news.gnezdo.ru Open in urlscan Pro
93.95.103.233 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://news.gnezdo.ru/
Effective URL:
https://news.gnezdo.ru/
Submission: On May 03 via manual (May 3rd 2023, 4:59:41 pm UTC) from FR — Scanned from FR

Summary HTTP 96 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 31 IPs in 8 countries across 30 domains to perform 96 HTTP transactions. The main IP is 93.95.103.233, located in Russian Federation and belongs to MTW-AS, RU. The main domain is news.gnezdo.ru. The Cisco Umbrella rank of the primary domain is 160018.
TLS certificate: Issued by R3 on April 28th 2023. Valid for: 3 months.

This is the only time news.gnezdo.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	93.95.103.233 93.95.103.233	48347 (MTW-AS) (MTW-AS)
34	93.95.99.151 93.95.99.151	48347 (MTW-AS) (MTW-AS)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
5	93.184.221.133 93.184.221.133	15133 (EDGECAST) (EDGECAST)
2	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
3 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1 2	195.54.48.26 195.54.48.26	12516 (WEBORAMA ...) (WEBORAMA Weborama provides Internet Services)
2 4	34.111.205.194 34.111.205.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c02::9d	15169 (GOOGLE) (GOOGLE)
3	93.95.103.98 93.95.103.98	48347 (MTW-AS) (MTW-AS)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 3	154.47.36.101 154.47.36.101	174 (COGENT-174) (COGENT-174)
7	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
1	34.149.247.216 34.149.247.216	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	34.107.182.139 34.107.182.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 1	91.216.195.7 91.216.195.7	12516 (WEBORAMA ...) (WEBORAMA Weborama provides Internet Services)
2 2	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
6	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
2 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.86.138.150 185.86.138.150	201081 (SMARTADSE...) (SMARTADSERVER)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	145.239.192.166 145.239.192.166	16276 (OVH) (OVH)
2 3	3.215.146.42 3.215.146.42	14618 (AMAZON-AES) (AMAZON-AES)
1	64.202.112.127 64.202.112.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
1 2	67.220.224.150 67.220.224.150	16509 (AMAZON-02) (AMAZON-02)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
96	31

6 93.95.103.233 (Russian Federation) 1 redirects

ASN48347 (MTW-AS, RU)
PTR: awesome.pamaquine.org

news.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 93.95.99.151 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: mail3.itech-group.ru

zn2.gnezdo.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 93.184.221.133 (London, United Kingdom)

ASN15133 (EDGECAST, US)

cstatic.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.54.48.26 (France) 1 redirects

ASN12516 (WEBORAMA Weborama provides Internet Services, FR)
PTR: aub-collect-lb-c03-02-vip.weborama.fr

gnezdoruanalytics.solution.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.111.205.194 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.205.111.34.bc.googleusercontent.com

dx.frontend.weborama.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.24.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

rd.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 93.95.103.98 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

fcgi7.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 154.47.36.101 (United States) 1 redirects

ASN174 (COGENT-174, US)

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.247.216 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 216.247.149.34.bc.googleusercontent.com

ds.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.182.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.182.107.34.bc.googleusercontent.com

bsd.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.216.195.7 (France) 1 redirects

ASN12516 (WEBORAMA Weborama provides Internet Services, FR)
PTR: std-collect-lb-c03-02-vip.weborama.fr

wam-google.solution.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

rtd-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.150 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.192.166 (France)

ASN16276 (OVH, FR)

sync-uid.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.215.146.42 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-146-42.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.127 (Chicago, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.132 (Denmark)

