news.2xclick.ru Open in urlscan Pro
93.95.100.117  Public Scan

15 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

• https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fnews.2xclick.ru%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A41za72whyvnyouc9ib8bz3%3Afp%3A787%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A990%3Acn%3A2%3Adp%3A0%3Als%3A261053591662%3Ahid%3A679660081%3Az%3A0%3Ai%3A20230327234131%3Aet%3A1679960492%3Ac%3A1%3Arn%3A503695950%3Arqn%3A1%3Au%3A1679960492562331946%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A120%2C140%2C86%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1679960490647%3Ast%3A1679960492&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
• https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fnews.2xclick.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A41za72whyvnyouc9ib8bz3%3Afp%3A787%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A990%3Acn%3A2%3Adp%3A0%3Als%3A261053591662%3Ahid%3A679660081%3Az%3A0%3Ai%3A20230327234131%3Aet%3A1679960492%3Ac%3A1%3Arn%3A503695950%3Arqn%3A1%3Au%3A1679960492562331946%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A120%2C140%2C86%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1679960490647%3Ast%3A1679960492&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 49

• https://mc.yandex.ru/watch/11859022?wmode=7&page-url=https%3A%2F%2Fnews.2xclick.ru%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22gnezdoGroupId%22%3A%220%22%2C%22gnezdoSubId%22%3A0%2C%22gnezdoADGender%22%3A%22%22%2C%22gnezdoADAge%22%3A%22%22%2C%22gnezdoAIDGender%22%3A%22%22%2C%22gnezdoAIDAge%22%3A%22%22%2C%22gnezdoWBGender%22%3A%22%22%2C%22gnezdoWBAge%22%3A%22%22%2C%22gnezdoIp%22%3A%22146.70.117.102%22%2C%22gnezdoFP%22%3A%22%22%2C%22gnezdoDevice%22%3A%22desktop%22%2C%22gnezdoOs%22%3A%22windows%22%2C%22gnezdoBrowser%22%3A%22chrome%22%2C%22gnezdoBrowserV%22%3A%22111.0%22%2C%22gnezdoLentaId%22%3A%22def%22%7D&ut=noindex&browser-info=pv%3A1%3Avf%3A41za72whyvnyouc9ib8bz3%3Afp%3A787%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A990%3Acn%3A1%3Adp%3A0%3Als%3A306104834866%3Ahid%3A679660081%3Az%3A0%3Ai%3A20230327234131%3Aet%3A1679960492%3Ac%3A1%3Arn%3A29673158%3Arqn%3A1%3Au%3A1679960492562331946%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A120%2C140%2C86%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1679960490647%3Arqnl%3A1%3Ast%3A1679960492%3At%3AGnezdo.ru&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
• https://mc.yandex.ru/watch/11859022/1?wmode=7&page-url=https%3A%2F%2Fnews.2xclick.ru%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22gnezdoGroupId%22%3A%220%22%2C%22gnezdoSubId%22%3A0%2C%22gnezdoADGender%22%3A%22%22%2C%22gnezdoADAge%22%3A%22%22%2C%22gnezdoAIDGender%22%3A%22%22%2C%22gnezdoAIDAge%22%3A%22%22%2C%22gnezdoWBGender%22%3A%22%22%2C%22gnezdoWBAge%22%3A%22%22%2C%22gnezdoIp%22%3A%22146.70.117.102%22%2C%22gnezdoFP%22%3A%22%22%2C%22gnezdoDevice%22%3A%22desktop%22%2C%22gnezdoOs%22%3A%22windows%22%2C%22gnezdoBrowser%22%3A%22chrome%22%2C%22gnezdoBrowserV%22%3A%22111.0%22%2C%22gnezdoLentaId%22%3A%22def%22%7D&ut=noindex&browser-info=pv%3A1%3Avf%3A41za72whyvnyouc9ib8bz3%3Afp%3A787%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A990%3Acn%3A1%3Adp%3A0%3Als%3A306104834866%3Ahid%3A679660081%3Az%3A0%3Ai%3A20230327234131%3Aet%3A1679960492%3Ac%3A1%3Arn%3A29673158%3Arqn%3A1%3Au%3A1679960492562331946%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A120%2C140%2C86%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1679960490647%3Arqnl%3A1%3Ast%3A1679960492%3At%3AGnezdo.ru&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 71

• https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1679960491&ta=1600x1200&co=24&ref= HTTP 302
• https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1679960491&ta=1600x1200&co=24&ref=&BOUNCE=OK

Request Chain 72

• https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A%2F%2Fnews.2xclick.ru%2F HTTP 307
• https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A%2F%2Fnews.2xclick.ru%2F&bounce=1&random=3576130400 HTTP 302
• https://rd.frontend.weborama.fr/rd?key=wamsync HTTP 307
• https://rd.frontend.weborama.fr/rd?key=wamsync&bounce=1&random=1701805512 HTTP 302
• https://dx.frontend.weborama.com/collect?dsp_id=0&eid=ULtwIXoHPD9Q

Request Chain 76

• https://mc.webvisor.org/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9955.IPXoDv_ryFvYcwZEKEOu49drxR1eq8OnmWlbyEh2elW3IgNzTVVzDAjYvhVQt4Qd.OP8e5I-kGcPyMaFo4rdXUMGhp2A%2C HTTP 302
• https://mc.webvisor.org/sync_cookie_image_decide?token=9955.yNrvzct15gz6-djMVCvY2-2f3-_FAS_WHLGRnVsJb6K3JbqYro4nqfrlrK8B6zhWwyZqQnd3mLgV6GzoKvEU-6YGmi7A1XR3h_JtgGyOZagXLNKKBprrPeMhOnMy_Ljmh_irh-2rvrQCpS5S25cdzbdXkgNHzFjQJY5NZJo6QIBnKWihpJJy6rOddj0-6n6eMIsThFwwdL-MU97AOR54SMPT_jGrN4IQheWPpSmltBU%2C.m8erV7QUt0MJ1D2ywWjecJZnUmY%2C

Request Chain 88

• https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm=&google_tc= HTTP 302
• https://wam-google.solution.weborama.fr/pixel?google_gid=CAESELSyHzyTdPeEIjf6rlqJRFc&google_cver=1 HTTP 301
• https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESELSyHzyTdPeEIjf6rlqJRFc&google_gid=CAESELSyHzyTdPeEIjf6rlqJRFc&google_cver=1

Request Chain 89

• https://secure.adnxs.com/getuid?https://idsync.frontend.weborama.fr/ids?key=appnexus&value=$UID HTTP 307
• https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dappnexus%26value%3D%24UID HTTP 302
• https://idsync.frontend.weborama.fr/ids?key=appnexus&value=2004000819851269799

Request Chain 90

• https://gum.criteo.com/sync?c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40 HTTP 302
• https://gum.criteo.com/sync?s=1&c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40 HTTP 302
• https://idsync.frontend.weborama.fr/ids?key=criteov2&value=OQhcv3J-1PiLxntO4RNtb2LfW6CX_LXt

Request Chain 93

• https://pixel.tapad.com/idsync/ex/receive?partner_id=2964&partner_device_id=ULtwIXoHPD9Q HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=ULtwIXoHPD9Q

Request Chain 94

• https://a.audrte.com/match?p=1468142154&uid=OheYfYhrVahKgXB3LsAc/O HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bDczanJUaU4ybHJUMjJLLUJxZ2N1LXlqZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
• https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
• https://a.audrte.com/p

Request Chain 95

• https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=T2hlWWZZaHJWYWhLZ1hCM0xzQWMvTw HTTP 302
• https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=T2hlWWZZaHJWYWhLZ1hCM0xzQWMvTw&dcc=t

Request Chain 96

• https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&rdf=1 HTTP 302
• https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=B8DC856C-8925-4256-983D-1EAEF81A0B4C

