urlscan.io logo urlscan.io
SecurityTrails logo

my-excel.ru Open in urlscan Pro
172.67.142.130  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://my-excel.ru/
Effective URL: https://my-excel.ru/
Submission: On May 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 5 countries across 20 domains to perform 41 HTTP transactions. The main IP is 172.67.142.130, located in United States and belongs to CLOUDFLARENET, US. The main domain is my-excel.ru.
TLS certificate: Issued by GTS CA 1P5 on March 26th 2024. Valid for: 3 months.
This is the only time my-excel.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 172.67.142.130 13335 (CLOUDFLAR...)
10 185.148.37.79 48347 (MTW-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2 89.108.120.68 197695 (AS-REG)
1 2 178.154.231.214 200350 (YANDEXCLOUD)
1 3 185.15.175.134 43226 (SAFEDATA ...)
2 2 188.42.189.197 7979 (SERVERS-COM)
6 93.95.102.105 48347 (MTW-AS)
3 3 217.199.220.43 61400 (NETRACK-AS)
1 1 94.139.255.195 208677 (CLOUDRU-AS)
1 1 217.66.147.39 29209 (SPBMTS-AS...)
2 2 217.66.147.42 29209 (SPBMTS-AS...)
1 1 213.87.44.187 13174 (MTSNET Mo...)
2 2 168.119.9.59 24940 (HETZNER-AS)
2 2 31.220.27.135 39572 (ADVANCEDH...)
2 37.230.131.16 200197 (HYBRID-PO...)
2 185.26.97.53 44066 (DE-FIRSTC...)
1 217.65.2.150 3175 (CITYTELEC...)
2 2 195.209.108.55 52007 (ADRIVER)
3 3 142.132.138.212 24940 (HETZNER-AS)
1 1 193.3.184.218 50214 (QWARTA)
2 93.95.103.98 48347 (MTW-AS)
5 37.228.89.169 48347 (MTW-AS)
1 185.148.37.75 48347 (MTW-AS)
41 15
6    172.67.142.130 (United States)

ASN13335 (CLOUDFLARENET, US)
my-excel.ru
img.my-excel.ru
10    185.148.37.79 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
news.2xclick.ru
news.gnezdo.ru
fcgi5.gnezdo.ru
fcgi5.2xclick.ru
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    89.108.120.68 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru
x01.aidata.io
2    178.154.231.214 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)
wf-ru.frontend.weborama.fr
3    185.15.175.134 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
dmg.digitaltarget.ru
2    188.42.189.197 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
6    93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
fcgi4.gnezdo.ru
3    217.199.220.43 (Russian Federation)

ASN61400 (NETRACK-AS, RU)
PTR: s3.kimberlite.io
kimberlite.io
1    94.139.255.195 (Asbest, Russian Federation)

ASN208677 (CLOUDRU-AS, RU)
solta-sync.rutarget.ru
1    217.66.147.39 (Russian Federation)

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-39-147-66-217.spbmts.ru
sm.rtb.mts.ru
2    217.66.147.42 (Russian Federation)

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-42-147-66-217.spbmts.ru
vma.mts.ru
1    213.87.44.187 (Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru
tech.rtb.mts.ru
2    168.119.9.59 (Düsseldorf, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.59.9.119.168.clients.your-server.de
exchange.buzzoola.com
2    31.220.27.135 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
2    37.230.131.16 (Amsterdam, Netherlands)

ASN200197 (HYBRID-POLAND, PL)
dm.hybrid.ai
2    185.26.97.53 (Frankfurt am Main, Germany)

ASN44066 (DE-FIRSTCOLO firstcolo.net, DE)
PTR: dsde981.fornex.org
ia-dmp.com
1    217.65.2.150 (Moscow, Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)
match.new-programmatic.com
2    195.209.108.55 (Russian Federation)

ASN52007 (ADRIVER, RU)
ev.adriver.ru
3    142.132.138.212 (Falkenstein, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.212.138.132.142.clients.your-server.de
www.acint.net
acint.net
1    193.3.184.218 (Russian Federation)

ASN50214 (QWARTA, RU)
ssp-rtb.sape.ru
2    93.95.103.98 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
fcgi7.gnezdo.ru
5    37.228.89.169 (Moscow, Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
zn4.2xclick.ru
1    185.148.37.75 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: fobos.megoplan.ru
zn5.2xclick.ru
Apex Domain
Subdomains		 Transfer
15 gnezdo.ru
news.gnezdo.ru — Cisco Umbrella Rank: 211316
fcgi5.gnezdo.ru — Cisco Umbrella Rank: 186799
fcgi4.gnezdo.ru — Cisco Umbrella Rank: 56823
fcgi7.gnezdo.ru — Cisco Umbrella Rank: 172388
53 KB
9 2xclick.ru
news.2xclick.ru — Cisco Umbrella Rank: 230690
zn4.2xclick.ru — Cisco Umbrella Rank: 284573
zn5.2xclick.ru — Cisco Umbrella Rank: 409667
fcgi5.2xclick.ru — Cisco Umbrella Rank: 364504
156 KB
6 my-excel.ru
my-excel.ru
img.my-excel.ru
81 KB
4 mts.ru
sm.rtb.mts.ru — Cisco Umbrella Rank: 43872
vma.mts.ru — Cisco Umbrella Rank: 45929
tech.rtb.mts.ru — Cisco Umbrella Rank: 52816
3 KB
3 acint.net
www.acint.net — Cisco Umbrella Rank: 30073
acint.net — Cisco Umbrella Rank: 24613
1 KB
3 kimberlite.io
kimberlite.io — Cisco Umbrella Rank: 39509
2 KB
3 digitaltarget.ru
dmg.digitaltarget.ru — Cisco Umbrella Rank: 27586
2 KB
2 adriver.ru
ev.adriver.ru — Cisco Umbrella Rank: 42405
1 KB
2 ia-dmp.com
ia-dmp.com — Cisco Umbrella Rank: 145716
476 B
2 hybrid.ai
dm.hybrid.ai — Cisco Umbrella Rank: 36804
559 B
2 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 12594
431 B
2 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 20868
626 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2099
1 KB
2 weborama.fr
wf-ru.frontend.weborama.fr — Cisco Umbrella Rank: 763373
835 B
2 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 14264
935 B
1 sape.ru
ssp-rtb.sape.ru — Cisco Umbrella Rank: 32536
716 B
1 new-programmatic.com
match.new-programmatic.com — Cisco Umbrella Rank: 48188
215 B
1 rutarget.ru
solta-sync.rutarget.ru — Cisco Umbrella Rank: 79099
413 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2533
251 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
99 KB
41 20
Domain Requested by
6 fcgi4.gnezdo.ru
5 zn4.2xclick.ru
4 fcgi5.gnezdo.ru news.2xclick.ru
4 img.my-excel.ru
3 kimberlite.io 3 redirects
3 dmg.digitaltarget.ru 1 redirects
3 news.gnezdo.ru news.2xclick.ru
2 fcgi7.gnezdo.ru
2 www.acint.net 2 redirects
2 ev.adriver.ru 2 redirects
2 ia-dmp.com
2 dm.hybrid.ai
2 s.uuidksinc.net 2 redirects
2 exchange.buzzoola.com 2 redirects
2 vma.mts.ru 2 redirects
2 ads.betweendigital.com 2 redirects
2 wf-ru.frontend.weborama.fr 1 redirects
2 x01.aidata.io 1 redirects
2 news.2xclick.ru my-excel.ru
news.2xclick.ru
2 my-excel.ru
1 fcgi5.2xclick.ru
1 zn5.2xclick.ru
1 acint.net 1 redirects
1 ssp-rtb.sape.ru 1 redirects
1 match.new-programmatic.com
1 tech.rtb.mts.ru 1 redirects
1 sm.rtb.mts.ru 1 redirects
1 solta-sync.rutarget.ru 1 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com my-excel.ru
41 30

