIu869S55IyrmsSSazq4VYha5oT7kR2iwP0KONUPeGt4_if5JaphqniH96Vl3T_2pEP5pjPPZb13Ffir6p-sy7Op4urLl2rzQ3jQeYoa-Tmoi3aNLHUwbN5r4JfjdHzYaW7MqKXTJNKTI_gNdro66LF3o5UkFsr0j8wr1GyyzPXRLMzaie44jOCmFKR_kVafFNZNKYrwCN_2u01Cmd8UqN7LE378BN5CPFufrf0kpBucfqnKdGVDVxLenABJaZyvCJBJIFBAgEGAGSBQQIBRgEoAZmgAfSpcuhA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPbGJ9IIEQiA4YBwEAEYHzIC6wI6AoBAgAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTcyMDI1NjgxMDU3MzA1NzAYAA&sigh=fO4aJ10xEOA&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202568105730570&output=html&h=280&slotname=5705747582&adk=540886628&adf=3055222944&pi=t.ma~as.5705747582&w=1000&fwrn=4&fwrnh=100&lmt=1658649869&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Fzoomapp.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658649869041&bpp=3&bdt=244&idt=215&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&correlator=7989944222235&frm=20&pv=2&ga_vid=1540385871.1658649869&ga_sid=1658649869&ga_hid=396887661&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531608&oid=2&pvsid=4114582118053799&tmod=548650271&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Aq0HELcjqn&p=https%3A//zoomapp.ru&dtd=261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 24 Jul 2022 08:04:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 24 Jul 2022 08:04:30 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1B3C 143 B
163 B 53ms
52ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202568105730570&output=html&h=280&slotname=5705747582&adk=540886628&adf=3055222944&pi=t.ma~as.5705747582&w=1000&fwrn=4&fwrnh=100&lmt=1658649869&rafmt=1&psa=0&format=1000x280&url=https%3A%2F%2Fzoomapp.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658649869041&bpp=3&bdt=244&idt=215&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&correlator=7989944222235&frm=20&pv=2&ga_vid=1540385871.1658649869&ga_sid=1658649869&ga_hid=396887661&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=543&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531608&oid=2&pvsid=4114582118053799&tmod=548650271&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Aq0HELcjqn&p=https%3A//zoomapp.ru&dtd=261
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1530
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 07:39:00 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 092C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a2aa71278c60413701c667b8a76e79d458802ba522c75eb4990becbeb215d80b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1B3C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

109ms
108ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 08:04:30 GMT
expires: Sun, 24 Jul 2022 08:04:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 08:04:30 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 379ms
78ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=zoomapp.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Jul 2022 08:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 379ms
78ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=zoomapp.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Jul 2022 08:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/ Frame 9294 10 KB
4 KB 94ms
93ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zoomapp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 49399
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Jul 2022 18:21:11 GMT
etag: 8616628553774171045
expires: Sat, 06 Aug 2022 18:21:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/ Frame 8021 10 KB
4 KB 95ms
95ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zoomapp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 49399
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Jul 2022 18:21:11 GMT
etag: 8616628553774171045
expires: Sat, 06 Aug 2022 18:21:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/api/ Frame 1BDD 6 KB
3 KB 109ms
108ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a3c4df376bbd4bc194cbc937fe521ffc4d712544c7ea330d1b4802a076958f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 10:45:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76716
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2639
x-xss-protection: 0
server: cafe
etag: 15893831270588722589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 24 Jul 2022 10:45:54 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/ Frame 1BDD 26 KB
10 KB 97ms
96ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 10:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76715
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 24 Jul 2022 10:45:55 GMT

GET
H3 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/assets/ Frame 1BDD 7 KB
7 KB 98ms
96ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/assets/logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad1365139e2fe34ee43dae6bf6dd8a2800967a96aaeb388b68db802fe5c49726

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 273717
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7452
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 13:38:08 GMT
server: sffe
date: Thu, 21 Jul 2022 04:02:33 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Jul 2023 04:02:33 GMT

GET
H3 200 text-one.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/assets/ Frame 1BDD 5 KB
5 KB 105ms
104ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/assets/text-one.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dce5ca698bdbaeea22a65ad34037b495dea3361a3eb02a834105d8c285cdff1b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 358173
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5446
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 13:38:08 GMT
server: sffe
date: Wed, 20 Jul 2022 04:34:57 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Jul 2023 04:34:57 GMT

GET
H3 200 text-two.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/assets/ Frame 1BDD 7 KB
7 KB 110ms
109ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/assets/text-two.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd08b1baf5c0b90e135a3a996f0118d55cf9bb3e77d9a37080c606c4abf5e86b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 273717
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6754
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 13:38:08 GMT
server: sffe
date: Thu, 21 Jul 2022 04:02:33 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Jul 2023 04:02:33 GMT

GET
H3 200 text-three.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/assets/ Frame 1BDD 6 KB
6 KB 102ms
102ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/assets/text-three.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9be1675e1fb2483b3420c3adc4da8ebb5b99d456e6b6342e80821867e230d890

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 316352
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6143
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 13:38:08 GMT
server: sffe
date: Wed, 20 Jul 2022 16:11:58 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Jul 2023 16:11:58 GMT