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response news.2xclick.ru/	30 KB 10 KB	346ms 86ms	Document text/html	93.95.100.117 MTW-AS
General Check archive.org Show headers Download Go to Full URL https://news.2xclick.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS unspecified.mtw.ru Software nginx/1.10.3 / Resource Hash 81b7652b36a36d9a2fd72bb5909304cadaa24b90a80b44eec3c4fcfb87df4d00 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-control no-cache, no-store, must-revalidate Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Mon, 27 Mar 2023 23:41:30 GMT Expires Mon, 27 Mar 2023 23:41:31 GMT P3P policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Pragma no-cache Server nginx/1.10.3 Transfer-Encoding chunked
GET H2	200	style15.css zn2.gnezdo.news/new-lenta/	8 KB 8 KB	360ms 47ms	Stylesheet text/css	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Full URL https://zn2.gnezdo.news/new-lenta/style15.css?1234 Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash 95f9f7d5fc896cddb14ac87de2c177488da4249aa25c977a620cf99463d615d4 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Wed, 30 Sep 2020 04:23:00 GMT server nginx/1.22.1 etag "5f740824-1e61" content-type text/css access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 7777 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	health.css zn2.gnezdo.news/new-lenta/	2 KB 3 KB	403ms 90ms	Stylesheet text/css	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Full URL https://zn2.gnezdo.news/new-lenta/health.css?1 Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash 01266b002c3a5fd944f5d5a6c9a7bcedf1274ea6c9baef3d2f14457d364014da Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Tue, 29 Sep 2020 05:06:00 GMT server nginx/1.22.1 etag "5f72c0b8-8f1" content-type text/css access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 2289 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	gnezdo_news_tracker_new.js Show response news.gnezdo.ru/	13 KB 14 KB	276ms 90ms	Script application/javascript	93.95.100.117 MTW-AS
General Check archive.org Show headers Download Go to Full URL https://news.gnezdo.ru/gnezdo_news_tracker_new.js Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS unspecified.mtw.ru Software nginx/1.10.3 / Resource Hash 85ecb3d3a12f481dfa0caee7f6802a1f69eab9db5851f06b981baa4cfa258c3e Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Mon, 27 Mar 2023 23:41:31 GMT Last-Modified Thu, 16 Mar 2023 14:30:32 GMT Server nginx/1.10.3 ETag "64132808-33fb" Content-Type application/javascript Access-Control-Allow-Origin * P3P policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Cache-Control max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 13307 Expires Tue, 28 Mar 2023 23:41:31 GMT
GET H2	200	white-logo.png zn2.gnezdo.news/new-lenta/img/	4 KB 5 KB	426ms 137ms	Image image/png	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/new-lenta/img/white-logo.png Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash f3d3d5e79c6c3971916ebb40d8f16c3d584efe53669023273eeca33928178bfe Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Fri, 12 Jul 2019 13:56:00 GMT server nginx/1.22.1 etag "5d289170-1100" content-type image/png access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 4352 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	enter_ad.png zn2.gnezdo.news/src/	693 B 1 KB	134ms 134ms	Image image/png	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/src/enter_ad.png Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash 679c798fd4e7e8b2e875df662470ae6a0e01f5d8490a8d22bca5d419b30987cd Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Tue, 25 Apr 2017 08:51:00 GMT server nginx/1.22.1 etag "58ff0df4-2b5" content-type image/png access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 693 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	health.jpg news.gnezdo.ru/tests/health/	4 KB 5 KB	224ms 53ms	Image image/jpeg	93.95.100.117 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://news.gnezdo.ru/tests/health/health.jpg Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS unspecified.mtw.ru Software nginx/1.10.3 / Resource Hash 1c38153acac347bda02a24b09e16db230167f0a51d6d1974ff1e505c1282bdd6 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Mon, 27 Mar 2023 23:41:31 GMT Last-Modified Thu, 08 Nov 2018 10:09:56 GMT Server nginx/1.10.3 ETag "5be40b74-110b" Content-Type image/jpeg P3P policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Cache-Control max-age=31536000, public Connection keep-alive Accept-Ranges bytes Content-Length 4363 Expires Tue, 26 Mar 2024 23:41:31 GMT
GET H2	200	jquery-2.2.4.min.js Show response zn2.gnezdo.news/js/	84 KB 84 KB	381ms 92ms	Script application/javascript	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Full URL https://zn2.gnezdo.news/js/jquery-2.2.4.min.js Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Fri, 20 Apr 2018 12:54:00 GMT server nginx/1.22.1 etag "5ad9e2e8-14e4a" content-type application/javascript access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 85578 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	modernizr.js Show response zn2.gnezdo.news/new-lenta/	3 KB 3 KB	425ms 137ms	Script application/javascript	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Full URL https://zn2.gnezdo.news/new-lenta/modernizr.js Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash 840f575220d6b42197251483e8b3b486bce6f7c4c4bddfff022580d3bb39ce4b Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Thu, 28 Jun 2018 10:55:00 GMT server nginx/1.22.1 etag "5b34be84-aa9" content-type application/javascript access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 2729 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	new_lenta_colors15.js Show response zn2.gnezdo.news/js/	5 KB 5 KB	426ms 137ms	Script application/javascript	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Full URL https://zn2.gnezdo.news/js/new_lenta_colors15.js Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash f6f11d50372d88190696b17264e1609349ae7195af0cd44e95ffe632f8a322f3 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Wed, 19 Oct 2022 06:06:24 GMT server nginx/1.22.1 etag "634f93e0-1253" content-type application/javascript access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 4691 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 971 B	35ms 15ms	Stylesheet text/css	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto+Condensed Requested by Host: zn2.gnezdo.news URL: https://zn2.gnezdo.news/new-lenta/style15.css?1234 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 80efbfcfad67fc0fa5a9d8cc84eb35951eea2d2e179a6fc51c82463c9e70a5dc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://zn2.gnezdo.news/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 27 Mar 2023 23:41:31 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 27 Mar 2023 22:15:22 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 27 Mar 2023 23:41:31 GMT
GET H/1.1	200 OK	1pc.html Show response news.gnezdo.ru/ Frame 34F2	1 KB 990 B	46ms 45ms	Document text/html	93.95.100.117 MTW-AS
General Check archive.org Show headers Download Go to Full URL https://news.gnezdo.ru/1pc.html Requested by Host: news.gnezdo.ru URL: https://news.gnezdo.ru/gnezdo_news_tracker_new.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS unspecified.mtw.ru Software nginx/1.10.3 / Resource Hash c6e0fc3d278b2e636153eac2d900942a0573459d0acaa4429f70d309212a2cf9 Request headers Referer https://news.2xclick.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers Set-Cookie Cache-Control max-age=86400 Connection keep-alive Content-Encoding gzip Content-Type text/html Date Mon, 27 Mar 2023 23:41:31 GMT ETag W/"63ee119e-41f" Expires Tue, 28 Mar 2023 23:41:31 GMT Last-Modified Thu, 16 Feb 2023 11:21:02 GMT Server nginx/1.10.3 Transfer-Encoding chunked
GET H2	200	watch.js Show response cdn.jsdelivr.net/npm/yandex-metrica-watch/	163 KB 67 KB	43ms 18ms	Script application/javascript	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0f46d6efc6f97c56b34ad1181f6ad36f373d6767a9895553d21396ee2ee7c7d2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 3041 x-jsd-version 1.261.0 content-encoding br x-cache HIT, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra-eddf8230070-FRA, cache-bma1630-BMA x-jsd-version-type version server cloudflare etag W/"28c5a-GD3hFIE5EvXRpV+kp3oVGHoIvks" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCUU5529uZymZeodEiWzbmOWRZ7UUUpTL5Vpc31cJ8312NeiZq7kQsRqP0k1JfF0t757betRH1Pv09EORjDRe7uTgno%2BprSTbxOXJUCyAOkM%2BVXXau%2Bz5Hx5LXeP%2FgvZoObRcD%2FdhGu65B58fYw%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 7aeb7c0f788f903d-FRA
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	42ms 6ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 27 Mar 2023 22:05:11 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 5780 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Tue, 28 Mar 2023 00:05:11 GMT
GET H2	200	products.js Show response cstatic.weborama.fr/js/	34 KB 9 KB	88ms 15ms	Script text/javascript	93.184.221.133 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://cstatic.weborama.fr/js/products.js Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ama/4898) / Resource Hash 9bf258dbccffe85d0ed225b22bd7e49794b4217e6b9afcb20f1d3e6848bb43fd Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT content-encoding gzip last-modified Mon, 27 Mar 2023 09:36:36 GMT server ECAcc (ama/4898) age 49618 etag "600294179+gzip" vary Accept-Encoding x-cache HIT content-type text/javascript access-control-allow-origin * p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" cache-control max-age=604800 content-length 9462 expires Mon, 03 Apr 2023 23:41:31 GMT
GET H2	200	context.js Show response an.yandex.ru/system/	283 KB 83 KB	201ms 74ms	Script text/javascript	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/system/context.js Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 59dde73e6d592f7884533020b99324686ed1a450904439ea6d760b5b8e5057b4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br x-yandex-req-id 1679960491559057-1736352167963380517600125-production-app-host-sas-pcode-318 content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Tue, 28 Mar 2023 00:41:31 GMT
GET H2	200	pink-top.png zn2.gnezdo.news/new-lenta/img/	143 B 539 B	84ms 78ms	Image image/png	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/new-lenta/img/pink-top.png Requested by Host: zn2.gnezdo.news URL: https://zn2.gnezdo.news/new-lenta/style15.css?1234 Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash 91a23159638a846a426eb990ec53821e49518e78924d10f45ee5178ba44de83b Request headers accept-language de-DE,de;q=0.9 Referer https://zn2.gnezdo.news/new-lenta/style15.css?1234 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Tue, 20 Aug 2019 12:24:00 GMT server nginx/1.22.1 etag "5d5be660-8f" content-type image/png access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 143 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	u13683_favicon_92ef0533a0.png news.gnezdo.ru/img/original/	2 KB 2 KB	74ms 68ms	Image image/png	93.95.100.117 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://news.gnezdo.ru/img/original/u13683_favicon_92ef0533a0.png Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS unspecified.mtw.ru Software nginx/1.10.3 / Resource Hash 4ef17c125b27ad5467de4544755c36c1e90b78b5e0b06df16b7e299af0c247a7 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Mon, 27 Mar 2023 23:41:31 GMT Last-Modified Tue, 25 Dec 2018 10:54:25 GMT Server nginx/1.10.3 ETag "5c220c61-63c" Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection keep-alive Accept-Ranges bytes Content-Length 1596 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	u14445_favicon_539407c61f.png news.gnezdo.ru/img/original/	2 KB 3 KB	155ms 49ms	Image image/png	93.95.100.117 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://news.gnezdo.ru/img/original/u14445_favicon_539407c61f.png Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS unspecified.mtw.ru Software nginx/1.10.3 / Resource Hash 6a0735896a23d7f5db1ec1420f2174f947c2c1a6986a2a752aaef5c12e092db5 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Mon, 27 Mar 2023 23:41:31 GMT Last-Modified Wed, 08 May 2019 17:42:22 GMT Server nginx/1.10.3 ETag "5cd314fe-93e" Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection keep-alive Accept-Ranges bytes Content-Length 2366 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	u27115_favicon_a1e7a7800a.png news.gnezdo.ru/img/original/	1 KB 2 KB	177ms 51ms	Image image/png	93.95.100.117 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://news.gnezdo.ru/img/original/u27115_favicon_a1e7a7800a.png Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS unspecified.mtw.ru Software nginx/1.10.3 / Resource Hash 254e3444d843fbbc26ef498ae46056f369e57461f9edfb66b28d9aa48ed7211c Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Mon, 27 Mar 2023 23:41:31 GMT Last-Modified Wed, 25 May 2022 13:01:49 GMT Server nginx/1.10.3 ETag "628e28bd-4d7" Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection keep-alive Accept-Ranges bytes