This site contains no links.

Subject Issuer Validity Valid
my-excel.ru
GTS CA 1P5		 2024-03-26 -
2024-06-24		 3 months crt.sh
fcgi5.gnezdo.ru
R3		 2024-04-01 -
2024-06-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2023-09-14 -
2024-09-13		 a year crt.sh
ia-dmp.com
R3		 2024-04-30 -
2024-07-29		 3 months crt.sh
new-programmatic.com
R3		 2024-04-04 -
2024-07-03		 3 months crt.sh
fcgi7.gnezdo.ru
R3		 2024-04-13 -
2024-07-12		 3 months crt.sh
zn4.gnezdo.ru
R3		 2024-04-21 -
2024-07-20		 3 months crt.sh
zn5.gnezdo.ru
R3		 2024-05-11 -
2024-08-09		 3 months crt.sh
*.digitaltarget.ru
R3		 2024-04-15 -
2024-07-14		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://my-excel.ru/
Frame ID: D8495B85FA2412EB808C24A040C3FF4C
Requests: 33 HTTP requests in this frame

Frame: https://news.gnezdo.ru/1pc.html
Frame ID: FC7A0B11A6F96D3DBE4E4D740E1048E6
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 1D237AECC98735C957881FBAE0BDAEEF
Requests: 8 HTTP requests in this frame

Frame: https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Frame ID: 145523EF4A7BFE1EA2DE38775C88CB9D
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

my-excel.ru - как работать в Excel

Page URL History Show full URLs

  1. http://my-excel.ru/ HTTP 307
    https://my-excel.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

41
Requests

78 %
HTTPS

8 %
IPv6

20
Domains

30
Subdomains

15
IPs

5
Countries

392 kB
Transfer

742 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://my-excel.ru/ HTTP 307
    https://my-excel.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2ZA8xOn5ymSEhYJAg== HTTP 302
  • https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2ZA8xOn5ymSEhYJAg==&bounce=1
Request Chain 18
  • https://wf-ru.frontend.weborama.fr/stream/?wamid=8615&Wvar=%7B%22uid%22%3A%22uZQlT2ZA8xOn5ymSEhYJAg==%22%7D&d.r=0.5855237809504741 HTTP 307
  • https://wf-ru.frontend.weborama.fr/stream/?wamid=8615&Wvar=%7B%22uid%22%3A%22uZQlT2ZA8xOn5ymSEhYJAg%3D%3D%22%7D&d.r=0.5855237809504741&bounce=1&random=1532783559
Request Chain 19
  • https://dmg.digitaltarget.ru/1/7213/i/i?a=948&e=uZQlT2ZA8xOn5ymSEhYJAg==&i=0.002108661948925672 HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/7213/i/i?call_source=awg&ts=1715532564210&a=948&e=uZQlT2ZA8xOn5ymSEhYJAg==&i=0.002108661948925672
Request Chain 20
  • https://ads.betweendigital.com/match?bidder_id=43804&callback_url=https%3A%2F%2Ffcgi4.gnezdo.ru%2Fcookie_matching_ssp%2Fbetweenx-dsp%2F%24%7BUSER_ID%7D&uid=uZQlT2ZA8xOn5ymSEhYJAg== HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43804&callback_url=https%3A%2F%2Ffcgi4.gnezdo.ru%2Fcookie_matching_ssp%2Fbetweenx-dsp%2F%24%7BUSER_ID%7D&uid=uZQlT2ZA8xOn5ymSEhYJAg%3D%3D&crf=1&rts=2875900284208001799 HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/betweenx-dsp/728638cb-586f-5285-a338-c9dec5783acb
Request Chain 21
  • https://kimberlite.io/rtb/sync/gnezdo?u=uZQlT2ZA8xOn5ymSEhYJAg== HTTP 307
  • https://solta-sync.rutarget.ru/sync HTTP 302
  • https://kimberlite.io/rtb/sync/segmento?u=4z2qe_q4sVey HTTP 307
  • https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZkDzE34MilI HTTP 301
  • https://vma.mts.ru/match/second?ssp=59&exu=ZkDzE34MilI HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=b9a29fec-c7af-43be-a12b-3fa9b1777330&return_url=https%3A%2F%2Fexchange.buzzoola.com%2Fcookiesync%2Fdsp%2Fstream-banner%3Fuid%3Db9a29fec-c7af-43be-a12b-3fa9b1777330%26url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D59%2526em%253D4%2526ssp%253Dbuzzoola%2526id%253D%2524%257BUUID%257D HTTP 302
  • https://exchange.buzzoola.com/cookiesync/dsp/stream-banner?uid=b9a29fec-c7af-43be-a12b-3fa9b1777330&url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D4%26ssp%3Dbuzzoola%26id%3D%24%7BUUID%7D HTTP 307
  • https://exchange.buzzoola.com/cookiesync/dsp/stream-banner?set_buzzoola_cookie=t&uid=b9a29fec-c7af-43be-a12b-3fa9b1777330&url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D4%26ssp%3Dbuzzoola%26id%3D%24%7BUUID%7D HTTP 302
  • https://vma.mts.ru/em?next=59&em=4&ssp=buzzoola&id=db75fabc-05be-4c64-7a88-ede085b2468f HTTP 301
  • https://kimberlite.io/rtb/sync/mts?u=b9a29fec-c7af-43be-a12b-3fa9b1777330 HTTP 307
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kimber/ZkDzE34MilI
Request Chain 22
  • https://s.uuidksinc.net/match/971/?remote_uid=uZQlT2ZA8xOn5ymSEhYJAg== HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/wSCtZR1K4ynTY2saJvf4
Request Chain 23
  • https://s.uuidksinc.net/match/388/?remote_uid=uZQlT2ZA8xOn5ymSEhYJAg== HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/XkSHoYQd1fs50PmFnnWK
Request Chain 27
  • https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=uZQlT2ZA8xOn5ymSEhYJAg== HTTP 302
  • https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=uZQlT2ZA8xOn5ymSEhYJAg==&tuid=-5088042700 HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/AusTeNZ1Gn9RiCNxySNw0XQ
Request Chain 28
  • https://www.acint.net/rmatch?dp=144&r=https%3A%2F%2Ffcgi4.gnezdo.ru%2Fcookie_matching_ssp%2Fsape-ssp%2F%24%7BUSER_ID%7D&euid=uZQlT2ZA8xOn5ymSEhYJAg== HTTP 302
  • https://www.acint.net/rmatch?r=https%3A%2F%2Ffcgi4.gnezdo.ru%2Fcookie_matching_ssp%2Fsape-ssp%2F$%7BUSER_ID%7D&dp=144&tc=1&euid=uZQlT2ZA8xOn5ymSEhYJAg%3D%3D HTTP 302
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Ffcgi4.gnezdo.ru%252Fcookie_matching_ssp%252Fsape-ssp%252F$%257BUSER_ID%257D&dp=14 HTTP 302
  • https://acint.net/rmatch?dp=14&euid=2103420A14F340662100767F029A9572&r=https%3A%2F%2Ffcgi4.gnezdo.ru%2Fcookie_matching_ssp%2Fsape-ssp%2F$%7BUSER_ID%7D HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/sape-ssp/0900007F14F34066280B5BBA026C031D