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.220.224.150 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	gnezdo.news zn2.gnezdo.news	489 KB
17	weborama.fr 3 redirects cstatic.weborama.fr — Cisco Umbrella Rank: 31986 gnezdoruanalytics.solution.weborama.fr rd.frontend.weborama.fr — Cisco Umbrella Rank: 20348 ds.frontend.weborama.fr — Cisco Umbrella Rank: 125696 bsd.frontend.weborama.fr — Cisco Umbrella Rank: 116544 wam-google.solution.weborama.fr — Cisco Umbrella Rank: 171391 idsync.frontend.weborama.fr — Cisco Umbrella Rank: 31700	16 KB
12	yandex.ru 3 redirects an.yandex.ru — Cisco Umbrella Rank: 5801 mc.yandex.ru — Cisco Umbrella Rank: 3863	91 KB
9	gnezdo.ru 1 redirects news.gnezdo.ru — Cisco Umbrella Rank: 160018 fcgi7.gnezdo.ru — Cisco Umbrella Rank: 456909	42 KB
7	yastatic.net yastatic.net — Cisco Umbrella Rank: 6830	193 KB
4	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 74 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	1001 B
4	weborama.com 2 redirects dx.frontend.weborama.com — Cisco Umbrella Rank: 43338	616 B
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 1935	2 KB
3	webvisor.org 1 redirects mc.webvisor.org — Cisco Umbrella Rank: 27839	931 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 699	542 B
2	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1035	2 KB
2	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 982 ups.analytics.yahoo.com — Cisco Umbrella Rank: 265	854 B
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 437	1 KB
2	smartadserver.com 1 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1356	1 KB
2	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 420	715 B
2	everesttech.net 2 redirects rtd-tm.everesttech.net — Cisco Umbrella Rank: 2529	682 B
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 406	2 KB
2	exelator.com 1 redirects loadus.exelator.com — Cisco Umbrella Rank: 1238	2 KB
2	gstatic.com fonts.gstatic.com	25 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
1	adform.net c1.adform.net — Cisco Umbrella Rank: 573	501 B
1	zemanta.com b1sync.zemanta.com — Cisco Umbrella Rank: 543	127 B
1	leadplace.fr sync-uid.leadplace.fr — Cisco Umbrella Rank: 74030
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 304	266 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 372	449 B
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 987	641 B
1	google.fr www.google.fr — Cisco Umbrella Rank: 17139	409 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	409 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 346	69 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	996 B
96	30

	Domain	Requested by
34	zn2.gnezdo.news	news.gnezdo.ru zn2.gnezdo.news
10	mc.yandex.ru	3 redirects news.gnezdo.ru cdn.jsdelivr.net
7	yastatic.net	an.yandex.ru
6	idsync.frontend.weborama.fr	loadus.exelator.com
6	news.gnezdo.ru	1 redirects news.gnezdo.ru
5	cstatic.weborama.fr	news.gnezdo.ru cstatic.weborama.fr
4	dx.frontend.weborama.com	2 redirects news.gnezdo.ru
3	a.audrte.com	2 redirects
3	cm.g.doubleclick.net	3 redirects
3	mc.webvisor.org	1 redirects news.gnezdo.ru cdn.jsdelivr.net
3	fcgi7.gnezdo.ru	news.gnezdo.ru
2	image6.pubmatic.com	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects
2	pixel.tapad.com	1 redirects
2	sync.smartadserver.com	1 redirects
2	gum.criteo.com	2 redirects
2	rtd-tm.everesttech.net	2 redirects
2	secure.adnxs.com	2 redirects
2	loadus.exelator.com	1 redirects cstatic.weborama.fr
2	gnezdoruanalytics.solution.weborama.fr	1 redirects news.gnezdo.ru
2	fonts.gstatic.com	fonts.googleapis.com
2	an.yandex.ru	news.gnezdo.ru an.yandex.ru
2	www.google-analytics.com	news.gnezdo.ru www.google-analytics.com
1	c1.adform.net
1	b1sync.zemanta.com
1	sync-uid.leadplace.fr
1	ups.analytics.yahoo.com
1	cms.analytics.yahoo.com	1 redirects
1	match.adsrvr.org
1	idsync.rlcdn.com
1	pixel.mathtag.com	1 redirects
1	wam-google.solution.weborama.fr	1 redirects
1	bsd.frontend.weborama.fr	cstatic.weborama.fr
1	ds.frontend.weborama.fr	cstatic.weborama.fr
1	www.google.fr	news.gnezdo.ru
1	www.google.com	news.gnezdo.ru
1	stats.g.doubleclick.net	www.google-analytics.com
1	rd.frontend.weborama.fr	1 redirects
1	cdn.jsdelivr.net	news.gnezdo.ru
1	fonts.googleapis.com	zn2.gnezdo.news
96	40

This site contains links to these domains. Also see Links.