Content-Length 1239 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	u26394_favicon_e060bf0ff1.png news.gnezdo.ru/img/original/	2 KB 2 KB	126ms 41ms	Image image/png	93.95.100.117 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://news.gnezdo.ru/img/original/u26394_favicon_e060bf0ff1.png Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS unspecified.mtw.ru Software nginx/1.10.3 / Resource Hash f2508f977e7d9faf4999c405318686c7b5f149bc669af684bf2e5ca13c0e0776 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Mon, 27 Mar 2023 23:41:31 GMT Last-Modified Mon, 14 Mar 2022 17:03:00 GMT Server nginx/1.10.3 ETag "622f7544-6c3" Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection keep-alive Accept-Ranges bytes Content-Length 1731 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	u4265_favicon__c85719197a.jpg news.gnezdo.ru/img/original/	477 B 845 B	130ms 45ms	Image image/jpeg	93.95.100.117 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://news.gnezdo.ru/img/original/u4265_favicon__c85719197a.jpg Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS unspecified.mtw.ru Software nginx/1.10.3 / Resource Hash 937f85db9f7e2480efcae63cd3386b2f4d7b8433e3ea12fd90fd4510c094c0a7 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Mon, 27 Mar 2023 23:41:31 GMT Last-Modified Fri, 25 May 2018 14:17:14 GMT Server nginx/1.10.3 ETag "5b081aea-1dd" Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection keep-alive Accept-Ranges bytes Content-Length 477 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	u11546_favicon__e8314df49c.jpg news.gnezdo.ru/img/original/	506 B 874 B	80ms 47ms	Image image/jpeg	93.95.100.117 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://news.gnezdo.ru/img/original/u11546_favicon__e8314df49c.jpg Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS unspecified.mtw.ru Software nginx/1.10.3 / Resource Hash 4f743692d1d95c7e276e7af9350b0e386c1f22fa6a40067c1741b67a72506fda Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Mon, 27 Mar 2023 23:41:31 GMT Last-Modified Fri, 25 May 2018 14:15:53 GMT Server nginx/1.10.3 ETag "5b081a99-1fa" Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection keep-alive Accept-Ranges bytes Content-Length 506 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	u11107_favicon__bef0fb0ed6.jpg news.gnezdo.ru/img/original/	425 B 793 B	137ms 46ms	Image image/jpeg	93.95.100.117 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://news.gnezdo.ru/img/original/u11107_favicon__bef0fb0ed6.jpg Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS unspecified.mtw.ru Software nginx/1.10.3 / Resource Hash 54e400bb1eb9cfd62904f0452551e31673c66b334d89cb7a8c15ffb16622d3a5 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Mon, 27 Mar 2023 23:41:31 GMT Last-Modified Fri, 25 May 2018 14:16:51 GMT Server nginx/1.10.3 ETag "5b081ad3-1a9" Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection keep-alive Accept-Ranges bytes Content-Length 425 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	u11689_favicon__f8dc0bce02.jpg news.gnezdo.ru/img/original/	445 B 813 B	113ms 49ms	Image image/jpeg	93.95.100.117 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://news.gnezdo.ru/img/original/u11689_favicon__f8dc0bce02.jpg Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS unspecified.mtw.ru Software nginx/1.10.3 / Resource Hash 7f80bc17b13f88a05d28823012e5c2ae63cd64951a9db105d27fad7909cfc1a1 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Mon, 27 Mar 2023 23:41:31 GMT Last-Modified Fri, 25 May 2018 14:14:29 GMT Server nginx/1.10.3 ETag "5b081a45-1bd" Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection keep-alive Accept-Ranges bytes Content-Length 445 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	u9264_favicon__1b6e62d7cc.jpg news.gnezdo.ru/img/original/	202 B 569 B	127ms 42ms	Image image/jpeg	93.95.100.117 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://news.gnezdo.ru/img/original/u9264_favicon__1b6e62d7cc.jpg Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS unspecified.mtw.ru Software nginx/1.10.3 / Resource Hash 9e08ecb435c5f89f8bedc57f593d6c414c4acb4015427ac61441bff4b150e5d3 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Mon, 27 Mar 2023 23:41:31 GMT Last-Modified Fri, 25 May 2018 14:12:41 GMT Server nginx/1.10.3 ETag "5b0819d9-ca" Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection keep-alive Accept-Ranges bytes Content-Length 202 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1610823_87cfb2c491.jpg zn2.gnezdo.news/img/300x300/823/	17 KB 18 KB	82ms 77ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/300x300/823/1610823_87cfb2c491.jpg Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash 6ee44e14db8435a87d898b79892a244614629fdb4f33c4b0057b32d794919317 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Fri, 24 Mar 2023 15:30:39 GMT server nginx/1.22.1 etag "641dc21f-4550" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 17744 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	like.png zn2.gnezdo.news/new-lenta/img/	684 B 1 KB	85ms 80ms	Image image/png	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/new-lenta/img/like.png Requested by Host: zn2.gnezdo.news URL: https://zn2.gnezdo.news/new-lenta/style15.css?1234 Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash b59d5d931ece7fab4c2378e6e3979c793f6e52e8a1bc6e7c1fa569e03d96f49f Request headers accept-language de-DE,de;q=0.9 Referer https://zn2.gnezdo.news/new-lenta/style15.css?1234 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Thu, 28 Jun 2018 10:56:00 GMT server nginx/1.22.1 etag "5b34bec0-2ac" content-type image/png access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 684 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	close.png zn2.gnezdo.news/new-lenta/img/	276 B 672 B	86ms 81ms	Image image/png	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/new-lenta/img/close.png Requested by Host: zn2.gnezdo.news URL: https://zn2.gnezdo.news/new-lenta/style15.css?1234 Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash 9b6b5e0c551bac6ccde502c3bf5c75d1efe6b1da975c0d251a4a17b8adcc74a5 Request headers accept-language de-DE,de;q=0.9 Referer https://zn2.gnezdo.news/new-lenta/style15.css?1234 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Thu, 28 Jun 2018 10:56:00 GMT server nginx/1.22.1 etag "5b34bec0-114" content-type image/png access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 276 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1416647_c728adbfd7.jpg zn2.gnezdo.news/img/280x217/647/	14 KB 14 KB	87ms 82ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/280x217/647/1416647_c728adbfd7.jpg Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash 45a1d84a627b77f30b4ad0fd2354e02a8f877a69d297fc9a9b459c9e8dabded5 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Fri, 14 Oct 2022 14:49:24 GMT server nginx/1.22.1 etag "634976f4-36cd" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 14029 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1611157_2c503e12d8.jpg zn2.gnezdo.news/img/280x217/157/	9 KB 9 KB	87ms 83ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/280x217/157/1611157_2c503e12d8.jpg Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash eb1f14879b0a0aceccbe252edeec0845d351237465991b5f7809b1953913bff6 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Sat, 25 Mar 2023 07:25:30 GMT server nginx/1.22.1 etag "641ea1ea-242c" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 9260 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1612208_c5eee1b336.jpg zn2.gnezdo.news/img/300x300/208/	15 KB 16 KB	88ms 84ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/300x300/208/1612208_c5eee1b336.jpg Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash b42e7c13e71bb112dd31d77e1047d189a1b28824f1a5e34e4d9eaf2cfaed4c2b Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Sun, 26 Mar 2023 16:30:47 GMT server nginx/1.22.1 etag "64207337-3ce0" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 15584 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1459951_f98ad461f6.jpg zn2.gnezdo.news/img/280x217/951/	20 KB 20 KB	90ms 87ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/280x217/951/1459951_f98ad461f6.jpg Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash b27c88e59e3c34b7ecc8b0bca38a4c8daea60d855199772825cc70933b6e08b9 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Thu, 10 Nov 2022 19:45:50 GMT server nginx/1.22.1 etag "636d54ee-4e0c" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 19980 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1612028_a73180120a.jpg zn2.gnezdo.news/img/280x217/028/	9 KB 10 KB	91ms 87ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/280x217/028/1612028_a73180120a.jpg Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash 67d20392235a918312c8e6d82ad6721c01dce887d69a0ea52a2298cf25466ba1 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Sun, 26 Mar 2023 10:33:30 GMT server nginx/1.22.1 etag "64201f7a-2573" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 9587 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1601615_3a17b1f0ed.jpg zn2.gnezdo.news/img/280x217/615/	15 KB 16 KB	91ms 87ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/280x217/615/1601615_3a17b1f0ed.jpg Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash 224afd8221e317139f204ef7130daaa80431b34c528af69d611c59164ebf3277 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Wed, 15 Mar 2023 12:24:47 GMT server nginx/1.22.1 etag "6411b90f-3cd5" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 15573 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1555786_c5c44a045d.jpg zn2.gnezdo.news/img/280x217/786/	15 KB 16 KB	91ms 87ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/280x217/786/1555786_c5c44a045d.jpg Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash 8cf14336f076f6387afbbfdb7fadb701aa3cc10b33b9d0e94ed9eb2a4bfd4eb4 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Sun, 05 Feb 2023 08:55:21 GMT server nginx/1.22.1 etag "63df6ef9-3d49" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 15689 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1557481_a5964207be.jpg zn2.gnezdo.news/img/280x217/481/	11 KB 12 KB	91ms 88ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/280x217/481/1557481_a5964207be.jpg Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash b1116e24f4bd00cf32dc05e2515d3121ed8e5c9f0b64efe811795521bdee4046 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Mon, 06 Feb 2023 18:07:39 GMT server nginx/1.22.1 etag "63e141eb-2dd1" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 11729 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1609698_e7cc43c12b.jpg zn2.gnezdo.news/img/280x217/698/	13 KB 13 KB	91ms 88ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/280x217/698/1609698_e7cc43c12b.jpg Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash d3b98c5cab17cec4076fd8c8d91f8e85d000c9257ad00d3f2d40345644891e74 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Thu, 23 Mar 2023 15:18:14 GMT server nginx/1.22.1 etag "641c6db6-344a" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 13386 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1610490_008750cbfe.jpg zn2.gnezdo.news/img/300x300/490/	22 KB 22 KB	91ms 88ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/300x300/490/1610490_008750cbfe.jpg Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash 39f6a70bff4ad354a986d4979492c3eaf2847b42811a524801e1b312bf62fdd2 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Fri, 24 Mar 2023 08:55:40 GMT server nginx/1.22.1 etag "641d658c-582a" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 22570 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1225231_cdc9e3ef11.jpg zn2.gnezdo.news/img/280x217/231/	15 KB 16 KB	91ms 88ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/280x217/231/1225231_cdc9e3ef11.jpg Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash ad076dbee5c759d0d08c259e427eca036bbe2e8415ec75f2fb0215edc8928543 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Mon, 15 Nov 2021 05:53:00 GMT server nginx/1.22.1 etag "6191f5bc-3de4" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 15844 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1556779_03567f674f.jpg zn2.gnezdo.news/img/280x217/779/	11 KB 12 KB	91ms 88ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/280x217/779/1556779_03567f674f.jpg Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash 2d1b0501a156631e0075ff169a79cb04942f4276d3e96304731a2ffa6f318098 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Mon, 06 Feb 2023 10:31:21 GMT server nginx/1.22.1 etag "63e0d6f9-2c91" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 11409 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1303028_7801e70a35.jpg zn2.gnezdo.news/img/300x300/028/	14 KB 14 KB	91ms 89ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/300x300/028/1303028_7801e70a35.jpg Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash f17077885b54deb51a425e2dbfff21ba6edb459244142653b10791d96e9b760e Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Tue, 14 Jun 2022 08:06:08 GMT