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
my-excel.ru/
Redirect Chain
  • http://my-excel.ru/
  • https://my-excel.ru/
19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my-excel.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebb5b7f8d97ee08a730d771d9551b728e1edba14ce173f3c10c702bfbad9f575

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
882be6d3994f1c1e-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 12 May 2024 16:49:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yj9A5AVIk5j%2FRDDZWTCBxmoksx%2BRRY%2FBaajRF%2FAPj8nTs86S8E8nlms3oVHj%2BNYVhRuHDvv3GXtmsVW9aa5s5uJoUtk8%2FUseuSCOQysKiLbYypzjNmu97slsNW5YBA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Location
https://my-excel.ru/
Non-Authoritative-Reason
HttpsUpgrades
loader.js
news.2xclick.ru/ 		179 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.2xclick.ru/loader.js
Requested by
Host: my-excel.ru
URL: https://my-excel.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
4780cbc24c13b927d4f0369dc91fc80dd5ad743b1c8bd2c2937b188082dde30b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my-excel.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 16:49:22 GMT
content-encoding
gzip
last-modified
Tue, 23 Apr 2024 09:25:56 GMT
server
nginx
etag
"66277ea4-8dc1"
content-type
application/javascript
access-control-allow-origin
*
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=86400
content-length
36289
expires
Mon, 13 May 2024 16:49:22 GMT
js
www.googletagmanager.com/gtag/ 		295 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PCYK4JE5LB
Requested by
Host: my-excel.ru
URL: https://my-excel.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e1bc5debe0af0fd17ccfb3ff283669564a0f241e06c655f5f18886d1c883afc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my-excel.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 16:49:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100794
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 12 May 2024 16:49:22 GMT
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b18c315b986e7bcf03bbfff949dd65345f4cbabeec5267ade74c354d73cf5e28

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PCYK4JE5LB&gtm=45je4580v9101893596za200&_p=1715532562638&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=338804629.1715532563&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715532562&sct=1&seg=0&dl=https%3A%2F%2Fmy-excel.ru%2F&dt=my-excel.ru%20-%20%D0%BA%D0%B0%D0%BA%20%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%B0%D1%82%D1%8C%20%D0%B2%20Excel&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=687
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PCYK4JE5LB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my-excel.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 12 May 2024 16:49:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://my-excel.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fp.min.js
news.2xclick.ru/fingerprintjs/dist/ 		33 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.2xclick.ru/fingerprintjs/dist/fp.min.js
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
6f9a1e4f25be62559029ac5328a4c91d86c3123573d6f00d150f54884072965b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my-excel.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 16:49:23 GMT
last-modified
Tue, 17 Oct 2023 06:06:11 GMT
server
nginx
etag
"652e2453-85ae"
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
34222
expires
Mon, 12 May 2025 16:49:23 GMT
excel-otkryt_7_1.jpg
img.my-excel.ru/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.my-excel.ru/excel-otkryt_7_1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a318623ae227b37c344b8be807c08ebbba002fa94d88c94f8e1ed1df04dd8766