Domain
gnezdo.online
lk-gnezdo.com

Subject Issuer	Validity	Valid
gnezdo.news R3	`2023-04-28` - `2023-07-27`	3 months	crt.sh
zn2.2xclick.ru R3	`2023-04-03` - `2023-07-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-17` - `2023-11-17`	a year	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-04-08` - `2023-10-07`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
fcgi7.gnezdo.ru R3	`2023-02-19` - `2023-05-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-02-01` - `2023-08-01`	6 months	crt.sh
*.frontend.weborama.fr Gandi Standard SSL CA 2	`2023-02-22` - `2024-03-24`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.frontend.weborama.com Go Daddy Secure Certificate Authority - G2	`2022-08-30` - `2023-10-01`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2022-09-13` - `2023-09-13`	a year	crt.sh
*.zemanta.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-09-06`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
mc.webvisor.com GlobalSign RSA OV SSL CA 2018	`2022-12-20` - `2023-06-13`	6 months	crt.sh

This page contains 4 frames:

Primary Page: https://news.gnezdo.ru/
Frame ID: 76E887FDD7578D1C8E7B07F35E8CA4B2
Requests: 71 HTTP requests in this frame

Frame: https://news.gnezdo.ru/1pc.html
Frame ID: F0DEC21CE22DB4A3C1673C379739C87B
Requests: 1 HTTP requests in this frame

Frame: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=news.gnezdo.ru&site=485736
Frame ID: 04461A9A6C6FDF3AA30A9ABF0D100857
Requests: 21 HTTP requests in this frame

Frame: https://loadus.exelator.com/load/?p=204&g=1020&j=w&xl8blockcheck=1
Frame ID: BAF04767108AC2794DD882EE9049F72A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gnezdo.ru

Page URL History Show full URLs

http://news.gnezdo.ru/ HTTP 301
https://news.gnezdo.ru/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.jsdelivr\.net/npm/yandex\-metrica\-watch/watch\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

96
Requests

83 %
HTTPS

28 %
IPv6

30
Domains

40
Subdomains

31
IPs

8
Countries

949 kB
Transfer

1950 kB
Size

52
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://gnezdo.online/

Search URL Search Domain Scan URL

URL: https://lk-gnezdo.com/cgi-bin/admin/login.cgi
Title: Вход

Search URL Search Domain Scan URL

URL: https://gnezdo.online/vakansii/
Title: Заработай с нами

Search URL Search Domain Scan URL

URL: https://gnezdo.online/pokupka-trafika/
Title: Рекламодателям

Search URL Search Domain Scan URL

URL: https://gnezdo.online/monetizatsiya-trafika/
Title: Вебмастерам

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://news.gnezdo.ru/ HTTP 301
https://news.gnezdo.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fnews.gnezdo.ru%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3Aiwhcse2c9umawgksp9hl0f%3Afp%3A830%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A2%3Adp%3A0%3Als%3A1189291761604%3Ahid%3A84011620%3Az%3A0%3Ai%3A20230503165936%3Aet%3A1683133177%3Ac%3A1%3Arn%3A1132057%3Arqn%3A1%3Au%3A1683133177929862929%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A1%2C134%2C106%2C1%2C136%2C0%2C%2C440%2C7%2C%2C%2C%2C821%3Aco%3A0%3Acpf%3A1%3Ans%3A1683133175638%3Ast%3A1683133177&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fnews.gnezdo.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Aiwhcse2c9umawgksp9hl0f%3Afp%3A830%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A2%3Adp%3A0%3Als%3A1189291761604%3Ahid%3A84011620%3Az%3A0%3Ai%3A20230503165936%3Aet%3A1683133177%3Ac%3A1%3Arn%3A1132057%3Arqn%3A1%3Au%3A1683133177929862929%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A1%2C134%2C106%2C1%2C136%2C0%2C%2C440%2C7%2C%2C%2C%2C821%3Aco%3A0%3Acpf%3A1%3Ans%3A1683133175638%3Ast%3A1683133177&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 47