server nginx/1.22.1 etag "62a84170-36e0" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 14048 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1541954_dc8e5d68b7.jpg zn2.gnezdo.news/img/280x217/954/	9 KB 10 KB	91ms 89ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/280x217/954/1541954_dc8e5d68b7.jpg Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash 8f4b52cc452900e0708b63b665512310b2a057de69ed34ba143306da08a81c6a Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Tue, 24 Jan 2023 13:31:29 GMT server nginx/1.22.1 etag "63cfddb1-25a4" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 9636 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1566862_4e52560193.jpg zn2.gnezdo.news/img/280x217/862/	10 KB 10 KB	91ms 89ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/280x217/862/1566862_4e52560193.jpg Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash 4d0af9ed5d7c7ce584a53209cd426f3860108439b92cad54d551ae7a6a3b9061 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Mon, 13 Feb 2023 10:40:17 GMT server nginx/1.22.1 etag "63ea1391-2679" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 9849 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1280952_6cf4b44735.jpg zn2.gnezdo.news/img/280x217/952/	11 KB 12 KB	92ms 89ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/280x217/952/1280952_6cf4b44735.jpg Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash be450e094e932689916b0c110039b96d637600afba33dd944f6de2e5785c9d52 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Wed, 30 Mar 2022 08:43:19 GMT server nginx/1.22.1 etag "62441827-2cfa" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 11514 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2 fonts.gstatic.com/s/robotocondensed/v25/	9 KB 10 KB	29ms 7ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto+Condensed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bddd7c9debeee9bccc8d6a0f0990743d3db200fe23fc08dbad9e60a007e52919 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://news.2xclick.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 21 Mar 2023 08:37:54 GMT x-content-type-options nosniff age 572617 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9692 x-xss-protection 0 last-modified Tue, 19 Apr 2022 18:44:23 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 20 Mar 2024 08:37:54 GMT
GET H2	200	ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 fonts.gstatic.com/s/robotocondensed/v25/	15 KB 15 KB	30ms 8ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto+Condensed Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://news.2xclick.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Tue, 21 Mar 2023 08:37:42 GMT x-content-type-options nosniff age 572629 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15700 x-xss-protection 0 last-modified Tue, 19 Apr 2022 18:51:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 20 Mar 2024 08:37:42 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 209 B	14ms 14ms	XHR text/plain	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j99&a=659232560&t=pageview&_s=1&dl=https%3A%2F%2Fnews.2xclick.ru%2F&ul=en-us&de=UTF-8&dt=Gnezdo.ru&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=94284536&gjid=390611051&cid=1807837546.1679960491&tid=UA-5044672-6&_gid=1424680444.1679960491&_r=1&_slc=1&z=1617273801 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://news.2xclick.ru/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 27 Mar 2023 23:41:31 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://news.2xclick.ru cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 349 B	71ms 20ms	XHR text/plain	2a00:1450:400c:c03::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-5044672-6&cid=1807837546.1679960491&jid=94284536&gjid=390611051&_gid=1424680444.1679960491&_u=IEBAAEAAAAAAACAAI~&z=173935921 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c03::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://news.2xclick.ru/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Mon, 27 Mar 2023 23:41:31 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://news.2xclick.ru cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	1 Show response mc.yandex.ru/watch/3/ Redirect Chain https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fnews.2xclick.ru%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A41za72whyvnyouc9ib8bz3%3Afp%3A787%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-U... https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fnews.2xclick.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A41za72whyvnyouc9ib8bz3%3Afp%3A787%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-...	264 B 347 B	54ms 54ms	XHR application/json	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fnews.2xclick.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A41za72whyvnyouc9ib8bz3%3Afp%3A787%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A990%3Acn%3A2%3Adp%3A0%3Als%3A261053591662%3Ahid%3A679660081%3Az%3A0%3Ai%3A20230327234131%3Aet%3A1679960492%3Ac%3A1%3Arn%3A503695950%3Arqn%3A1%3Au%3A1679960492562331946%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A120%2C140%2C86%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1679960490647%3Ast%3A1679960492&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29 Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash d5173e2ff748518e3b85e353da5272b53015928244380530c03f52617af9b1df Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 23:41:31 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Mon, 27-Mar-2023 23:41:31 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://news.2xclick.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 264 x-xss-protection 1; mode=block expires Mon, 27-Mar-2023 23:41:31 GMT Redirect headers pragma no-cache date Mon, 27 Mar 2023 23:41:31 GMT strict-transport-security max-age=31536000 last-modified Mon, 27-Mar-2023 23:41:31 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA location /watch/3/1?wmode=7&page-url=https%3A%2F%2Fnews.2xclick.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A41za72whyvnyouc9ib8bz3%3Afp%3A787%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A990%3Acn%3A2%3Adp%3A0%3Als%3A261053591662%3Ahid%3A679660081%3Az%3A0%3Ai%3A20230327234131%3Aet%3A1679960492%3Ac%3A1%3Arn%3A503695950%3Arqn%3A1%3Au%3A1679960492562331946%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A120%2C140%2C86%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1679960490647%3Ast%3A1679960492&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29 access-control-allow-origin https://news.2xclick.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Mon, 27-Mar-2023 23:41:31 GMT
GET H2	200	1 Show response mc.yandex.ru/watch/11859022/ Redirect Chain https://mc.yandex.ru/watch/11859022?wmode=7&page-url=https%3A%2F%2Fnews.2xclick.ru%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22gne... https://mc.yandex.ru/watch/11859022/1?wmode=7&page-url=https%3A%2F%2Fnews.2xclick.ru%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22g...	428 B 464 B	56ms 56ms	XHR application/json	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/11859022/1?wmode=7&page-url=https%3A%2F%2Fnews.2xclick.ru%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22gnezdoGroupId%22%3A%220%22%2C%22gnezdoSubId%22%3A0%2C%22gnezdoADGender%22%3A%22%22%2C%22gnezdoADAge%22%3A%22%22%2C%22gnezdoAIDGender%22%3A%22%22%2C%22gnezdoAIDAge%22%3A%22%22%2C%22gnezdoWBGender%22%3A%22%22%2C%22gnezdoWBAge%22%3A%22%22%2C%22gnezdoIp%22%3A%22146.70.117.102%22%2C%22gnezdoFP%22%3A%22%22%2C%22gnezdoDevice%22%3A%22desktop%22%2C%22gnezdoOs%22%3A%22windows%22%2C%22gnezdoBrowser%22%3A%22chrome%22%2C%22gnezdoBrowserV%22%3A%22111.0%22%2C%22gnezdoLentaId%22%3A%22def%22%7D&ut=noindex&browser-info=pv%3A1%3Avf%3A41za72whyvnyouc9ib8bz3%3Afp%3A787%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A990%3Acn%3A1%3Adp%3A0%3Als%3A306104834866%3Ahid%3A679660081%3Az%3A0%3Ai%3A20230327234131%3Aet%3A1679960492%3Ac%3A1%3Arn%3A29673158%3Arqn%3A1%3Au%3A1679960492562331946%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A120%2C140%2C86%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1679960490647%3Arqnl%3A1%3Ast%3A1679960492%3At%3AGnezdo.ru&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29 Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash e9745f22b82b0b86ab7eb5b8e4f9d292ab266cf80b0878c522ef3bc8907b58e1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 23:41:31 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Mon, 27-Mar-2023 23:41:31 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://news.2xclick.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 428 x-xss-protection 1; mode=block expires Mon, 27-Mar-2023 23:41:31 GMT Redirect headers pragma no-cache date Mon, 27 Mar 2023 23:41:31 GMT strict-transport-security max-age=31536000 last-modified Mon, 27-Mar-2023 23:41:31 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA location /watch/11859022/1?wmode=7&page-url=https%3A%2F%2Fnews.2xclick.ru%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22gnezdoGroupId%22%3A%220%22%2C%22gnezdoSubId%22%3A0%2C%22gnezdoADGender%22%3A%22%22%2C%22gnezdoADAge%22%3A%22%22%2C%22gnezdoAIDGender%22%3A%22%22%2C%22gnezdoAIDAge%22%3A%22%22%2C%22gnezdoWBGender%22%3A%22%22%2C%22gnezdoWBAge%22%3A%22%22%2C%22gnezdoIp%22%3A%22146.70.117.102%22%2C%22gnezdoFP%22%3A%22%22%2C%22gnezdoDevice%22%3A%22desktop%22%2C%22gnezdoOs%22%3A%22windows%22%2C%22gnezdoBrowser%22%3A%22chrome%22%2C%22gnezdoBrowserV%22%3A%22111.0%22%2C%22gnezdoLentaId%22%3A%22def%22%7D&ut=noindex&browser-info=pv%3A1%3Avf%3A41za72whyvnyouc9ib8bz3%3Afp%3A787%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A990%3Acn%3A1%3Adp%3A0%3Als%3A306104834866%3Ahid%3A679660081%3Az%3A0%3Ai%3A20230327234131%3Aet%3A1679960492%3Ac%3A1%3Arn%3A29673158%3Arqn%3A1%3Au%3A1679960492562331946%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A120%2C140%2C86%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1679960490647%3Arqnl%3A1%3Ast%3A1679960492%3At%3AGnezdo.ru&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29 access-control-allow-origin https://news.2xclick.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Mon, 27-Mar-2023 23:41:31 GMT
GET H/1.1	200 OK	fp.min.js Show response news.gnezdo.ru/fingerprintjs/dist/	44 KB 18 KB	86ms 85ms	Script application/javascript	93.95.100.117 MTW-AS
General Check archive.org Show headers Download Go to Full URL https://news.gnezdo.ru/fingerprintjs/dist/fp.min.js Requested by Host: news.gnezdo.ru URL: https://news.gnezdo.ru/gnezdo_news_tracker_new.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS unspecified.mtw.ru Software nginx/1.10.3 / Resource Hash 192c9c26753a3f2b6d4fb5a5114c5bee9453c97487039a5a99eaa62d0fc546c5 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Mon, 27 Mar 2023 23:41:31 GMT Content-Encoding gzip Last-Modified Thu, 16 Mar 2023 06:44:06 GMT Server nginx/1.10.3 ETag "afae-5f6fec97cdbd3-gzip" Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 17845
GET H2	200	advert.gif mc.yandex.ru/metrika/	43 B 187 B	181ms 55ms	Image image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.ru/metrika/advert.gif Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT strict-transport-security max-age=31536000 last-modified Mon, 27 Mar 2023 12:21:40 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "64216024-2b" content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Tue, 28 Mar 2023 00:41:31 GMT