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my-excel.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 16:49:23 GMT
cf-cache-status
MISS
last-modified
Mon, 05 Oct 2020 11:32:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5f7b0436-869a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BCv4WgqYM122MTm%2BDP%2FmQp981F0hm2TBDMjUhyTJPS6PKRPYvzfjlaQ9b2Y7UNiSxih3zZkfr8tpFD1tFpjr0uK4PZz0tJc45lJ2h1kADOtgOOb5uYx%2BS1omkyvOy9TFUO0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
882be6d9c93d1c1e-FRA
alt-svc
h3=":443"; ma=86400
content-length
34458
kak-v-excel-slozhit-znachenija-v-stolbce_1_1.jpg
img.my-excel.ru/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.my-excel.ru/kak-v-excel-slozhit-znachenija-v-stolbce_1_1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a72ef2c27863135e195fb4b481b6641482554663f52d6fb80377b6824a5320d1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my-excel.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 16:49:23 GMT
cf-cache-status
HIT
last-modified
Mon, 05 Oct 2020 11:44:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
18806
etag
"5f7b070e-3cb2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sgV%2Bb5eyaJItbgZG0cl5hpxziZ8GWxuV91GgXrB1HgSZ8ymtRH6zvK7iWk0MYwqX%2Foeai%2BJB%2FKG%2F4LVnWY7eeLIHy9PVAcjJIaQha6UGf9EqjHVJuYLQ23Kfh8APX3XcLPg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
882be6d9c9401c1e-FRA
alt-svc
h3=":443"; ma=86400
content-length
15538
excel-iz-stolbca-v-stroku_1.jpg
img.my-excel.ru/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.my-excel.ru/excel-iz-stolbca-v-stroku_1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5702c01e211809f94e9dc5f23966b1a868bd3020f2247a3df08e2c2947e4fac7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my-excel.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 16:49:23 GMT
cf-cache-status
MISS
last-modified
Mon, 05 Oct 2020 11:28:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5f7b036e-37a4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=71EZCNDe79lfAaJsZxzjzOGM5HCpM%2F%2FxljyYmBBGZAsfueA0o7NV%2F%2F0WPximW36Q8lcgvYG%2FT%2FBDnSU46zYxeFOJQ9eb%2FuZ7zZL7fjMR97CfSq73oY0LjBpRyEmgsy4WxCQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
882be6d9c9451c1e-FRA
alt-svc
h3=":443"; ma=86400
content-length
14244
excel-zapretit-izmenenie-jacheek_1.jpg
img.my-excel.ru/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.my-excel.ru/excel-zapretit-izmenenie-jacheek_1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4b601a8519a7e5017ecedf32c9782625d0f9231bacef9de67a995bde875f942

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my-excel.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 16:49:23 GMT
cf-cache-status
MISS
last-modified
Mon, 05 Oct 2020 11:37:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5f7b0586-25f1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8sxUs%2B%2FcivpdGtmoiB9Vel08Qiylh8CpXZvUeSXmulRpIUlxMRzpAl5K0AexvImjGwQKABLNhXRmp5uWbBbtQ%2F%2BSrCPNsl%2Fa%2BuAfjGeEbHpCV88%2FzaTKbshuqxbvaD1NIQA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
882be6d9c9431c1e-FRA
alt-svc
h3=":443"; ma=86400
content-length
9713
favicon-32x32.png
my-excel.ru/ 		107 B
552 B 		Other
General
Check archive.org
Download Go to
Full URL
https://my-excel.ru/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bf31c016979d0cfd504aad3f332fea509c528c0ce722104f713c48473d4e5dd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my-excel.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 16:49:23 GMT
cf-cache-status
HIT
last-modified
Tue, 11 Dec 2018 12:27:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
26945
etag
"5c0fad31-6b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qo9iVIy%2FehPoPLpHsHGR0Je2jewZ4CKrlqGhI2eMiH61lQukk1bNQUqUMmljXR3u1WSpeghea8Vm5YNm1FUIqh6KNboui6nnlHoXod%2FIhWoo36bNfExr9Q2YpISGfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
882be6d7cebd1c1e-FRA
alt-svc
h3=":443"; ma=86400
content-length
107
1pc.html
news.gnezdo.ru/ Frame FC7A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://news.gnezdo.ru/1pc.html
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://my-excel.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=86400
content-length
1055
content-type
text/html
date
Sun, 12 May 2024 16:49:23 GMT
etag
"652e2453-41f"
expires
Mon, 13 May 2024 16:49:23 GMT
last-modified
Tue, 17 Oct 2023 06:06:11 GMT
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
server
nginx
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ 		24 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=347566&f=2&ref=https%3A//my-excel.ru/&gw=1520&gh=0&gsnr=0&rt=direct&gaid=0&gtvm=&ids=&fp=0bcb52090b4394e51474b4fdc6218ef3&guid=uZQlT2ZA8xOn5ymSEhYJAg==
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
faeb5537e14c2ac309fb2d2a0ca3da9c11b53c7d5c9de1e53072995ed21104fd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my-excel.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 12 May 2024 16:49:23 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://my-excel.ru
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
truncated
/ Frame 1D23 		277 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62cf7f420cd9171a7fa15ac5a3de08ad4db075dbeb568be59637ca3e646c1272

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1D23 		323 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9745597b321f9ab7ad3b3f467b1b5b8a2063eba9d5ce877521972f0699f5a94f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1D23 		308 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44b537c0962d90bf6155d6d3877d3ed7c42818ffe11ddd4a699a8c6574324132

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
gnezdo_logo.png
news.gnezdo.ru/img/settings/ Frame 1D23 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 16:49:23 GMT
last-modified
Tue, 17 Oct 2023 06:06:11 GMT
server
nginx
etag
"652e2453-b0f"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
2831
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame 1D23 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4170972d16c9137f886ffccf6968a210e8105414623025145b443a2b02775bee