GET
H3 200 background.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/assets/ Frame 1BDD 44 KB
44 KB 115ms
115ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/assets/background.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

228c8ee5b418fdbbe867b78227a9d93ce8dcad0930abe81b0b4edb7eeee3995c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 475919
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45125
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 13:38:08 GMT
server: sffe
date: Mon, 18 Jul 2022 19:52:31 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 18 Jul 2023 19:52:31 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4CB4 143 B
163 B 97ms
96ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202568105730570&output=html&h=400&slotname=5705747582&adk=3962687852&adf=422286093&pi=t.ma~as.5705747582&w=580&fwrn=4&fwrnh=100&lmt=1658649869&rafmt=12&psa=0&format=580x400&url=https%3A%2F%2Fzoomapp.ru%2F&fwr=0&fwrattr=true&rh=400&rw=580&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658649869044&bpp=1&bdt=248&idt=288&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=7989944222235&frm=20&pv=1&ga_vid=1540385871.1658649869&ga_sid=1658649869&ga_hid=396887661&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=3760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531608&oid=2&pvsid=4114582118053799&tmod=548650271&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8RcMsprUKQ&p=https%3A//zoomapp.ru&dtd=291
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1530
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 07:39:00 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 092C 28 KB
28 KB 99ms
98ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 20:36:54 GMT
x-content-type-options: nosniff
age: 300456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 20:36:54 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 9294 4 KB
636 B 105ms
105ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 07:19:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Jul 2022 08:04:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Jul 2022 08:04:30 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9294 205 B
229 B 199ms
198ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 07:49:59 GMT
x-content-type-options: nosniff
age: 871
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 24 Jul 2023 07:49:59 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9294 604 B
628 B 197ms
196ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 07:17:10 GMT
x-content-type-options: nosniff
age: 2840
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 24 Jul 2023 07:17:10 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/ Frame 9294 19 KB
8 KB 97ms
96ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:02:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8263
x-xss-protection: 0
server: cafe
etag: 17157773748623750166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 08:02:36 GMT

GET
H3 200 dfafa4fd47dd86b7cbcd5aa280f1fc74.js Show response
www.gstatic.com/mysidia/ Frame 8021 10 KB
4 KB 189ms
189ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dfafa4fd47dd86b7cbcd5aa280f1fc74.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f7f8fc77f71c162c7907a35dda7b01cc2d098685b2a1554e6514655911af8e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 13:55:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4359
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 23:08:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 13:55:47 GMT

GET
H3 200 4c3be841d2249c2a90c31a8670fa811e.js Show response
www.gstatic.com/mysidia/ Frame 8021 10 KB
4 KB 189ms
189ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4c3be841d2249c2a90c31a8670fa811e.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67cd2d215dfe5c7b17cfa9b3ee43c744ae069d1aae2f0d371898a90f59b0876f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 19:31:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 477154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4278
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 00:22:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 16 Oct 2022 19:31:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8021 8 KB
893 B 102ms
101ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 07:13:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Jul 2022 08:04:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Jul 2022 08:04:30 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 8021 2 KB
902 B 95ms
94ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 07:59:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 07:59:33 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame 8021 21 KB
8 KB 96ms
94ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 07:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8663
x-xss-protection: 0
server: cafe
etag: 1576890815193688712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 07:55:53 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 8021 3 KB
1 KB 112ms
111ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 07:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 07:58:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 8021 17 KB
7 KB 103ms
102ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 07:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 787
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 13288730413591369063
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 07:51:23 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8021 138 KB
42 KB 112ms
111ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43235
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658317440141293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Jul 2022 08:04:30 GMT

GET
H3 200 b8b39a8a01d591fbf8e8e88b2bbf8fd4.js Show response
www.gstatic.com/mysidia/ Frame 8021 30 KB
13 KB 103ms
102ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b8b39a8a01d591fbf8e8e88b2bbf8fd4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 06:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12830
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 00:22:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 17 Oct 2022 06:21:57 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4CB4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

115ms
111ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 08:04:30 GMT
expires: Sun, 24 Jul 2022 08:04:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 08:04:30 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 143E 8 KB
893 B 102ms
101ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 06:35:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Jul 2022 08:04:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Jul 2022 08:04:30 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 143E 2 KB
902 B 109ms
109ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 07:59:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 07:59:33 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame 143E 21 KB
8 KB 92ms
91ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 07:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8663
x-xss-protection: 0
server: cafe
etag: 1576890815193688712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 07:55:53 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 143E 3 KB
1 KB 109ms
108ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 07:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 07:58:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 143E 17 KB
7 KB 100ms
99ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 07:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 787
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 13288730413591369063
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Aug 2022 07:51:23 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 143E 138 KB
42 KB 109ms
108ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43235
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658317440141293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Jul 2022 08:04:30 GMT