https://mc.yandex.ru/watch/11859022?wmode=7&page-url=https%3A%2F%2Fnews.gnezdo.ru%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22gnezdoGroupId%22%3A%220%22%2C%22gnezdoSubId%22%3A0%2C%22gnezdoADGender%22%3A%22%22%2C%22gnezdoADAge%22%3A%22%22%2C%22gnezdoAIDGender%22%3A%22%22%2C%22gnezdoAIDAge%22%3A%22%22%2C%22gnezdoWBGender%22%3A%22%22%2C%22gnezdoWBAge%22%3A%22%22%2C%22gnezdoIp%22%3A%22178.33.144.179%22%2C%22gnezdoFP%22%3A%22%22%2C%22gnezdoDevice%22%3A%22desktop%22%2C%22gnezdoOs%22%3A%22windows%22%2C%22gnezdoBrowser%22%3A%22chrome%22%2C%22gnezdoBrowserV%22%3A%22113.0%22%2C%22gnezdoLentaId%22%3A%22def%22%7D&ut=noindex&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aiwhcse2c9umawgksp9hl0f%3Afp%3A830%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A1%3Adp%3A0%3Als%3A1333367250813%3Ahid%3A84011620%3Az%3A0%3Ai%3A20230503165936%3Aet%3A1683133177%3Ac%3A1%3Arn%3A368248901%3Arqn%3A1%3Au%3A1683133177929862929%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A1%2C134%2C106%2C1%2C136%2C0%2C%2C440%2C7%2C%2C%2C%2C821%3Aco%3A0%3Acpf%3A1%3Ans%3A1683133175638%3Arqnl%3A1%3Ast%3A1683133177%3At%3AGnezdo.ru&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/11859022/1?wmode=7&page-url=https%3A%2F%2Fnews.gnezdo.ru%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22gnezdoGroupId%22%3A%220%22%2C%22gnezdoSubId%22%3A0%2C%22gnezdoADGender%22%3A%22%22%2C%22gnezdoADAge%22%3A%22%22%2C%22gnezdoAIDGender%22%3A%22%22%2C%22gnezdoAIDAge%22%3A%22%22%2C%22gnezdoWBGender%22%3A%22%22%2C%22gnezdoWBAge%22%3A%22%22%2C%22gnezdoIp%22%3A%22178.33.144.179%22%2C%22gnezdoFP%22%3A%22%22%2C%22gnezdoDevice%22%3A%22desktop%22%2C%22gnezdoOs%22%3A%22windows%22%2C%22gnezdoBrowser%22%3A%22chrome%22%2C%22gnezdoBrowserV%22%3A%22113.0%22%2C%22gnezdoLentaId%22%3A%22def%22%7D&ut=noindex&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aiwhcse2c9umawgksp9hl0f%3Afp%3A830%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A1%3Adp%3A0%3Als%3A1333367250813%3Ahid%3A84011620%3Az%3A0%3Ai%3A20230503165936%3Aet%3A1683133177%3Ac%3A1%3Arn%3A368248901%3Arqn%3A1%3Au%3A1683133177929862929%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A1%2C134%2C106%2C1%2C136%2C0%2C%2C440%2C7%2C%2C%2C%2C821%3Aco%3A0%3Acpf%3A1%3Ans%3A1683133175638%3Arqnl%3A1%3Ast%3A1683133177%3At%3AGnezdo.ru&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 51

https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1683133176&ta=1600x1200&co=24&ref= HTTP 302
https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1683133176&ta=1600x1200&co=24&ref=&BOUNCE=OK