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
0.gif
x01.aidata.io/
Redirect Chain
  • https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2ZA8xOn5ymSEhYJAg==
  • https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2ZA8xOn5ymSEhYJAg==&bounce=1
0
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2ZA8xOn5ymSEhYJAg==&bounce=1
Protocol
H2
Server
89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51803.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://my-excel.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 May 2024 16:49:24 GMT
last-modified
Sun, 12 May 2024 16:49:23 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Sun, 12 May 2024 16:49:23 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 May 2024 16:49:24 GMT
last-modified
Sun, 12 May 2024 16:49:23 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location
https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2ZA8xOn5ymSEhYJAg==&bounce=1
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Sun, 12 May 2024 16:49:23 GMT
/
wf-ru.frontend.weborama.fr/stream/
Redirect Chain
  • https://wf-ru.frontend.weborama.fr/stream/?wamid=8615&Wvar=%7B%22uid%22%3A%22uZQlT2ZA8xOn5ymSEhYJAg==%22%7D&d.r=0.5855237809504741
  • https://wf-ru.frontend.weborama.fr/stream/?wamid=8615&Wvar=%7B%22uid%22%3A%22uZQlT2ZA8xOn5ymSEhYJAg%3D%3D%22%7D&d.r=0.5855237809504741&bounce=1&random=1532783559
0
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wf-ru.frontend.weborama.fr/stream/?wamid=8615&Wvar=%7B%22uid%22%3A%22uZQlT2ZA8xOn5ymSEhYJAg%3D%3D%22%7D&d.r=0.5855237809504741&bounce=1&random=1532783559
Protocol
H2
Server
178.154.231.214 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://my-excel.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 May 2024 16:49:24 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sun, 12 May 2024 16:49:24 GMT
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 May 2024 16:49:24 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sun, 12 May 2024 16:49:24 GMT
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://wf-ru.frontend.weborama.fr/stream/?wamid=8615&Wvar=%7B%22uid%22%3A%22uZQlT2ZA8xOn5ymSEhYJAg%3D%3D%22%7D&d.r=0.5855237809504741&bounce=1&random=1532783559
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
i
dmg.digitaltarget.ru/awg/custom/7213/i/
Redirect Chain
  • https://dmg.digitaltarget.ru/1/7213/i/i?a=948&e=uZQlT2ZA8xOn5ymSEhYJAg==&i=0.002108661948925672
  • https://dmg.digitaltarget.ru/awg/custom/7213/i/i?call_source=awg&ts=1715532564210&a=948&e=uZQlT2ZA8xOn5ymSEhYJAg==&i=0.002108661948925672
49 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/awg/custom/7213/i/i?call_source=awg&ts=1715532564210&a=948&e=uZQlT2ZA8xOn5ymSEhYJAg==&i=0.002108661948925672
Protocol
HTTP/1.1
Server
185.15.175.134 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://my-excel.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Sun, 12 May 2024 16:49:24 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Server
nginx
X-Permitted-Cross-Domain-Policies
master-only
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
49
X-XSS-Protection
1; mode=block

Redirect headers

Date
Sun, 12 May 2024 16:49:24 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Server
nginx
X-Permitted-Cross-Domain-Policies
master-only
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Location
https://dmg.digitaltarget.ru/awg/custom/7213/i/i?call_source=awg&ts=1715532564210&a=948&e=uZQlT2ZA8xOn5ymSEhYJAg==&i=0.002108661948925672
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
728638cb-586f-5285-a338-c9dec5783acb
fcgi4.gnezdo.ru/cookie_matching_ssp/betweenx-dsp/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43804&callback_url=https%3A%2F%2Ffcgi4.gnezdo.ru%2Fcookie_matching_ssp%2Fbetweenx-dsp%2F%24%7BUSER_ID%7D&uid=uZQlT2ZA8xOn5ymSEhYJAg==
  • https://ads.betweendigital.com/match?bidder_id=43804&callback_url=https%3A%2F%2Ffcgi4.gnezdo.ru%2Fcookie_matching_ssp%2Fbetweenx-dsp%2F%24%7BUSER_ID%7D&uid=uZQlT2ZA8xOn5ymSEhYJAg%3D%3D&crf=1&rts=28...
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/betweenx-dsp/728638cb-586f-5285-a338-c9dec5783acb
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/betweenx-dsp/728638cb-586f-5285-a338-c9dec5783acb
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://my-excel.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

server
nginx
date
Sun, 12 May 2024 16:49:25 GMT
content-type
image/gif; charset=utf-8

Redirect headers

location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/betweenx-dsp/728638cb-586f-5285-a338-c9dec5783acb
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
ZkDzE34MilI
fcgi4.gnezdo.ru/cookie_matching_ssp/kimber/
Redirect Chain
  • https://kimberlite.io/rtb/sync/gnezdo?u=uZQlT2ZA8xOn5ymSEhYJAg==
  • https://solta-sync.rutarget.ru/sync
  • https://kimberlite.io/rtb/sync/segmento?u=4z2qe_q4sVey
  • https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZkDzE34MilI
  • https://vma.mts.ru/match/second?ssp=59&exu=ZkDzE34MilI
  • https://tech.rtb.mts.ru/?dsp_uid=b9a29fec-c7af-43be-a12b-3fa9b1777330&return_url=https%3A%2F%2Fexchange.buzzoola.com%2Fcookiesync%2Fdsp%2Fstream-banner%3Fuid%3Db9a29fec-c7af-43be-a12b-3fa9b1777330%...
  • https://exchange.buzzoola.com/cookiesync/dsp/stream-banner?uid=b9a29fec-c7af-43be-a12b-3fa9b1777330&url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D4%26ssp%3Dbuzzoola%26id%3D%24%7BUUID%7D
  • https://exchange.buzzoola.com/cookiesync/dsp/stream-banner?set_buzzoola_cookie=t&uid=b9a29fec-c7af-43be-a12b-3fa9b1777330&url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D4%26ssp%3Dbuzzoola%26i...
  • https://vma.mts.ru/em?next=59&em=4&ssp=buzzoola&id=db75fabc-05be-4c64-7a88-ede085b2468f
  • https://kimberlite.io/rtb/sync/mts?u=b9a29fec-c7af-43be-a12b-3fa9b1777330
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kimber/ZkDzE34MilI
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kimber/ZkDzE34MilI
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

server
nginx
date
Sun, 12 May 2024 16:49:26 GMT
content-type
image/gif; charset=utf-8

Redirect headers

Date
Sun, 12 May 2024 16:49:26 GMT
referrer-policy
no-referrer
Server
nginx
access-control-allow-origin
*
location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kimber/ZkDzE34MilI
cache-control
no-store
access-control-allow-credentials
true
Connection
keep-alive
server-timing
app;srv=6;dur=0.0002
Content-Length
0
wSCtZR1K4ynTY2saJvf4
fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/
Redirect Chain
  • https://s.uuidksinc.net/match/971/?remote_uid=uZQlT2ZA8xOn5ymSEhYJAg==
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/wSCtZR1K4ynTY2saJvf4
43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/wSCtZR1K4ynTY2saJvf4
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://my-excel.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

server
nginx
date
Sun, 12 May 2024 16:49:24 GMT
content-type
image/gif; charset=utf-8

Redirect headers

location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/wSCtZR1K4ynTY2saJvf4
date
Sun, 12 May 2024 16:49:24 GMT
server
nginx/1.23.2
content-length
0
XkSHoYQd1fs50PmFnnWK
fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/
Redirect Chain
  • https://s.uuidksinc.net/match/388/?remote_uid=uZQlT2ZA8xOn5ymSEhYJAg==
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/XkSHoYQd1fs50PmFnnWK
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/XkSHoYQd1fs50PmFnnWK
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://my-excel.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

server
nginx
date
Sun, 12 May 2024 16:49:24 GMT
content-type
image/gif; charset=utf-8