GET
H3 200 b8b39a8a01d591fbf8e8e88b2bbf8fd4.js Show response
www.gstatic.com/mysidia/ Frame 143E 30 KB
13 KB 96ms
94ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b8b39a8a01d591fbf8e8e88b2bbf8fd4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 06:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12830
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 00:22:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 17 Oct 2022 06:21:57 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8021 0
0 100ms
100ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6xiUDf3cYsLjGZeu7gTzrJHQD6HapqlroJPoys8QjPT-wZQOEAEg8aHiYmCV4pCCoAegAdLt-sEoyAEBqAMByAPDBKoEywFP0NvClNkSXliciThd3-A-MBBegIIid9URORanjpIUsKM7yjqd7nnwU1g9g3WiSh-32NF7bxNKei6ZXF8mYxGVfKpQXCGvlJKrnehmzP5fZJPOCAdC1fATSFenhKDy6V_u10SJMbC9vt0VSDpxhfKbYYslIRg1jTYQZEqT8kGSvzf1jhiRXzhrFYOZSzN87zE5WpcPCWe8W8Qa58TwVkXnJX4WfkVY0qPM1OtmgGkK54po4y_7X--fU4cYJvs6DtXkDNPhlZ9FhHRIOcAElpnK8IkEkgUECAQYAZIFBAgFGASgBmaAB9Kly6EDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQt4FP0ggRCIDhgHAQARgfMgLrAjoCgECACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItNzIwMjU2ODEwNTczMDU3MBgA&sigh=UsrNo5snefA&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 24 Jul 2022 08:04:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D243 143 B
163 B 68ms
62ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1530
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 07:39:00 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7FC9 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9ebcaf39938f9474e08b6bc882e8ea545b3bd36209185df8d03dc853fd1985d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8021 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab804e58eaa8fbd25e6ea9be6dfe467ad9c7a7ddc044b09e09a8a94b411eff90

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1330 143 B
163 B 60ms
59ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1530
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 07:39:00 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js Show response
pagead2.googlesyndication.com/bg/ Frame 1BDD 36 KB
14 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 05:55:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14002
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 05:55:05 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D243
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

191ms
188ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 08:04:30 GMT
expires: Sun, 24 Jul 2022 08:04:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 08:04:30 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js Show response
pagead2.googlesyndication.com/bg/ Frame AD28 36 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 05:55:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14002
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 05:55:05 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1330
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

77ms
76ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 08:04:30 GMT
expires: Sun, 24 Jul 2022 08:04:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 08:04:30 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js Show response
pagead2.googlesyndication.com/bg/ Frame 6977 36 KB
14 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js

Requested by

Host: zoomapp.ru
URL: https://zoomapp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 05:55:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14002
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 05:55:05 GMT

GET
H3 200 zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js Show response
pagead2.googlesyndication.com/bg/ Frame 92BA 36 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 05:55:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14002
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 05:55:05 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 127ms
50ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220721&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15aaf4a2e986575097255c8dad36ee716efa3d73231dc4359ab0784c883a4236

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Jul 2022 08:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10846
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Jul 2022 08:04:31 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9390 13 KB
5 KB 37ms
36ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zoomapp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 30894
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Jul 2022 23:29:37 GMT
expires: Sun, 23 Jul 2023 23:29:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1181 783 B
533 B 51ms
51ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