GET H2	200	1610823_87cfb2c491.jpg zn2.gnezdo.news/img/300x300/823/	17 KB 18 KB	171ms 83ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/300x300/823/1610823_87cfb2c491.jpg Requested by Host: zn2.gnezdo.news URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash 6ee44e14db8435a87d898b79892a244614629fdb4f33c4b0057b32d794919317 Request headers Referer https://news.2xclick.ru/ Origin https://news.2xclick.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Fri, 24 Mar 2023 15:30:39 GMT server nginx/1.22.1 etag "641dc21f-4550" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 17744 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1416647_c728adbfd7.jpg zn2.gnezdo.news/img/280x217/647/	14 KB 14 KB	215ms 128ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/280x217/647/1416647_c728adbfd7.jpg Requested by Host: zn2.gnezdo.news URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash 45a1d84a627b77f30b4ad0fd2354e02a8f877a69d297fc9a9b459c9e8dabded5 Request headers Referer https://news.2xclick.ru/ Origin https://news.2xclick.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Fri, 14 Oct 2022 14:49:24 GMT server nginx/1.22.1 etag "634976f4-36cd" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 14029 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1611157_2c503e12d8.jpg zn2.gnezdo.news/img/280x217/157/	9 KB 9 KB	215ms 127ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/280x217/157/1611157_2c503e12d8.jpg Requested by Host: zn2.gnezdo.news URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash eb1f14879b0a0aceccbe252edeec0845d351237465991b5f7809b1953913bff6 Request headers Referer https://news.2xclick.ru/ Origin https://news.2xclick.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Sat, 25 Mar 2023 07:25:30 GMT server nginx/1.22.1 etag "641ea1ea-242c" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 9260 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1612208_c5eee1b336.jpg zn2.gnezdo.news/img/300x300/208/	15 KB 16 KB	216ms 129ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/300x300/208/1612208_c5eee1b336.jpg Requested by Host: zn2.gnezdo.news URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash b42e7c13e71bb112dd31d77e1047d189a1b28824f1a5e34e4d9eaf2cfaed4c2b Request headers Referer https://news.2xclick.ru/ Origin https://news.2xclick.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Sun, 26 Mar 2023 16:30:47 GMT server nginx/1.22.1 etag "64207337-3ce0" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 15584 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1459951_f98ad461f6.jpg zn2.gnezdo.news/img/280x217/951/	20 KB 20 KB	215ms 128ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/280x217/951/1459951_f98ad461f6.jpg Requested by Host: zn2.gnezdo.news URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash b27c88e59e3c34b7ecc8b0bca38a4c8daea60d855199772825cc70933b6e08b9 Request headers Referer https://news.2xclick.ru/ Origin https://news.2xclick.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Thu, 10 Nov 2022 19:45:50 GMT server nginx/1.22.1 etag "636d54ee-4e0c" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 19980 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1612028_a73180120a.jpg zn2.gnezdo.news/img/280x217/028/	9 KB 10 KB	214ms 128ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/280x217/028/1612028_a73180120a.jpg Requested by Host: zn2.gnezdo.news URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash 67d20392235a918312c8e6d82ad6721c01dce887d69a0ea52a2298cf25466ba1 Request headers Referer https://news.2xclick.ru/ Origin https://news.2xclick.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Sun, 26 Mar 2023 10:33:30 GMT server nginx/1.22.1 etag "64201f7a-2573" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 9587 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1601615_3a17b1f0ed.jpg zn2.gnezdo.news/img/280x217/615/	15 KB 16 KB	211ms 124ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/280x217/615/1601615_3a17b1f0ed.jpg Requested by Host: zn2.gnezdo.news URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash 224afd8221e317139f204ef7130daaa80431b34c528af69d611c59164ebf3277 Request headers Referer https://news.2xclick.ru/ Origin https://news.2xclick.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Wed, 15 Mar 2023 12:24:47 GMT server nginx/1.22.1 etag "6411b90f-3cd5" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 15573 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1555786_c5c44a045d.jpg zn2.gnezdo.news/img/280x217/786/	15 KB 16 KB	215ms 128ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/280x217/786/1555786_c5c44a045d.jpg Requested by Host: zn2.gnezdo.news URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash 8cf14336f076f6387afbbfdb7fadb701aa3cc10b33b9d0e94ed9eb2a4bfd4eb4 Request headers Referer https://news.2xclick.ru/ Origin https://news.2xclick.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Sun, 05 Feb 2023 08:55:21 GMT server nginx/1.22.1 etag "63df6ef9-3d49" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 15689 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1557481_a5964207be.jpg zn2.gnezdo.news/img/280x217/481/	11 KB 12 KB	172ms 86ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/280x217/481/1557481_a5964207be.jpg Requested by Host: zn2.gnezdo.news URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash b1116e24f4bd00cf32dc05e2515d3121ed8e5c9f0b64efe811795521bdee4046 Request headers Referer https://news.2xclick.ru/ Origin https://news.2xclick.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Mon, 06 Feb 2023 18:07:39 GMT server nginx/1.22.1 etag "63e141eb-2dd1" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 11729 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1609698_e7cc43c12b.jpg zn2.gnezdo.news/img/280x217/698/	13 KB 13 KB	215ms 129ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/280x217/698/1609698_e7cc43c12b.jpg Requested by Host: zn2.gnezdo.news URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash d3b98c5cab17cec4076fd8c8d91f8e85d000c9257ad00d3f2d40345644891e74 Request headers Referer https://news.2xclick.ru/ Origin https://news.2xclick.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Thu, 23 Mar 2023 15:18:14 GMT server nginx/1.22.1 etag "641c6db6-344a" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 13386 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1610490_008750cbfe.jpg zn2.gnezdo.news/img/300x300/490/	22 KB 22 KB	213ms 127ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/300x300/490/1610490_008750cbfe.jpg Requested by Host: zn2.gnezdo.news URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash 39f6a70bff4ad354a986d4979492c3eaf2847b42811a524801e1b312bf62fdd2 Request headers Referer https://news.2xclick.ru/ Origin https://news.2xclick.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Fri, 24 Mar 2023 08:55:40 GMT server nginx/1.22.1 etag "641d658c-582a" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 22570 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1225231_cdc9e3ef11.jpg zn2.gnezdo.news/img/280x217/231/	15 KB 16 KB	211ms 125ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/280x217/231/1225231_cdc9e3ef11.jpg Requested by Host: zn2.gnezdo.news URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash ad076dbee5c759d0d08c259e427eca036bbe2e8415ec75f2fb0215edc8928543 Request headers Referer https://news.2xclick.ru/ Origin https://news.2xclick.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Mon, 15 Nov 2021 05:53:00 GMT server nginx/1.22.1 etag "6191f5bc-3de4" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 15844 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1556779_03567f674f.jpg zn2.gnezdo.news/img/280x217/779/	11 KB 12 KB	212ms 126ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/280x217/779/1556779_03567f674f.jpg Requested by Host: zn2.gnezdo.news URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash 2d1b0501a156631e0075ff169a79cb04942f4276d3e96304731a2ffa6f318098 Request headers Referer https://news.2xclick.ru/ Origin https://news.2xclick.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Mon, 06 Feb 2023 10:31:21 GMT server nginx/1.22.1 etag "63e0d6f9-2c91" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 11409 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1303028_7801e70a35.jpg zn2.gnezdo.news/img/300x300/028/	14 KB 14 KB	212ms 127ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/300x300/028/1303028_7801e70a35.jpg Requested by Host: zn2.gnezdo.news URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash f17077885b54deb51a425e2dbfff21ba6edb459244142653b10791d96e9b760e Request headers Referer https://news.2xclick.ru/ Origin https://news.2xclick.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Tue, 14 Jun 2022 08:06:08 GMT server nginx/1.22.1 etag "62a84170-36e0" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 14048 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1541954_dc8e5d68b7.jpg zn2.gnezdo.news/img/280x217/954/	9 KB 10 KB	214ms 129ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/280x217/954/1541954_dc8e5d68b7.jpg Requested by Host: zn2.gnezdo.news URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash 8f4b52cc452900e0708b63b665512310b2a057de69ed34ba143306da08a81c6a Request headers Referer https://news.2xclick.ru/ Origin https://news.2xclick.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Tue, 24 Jan 2023 13:31:29 GMT server nginx/1.22.1 etag "63cfddb1-25a4" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 9636 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1566862_4e52560193.jpg zn2.gnezdo.news/img/280x217/862/	10 KB 10 KB	214ms 129ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/280x217/862/1566862_4e52560193.jpg Requested by Host: zn2.gnezdo.news URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash 4d0af9ed5d7c7ce584a53209cd426f3860108439b92cad54d551ae7a6a3b9061 Request headers Referer https://news.2xclick.ru/ Origin https://news.2xclick.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Mon, 13 Feb 2023 10:40:17 GMT server nginx/1.22.1 etag "63ea1391-2679" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 9849 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	1280952_6cf4b44735.jpg zn2.gnezdo.news/img/280x217/952/	11 KB 12 KB	214ms 130ms	Image image/jpeg	93.95.99.151 MTW-AS
General Check archive.org Show headers Download Go to Show image Full URL https://zn2.gnezdo.news/img/280x217/952/1280952_6cf4b44735.jpg Requested by Host: zn2.gnezdo.news URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU), Reverse DNS mail3.itech-group.ru Software nginx/1.22.1 / Resource Hash be450e094e932689916b0c110039b96d637600afba33dd944f6de2e5785c9d52 Request headers Referer https://news.2xclick.ru/ Origin https://news.2xclick.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT last-modified Wed, 30 Mar 2022 08:43:19 GMT server nginx/1.22.1 etag "62441827-2cfa" content-type image/jpeg access-control-allow-origin * p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" cache-control max-age=315360000, public access-control-allow-credentials true accept-ranges bytes content-length 11514 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	sync.html Show response cstatic.weborama.fr/iframe/ Frame 5FB0	336 B 312 B	13ms 12ms	Document text/html	93.184.221.133 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=news.2xclick.ru&site=485736 Requested by Host: cstatic.weborama.fr URL: https://cstatic.weborama.fr/js/products.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ama/48D7) / Resource Hash 3e1dac2792ab6c6adeef95c5e0d28ad832c837d58922fa4ceafa0ed3bd0f96a7 Request headers Referer https://news.2xclick.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * age 338216 cache-control max-age=604800 content-encoding gzip content-length 207 content-type text/html date Mon, 27 Mar 2023 23:41:31 GMT etag "282943589+gzip" expires Mon, 03 Apr 2023 23:41:31 GMT last-modified Mon, 20 Sep 2021 08:52:49 GMT p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" server ECAcc (ama/48D7) vary Accept-Encoding x-cache HIT
GET H2	200	topics.js Show response cstatic.weborama.fr/js/topics/	1 KB 750 B	17ms 15ms	Script text/javascript	93.184.221.133 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://cstatic.weborama.fr/js/topics/topics.js Requested by Host: cstatic.weborama.fr URL: https://cstatic.weborama.fr/js/products.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ama/48CA) / Resource Hash 4ee099a8429bb7dba583809f55cb18ca9ff7678b7f85305bc4218873ce9e9395 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT content-encoding gzip last-modified Mon, 28 Nov 2022 10:03:29 GMT server ECAcc (ama/48CA) age 331953 etag "2165201887+gzip" vary Accept-Encoding x-cache HIT content-type text/javascript access-control-allow-origin * p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" cache-control max-age=604800 content-length 652 expires Mon, 03 Apr 2023 23:41:31 GMT
GET H/1.1	200 OK	comptage_wreport.fcgi gnezdoruanalytics.solution.weborama.fr/fcgi-bin/ Redirect Chain https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1679960491&ta=1600x1200&co=24&ref= https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1679960491&ta=1600x1200&co=24&ref=&BOUNCE=OK	67 B 721 B	26ms 26ms	Image image/gif	91.216.195.18 WEBORAMA Weborama...
General Check archive.org Show headers Download Go to Show image Full URL https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1679960491&ta=1600x1200&co=24&ref=&BOUNCE=OK Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol HTTP/1.1 Server 91.216.195.18 , France, ASN12516 (WEBORAMA Weborama provides Internet Services, FR), Reverse DNS std-collect-lb-c03-01-vip.weborama.fr Software Apache / Resource Hash 09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" pragma no-cache date Mon, 27 Mar 2023 23:41:31 GMT cache-control no-cache server Apache transfer-encoding chunked content-type image/gif Redirect headers location https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1679960491&ta=1600x1200&co=24&ref=&BOUNCE=OK date Mon, 27 Mar 2023 23:41:31 GMT p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" server Apache content-length 399 content-type text/html; charset=iso-8859-1