Redirect headers

location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/XkSHoYQd1fs50PmFnnWK
date
Sun, 12 May 2024 16:49:24 GMT
server
nginx/1.23.2
content-length
0
match
dm.hybrid.ai/ 		0
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=172&uZQlT2ZA8xOn5ymSEhYJAg==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.230.131.16 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my-excel.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 12 May 2024 16:49:24 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
https://my-excel.ru
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
551
x-xss-protection
1; mode=block
expires
-1
uZQlT2ZA8xOn5ymSEhYJAg==
ia-dmp.com/cm/4/ 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ia-dmp.com/cm/4/uZQlT2ZA8xOn5ymSEhYJAg==
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.26.97.53 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
dsde981.fornex.org
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my-excel.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 12 May 2024 16:49:24 GMT
Strict-Transport-Security
max-age=31536000;
X-Content-Type-Options
nosniff
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
userbind
match.new-programmatic.com/ 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=gnezdo&id=uZQlT2ZA8xOn5ymSEhYJAg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my-excel.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 12 May 2024 16:49:24 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
0
Vary
Origin
AusTeNZ1Gn9RiCNxySNw0XQ
fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/
Redirect Chain
  • https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=uZQlT2ZA8xOn5ymSEhYJAg==
  • https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=uZQlT2ZA8xOn5ymSEhYJAg==&tuid=-5088042700
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/AusTeNZ1Gn9RiCNxySNw0XQ
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/AusTeNZ1Gn9RiCNxySNw0XQ
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://my-excel.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

server
nginx
date
Sun, 12 May 2024 16:49:24 GMT
content-type
image/gif; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Sun, 12 May 2024 16:49:24 GMT
Transfer-Encoding
chunked
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Content-Type
text/html
Location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/AusTeNZ1Gn9RiCNxySNw0XQ
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
0900007F14F34066280B5BBA026C031D
fcgi4.gnezdo.ru/cookie_matching_ssp/sape-ssp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=144&r=https%3A%2F%2Ffcgi4.gnezdo.ru%2Fcookie_matching_ssp%2Fsape-ssp%2F%24%7BUSER_ID%7D&euid=uZQlT2ZA8xOn5ymSEhYJAg==
  • https://www.acint.net/rmatch?r=https%3A%2F%2Ffcgi4.gnezdo.ru%2Fcookie_matching_ssp%2Fsape-ssp%2F$%7BUSER_ID%7D&dp=144&tc=1&euid=uZQlT2ZA8xOn5ymSEhYJAg%3D%3D
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Ffcgi4.gnezdo.ru%252Fcookie_matching_ssp%252Fsape-ssp%252F$%257BUSER_ID%...
  • https://acint.net/rmatch?dp=14&euid=2103420A14F340662100767F029A9572&r=https%3A%2F%2Ffcgi4.gnezdo.ru%2Fcookie_matching_ssp%2Fsape-ssp%2F$%7BUSER_ID%7D
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/sape-ssp/0900007F14F34066280B5BBA026C031D
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/sape-ssp/0900007F14F34066280B5BBA026C031D
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://my-excel.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

server
nginx
date
Sun, 12 May 2024 16:49:25 GMT
content-type
image/gif; charset=utf-8

Redirect headers

date
Sun, 12 May 2024 16:49:24 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/sape-ssp/0900007F14F34066280B5BBA026C031D
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
/
fcgi7.gnezdo.ru/e/ 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi7.gnezdo.ru/e/?dr=&du=https%3A//my-excel.ru/&tizer_id=347566&uid=uZQlT2ZA8xOn5ymSEhYJAg==&guid=uZQlT2ZA8xOn5ymSEhYJAg==&r=0.6660360395613854
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
93.95.103.98 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my-excel.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://my-excel.ru
date
Sun, 12 May 2024 16:49:24 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Origin, Accept, Content-Type, Set-Cookie, X-Requested-With
access-control-allow-methods
GET, POST, HEAD
content-type
image/gif; charset=windows-1251
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ 		24 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=347566&f=2&ref=https%3A//my-excel.ru/&gw=1520&gh=0&gsnr=0&rt=direct&gaid=0&gtvm=&ids=,3300683,3237841,3245012&fp=0bcb52090b4394e51474b4fdc6218ef3&guid=uZQlT2ZA8xOn5ymSEhYJAg==
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
1db3095d49f9067b7b62561df8a0f29565ad24773e9b15c4be733c2769bc7fdc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my-excel.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 12 May 2024 16:49:24 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://my-excel.ru
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
3300683_fb880b3e1a.webp
zn4.2xclick.ru/img/521x349/683/ Frame 1D23 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn4.2xclick.ru/img/521x349/683/3300683_fb880b3e1a.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
37.228.89.169 Moscow, Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
4c59dd739bd759e7ee615be18dec618c346de03352f43d460d0a2b8be806db8e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 16:49:24 GMT
quality
85
content-encoding
gzip
last-modified
Sun, 12 May 2024 10:06:32 GMT
server
nginx
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000, public
access-control-allow-credentials
true
content-length
16385
3237841_d8c32394a2.webp
zn4.2xclick.ru/img/521x349/841/ Frame 1D23 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn4.2xclick.ru/img/521x349/841/3237841_d8c32394a2.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
37.228.89.169 Moscow, Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
fb22bdb9829251b9200d378ff6b512e1b1ec4320fe23dde9f982a3abe5368d97

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 16:49:24 GMT
last-modified
Mon, 15 Apr 2024 18:42:33 GMT
server
nginx
etag
"661d7519-1a90"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000, public
access-control-allow-credentials
true
accept-ranges
bytes
content-length
6800
expires
Thu, 31 Dec 2037 23:55:55 GMT
3245012_4f5dc833dc.webp
zn4.2xclick.ru/img/521x349/012/ Frame 1D23 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn4.2xclick.ru/img/521x349/012/3245012_4f5dc833dc.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
37.228.89.169 Moscow, Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
38200ec722d1f3e5e0dfa87e523998f06c488a28c01889a7bd2f52c5fbc03b51