96addb283352a5003b919f8e92c296319b613ae17d8d6474593bd45937b012ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IyC83SETny8SEkfOroEYrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zoomapp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-IyC83SETny8SEkfOroEYrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 24 Jul 2022 08:04:31 GMT
expires: Sun, 24 Jul 2022 08:04:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js Show response
pagead2.googlesyndication.com/bg/ Frame 9390 36 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 05:55:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14002
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 05:55:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1181 0
0 115ms
114ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220721&jk=4114582118053799&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9390 0
10 B 44ms
44ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?F7TYCw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 08:04:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8021 42 B
64 B 126ms
125ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEsvX9zfAUpSR7yI53htMClYGNbnv3t5czDJtGlYZ9OHeGtxYByvsSVsKml0fIiBdSyXsjZNFskK1gIaanLZpTjQQCok-ivshpayd4lHCUFzOnFDNGr9NFK4od9Rcist2ZxGITOkF5dfq-&sai=AMfl-YR_LzRtJiQpWyNA0QTzStcALLF5MeKl2oZ3Udeir-qDsrfxnaJA5Uvz13bygbwCaL6zgNIX_d71xurl&sig=Cg0ArKJSzAeEn8C01IEGEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=121,804,1000,1000,1000&tos=121,683,196,0,0&v=20220720&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658649870136&rpt=414&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 08:04:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 092C 42 B
64 B 120ms
119ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZOfPq5TRMmaP8AY425AxWrnWavghjSF9Ea9pks68d8yDOITirbTN8wjjnzM7wVqqDolTeCNji0AadSXRCGhQ0uA0sAoJwM8jZWkZn0q4ZHz5ZD9Y9f_r5rQQvkYCEXVvgeTZIm6M_s-kx&sai=AMfl-YSI_vWhWYJOJJ_W7l-0TmDNC8gaG9UfX2IfkSCEyvQKbhtw3heZbj0pvqAxMghn9BDg8WrgRbBgcuO_&sig=Cg0ArKJSzNZXnM6MVMs7EAE&id=lidar2&mcvt=1000&p=0,0,280,1000&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220720&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=540886628&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658649869304&rpt=1429&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 08:04:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 255ms
254ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220721&jk=4114582118053799&bg=!pKelp-PNAAacadVKvGk7ACkAdvg8WuH-KuD6cq3JUvv87Y0UIPHQYgnkpI4E4Q1dhvhnFNyBwxTmngIAAABKUgAAAANoAQeZApWb5KimlJU-3RIIGjl0VfRxbfVawByVQc64FTmMngx55C_6UBDK0MpJ-KREtEwmrcZ7XXlXHd75FjFsXEEed69KUpH-11CjivrNzxNJcPs1F1WM11HuMwPwgsWu5CsY2NmQf67fY0PkcSkBIZ_s-Nm8t6wblMK3rBypdru8eCT3PPE2J0-vQt95_xSGOgVbwYwPrOElkY4xG2Sr_UwFGWJJUn09w8E8EfKiCjtfS1nWnF5R_xLLwLF-js5zBtH8KQPROQTd-AM7aZL-D_cT7vYXCzvAGjQMAU0oPPRLf_RtqBah3vh8DQrcCmRgQR29osHde8I2oiHsebP9g3YEwnrq6kqhQfJydUZMFg25p-H8ow7CHL6qb_l7I5JJhGxMeyO7TeYDq2zusZAz7SV-HtyDk2fu_OdB3iwvur_GNLw_jGa_V-Gk19R1ogrplPvu9hmCaxHNtyFotKoR0jH8BgCwnlEBfXrt42X5RMq9PKc3laRT8bP8JwoRsdNi8EsoMYNySV54835C5KjHy3y1Ov2EMj0peCgxl7bHmR-m1aPR3jLbT7cSe2d16l8URh3wd0gD7ibMDDAMdzGi6CmlCIvyGu3b5haVSfFvWglBS1xsvaPCbH_HUkWL5_uKu3B7j7CO0wxNMkqU4uKG7JdcA-ZaJQiO1rSQ4Rrp9UxaFk2SoSzfJkoQ0zmPTelmT2I_ujZzDl6ulPHvYU1Et39YCV34EGAFOYu97bxXkfYo8fcoURZPnj4Ifi8hFwJmo-N0KUm5TnmWDE9H165mhCt4HaVRINfrVNTUK85LfXCE4FgpVkeo2YhQl2tB4XwTG7ctQfJhkykXBx9gJWsVsDF8oIbXnAjN8hecEPhbjkHlFtPzshS93AjA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zoomapp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

POST
H2 200 61990360 Show response
mc.yandex.com/webvisor/ 43 B
181 B 462ms
82ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/61990360?wmode=0&wv-part=1&wv-hit=164484612&page-url=https%3A%2F%2Fzoomapp.ru%2F&rn=461656426&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1658649872%3Aw%3A1600x1200%3Av%3A841%3Az%3A0%3Ai%3A20220724080432%3Au%3A16586498691070391339%3Avf%3A1hc9dnhfark502dexbw1k%3Awe%3A1%3Ast%3A1658649872&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zoomapp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 08:04:32 GMT
last-modified: Sun, 24-Jul-2022 08:04:32 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://zoomapp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 24-Jul-2022 08:04:32 GMT

POST
H2 200 61990360 Show response
mc.yandex.com/webvisor/ 43 B
73 B 82ms
81ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/61990360?wmode=0&wv-part=1&wv-hit=164484612&page-url=https%3A%2F%2Fzoomapp.ru%2F&rn=749542233&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1658649873%3Aw%3A1600x1200%3Av%3A841%3Az%3A0%3Ai%3A20220724080432%3Au%3A16586498691070391339%3Avf%3A1hc9dnhfark502dexbw1k%3Awe%3A1%3Ast%3A1658649873&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zoomapp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 08:04:32 GMT
last-modified: Sun, 24-Jul-2022 08:04:32 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://zoomapp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 24-Jul-2022 08:04:32 GMT