GET H3	204	collect dx.frontend.weborama.com/ Redirect Chain https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A%2F%2Fnews.2xclick.ru%2F https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A%2F%2Fnews.2xclick.ru%2F&bounce=1&random=3576130400 https://rd.frontend.weborama.fr/rd?key=wamsync https://rd.frontend.weborama.fr/rd?key=wamsync&bounce=1&random=1701805512 https://dx.frontend.weborama.com/collect?dsp_id=0&eid=ULtwIXoHPD9Q	0 17 B	16ms 15ms	Image text/plain	34.111.205.194 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://dx.frontend.weborama.com/collect?dsp_id=0&eid=ULtwIXoHPD9Q Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H3 Server 34.111.205.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 194.205.111.34.bc.googleusercontent.com Software Weborama Collect Frontend / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 23:41:31 GMT via 1.1 google last-modified Mon, 27 Mar 2023 23:41:31 GMT server Weborama Collect Frontend vary Origin p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 03 Jul 2001 06:00:00 GMT Redirect headers pragma no-cache date Mon, 27 Mar 2023 23:41:31 GMT via 1.1 google last-modified Mon, 27 Mar 2023 23:41:31 GMT server Weborama Collect Frontend vary Origin p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" location https://dx.frontend.weborama.com/collect?dsp_id=0&eid=ULtwIXoHPD9Q access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Tue, 03 Jul 2001 06:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	49ms 19ms	Image image/gif	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-5044672-6&cid=1807837546.1679960491&jid=94284536&_u=IEBAAEAAAAAAACAAI~&z=1445319830 Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 23:41:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	59ms 23ms	Image image/gif	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-5044672-6&cid=1807837546.1679960491&jid=94284536&_u=IEBAAEAAAAAAACAAI~&z=1445319830 Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 23:41:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	external_libs.v2.js Show response cstatic.weborama.fr/iframe/ Frame 5FB0	8 KB 3 KB	14ms 14ms	Script text/javascript	93.184.221.133 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://cstatic.weborama.fr/iframe/external_libs.v2.js Requested by Host: cstatic.weborama.fr URL: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=news.2xclick.ru&site=485736 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ama/48F3) / Resource Hash 724d685239669ac4db6763d8fc4ff79d629067941a7bc5b738ef8a46f3970df1 Request headers accept-language de-DE,de;q=0.9 Referer https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=news.2xclick.ru&site=485736 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:31 GMT content-encoding gzip last-modified Tue, 24 Jan 2023 09:15:53 GMT server ECAcc (ama/48F3) age 567442 etag "892405118+gzip" vary Accept-Encoding x-cache HIT content-type text/javascript access-control-allow-origin * p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" cache-control max-age=604800 content-length 3050 expires Mon, 03 Apr 2023 23:41:31 GMT
GET H2	200	sync_cookie_image_decide mc.webvisor.org/ Redirect Chain https://mc.webvisor.org/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9955.IPXoDv_ryFvYcwZEKEOu49drxR1eq8OnmWlbyEh2elW3IgNzTVVzDAjYvhVQt4Qd.OP8e5I-kGcPyMaFo4rdXUMGhp2A%2C https://mc.webvisor.org/sync_cookie_image_decide?token=9955.yNrvzct15gz6-djMVCvY2-2f3-_FAS_WHLGRnVsJb6K3JbqYro4nqfrlrK8B6zhWwyZqQnd3mLgV6GzoKvEU-6YGmi7A1XR3h_JtgGyOZagXLNKKBprrPeMhOnMy_Ljmh_irh-2rv...	43 B 509 B	61ms 61ms	Image image/gif	154.47.36.186 COGENT-174
General Check archive.org Show headers Download Go to Show image Full URL https://mc.webvisor.org/sync_cookie_image_decide?token=9955.yNrvzct15gz6-djMVCvY2-2f3-_FAS_WHLGRnVsJb6K3JbqYro4nqfrlrK8B6zhWwyZqQnd3mLgV6GzoKvEU-6YGmi7A1XR3h_JtgGyOZagXLNKKBprrPeMhOnMy_Ljmh_irh-2rvrQCpS5S25cdzbdXkgNHzFjQJY5NZJo6QIBnKWihpJJy6rOddj0-6n6eMIsThFwwdL-MU97AOR54SMPT_jGrN4IQheWPpSmltBU%2C.m8erV7QUt0MJ1D2ywWjecJZnUmY%2C Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Server 154.47.36.186 , United States, ASN174 (COGENT-174, US), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:32 GMT strict-transport-security max-age=31536000 content-length 43 x-xss-protection 1; mode=block content-type image/gif Redirect headers location https://mc.webvisor.org/sync_cookie_image_decide?token=9955.yNrvzct15gz6-djMVCvY2-2f3-_FAS_WHLGRnVsJb6K3JbqYro4nqfrlrK8B6zhWwyZqQnd3mLgV6GzoKvEU-6YGmi7A1XR3h_JtgGyOZagXLNKKBprrPeMhOnMy_Ljmh_irh-2rvrQCpS5S25cdzbdXkgNHzFjQJY5NZJo6QIBnKWihpJJy6rOddj0-6n6eMIsThFwwdL-MU97AOR54SMPT_jGrN4IQheWPpSmltBU%2C.m8erV7QUt0MJ1D2ywWjecJZnUmY%2C date Mon, 27 Mar 2023 23:41:32 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	1c0942547d39e10f5f56.js Show response yastatic.net/partner-code-bundles/745582/	14 KB 5 KB	230ms 104ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/745582/1c0942547d39e10f5f56.js Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 17862667bcbeba805d5d98d7e44b91b98cc2b9491e29991289200d5246927630 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://news.2xclick.ru/ Origin https://news.2xclick.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:32 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 4802 last-modified Fri, 24 Mar 2023 16:14:20 GMT server nginx/1.17.9 etag "ae497ea157b16b6376b4129c930ca1fb" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Thu, 27 Mar 2053 06:13:52 GMT
GET H2	200	0c4a9eb67549ca2ce918.js Show response yastatic.net/partner-code-bundles/745582/	113 KB 24 KB	257ms 133ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/745582/0c4a9eb67549ca2ce918.js Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 7384ce7c802566dbfbcca6750a36eac5b8a64b551d26cf1bf19488fa2d125421 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://news.2xclick.ru/ Origin https://news.2xclick.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:32 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 24438 last-modified Fri, 24 Mar 2023 16:14:20 GMT server nginx/1.17.9 etag "bb1a82c1acd8b438a51bcf6f1af6fa38" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Thu, 27 Mar 2053 06:13:52 GMT
GET H2	200	host.js Show response yastatic.net/safeframe-bundles/0.83/	33 KB 9 KB	270ms 147ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/safeframe-bundles/0.83/host.js Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://news.2xclick.ru/ Origin https://news.2xclick.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:32 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 8878 last-modified Wed, 03 Nov 2021 13:42:58 GMT server nginx/1.17.9 etag "f80882bf67cf261aa08d636da095149a" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Thu, 27 Mar 2053 06:17:15 GMT
GET H2	200	text-variable-full.woff2 yastatic.net/s3/home/fonts/ys/3/	25 KB 26 KB	193ms 84ms	Font font/woff2	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2 Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://news.2xclick.ru/ Origin https://news.2xclick.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:32 GMT strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 26004 x-amz-meta-owner {"role":"admin","login":"4eb0da"} last-modified Mon, 25 Apr 2022 14:02:39 GMT server nginx/1.17.9 etag "7f0cdaf91230f9789ca4162aedff612e" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31556952 x-nginx-request-id e912a8a2de553d3a accept-ranges bytes timing-allow-origin * expires Wed, 27 Mar 2024 05:26:29 GMT
GET H2	404	320977 Show response an.yandex.ru/meta/	29 B 421 B	79ms 79ms	XHR text/html	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/meta/320977?target-ref=https%3A%2F%2Fnews.2xclick.ru%2F&charset=utf-8&pcode-test-ids=657518%2C0%2C96%3B731913%2C0%2C80%3B741891%2C0%2C34%3B740570%2C0%2C31%3B739454%2C0%2C13%3B725915%2C0%2C16%3B735207%2C0%2C90%3B734893%2C0%2C29%3B739996%2C0%2C58%3B745215%2C0%2C92%3B739901%2C0%2C21&pcode-flags-map=eJydWF1T2zgU%2FSs72ddO15%2ByzZtsy4kmjuWVZNK009FkSwrZAbpDocvS4b%2FvleSAnYDS9gljOEdX95775e%2BTUyyUmLGlwqWqcU5qVTGuaKNy3DSET04%2BfJ98W1%2FebSYnE8k7Mnkzud18vaVn8DtCYRglk8ePb55pWs7KrpBCsUa1uBPEyZD4WRRaBtLgvCaKFGzxTFJTIbUxp7QkTD%2FAX3OmMF%2BMaDf3%2F%2ByxxmFsWEsqDG3BukYqTkrKSaEpcdu6LQu8KAqe7gYXUYuulpSzuga2RuoHwtUSy2JGSiXpgihWVYJIN28YeMmzz%2FJOSqavVbOxr38Pk89jHMpiZHBtwUoyQpqYjX30o2QmcNL46JRwQVkzQiZR5KfxCBuh0I8MtmtozXBJ7Pl4MfLo7c3dZgCLgjTMPAsDXwphRLaH2Q%2FkAATyFIQ0iuWC8NM9YW6u139dbkbIEAWZdXNF36kFnDUjdDqTqpHuI6M4zHwDXOGmJO8U71TJFpg2LljsJUGIns7LOZuDsXCWmnJaOpF%2BEqfoxQMVqFdymjvhge8hG473pAlU1YE%2Bl7SUM0UXeEqc2MiPUu8Zu0uWnHEdVI5L2onffpBhhbXd1mCF6yVeCTcyTHo%2Fl1ULmSla1oAwdB6xbpxDged5Y2zkhdEgFwoNbaT7vBhoeilVDLxMtHZ35ynyzikLODJJgkM4rXThXOokAnX%2BCsPOgFNcd6Nohd7L6Jpg3qgF45CxmFO8d%2B9gdGjseb2XW04Zp3Kl8hWUCrJsGXc7DCWoz72dLvriWQjuBGZ%2Bkg4USYUqMOdMKlwUECXhqBJxFsa%2BP8IaFQuQtJxpN7W4LGkzdZNEcWQtN2UfpCxXLVGh2%2BooTeJBeBa8AD8JmtMavOY%2BLkvQq0jdCIuaFvMjp%2B84TJexzVdBga0oNBeqL1Hhwp3NWRr0ncXa0ZPYviCZFmpb41WOi%2Fmgg7kokRdEYTAKx4yYgg%2BdlAg6dSoe%2BXGAbBwasgRIBVk%2BUzWb0sKNS8O%2BpIGZFeULrVlOml2naTnJ3UUVQVUM%2FJF4oetwUBJMAdCvwQO6UIqC654ihDP3kZ%2F5UTQim1FpLBmQgD%2FmkrmJwiQIwuG0szfXlKTCEH54UdGGSgJqL%2BYwVjkTFUWxh9DIPLHAXKo%2FO9IRTX7sfjFCKH6aBuSMwxy3ZxmBBOZayrSBQkWhGddHrEr8pJdOgaElsaYPIK50QtKKYxiYzPjgjmSSZih7mhsqToGmXimL1yNE677cGJ%2FPlaDvnXmEUBb24R4gxLEZ6%2BDcLPKSJxYo2qVmcM6tCKUR8vdPVguYWrH7rCDwrK8HgtSDxw%2BpMkWRH%2B7SDfo3TN5wVRCNglnVDhSmgNnZ4HAtOOBL0vDwFnLqvgOEKfWHuaFrhi0yL7je9INjewDKAtRPJzYjxJy2SnJTAI%2BVZJTBamLBe0dXNdPjbqmsoUdI0j4LXiMx4hpxfN7eq6v1vbrYbM8vbl%2BhMxuMmpMc5womTuc65EFrG6WizeblDFQyEEwDLdoU3GkH5V0vGFB0C0JP3Rma%2BF7Ud07Ola30soMRxWa6cbQpKt10dmQZBCabqjV%2BvzLFQZkBbwj7Pvm8uf10sVjfnG%2BvJyd%2BDGPS1Ze%2Ftpcb8Wl9ub0%2Bn5wEjyPWGPriQAS2LMK8p%2FJaK0HvmMMDPkyu1tvLtzd3YNt%2F6%2BuzzT08%2F7G9Wp9vvo5ena%2BvzJuzh821%2Fff1t%2B3tF%2Ft49Xbwy9n1tn%2BrmZ8Y4MXN%2BuHyy8NF%2F%2BeHG%2Fvz7mb99nrz79eDf%2Fh7%2FeVqa6AfX77iMOOeQ%2BsOH9rpfATW%2BsRHAg9If7%2Fs4A5GjaJme5s%2FrMbj9Ro2NCuaBkuQGFQ5Pu1rnZJ46lweoLMEg0JZEZArJ7iQsL4eAcahFxzOSLRpYTbQQ9JPTkiwSYcofZVwUMqg9rjj8Mz0M59CKsbkMRNhfgmf2ntPLqAUQFuic3jsYKFeDeqtO0sjP%2B1XiiHdr3IMW44Z9a38dtvKiObT7eWYxYsT74BFTy8vjqf78FDvCQYup0zvKAzEVOvhCYok0EGBhU3D6doAlh2rYgFDETFfwCA0LRNHgwLraF%2BVoNHabxpKkgXoTxK32VGahc%2FL7%2F63kAQWXX%2Fvi4158%2Fjx8X84PtyP&pcode-icookie=bCEUo6bQZ%2FukL7rUrL23cJhpiDU5gSP5HJADHZUHWO19jo4LHuD%2BQS15F%2Bi2hs6tD6BZ5s6MMLLreoKtnTKCPf6BY8w%3D&duid=MTY3OTk2MDQ5MjU2MjMzMTk0Ng%3D%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=60473139527682&ad-session-id=6319751679960491899&target-id=61536434&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fnews.2xclick.ru&top-ancestor-undetermined=0&pcode-version=745582&pcodever=745582&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A801%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A1839%2C%22top%22%3A1091%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=2820&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxOH0KEqYkkeQo6oIwqGMF1vrbLk6c-9-n-fYvxf6t67dvG2bN2Onuofuhncewa5emsdu0USI7uW0lbqwL0v-6dh13PDTQYwy4IpQSzOvWLlx9vuGl5--5G2ZmTAglKErwFMg0PigGNbVKDjmKBC2BmPATtAy5mVKh1ZnMlL7RYDIr9Aqdb2LDaLYWvdlaSKjUBkQms0EPakaqMyqVgEV9Gl-FmpkSqVqj8DWKpjM6tDo1EnWDsBqZ4dP6GjlKjHDqNahNOcGJpImbcAa90ZRgJUmUJUnCS9xI1gCwciTPiddg-clz4AUmiZIguaNriBpqsqZ2I0HiO3DDaXq8RiKJ5Ec2wgqZtStlQjH6y0qnUuoNPpUxnDCZlRRGjSlB7y6cKH2nJoIXiZMod29e0_C6F7HZOhjRNW-UgkbjI1bS6PTKJfFkehHkJMn9uQnMTVJXYcl9TZIEea2lkSTCbzjJIlFOnD_uPgON16eEeRnF61SLGiw3CZy0A1-kk3e-SJd5nkO2uOF0m6Zryo24wXdDbvf-586IJSPvtoNYnLzksga36-c2nSjhnFxeN3tmHkVRJOzbXiTNCbsR8A468fq1MEDKf_35gJylr_skvL6H5ZAAsIZP2GRIXnjVz40I1r3Lov1rzmpqCJ1EeA05_x3DyYZB_LznhDvHFjpkQHuzQFbXIE2CpVT8kr1l76QTOHGff7rzTe7eeQ82t1-yfQ5mUTSE7VqH-oR4kWS0Eto9a5CiDqg0J2CX2yHt-EfiTol7cMKjq343ErXb8Pq9xGkO1Gt7XNxI-KpD7_3nH-of24WEZcmVH-Et_TGMZLSB9vEQHpxDELC7Wcnr5ydT0PB1kg6Xd99vN39qmexvBXeKBlD2zEClYMC3cXRqpE1WO_ZjKmpnF82V8y0pPIO6uekw2qAxAKBEYXL0ZGtTFCYzRbkxb17uvVh3Z_pjR6n_9vk22zfpovCeckmnIARauPDc18WdAUKIzFYKdrVQqVFr1GtoGClzhR4UX5UNajmVzseAWHHaMjRMd-ZGhOUd5YGcedi0XH32goPwHoLbOB-i3PmfHaKrUymnYmrMvdoiu8G-mSwSLfXeIbGUgsJ6WycK10RzLZwlm9_d8hTXVBa6hhRGlUJzEQ-2SqlDNInNIJ1LNIN8X1XgONkWzI3IS_RT5wS7wyhraw9IShvOTgWzIMg6nb_7GtppEA46LuDs0gxcH0DwjAG8XwWVjNn4uUffmJqa2v4D-AoFhdJitarkSqXe2K6u8xH7PmidcSv9CYc9NSqehS2Gsvk_Tp51Cu7YrXivuR_oVYASFUoUlhnG4np_wbXLPv7UPc4j8DjlSVDx-k3TXAkIb7vk3QQ3cW0OgKHWGjXg6xVoBsDO0KGzaDS2Op36FZXdC_sJt0u-fGtdGxGWAC1RfmlMUiGzuwETk-Qc4ZWCusI5wdiOWT7d3AhyqfJVLrqkxA5imWCWDm8KGrdW-TSfZ59ciBEZ6bRw_D-4SJK0pud97U9EC3Ye547PCbKDfx-YS7vOR69We5sM2pmG801-kYDDmvwmkmBf3EnhkgLT4F2vjbeDozfIlfRfgj7VirAlIp8tdFgHew7rvydxhgTV1Kdo8xyvnegq7g4815GU_rzkQ_PHXH9K8a5Y-rdMnRM-SbvTl9nDTh4JbF4gU6vUBqSUPp0RAW5iwdsCwvv2bkkL35E2W_bzDbKSM1Nv36CkJagwY_fo2vyY2KhZNv9gJsK9FKtxWiPcs_kCpho0lRwJtQJUet3Dq83LrCAtGVLkeXLl3iaefXXObx-_xJlfjIZtW1h2f2B8DT9tU9qXix8tJ7Pt9KGRFTHc4t9L2wHRrgEJcpowKHg9Gto9YOzmtW2C0XfdmaWEtuTLzeKzBAHNHYs213qqZNr9AXoT4FGbwwhqhDgirVVFsfibD29oc4oO_RlBuqU5igr7ZXx4z2iyM09mnOO_vx1ExQXePtoFJQ6bav8JINPtxMvmxxJUmknGxhFGMptDECADshITmLBluYEJDWWzroYwztlS0VI13h5IJge9crpbXWu_CB9tewFhFtSMZ3s3SclJTpAM33CdH-FSdaukKTXmjTEuXRFYZzF7TGx92ue3vYp08JZk8ajPztPv4HAx1YqTWi-Pl-PMuD1MCnFxZR0XosACOtkVjXEkZSh9WLMLK9zBKp0oYETUea3pLxsHT0BPfTff0_Xfjro2d4OFR3_uz6bOkWq2Y4-VDiclNyrHFMYft_d2aZGw9pCsxqy7pWSj7fFZCKjp7jjXY1BhCzvd5gGgfa1W7wNZ64ZZRz-S4baLSM9hduSxxj_SjP8an3sJi0Ub-Lg5T2HK16bCZeORkwBokp9Xiq4GkJuZ2fdj93-kyQ4G-LBUR0phbZ8G9tSpdJpbNttoiGyTCqGSUq6i8hHp9HSqL4Aeo_g5p2Vj8zLGKcaImx6JLHfYDZx7eO3Y75oPVhEDhpE1sYBg3eA85xrT5pwBkKBh1WArfCpfR-eJwjkdRp9sA4no8_MLt0ZRVV2Tt3RAu7v01hZJ7Q6yMOSBVPJxZoS1DQPBkThMs4KlJmrAgmXFDmYoYtkHAIOEzhPQFgjyNS-Wb1Y-hmEluwHLUVA4svN-7HG0jkoorE54mBjJaODj40_VywozufAzJ94jURlfk1LMfpVtEwWwlEq5Susb9Og3PMaMmxCrVYYMBQ0FDQUNAIMO5jAgt7VaQCEGA1ydHjxUoOtB1wESUgdYbABSZNYCNtM64CYB_A%3D%3D&uniformat=true&callback=Ya%5B9819145317518%5D Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash fddb6fcfd2c86ef930d5427c3e664c6243d0fe3e9fda457e47a8bc5a852e0fc9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://news.2xclick.ru/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Mon, 27 Mar 2023 23:41:31 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 27 Mar 2023 23:41:31 GMT x-yandex-req-id 1679960491940449-822337157375411823400103-production-app-host-sas-pcode-261 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" access-control-allow-origin https://news.2xclick.ru content-type text/html; charset=windows-1251 cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * x-xss-protection 1; mode=block expires Mon, 27 Mar 2023 23:41:31 GMT