Request Chain 52

https://dx.frontend.weborama.com/collect?touchpoint=0&src=wai&site=485736&url=https%3A%2F%2Fnews.gnezdo.ru%2F HTTP 307
https://dx.frontend.weborama.com/collect?touchpoint=0&src=wai&site=485736&url=https%3A%2F%2Fnews.gnezdo.ru%2F&bounce=1&random=183568723 HTTP 302
https://rd.frontend.weborama.fr/rd?key=wamsync HTTP 302
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=FAWMrqGXan8U

Request Chain 60

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9992.1mENAXIHp2fXKPIvieOc0GEQik3OhPPw6OI7tAA1QWucJPx7YkaH9fWi9mfd1qFB.HggO6W8PYSyIGuwtawhxU_MWe80%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=9992.8SePM8nrRF-0z-xSccOWl3NzSheAi3k-3QPq2JPu5b7-bARqIJDHKFYP3afVkrBLgeXIZM9MzcwhZocNZiwZTCIUMI0kvQpKsXF3d78imc6lHYv49JZNpBTzdjic5NG1rl72f1cn1wN4bUrTtKRrUZ_vPZB3G7CgcBLFF60JhV6ldB925B7bjbkpcK1pPla68iT2lvjSEEI50VbiuT3p_pFuXg6ZeNxB74mqfTeywfs%2C.2B97BDZzwozsSc-mvOWsrM1gLlo%2C

Request Chain 72

https://loadus.exelator.com/load/?p=204&g=1020&j=w HTTP 302
https://loadus.exelator.com/load/?p=204&g=1020&j=w&xl8blockcheck=1

Request Chain 74

https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm=&google_tc= HTTP 302
https://wam-google.solution.weborama.fr/pixel?google_error=15 HTTP 301
https://cstatic.weborama.fr/transp.gif?google_error=15

Request Chain 75

https://secure.adnxs.com/getuid?https://idsync.frontend.weborama.fr/ids?key=appnexus&value=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dappnexus%26value%3D%24UID HTTP 302
https://idsync.frontend.weborama.fr/ids?key=appnexus&value=8969514934376035788

Request Chain 76

https://rtd-tm.everesttech.net/upi/pid/I4EAHwnE?redir=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dtubemogul%26value%3D%24%7BUSER_ID%7D HTTP 302
https://rtd-tm.everesttech.net/ct/upi/pid/I4EAHwnE?redir=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dtubemogul%26value%3D%24%7BUSER_ID%7D&_test=ZFKS_QAF5etAdgAf HTTP 302
https://idsync.frontend.weborama.fr/ids?key=tubemogul&value=ZFKS_QAF5etAdgAf

Request Chain 77

https://gum.criteo.com/sync?c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40 HTTP 302
https://gum.criteo.com/sync?s=1&c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=criteov2&value=UWTpnGd2x4qfPtnbarHIQCLn-yRh539F

Request Chain 78

https://pixel.mathtag.com/sync/img?mt_exid=10014&redir=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dmediamath%26value%3D%5BMM_UUID%5D HTTP 302
https://idsync.frontend.weborama.fr/ids?key=mediamath&value=55926452-92f9-4a00-816d-6d5aea1ea3b7

Request Chain 79

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dsmartadserver%26value%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?url=https://idsync.frontend.weborama.fr/ids?key=smartadserver&value=[sas_uid]&cklb=1

Request Chain 83

https://pixel.tapad.com/idsync/ex/receive?partner_id=2964&partner_device_id=FAWMrqGXan8U HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=FAWMrqGXan8U

Request Chain 84

https://cms.analytics.yahoo.com/cms?partner_id=WEBMA&gdpr=false HTTP 302
https://ups.analytics.yahoo.com/ups/58779/cms?partner_id=WEBMA&gdpr=false

Request Chain 86

https://a.audrte.com/match?p=1468142154&uid=OnWbCHEOI8NoK1L5/X5Xku HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZGk2VDFseGtCbHhSd2VSUjNDaExhSFpRQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 89

https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=T25XYkNIRU9JOE5vSzFMNS9YNVhrdQ HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=T25XYkNIRU9JOE5vSzFMNS9YNVhrdQ&dcc=t

Request Chain 90

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&rdf=1 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=34CE9AA6-34BD-42F1-89B6-69E40DAB93B0