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yandex.ru/	1970-01-20 22:15:21	Name: i Value: CVvJB7WI61qSSSEDRU71ZrSZdWZhmn0Dh72A2SWlZK+QZu6I4XPBylKYxNxpJMAQ6rtNIFveNuVFAe4wpGmocumSZ/Q=
.otm-r.com/	1970-01-20 13:29:45	Name: mpid Value: NjJkY2ZkMGQwNGNlMmE2OA==
ssp.bidvol.com/	1970-02-14 01:15:33	Name: bvuid Value: l373l7zb7c
.betweendigital.com/	1970-01-20 13:29:45	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 13:29:45	Name: tuuid Value: 7a6390f6-4873-52cd-8fcf-a774ed135a79
.betweendigital.com/	1970-01-20 13:29:45	Name: ut Value: Ytz9DQADS8DNwNgKEC8WWGfevXMdXdoPg7fluA==
.betweendigital.com/	1970-01-20 13:29:45	Name: ss Value: 1
.betweendigital.com/	1970-01-20 13:29:45	Name: unm Value: 1
.zoomapp.ru/	1970-01-20 22:15:21	Name: _ga_PRPGBDVZW7 Value: GS1.1.1658649869.1.0.1658649869.0
.zoomapp.ru/	1970-01-20 22:15:21	Name: _ga Value: GA1.1.1540385871.1658649869
.yandex.ru/	1970-01-23 20:20:09	Name: yandexuid Value: 5110806921658649869
.adhigh.net/	1970-01-20 13:29:45	Name: gi_u Value: uMBY8ncxb0x7.AikABlGCLzx8Iw
.ssp-rtb.sape.ru/	1970-01-25 20:05:16	Name: sspuid Value: wQO4qWLc/Q2N5wKQr9bVAqFssS68agf6ANKj+gKpPGmw/NVw
clairpixum.com/	1970-01-22 00:33:47	Name: userid Value: 25288614-7786-41dd-bc8b-ab16466c7025
.zoomapp.ru/	1970-01-20 13:29:45	Name: _ym_uid Value: 16586498691070391339
.zoomapp.ru/	1970-01-20 13:29:45	Name: _ym_d Value: 1658649869
.zoomapp.ru/	1970-01-20 13:29:45	Name: pmvid Value: 25288614-7786-41dd-bc8b-ab16466c7025
.zoomapp.ru/	1970-01-20 14:05:45	Name: __gads Value: ID=01a887f801b7322c-226c94aed8cd0018:T=1658649869:RT=1658649869:S=ALNI_MaVAifhzEx5axOhhP6V3SQHciHoMQ
.zoomapp.ru/	1970-01-20 04:45:21	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 04:44:10	Name: sync_cookie_csrf Value: 1494972430fake
.mc.yandex.ru/	1970-01-20 04:44:10	Name: sync_cookie_csrf Value: 198818927fake
.yandex.com/	1970-01-20 13:29:45	Name: yandexuid Value: 5110806921658649869
.yandex.com/	1970-01-20 13:29:45	Name: yuidss Value: 5110806921658649869
.mc.yandex.com/	1970-01-20 04:45:36	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 456408651658649869
.yandex.com/	1970-01-23 20:20:09	Name: i Value: v6KLghaEjFGyUxpXSpa5KOzdtnwU/QkoiotlG7M7nqiIod++5B+KiJLgZibD4Ho18oAsVPYqDKMOkTM2OwGpMq1FhKM=
.yandex.com/	1970-01-20 13:29:45	Name: ymex Value: 1690185869.yrts.1658649869#1690185869.yrtsi.1658649869
.zoomapp.ru/	1970-01-20 04:44:11	Name: _ym_visorc Value: w
.doubleclick.net/	1970-01-20 14:05:45	Name: IDE Value: AHWqTUnJg355Uya5_cjXaK7vG2quaFCuT12yKSFKBmuuiryvH3TIfq01-xRphIYZHCo
.doubleclick.net/	1970-01-20 04:44:13	Name: DSID Value: NO_DATA