GET H2	200	07cea2bf8567304efc16.js Show response yastatic.net/partner-code-bundles/745582/	23 KB 8 KB	186ms 115ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/745582/07cea2bf8567304efc16.js Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 77f93e4b7a60a35461ad681631b6dc1e8e34cb6e33c6e4506c6eb0b202e81a19 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://news.2xclick.ru/ Origin https://news.2xclick.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:32 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 7926 last-modified Fri, 24 Mar 2023 16:14:20 GMT server nginx/1.17.9 etag "0257818ec14160bf4c2ed0e68d33113d" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Thu, 27 Mar 2053 06:13:52 GMT
GET H2	200	2ec9a88e40a26b53acde.js Show response yastatic.net/partner-code-bundles/745582/	7 KB 3 KB	177ms 107ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/745582/2ec9a88e40a26b53acde.js Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 47c9ddd730e8fe71310dc949857ba99dbfe2de3f08d09f90d46cb8976c5615b9 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://news.2xclick.ru/ Origin https://news.2xclick.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:32 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 2065 last-modified Fri, 24 Mar 2023 16:14:20 GMT server nginx/1.17.9 etag "8fa229cb40b18ef539d1c7ede31ed7df" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Thu, 27 Mar 2053 06:13:52 GMT
GET H2	200	246d615ab52f08f259db.js Show response yastatic.net/partner-code-bundles/745582/	585 KB 112 KB	139ms 138ms	Script text/javascript	2a02:6b8:20::215 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/745582/246d615ab52f08f259db.js Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 331c04ee0215c8ed13aff99a79fe175c8a16787404e4fd1042cf8f940636f954 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://news.2xclick.ru/ Origin https://news.2xclick.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:32 GMT content-encoding br strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 114316 last-modified Fri, 24 Mar 2023 16:14:20 GMT server nginx/1.17.9 etag "16f2dfdcbfccaa3b732ab5a6a044de3b" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * x-robots-tag noindex, noarchive, nofollow expires Thu, 27 Mar 2053 06:13:52 GMT
POST H2	200	1 Show response mc.yandex.ru/watch/11859022/	43 B 74 B	56ms 56ms	XHR image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/11859022/1?page-url=https%3A%2F%2Fnews.2xclick.ru%2F&charset=utf-8&ut=noindex&hittoken=1679960491_9c10581375a5494fb101710245552ad0192472ccf4bd031befe509227be51cd8&browser-info=pa%3A1%3Aar%3A1%3Avf%3A41za72whyvnyouc9ib8bz3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A990%3Acn%3A1%3Adp%3A1%3Als%3A306104834866%3Ahid%3A679660081%3Az%3A0%3Ai%3A20230327234131%3Aet%3A1679960492%3Ac%3A1%3Arn%3A416096453%3Arqn%3A2%3Au%3A1679960492562331946%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A%2C%2C%2C%2C%2C%2C%2C544%2C8%2C%2C%2C%2C893%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1679960490647%3Aadb%3A2%3Ast%3A1679960492&t=gdpr(14)clc(0-0-0)rqnt(2)aw(1)ti(2) Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://news.2xclick.ru/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Mon, 27 Mar 2023 23:41:31 GMT strict-transport-security max-age=31536000 last-modified Mon, 27-Mar-2023 23:41:31 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type image/gif access-control-allow-origin https://news.2xclick.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Mon, 27-Mar-2023 23:41:31 GMT
GET H2	200	sync Show response ds.frontend.weborama.fr/ Frame 5FB0	1 KB 1 KB	57ms 15ms	Script application/javascript	34.149.247.216 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ds.frontend.weborama.fr/sync?key=all&src=products.js&site=485736&v=20230118&callback=Utils.handleDataSync&ref=news.2xclick.ru Requested by Host: cstatic.weborama.fr URL: https://cstatic.weborama.fr/iframe/external_libs.v2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.247.216 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 216.247.149.34.bc.googleusercontent.com Software Weborama Collect Frontend / Resource Hash 8ffd74ace57c0b4ecdeb408276b244f1dfebb51038444dec94ad2cad007bfca6 Request headers accept-language de-DE,de;q=0.9 Referer https://cstatic.weborama.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 23:41:31 GMT via 1.1 google last-modified Mon, 27 Mar 2023 23:41:32 GMT server Weborama Collect Frontend vary Origin p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" access-control-allow-origin * content-type application/javascript; charset=utf-8 cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1062 expires Tue, 03 Jul 2001 06:00:00 GMT
GET H2	200	prx Show response bsd.frontend.weborama.fr/ Frame 5FB0	25 B 359 B	63ms 23ms	Script application/javascript	34.107.182.139 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://bsd.frontend.weborama.fr/prx?callback=Utils.handleDataSync Requested by Host: cstatic.weborama.fr URL: https://cstatic.weborama.fr/iframe/external_libs.v2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.182.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 139.182.107.34.bc.googleusercontent.com Software Weborama Collect Frontend / Resource Hash d05d4d69100284cb991eb0227b0859cc2942030d0ba419eee2e4aa55293b96db Request headers accept-language de-DE,de;q=0.9 Referer https://cstatic.weborama.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 23:41:31 GMT via 1.1 google last-modified Mon, 27 Mar 2023 23:41:32 GMT server Weborama Collect Frontend vary Origin p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" access-control-allow-origin * content-type application/javascript; charset=utf-8 cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25 expires Tue, 03 Jul 2001 06:00:00 GMT
GET H2	204	ids idsync.frontend.weborama.fr/ Frame 5FB0 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm=&google_tc= https://wam-google.solution.weborama.fr/pixel?google_gid=CAESELSyHzyTdPeEIjf6rlqJRFc&google_cver=1 https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESELSyHzyTdPeEIjf6rlqJRFc&google_gid=CAESELSyHzyTdPeEIjf6rlqJRFc&google_cver=1	0 45 B	15ms 15ms	Image text/plain	34.111.131.239 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESELSyHzyTdPeEIjf6rlqJRFc&google_gid=CAESELSyHzyTdPeEIjf6rlqJRFc&google_cver=1 Protocol H2 Server 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 239.131.111.34.bc.googleusercontent.com Software Weborama Collect Frontend / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cstatic.weborama.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 23:41:31 GMT via 1.1 google last-modified Mon, 27 Mar 2023 23:41:32 GMT server Weborama Collect Frontend vary Origin p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 03 Jul 2001 06:00:00 GMT Redirect headers location https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESELSyHzyTdPeEIjf6rlqJRFc&google_gid=CAESELSyHzyTdPeEIjf6rlqJRFc&google_cver=1 date Mon, 27 Mar 2023 23:41:32 GMT server Apache content-length 354 content-type text/html; charset=iso-8859-1
GET H2	204	ids idsync.frontend.weborama.fr/ Frame 5FB0 Redirect Chain https://secure.adnxs.com/getuid?https://idsync.frontend.weborama.fr/ids?key=appnexus&value=$UID https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dappnexus%26value%3D%24UID https://idsync.frontend.weborama.fr/ids?key=appnexus&value=2004000819851269799	0 284 B	65ms 14ms	Image text/plain	34.111.131.239 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.frontend.weborama.fr/ids?key=appnexus&value=2004000819851269799 Protocol H2 Server 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 239.131.111.34.bc.googleusercontent.com Software Weborama Collect Frontend / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cstatic.weborama.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 23:41:31 GMT via 1.1 google last-modified Mon, 27 Mar 2023 23:41:32 GMT server Weborama Collect Frontend vary Origin p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 03 Jul 2001 06:00:00 GMT Redirect headers Date Mon, 27 Mar 2023 23:41:32 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 146.70.117.102; 146.70.117.102; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid c0eab10a-d0a2-4f35-b86e-adec14d017dc Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://idsync.frontend.weborama.fr/ids?key=appnexus&value=2004000819851269799 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	204	ids idsync.frontend.weborama.fr/ Frame 5FB0 Redirect Chain https://gum.criteo.com/sync?c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40 https://gum.criteo.com/sync?s=1&c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40 https://idsync.frontend.weborama.fr/ids?key=criteov2&value=OQhcv3J-1PiLxntO4RNtb2LfW6CX_LXt	0 45 B	40ms 16ms	Image text/plain	34.111.131.239 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.frontend.weborama.fr/ids?key=criteov2&value=OQhcv3J-1PiLxntO4RNtb2LfW6CX_LXt Protocol H2 Server 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 239.131.111.34.bc.googleusercontent.com Software Weborama Collect Frontend / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cstatic.weborama.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 23:41:32 GMT via 1.1 google last-modified Mon, 27 Mar 2023 23:41:32 GMT server Weborama Collect Frontend vary Origin p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 03 Jul 2001 06:00:00 GMT Redirect headers location https://idsync.frontend.weborama.fr/ids?key=criteov2&value=OQhcv3J-1PiLxntO4RNtb2LfW6CX_LXt date Mon, 27 Mar 2023 23:41:31 GMT cache-control private, max-age=0, no-cache, no-store, must-revalidate strict-transport-security max-age=31536000; preload; server Kestrel server-processing-duration-in-ticks 1014500 content-length 0
GET H2	451	401736.gif idsync.rlcdn.com/ Frame 5FB0	0 98 B	41ms 15ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/401736.gif?partner_uid=OheYfYhrVahKgXB3LsAc/O Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cstatic.weborama.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:32 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	collect dx.frontend.weborama.com/ Frame 5FB0	0 17 B	15ms 15ms	Image text/plain	34.111.205.194 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://dx.frontend.weborama.com/collect?dsp_id=0&eid=ULtwIXoHPD9Q Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.205.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 194.205.111.34.bc.googleusercontent.com Software Weborama Collect Frontend / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cstatic.weborama.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 23:41:31 GMT via 1.1 google last-modified Mon, 27 Mar 2023 23:41:32 GMT server Weborama Collect Frontend vary Origin p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 03 Jul 2001 06:00:00 GMT
GET H2	200	check pixel.tapad.com/idsync/ex/receive/ Frame 5FB0 Redirect Chain https://pixel.tapad.com/idsync/ex/receive?partner_id=2964&partner_device_id=ULtwIXoHPD9Q https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=ULtwIXoHPD9Q	95 B 436 B	20ms 11ms	Image image/png	34.111.113.62 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=ULtwIXoHPD9Q Requested by Host: news.2xclick.ru URL: https://news.2xclick.ru/ Protocol H2 Server 34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 62.113.111.34.bc.googleusercontent.com Software / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://cstatic.weborama.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:32 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 content-type image/png access-control-allow-origin * p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95 Redirect headers date Mon, 27 Mar 2023 23:41:32 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" access-control-allow-origin * location https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=ULtwIXoHPD9Q alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H/1.1	200	p a.audrte.com/ Frame 5FB0 Redirect Chain https://a.audrte.com/match?p=1468142154&uid=OheYfYhrVahKgXB3LsAc/O https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bDczanJUaU4ybHJUMjJLLUJxZ2N1LXlqZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL... https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= https://a.audrte.com/p	68 B 424 B	102ms 101ms	Image image/png	34.233.114.35 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://a.audrte.com/p Protocol HTTP/1.1 Server 34.233.114.35 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-233-114-35.compute-1.amazonaws.com Software nginx/1.18.0 / Resource Hash 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 Request headers accept-language de-DE,de;q=0.9 Referer https://cstatic.weborama.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Mon, 27 Mar 2023 23:41:32 GMT Server nginx/1.18.0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST, GET, OPTIONS Content-Type image/png Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Connection keep-alive Content-Length 68 Redirect headers Date Mon, 27 Mar 2023 23:41:32 GMT Server nginx/1.18.0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST, GET, OPTIONS Access-Control-Allow-Origin * Location https://a.audrte.com:443/p Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0