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 16:49:24 GMT
last-modified
Tue, 23 Apr 2024 09:09:58 GMT
server
nginx
etag
"66277ae6-2dae"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000, public
access-control-allow-credentials
true
accept-ranges
bytes
content-length
11694
expires
Thu, 31 Dec 2037 23:55:55 GMT
v
fcgi5.gnezdo.ru/ 		136 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/v
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
11f50d8467a8eb58336410e37944f904eb90ed4b83f9f59df01bc02365207d94

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://my-excel.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://my-excel.ru
date
Sun, 12 May 2024 16:49:24 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
access-control-allow-methods
GET, POST, HEAD
content-type
application/json; charset=utf-8
gnezdo_logo.png
news.gnezdo.ru/img/settings/ Frame 1455 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 16:49:23 GMT
last-modified
Tue, 17 Oct 2023 06:06:11 GMT
server
nginx
etag
"652e2453-b0f"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
2831
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame 1455 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4170972d16c9137f886ffccf6968a210e8105414623025145b443a2b02775bee

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1455 		277 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62cf7f420cd9171a7fa15ac5a3de08ad4db075dbeb568be59637ca3e646c1272

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1455 		323 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9745597b321f9ab7ad3b3f467b1b5b8a2063eba9d5ce877521972f0699f5a94f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1455 		308 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44b537c0962d90bf6155d6d3877d3ed7c42818ffe11ddd4a699a8c6574324132

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
3300716_37bcfb2194.webp
zn4.2xclick.ru/img/521x349/716/ Frame 1455 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn4.2xclick.ru/img/521x349/716/3300716_37bcfb2194.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
37.228.89.169 Moscow, Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
286d505f3cdbdedeb2c58761b0b06e51e6f800f59fac0feb609dd38258cd3e11

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 16:49:24 GMT
quality
85
content-encoding
gzip
last-modified
Sun, 12 May 2024 10:25:11 GMT
server
nginx
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000, public
access-control-allow-credentials
true
content-length
9993
3300673_07c9a07990.webp
zn4.2xclick.ru/img/521x349/673/ Frame 1455 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn4.2xclick.ru/img/521x349/673/3300673_07c9a07990.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
37.228.89.169 Moscow, Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
7dafdd6cf50f22524bcd75543d20dbaba1c6b41120d797015308ce00fb5016e6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 16:49:24 GMT
content-encoding
gzip
quality
85
last-modified
Sun, 12 May 2024 09:59:05 GMT
server
nginx
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000, public
access-control-allow-credentials
true
content-length
8777
3289102_2c517da55b.webp
zn5.2xclick.ru/img/521x349/102/ Frame 1455 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn5.2xclick.ru/img/521x349/102/3289102_2c517da55b.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.148.37.75 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
fobos.megoplan.ru
Software
nginx /
Resource Hash
1ca8af230b7ebf48c358413384ab7c912bdd693e41eb05000e9871dfb33ca221

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 16:49:24 GMT
last-modified
Sat, 11 May 2024 06:01:04 GMT
server
nginx
etag
"663f09a0-8038"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000, public
access-control-allow-credentials
true
accept-ranges
bytes
content-length
32824
expires
Thu, 31 Dec 2037 23:55:55 GMT
i
dmg.digitaltarget.ru/1/7213/i/ 		49 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/1/7213/i/i?a=948&e=uZQlT2ZA8xOn5ymSEhYJAg==&i=0.1976045433490432
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.15.175.134 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my-excel.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 12 May 2024 16:49:24 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Server
nginx
X-Permitted-Cross-Domain-Policies
master-only
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
49
X-XSS-Protection
1; mode=block
uZQlT2ZA8xOn5ymSEhYJAg==
ia-dmp.com/cm/4/ 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ia-dmp.com/cm/4/uZQlT2ZA8xOn5ymSEhYJAg==
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.26.97.53 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO firstcolo.net, DE),
Reverse DNS
dsde981.fornex.org
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my-excel.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 12 May 2024 16:49:24 GMT
Strict-Transport-Security
max-age=31536000;
X-Content-Type-Options
nosniff
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
match
dm.hybrid.ai/ 		0
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=172&uZQlT2ZA8xOn5ymSEhYJAg==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.230.131.16 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my-excel.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 12 May 2024 16:49:24 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
https://my-excel.ru
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
558
x-xss-protection
1; mode=block
expires
-1
/
fcgi7.gnezdo.ru/e/ 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi7.gnezdo.ru/e/?dr=&du=https%3A//my-excel.ru/&tizer_id=347566&uid=uZQlT2ZA8xOn5ymSEhYJAg==&guid=uZQlT2ZA8xOn5ymSEhYJAg==&r=0.5632067436858132
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
93.95.103.98 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my-excel.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://my-excel.ru
date
Sun, 12 May 2024 16:49:24 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Origin, Accept, Content-Type, Set-Cookie, X-Requested-With
access-control-allow-methods
GET, POST, HEAD
content-type
image/gif; charset=windows-1251
v
fcgi5.gnezdo.ru/ 		136 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/v
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
c09fa136ea390aa334c800b7f47e91564b3a783955643c45eec65d65864e792e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://my-excel.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://my-excel.ru
date
Sun, 12 May 2024 16:49:24 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
access-control-allow-methods
GET, POST, HEAD
content-type
application/json; charset=utf-8
rv.fcgi
fcgi5.2xclick.ru/cgi-bin/ 		43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.2xclick.ru/cgi-bin/rv.fcgi?tizer_id=347566&rv_tizer_id=0.33&gw=1520&gh=300&anons_ids=3300683fc.PfNybAUAUmNjdHIgWWJfQwE=&uid=uZQlT2ZA8xOn5ymSEhYJAg==&guid=uZQlT2ZA8xOn5ymSEhYJAg==&hb=0&ref=https%3A//my-excel.ru/&img_client=521x349&img_natural=335x224&r=0.4008151240000508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my-excel.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/gif; charset=windows-1251
date
Sun, 12 May 2024 16:49:25 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| gtag object| dataLayer object| gnezdoAsyncCallbacks object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| gnezdoErrorHandler function| loadFP object| gnezdo object| FingerprintJS