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202568105730570&output=html&h=400&slotname=5705747582&adk=3962687852&adf=422286093&pi=t.ma~as.5705747582&w=580&fwrn=4&fwrnh=100&lmt=1658649869&rafmt=12&psa=0&format=580x400&url=https%3A%2F%2Fzoomapp.ru%2F&fwr=0&fwrattr=true&rh=400&rw=580&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658649869044&bpp=1&bdt=248&idt=288&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=7989944222235&frm=20&pv=1&ga_vid=1540385871.1658649869&ga_sid=1658649869&ga_hid=396887661&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=3760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531608&oid=2&pvsid=4114582118053799&tmod=548650271&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8RcMsprUKQ&p=https%3A//zoomapp.ru&dtd=291 Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202568105730570&output=html&h=400&slotname=5705747582&adk=3962687852&adf=422286093&pi=t.ma~as.5705747582&w=580&fwrn=4&fwrnh=100&lmt=1658649869&rafmt=12&psa=0&format=580x400&url=https%3A%2F%2Fzoomapp.ru%2F&fwr=0&fwrattr=true&rh=400&rw=580&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658649869044&bpp=1&bdt=248&idt=288&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=7989944222235&frm=20&pv=1&ga_vid=1540385871.1658649869&ga_sid=1658649869&ga_hid=396887661&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=3760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531608&oid=2&pvsid=4114582118053799&tmod=548650271&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8RcMsprUKQ&p=https%3A//zoomapp.ru&dtd=291 Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: about:blank Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: about:blank Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: about:blank Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: about:blank Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202568105730570&output=html&h=400&slotname=5705747582&adk=3962687852&adf=422286093&pi=t.ma~as.5705747582&w=580&fwrn=4&fwrnh=100&lmt=1658649869&rafmt=12&psa=0&format=580x400&url=https%3A%2F%2Fzoomapp.ru%2F&fwr=0&fwrattr=true&rh=400&rw=580&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658649869044&bpp=1&bdt=248&idt=288&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=7989944222235&frm=20&pv=1&ga_vid=1540385871.1658649869&ga_sid=1658649869&ga_hid=396887661&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=3760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531608&oid=2&pvsid=4114582118053799&tmod=548650271&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8RcMsprUKQ&p=https%3A//zoomapp.ru&dtd=291 Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202568105730570&output=html&h=400&slotname=5705747582&adk=3962687852&adf=422286093&pi=t.ma~as.5705747582&w=580&fwrn=4&fwrnh=100&lmt=1658649869&rafmt=12&psa=0&format=580x400&url=https%3A%2F%2Fzoomapp.ru%2F&fwr=0&fwrattr=true&rh=400&rw=580&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658649869044&bpp=1&bdt=248&idt=288&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=7989944222235&frm=20&pv=1&ga_vid=1540385871.1658649869&ga_sid=1658649869&ga_hid=396887661&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=3760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531608&oid=2&pvsid=4114582118053799&tmod=548650271&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8RcMsprUKQ&p=https%3A//zoomapp.ru&dtd=291 Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202568105730570&output=html&h=400&slotname=5705747582&adk=3962687852&adf=422286093&pi=t.ma~as.5705747582&w=580&fwrn=4&fwrnh=100&lmt=1658649869&rafmt=12&psa=0&format=580x400&url=https%3A%2F%2Fzoomapp.ru%2F&fwr=0&fwrattr=true&rh=400&rw=580&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658649869044&bpp=1&bdt=248&idt=288&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=7989944222235&frm=20&pv=1&ga_vid=1540385871.1658649869&ga_sid=1658649869&ga_hid=396887661&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=3760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531608&oid=2&pvsid=4114582118053799&tmod=548650271&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8RcMsprUKQ&p=https%3A//zoomapp.ru&dtd=291 Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202568105730570&output=html&h=400&slotname=5705747582&adk=3962687852&adf=422286093&pi=t.ma~as.5705747582&w=580&fwrn=4&fwrnh=100&lmt=1658649869&rafmt=12&psa=0&format=580x400&url=https%3A%2F%2Fzoomapp.ru%2F&fwr=0&fwrattr=true&rh=400&rw=580&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658649869044&bpp=1&bdt=248&idt=288&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=7989944222235&frm=20&pv=1&ga_vid=1540385871.1658649869&ga_sid=1658649869&ga_hid=396887661&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=3760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531608&oid=2&pvsid=4114582118053799&tmod=548650271&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8RcMsprUKQ&p=https%3A//zoomapp.ru&dtd=291 Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202568105730570&output=html&h=400&slotname=5705747582&adk=3962687852&adf=422286093&pi=t.ma~as.5705747582&w=580&fwrn=4&fwrnh=100&lmt=1658649869&rafmt=12&psa=0&format=580x400&url=https%3A%2F%2Fzoomapp.ru%2F&fwr=0&fwrattr=true&rh=400&rw=580&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658649869044&bpp=1&bdt=248&idt=288&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=7989944222235&frm=20&pv=1&ga_vid=1540385871.1658649869&ga_sid=1658649869&ga_hid=396887661&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=3760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531608&oid=2&pvsid=4114582118053799&tmod=548650271&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8RcMsprUKQ&p=https%3A//zoomapp.ru&dtd=291 Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202568105730570&output=html&h=400&slotname=5705747582&adk=3962687852&adf=422286093&pi=t.ma~as.5705747582&w=580&fwrn=4&fwrnh=100&lmt=1658649869&rafmt=12&psa=0&format=580x400&url=https%3A%2F%2Fzoomapp.ru%2F&fwr=0&fwrattr=true&rh=400&rw=580&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658649869044&bpp=1&bdt=248&idt=288&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=7989944222235&frm=20&pv=1&ga_vid=1540385871.1658649869&ga_sid=1658649869&ga_hid=396887661&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=3760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531608&oid=2&pvsid=4114582118053799&tmod=548650271&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8RcMsprUKQ&p=https%3A//zoomapp.ru&dtd=291 Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202568105730570&output=html&h=400&slotname=5705747582&adk=3962687852&adf=422286093&pi=t.ma~as.5705747582&w=580&fwrn=4&fwrnh=100&lmt=1658649869&rafmt=12&psa=0&format=580x400&url=https%3A%2F%2Fzoomapp.ru%2F&fwr=0&fwrattr=true&rh=400&rw=580&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658649869044&bpp=1&bdt=248&idt=288&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=7989944222235&frm=20&pv=1&ga_vid=1540385871.1658649869&ga_sid=1658649869&ga_hid=396887661&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=3760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531608&oid=2&pvsid=4114582118053799&tmod=548650271&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8RcMsprUKQ&p=https%3A//zoomapp.ru&dtd=291 Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202568105730570&output=html&h=400&slotname=5705747582&adk=3962687852&adf=422286093&pi=t.ma~as.5705747582&w=580&fwrn=4&fwrnh=100&lmt=1658649869&rafmt=12&psa=0&format=580x400&url=https%3A%2F%2Fzoomapp.ru%2F&fwr=0&fwrattr=true&rh=400&rw=580&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658649869044&bpp=1&bdt=248&idt=288&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=7989944222235&frm=20&pv=1&ga_vid=1540385871.1658649869&ga_sid=1658649869&ga_hid=396887661&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=3760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531608&oid=2&pvsid=4114582118053799&tmod=548650271&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8RcMsprUKQ&p=https%3A//zoomapp.ru&dtd=291 Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202568105730570&output=html&h=400&slotname=5705747582&adk=3962687852&adf=422286093&pi=t.ma~as.5705747582&w=580&fwrn=4&fwrnh=100&lmt=1658649869&rafmt=12&psa=0&format=580x400&url=https%3A%2F%2Fzoomapp.ru%2F&fwr=0&fwrattr=true&rh=400&rw=580&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658649869044&bpp=1&bdt=248&idt=288&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=7989944222235&frm=20&pv=1&ga_vid=1540385871.1658649869&ga_sid=1658649869&ga_hid=396887661&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=3760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531608&oid=2&pvsid=4114582118053799&tmod=548650271&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8RcMsprUKQ&p=https%3A//zoomapp.ru&dtd=291 Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202568105730570&output=html&h=400&slotname=5705747582&adk=3962687852&adf=422286093&pi=t.ma~as.5705747582&w=580&fwrn=4&fwrnh=100&lmt=1658649869&rafmt=12&psa=0&format=580x400&url=https%3A%2F%2Fzoomapp.ru%2F&fwr=0&fwrattr=true&rh=400&rw=580&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658649869044&bpp=1&bdt=248&idt=288&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=7989944222235&frm=20&pv=1&ga_vid=1540385871.1658649869&ga_sid=1658649869&ga_hid=396887661&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=510&ady=3760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531608&oid=2&pvsid=4114582118053799&tmod=548650271&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=8RcMsprUKQ&p=https%3A//zoomapp.ru&dtd=291 Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: about:blank Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: about:blank Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: about:blank Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: about:blank Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3142959514070662682/300x250_EN/index.html?v=b208246486'. The query component, including the '?', will be ignored.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-7202568105730570&fa=1&ifi=8&uci=a!8&btvi=2&xpc=DxKEqsa0pc&p=https%3A//zoomapp.ru Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adfox-c2s-ams.creativecdn.com
ads.betweendigital.com
ads.digitalcaramel.com
adservice.google.com
adservice.google.de
bandidandy.com
cdn.jsdelivr.net
clairpixum.com
determineapp.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hb.adtelligent.com
matchid.adfox.yandex.ru
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pb.adriver.ru
px.adhigh.net
region1.google-analytics.com
ssp-rtb.sape.ru
ssp.bidvol.com
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
yandex.ru
yastatic.net
yhb.p.otm-r.com
zoomapp.ru
172.217.18.2
185.184.8.90
185.246.64.175
188.42.196.115
193.3.184.136
194.190.76.41
195.201.8.30
195.209.111.22
2001:4860:4802:32::36
2606:4700::6810:5514
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:80b::2008
2a00:1450:4001:810::2002
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2003
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::1:119
2a02:6b8:a::a
2a0c:5c81:5142::2
65.109.23.99
88.208.46.156
88.208.46.222
88.208.46.30
88.99.234.26
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
1032424abbb1498d4cdbf2244d441bfb8f3892efa3c41854da64ed6c584dfe9c
141b659e564dc4587f7944852f55ee0353982cdcb450824f2ee939852c46d6b0
15aaf4a2e986575097255c8dad36ee716efa3d73231dc4359ab0784c883a4236