GET H/1.1	200 OK	dcm aax-eu.amazon-adsystem.com/s/ Frame 5FB0 Redirect Chain https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=T2hlWWZZaHJWYWhLZ1hCM0xzQWMvTw https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=T2hlWWZZaHJWYWhLZ1hCM0xzQWMvTw&dcc=t	43 B 855 B	193ms 193ms	Image image/gif	52.95.125.22 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=T2hlWWZZaHJWYWhLZ1hCM0xzQWMvTw&dcc=t Protocol HTTP/1.1 Server 52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://cstatic.weborama.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Pragma no-cache Date Mon, 27 Mar 2023 23:41:32 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid D7XNQ7SH6QK7SHTNXPK6 Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Mon, 27 Mar 2023 23:41:32 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid T28H14JFGJ0ZRB6Q669D Vary Content-Type,Accept-Encoding,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=T2hlWWZZaHJWYWhLZ1hCM0xzQWMvTw&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	204	ids idsync.frontend.weborama.fr/ Frame 5FB0 Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&rdf=1 https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=B8DC856C-8925-4256-983D-1EAEF81A0B4C	0 45 B	35ms 15ms	Image text/plain	34.111.131.239 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=B8DC856C-8925-4256-983D-1EAEF81A0B4C Protocol H2 Server 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 239.131.111.34.bc.googleusercontent.com Software Weborama Collect Frontend / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cstatic.weborama.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 23:41:32 GMT via 1.1 google last-modified Mon, 27 Mar 2023 23:41:32 GMT server Weborama Collect Frontend vary Origin p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 03 Jul 2001 06:00:00 GMT Redirect headers location https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=B8DC856C-8925-4256-983D-1EAEF81A0B4C date Mon, 27 Mar 2023 23:41:31 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H2	200	42093449 Show response mc.yandex.ru/watch/	447 B 484 B	59ms 56ms	XHR application/json	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/42093449?wmode=7&page-url=https%3A%2F%2Fnews.2xclick.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Avf%3A41za72whyvnyouc9ib8bz3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A990%3Acn%3A3%3Adp%3A1%3Als%3A685318160817%3Ahid%3A679660081%3Az%3A0%3Ai%3A20230327234131%3Aet%3A1679960492%3Ac%3A1%3Arn%3A196706979%3Au%3A1679960492562331946%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1679960490647%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1679960492%3At%3AGnezdo.ru&t=gdpr(14)mc(p-1)clc(0-0-0)lt(6400)aw(1)ti(2) Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 10f8152a601332f11ba87f77f2dc535512fc0daab99e06f92bef7eca0a2c9428 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 23:41:32 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Mon, 27-Mar-2023 23:41:32 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://news.2xclick.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 447 x-xss-protection 1; mode=block expires Mon, 27-Mar-2023 23:41:32 GMT
GET H2	200	320977 Show response mc.yandex.ru/watch/	399 B 615 B	58ms 55ms	XHR application/json	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/320977?wmode=7&page-url=https%3A%2F%2Fnews.2xclick.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A41za72whyvnyouc9ib8bz3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A990%3Acn%3A4%3Adp%3A1%3Als%3A112025721948%3Ahid%3A679660081%3Az%3A0%3Ai%3A20230327234132%3Aet%3A1679960492%3Ac%3A1%3Arn%3A370931415%3Au%3A1679960492562331946%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1679960490647%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1679960492%3At%3AGnezdo.ru&t=gdpr(14)mc(p-4-h-1)clc(0-0-0)lt(6400)aw(1)ti(2) Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 13e446b80e7a176fa63ffef6fe2ac9d1c42057378f97bd4b3375135c9f4f646f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 23:41:32 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Mon, 27-Mar-2023 23:41:32 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://news.2xclick.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 399 x-xss-protection 1; mode=block expires Mon, 27-Mar-2023 23:41:32 GMT
GET H2	200	sync_cookie_image_check mc.webvisor.org/	43 B 67 B	62ms 61ms	Image image/gif	154.47.36.186 COGENT-174
General Check archive.org Show headers Download Go to Show image Full URL https://mc.webvisor.org/sync_cookie_image_check Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.47.36.186 , United States, ASN174 (COGENT-174, US), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:41:32 GMT strict-transport-security max-age=31536000 content-length 43 x-xss-protection 1; mode=block content-type image/gif
POST H2	200	1 Show response mc.yandex.ru/watch/320977/	43 B 74 B	62ms 62ms	XHR image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/320977/1?page-url=https%3A%2F%2Fnews.2xclick.ru%2F&charset=utf-8&cnt-class=1&hittoken=1679960492_063be7f77ec52c64895caac27754f7575332177605a39940fecc28cba7dab116&browser-info=pa%3A1%3Aar%3A1%3Avf%3A41za72whyvnyouc9ib8bz3%3Afp%3A787%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A990%3Acn%3A4%3Adp%3A1%3Als%3A112025721948%3Ahid%3A679660081%3Az%3A0%3Ai%3A20230327234132%3Aet%3A1679960492%3Ac%3A1%3Arn%3A902502093%3Arqn%3A1%3Au%3A1679960492562331946%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A120%2C140%2C86%2C1%2C0%2C0%2C%2C544%2C8%2C1572%2C1572%2C2%2C893%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1679960490647%3Aadb%3A2%3Ast%3A1679960492&t=gdpr(14)mc(p-5-h-2)clc(0-0-0)rqnt(1)lt(6400)aw(1)ti(2) Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://news.2xclick.ru/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Mon, 27 Mar 2023 23:41:32 GMT strict-transport-security max-age=31536000 last-modified Mon, 27-Mar-2023 23:41:32 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type image/gif access-control-allow-origin https://news.2xclick.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Mon, 27-Mar-2023 23:41:32 GMT
GET H2	200	320977 Show response mc.yandex.ru/watch/	43 B 74 B	56ms 56ms	XHR image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/320977?page-url=https%3A%2F%2Fnews.2xclick.ru%2F&charset=utf-8&cnt-class=1&hittoken=1679960492_063be7f77ec52c64895caac27754f7575332177605a39940fecc28cba7dab116&browser-info=pv%3A1%3Aar%3A1%3Avf%3A41za72whyvnyouc9ib8bz3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A990%3Acn%3A4%3Adp%3A1%3Als%3A112025721948%3Ahid%3A679660081%3Az%3A0%3Ai%3A20230327234132%3Aet%3A1679960492%3Ac%3A1%3Arn%3A630439079%3Arqn%3A2%3Au%3A1679960492562331946%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1679960490647%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1679960492%3At%3AGnezdo.ru&t=gdpr(14)mc(p-5-h-2)clc(0-0-0)rqnt(2)lt(6400)aw(1)ti(2) Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 23:41:32 GMT strict-transport-security max-age=31536000 last-modified Mon, 27-Mar-2023 23:41:32 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type image/gif access-control-allow-origin https://news.2xclick.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Mon, 27-Mar-2023 23:41:32 GMT
POST H2	200	1 Show response mc.yandex.ru/watch/42093449/	43 B 74 B	60ms 59ms	XHR image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/42093449/1?page-url=https%3A%2F%2Fnews.2xclick.ru%2F&charset=utf-8&hittoken=1679960492_0bc1e2fbb5eb17421255982df1b08f3bc663a2bd2539e970d972fe65ad6596fb&browser-info=pa%3A1%3Aar%3A1%3Avf%3A41za72whyvnyouc9ib8bz3%3Afp%3A787%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A990%3Acn%3A3%3Adp%3A1%3Als%3A685318160817%3Ahid%3A679660081%3Az%3A0%3Ai%3A20230327234132%3Aet%3A1679960492%3Ac%3A1%3Arn%3A342339150%3Arqn%3A1%3Au%3A1679960492562331946%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A120%2C140%2C86%2C1%2C0%2C0%2C%2C544%2C8%2C1572%2C1572%2C2%2C893%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1679960490647%3Aadb%3A2%3Ast%3A1679960492&t=gdpr(14)mc(p-5-h-2)clc(0-0-0)rqnt(1)lt(6400)aw(1)ti(2) Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://news.2xclick.ru/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Mon, 27 Mar 2023 23:41:32 GMT strict-transport-security max-age=31536000 last-modified Mon, 27-Mar-2023 23:41:32 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type image/gif access-control-allow-origin https://news.2xclick.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Mon, 27-Mar-2023 23:41:32 GMT
POST H2	200	1 Show response mc.yandex.ru/watch/42093449/	43 B 74 B	68ms 67ms	XHR image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/42093449/1?page-url=https%3A%2F%2Fnews.2xclick.ru%2F&charset=utf-8&hittoken=1679960492_0bc1e2fbb5eb17421255982df1b08f3bc663a2bd2539e970d972fe65ad6596fb&browser-info=pa%3A1%3Aar%3A1%3Avf%3A41za72whyvnyouc9ib8bz3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A990%3Acn%3A3%3Adp%3A1%3Als%3A685318160817%3Ahid%3A679660081%3Az%3A0%3Ai%3A20230327234132%3Aet%3A1679960492%3Ac%3A1%3Arn%3A857242044%3Arqn%3A2%3Au%3A1679960492562331946%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1679960490647%3Aadb%3A2%3Ast%3A1679960492&t=gdpr(14)mc(p-5-h-2)clc(0-0-0)rqnt(2)lt(6400)aw(1)ti(2) Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://news.2xclick.ru/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Mon, 27 Mar 2023 23:41:32 GMT strict-transport-security max-age=31536000 last-modified Mon, 27-Mar-2023 23:41:32 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type image/gif access-control-allow-origin https://news.2xclick.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Mon, 27-Mar-2023 23:41:32 GMT
POST H2	200	1 Show response mc.yandex.ru/watch/42093449/	43 B 74 B	104ms 103ms	XHR image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/42093449/1?page-url=https%3A%2F%2Fnews.2xclick.ru%2F&charset=utf-8&hittoken=1679960492_0bc1e2fbb5eb17421255982df1b08f3bc663a2bd2539e970d972fe65ad6596fb&browser-info=pa%3A1%3Aar%3A1%3Avf%3A41za72whyvnyouc9ib8bz3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A990%3Acn%3A3%3Adp%3A1%3Als%3A685318160817%3Ahid%3A679660081%3Az%3A0%3Ai%3A20230327234132%3Aet%3A1679960492%3Ac%3A1%3Arn%3A575185677%3Arqn%3A3%3Au%3A1679960492562331946%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1679960490647%3Aadb%3A2%3Ast%3A1679960492&t=gdpr(14)mc(p-5-h-2)clc(0-0-0)rqnt(3)lt(6400)aw(1)ti(2) Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://news.2xclick.ru/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Mon, 27 Mar 2023 23:41:32 GMT strict-transport-security max-age=31536000 last-modified Mon, 27-Mar-2023 23:41:32 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type image/gif access-control-allow-origin https://news.2xclick.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Mon, 27-Mar-2023 23:41:32 GMT
GET H2	200	42093449 Show response mc.yandex.ru/watch/	43 B 74 B	55ms 55ms	XHR image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/42093449?page-url=https%3A%2F%2Fnews.2xclick.ru%2F&charset=utf-8&site-info=%7B%22745582%22%3A%7B%22remoteLogString%22%3A%7B%22Error%22%3A%7B%7D%7D%7D%7D&hittoken=1679960492_0bc1e2fbb5eb17421255982df1b08f3bc663a2bd2539e970d972fe65ad6596fb&browser-info=pv%3A1%3Aar%3A1%3Avf%3A41za72whyvnyouc9ib8bz3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A990%3Acn%3A3%3Adp%3A1%3Als%3A685318160817%3Ahid%3A679660081%3Az%3A0%3Ai%3A20230327234132%3Aet%3A1679960492%3Ac%3A1%3Arn%3A1041071878%3Arqn%3A4%3Au%3A1679960492562331946%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1679960490647%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1679960492%3At%3AGnezdo.ru&t=gdpr(14)mc(p-5-h-2)clc(0-0-0)rqnt(4)lt(6400)aw(1)ti(2) Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://news.2xclick.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 23:41:32 GMT strict-transport-security max-age=31536000 last-modified Mon, 27-Mar-2023 23:41:32 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type image/gif access-control-allow-origin https://news.2xclick.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Mon, 27-Mar-2023 23:41:32 GMT