26 Cookies

Domain/Path Name / Value
kimberlite.io/rtb/sync Name: as
Value: -WrUeGZA8xM4WsfhZkDzFA
.my-excel.ru/ Name: _ga_PCYK4JE5LB
Value: GS1.1.1715532562.1.0.1715532562.0.0.0
.my-excel.ru/ Name: _ga
Value: GA1.1.338804629.1715532563
.gnezdo.ru/ Name: uid
Value: uZQlT2ZA8xOn5ymSEhYJAg==
.my-excel.ru/ Name: gnezdo_uid
Value: uZQlT2ZA8xOn5ymSEhYJAg==
.gnezdo.ru/ Name: weborama_cm
Value: 1
.uuidksinc.net/ Name: jcsuuid
Value: XkSHoYQd1fs50PmFnnWK
.aidata.io/ Name: __upin
Value: 8Uc9+KtJVvb+bn+lEi81gw
.aidata.io/ Name: __upints
Value: 1715532564
.dmg.digitaltarget.ru/ Name: viuserid
Value: Z5G44LzstQCGxE7FvoJA
.weborama.fr/ Name: AFFICHE_W
Value: 2KJ1CP2GhcHY41
kimberlite.io/ Name: u
Value: ZkDzE34MilI~1vlYTNI_n-hIWFhSFMT6zke-9Po
.acint.net/ Name: test_cookie
Value: CheckForPermission
.acint.net/ Name: aid
Value: fwAACWZA8xS6WwsoHQNsAluJ/lWrPr960TZmkr1c0/1cuR4Y
.rutarget.ru/ Name: userId
Value: 4z2qe_q4sVey
.acint.net/ Name: cSyncDp14v4
Value: 1715532564
.adriver.ru/ Name: cid
Value: AusTeNZ1Gn9RiCNxySNw0XQ
.mts.ru/ Name: dspid
Value: b9a29fec-c7af-43be-a12b-3fa9b1777330
.ssp-rtb.sape.ru/ Name: sspuid
Value: CkIDIWZA8xR/dgAhcpWaAisl/AWgC5P/R3QZBRFPC5Bo08IU
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 728638cb-586f-5285-a338-c9dec5783acb
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: ZkDzFQAC8eixN_sHA2Zt-F4NYhBOdLjCQj2mNQ==
.mts.ru/ Name: mts_id
Value: 7a776327-2921-45cc-9e74-fec986c6b499
.mts.ru/ Name: mts_id_last_sync
Value: 1715532644
.buzzoola.com/ Name: uuid
Value: db75fabc-05be-4c64-7a88-ede085b2468f

91 Console Messages

Source Level URL
Text
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my-excel.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acint.net
ads.betweendigital.com
dm.hybrid.ai
dmg.digitaltarget.ru
ev.adriver.ru
exchange.buzzoola.com
fcgi4.gnezdo.ru
fcgi5.2xclick.ru
fcgi5.gnezdo.ru
fcgi7.gnezdo.ru
ia-dmp.com
img.my-excel.ru
kimberlite.io
match.new-programmatic.com
my-excel.ru
news.2xclick.ru
news.gnezdo.ru
region1.google-analytics.com
s.uuidksinc.net
sm.rtb.mts.ru
solta-sync.rutarget.ru
ssp-rtb.sape.ru
tech.rtb.mts.ru
vma.mts.ru
wf-ru.frontend.weborama.fr
www.acint.net
www.googletagmanager.com
x01.aidata.io
zn4.2xclick.ru
zn5.2xclick.ru
142.132.138.212
168.119.9.59
172.67.142.130
178.154.231.214
185.148.37.75
185.148.37.79
185.15.175.134
185.26.97.53
188.42.189.197
193.3.184.218
195.209.108.55
2001:4860:4802:32::36
213.87.44.187
217.199.220.43
217.65.2.150
217.66.147.39
217.66.147.42
2a00:1450:4001:813::2008
31.220.27.135
37.228.89.169
37.230.131.16
89.108.120.68
93.95.102.105
93.95.103.98
94.139.255.195
11f50d8467a8eb58336410e37944f904eb90ed4b83f9f59df01bc02365207d94
1ca8af230b7ebf48c358413384ab7c912bdd693e41eb05000e9871dfb33ca221
1db3095d49f9067b7b62561df8a0f29565ad24773e9b15c4be733c2769bc7fdc
286d505f3cdbdedeb2c58761b0b06e51e6f800f59fac0feb609dd38258cd3e11
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53
38200ec722d1f3e5e0dfa87e523998f06c488a28c01889a7bd2f52c5fbc03b51
4170972d16c9137f886ffccf6968a210e8105414623025145b443a2b02775bee
44b537c0962d90bf6155d6d3877d3ed7c42818ffe11ddd4a699a8c6574324132
4780cbc24c13b927d4f0369dc91fc80dd5ad743b1c8bd2c2937b188082dde30b
4c59dd739bd759e7ee615be18dec618c346de03352f43d460d0a2b8be806db8e
5702c01e211809f94e9dc5f23966b1a868bd3020f2247a3df08e2c2947e4fac7
62cf7f420cd9171a7fa15ac5a3de08ad4db075dbeb568be59637ca3e646c1272
6f9a1e4f25be62559029ac5328a4c91d86c3123573d6f00d150f54884072965b
7dafdd6cf50f22524bcd75543d20dbaba1c6b41120d797015308ce00fb5016e6
8bf31c016979d0cfd504aad3f332fea509c528c0ce722104f713c48473d4e5dd
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9745597b321f9ab7ad3b3f467b1b5b8a2063eba9d5ce877521972f0699f5a94f
a318623ae227b37c344b8be807c08ebbba002fa94d88c94f8e1ed1df04dd8766
a72ef2c27863135e195fb4b481b6641482554663f52d6fb80377b6824a5320d1
b18c315b986e7bcf03bbfff949dd65345f4cbabeec5267ade74c354d73cf5e28
b4b601a8519a7e5017ecedf32c9782625d0f9231bacef9de67a995bde875f942
c09fa136ea390aa334c800b7f47e91564b3a783955643c45eec65d65864e792e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e1bc5debe0af0fd17ccfb3ff283669564a0f241e06c655f5f18886d1c883afc2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebb5b7f8d97ee08a730d771d9551b728e1edba14ce173f3c10c702bfbad9f575
faeb5537e14c2ac309fb2d2a0ca3da9c11b53c7d5c9de1e53072995ed21104fd
fb22bdb9829251b9200d378ff6b512e1b1ec4320fe23dde9f982a3abe5368d97