16dfadd36c4e239668111e8c47fa4ac62585885587435c1e972a32360e0b4158
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c346662aca38b09450788889b64def5438c217f0c56ddc8232e3b864f177eef
1d75ccf41f4c6f860a0163ba3e4504785425b25df90bd04dbf79ef576f26a416
228c8ee5b418fdbbe867b78227a9d93ce8dcad0930abe81b0b4edb7eeee3995c
2c7a7eee7356efceb72e0a3dac26fe294623e405ab3b9cabaf731e4e9bd91e84
2f7f8fc77f71c162c7907a35dda7b01cc2d098685b2a1554e6514655911af8e8
3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
34886085d28d117cb2cb5338d85ba1aa412482dbb2214b35616c0c8f254041ac
37a0fa99582830c1adc3a216669dc1d4fbcf57309e1b4ebb0d1a6b26f6aeef1b
3aba6220ea374e92ea3fca0de855e7b8ddf69c7c99aa579e3dd4059820309375
3b800f039c220f9ae4506d735f9ff593d6872c7a8ad4050da17dd8f2dcd76b6a
3bdab4da5017468f0ddfc1a51edc3772a13aa064c83df984c152729075714847
422e1a759acbe143c92042a3ad98b9cfe8721ecd05e258d8963b4e76c85ce533
46c85589c7a6925f7b761645f0fedc71c600c6f4f2add8251ef447a1bec7e585
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4aca6deba48ee3adcc4e3d947759776ebb558b4a08b91869c7c664fcc45597eb
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4be74101162d4ed978851bd6dd595e849e4209b55cdfbf43bf39fdaee81a4192
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d6b307d78eebda6f4fc7c7168508d1f7fe285313e3519ff03f4d53015057dc7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561d133e612d60ea988fd5ab8819c6ea9c2336c8a3e3a054ac78a1bab3a73178
57be727f582ecbedb56d921be5c0b9155e220245ddff672477cb8ad1bccf5e54
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e341bd2b4c416d54ba8ce6bdfb07c081b935b06d662e51156f081810ccd1730
5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67795270b27ccc739cfeae9070c1a04e1a4b399f1bc1c5bb947c320435a08a6f
67cd2d215dfe5c7b17cfa9b3ee43c744ae069d1aae2f0d371898a90f59b0876f
6a6f8e2c0e042b3e5e73ca1cbb5102e2b6fa7542c527c758e78b18720bef0505
7123354ff5da30c76e9de61bec690cc3c7fe78d908d2ba942c14c4bbe1a715a5
75a3c4df376bbd4bc194cbc937fe521ffc4d712544c7ea330d1b4802a076958f
7713b5fe29e6ca24d6b340550f6929b15b263333e2c9e300989a9361dd45ec61
78c1fb882939d47dea2051a07b921b8d90c4abd1689499101bde76312a8e47fb
816c9c121e9f737df79aa48aee9e1e4fd4aa50a787e152c36a68def2b0072fc0
83abc3a657df1a1259360a0fe635d15d6a64ff18a48e715dbba8ff85d45f0c72
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
85c37e81334cc0c7312c570008eb072018cf0a3ae8b9598c27fe61bdec6d5c5e
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d74b7089a68f822f535c265ed9b4faf167417defaeed5985d00f7d1f8d83007
96addb283352a5003b919f8e92c296319b613ae17d8d6474593bd45937b012ae
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9996fb1e7ac9a0f42fa2e2c5502c03973534653253c54753776ca50745850a95
9be1675e1fb2483b3420c3adc4da8ebb5b99d456e6b6342e80821867e230d890
9cf322ba61df85137ce954428f4f9adff3b760ea6f1d7e07584bf9b599cb1cd6
9e64760d7802c3b98152c8ba9ea87a2ffc111897a2d9e0f109766a4d36bb52e5
9eac796639f0a4a2afff67aa4b97d89b53774c00697e675702b3ce4bab66760e
9f8c8dc5b836748756a99ee028592680bb200ef3474996162bbbde74c72977b9
a1c3c07ec75ae00bb8452aae6a102513520a24fd1c4a1e11ec71595baf5d2d79
a2aa71278c60413701c667b8a76e79d458802ba522c75eb4990becbeb215d80b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c3f34f9f1d5ad21b9bd45344e529515c791a759067106b6b0ffa02fcca120e
a6158e7113c81bcd3012fc9a5bd4749e13083932d7a88e13f5848c395f858527
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a77170d13a770ebf02ddf85667af72f6a2d210a1dedfacfc45b70293994feba0
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7
ab804e58eaa8fbd25e6ea9be6dfe467ad9c7a7ddc044b09e09a8a94b411eff90
ad1365139e2fe34ee43dae6bf6dd8a2800967a96aaeb388b68db802fe5c49726
ad26b9e9b194b10bc2c15c558fa953bedc62dfc44034bf422abf215924f39696
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b3b0fe675c25128e954b8c20c4bc525bd711c3a294e08fa098b04393f95844b0
b9ebcaf39938f9474e08b6bc882e8ea545b3bd36209185df8d03dc853fd1985d
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c9cce10c2ed7f85f2313a6809602edc58f92b13ab43ec3f40a0a82144f29e399
cd08b1baf5c0b90e135a3a996f0118d55cf9bb3e77d9a37080c606c4abf5e86b
cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062
d06300118d3c303d9c1dc967742a275dd480678314e454949ecf7c02dcc470e7
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d6b7781daf33341ee83cd2f3271cfd2f00fadf92c12ea8a76e8f5d2e6b225c48
d8a0caab095830fbdfda36728b2151ac2282cb626d6036f76ecec6508e56842c
daa281d8f7d5b1d8227ae6dfbcd8fff976757e3595e1006afdcd78e4a3d91448
dce5ca698bdbaeea22a65ad34037b495dea3361a3eb02a834105d8c285cdff1b
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e2f1661ddb7866b5dff4351ca4fd3f02a47702f91527a3f8ed05376dbb47c2ac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69d2d23bf605f9e4abc56ea65a42b2ca5b43a04a880f8dec9fd972075d2ac65
eaada7cfe45e4bab846bfbc04c110d37488a112491577c4fb4697a0b7d584efa
eae45f94c29d3a062b0308f734b58970f32f3556d52ccec5ead8f49d3c84aa4f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa5f8df07811ca584265a7f3b44e74687496ae792370392f6fec18f4c1ea30f
f7547629c4deac5b39e359d22c9ced4e67652d470c2a5af4e2be363ed593bcd9
faaf15be463ae138468851da424e83ebf2ec7dab1a73276d27c820a37b8dbd42
ff5a70645a4ea83dabb7e9ca235c235be0c25b804325a5bce205dce0c5846c79

zoomapp.ru Open in urlscan Pro 185.246.64.175 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

147 Requests

98 %HTTPS

58 %IPv6

27 Domains

32 Subdomains

32 IPs

6 Countries

2550 kBTransfer

5648 kBSize

30 Cookies

17 Outgoing links

Page URL History

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

zoomapp.ru Open in urlscan Pro
185.246.64.175 Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

98 %
HTTPS

58 %
IPv6

27
Domains

32
Subdomains

32
IPs

6
Countries

2550 kB
Transfer

5648 kB
Size

30
Cookies

147 HTTP transactions
7 data transactions