96 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
news.gnezdo.ru/
Redirect Chain

http://news.gnezdo.ru/
https://news.gnezdo.ru/

24 KB
8 KB

243ms
107ms

Document
text/html

93.95.103.233
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://news.gnezdo.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.103.233 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: awesome.pamaquine.org
Software: nginx /
Resource Hash: f36cccce1ab1982abe9dcbe19efcdd88e3d4d6f0bef2fd343b74aa3115c7e808

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 03 May 2023 16:59:35 GMT
expires: Wed, 03 May 2023 16:59:36 GMT
pragma: no-cache
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Wed, 03 May 2023 16:59:35 GMT
Location: https://news.gnezdo.ru/
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Server: nginx

GET
H2 200 style15.css
zn2.gnezdo.news/new-lenta/ 8 KB
8 KB 266ms
123ms Stylesheet
text/css 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zn2.gnezdo.news/new-lenta/style15.css?1234
Requested by: Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 95f9f7d5fc896cddb14ac87de2c177488da4249aa25c977a620cf99463d615d4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Wed, 30 Sep 2020 04:23:00 GMT
server: nginx
etag: "5f740824-1e61"
content-type: text/css
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 7777
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 health.css
zn2.gnezdo.news/new-lenta/ 2 KB
3 KB 268ms
125ms Stylesheet
text/css 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zn2.gnezdo.news/new-lenta/health.css?1
Requested by: Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 01266b002c3a5fd944f5d5a6c9a7bcedf1274ea6c9baef3d2f14457d364014da

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Tue, 29 Sep 2020 05:06:00 GMT
server: nginx
etag: "5f72c0b8-8f1"
content-type: text/css
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2289
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gnezdo_news_tracker_new.js Show response
news.gnezdo.ru/ 13 KB
13 KB 65ms
65ms Script
application/javascript 93.95.103.233
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://news.gnezdo.ru/gnezdo_news_tracker_new.js
Requested by: Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.103.233 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: awesome.pamaquine.org
Software: nginx /
Resource Hash: f67d45656c4217a8de9552dd869658c87855bf795dc34e8abfdff37bfa62fd9f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Fri, 21 Apr 2023 14:03:18 GMT
server: nginx
etag: "644297a6-34aa"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 13482
expires: Thu, 04 May 2023 16:59:36 GMT

GET
H2 200 white-logo.png
zn2.gnezdo.news/new-lenta/img/ 4 KB
5 KB 316ms
192ms Image
image/png 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/new-lenta/img/white-logo.png
Requested by: Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: f3d3d5e79c6c3971916ebb40d8f16c3d584efe53669023273eeca33928178bfe

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Fri, 12 Jul 2019 13:56:00 GMT
server: nginx
etag: "5d289170-1100"
content-type: image/png
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 4352
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 enter_ad.png
zn2.gnezdo.news/src/ 693 B
1 KB 126ms
123ms Image
image/png 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/src/enter_ad.png
Requested by: Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 679c798fd4e7e8b2e875df662470ae6a0e01f5d8490a8d22bca5d419b30987cd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Tue, 25 Apr 2017 08:51:00 GMT
server: nginx
etag: "58ff0df4-2b5"
content-type: image/png
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 693
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 health.jpg
news.gnezdo.ru/tests/health/ 4 KB
4 KB 65ms
65ms Image
image/jpeg 93.95.103.233
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news.gnezdo.ru/tests/health/health.jpg
Requested by: Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.103.233 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: awesome.pamaquine.org
Software: nginx /
Resource Hash: 1c38153acac347bda02a24b09e16db230167f0a51d6d1974ff1e505c1282bdd6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Thu, 08 Nov 2018 10:09:56 GMT
server: nginx
etag: "5be40b74-110b"
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 4363
expires: Thu, 02 May 2024 16:59:36 GMT

GET
H2 200 jquery-2.2.4.min.js Show response
zn2.gnezdo.news/js/ 84 KB
84 KB 252ms
127ms Script
application/javascript 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zn2.gnezdo.news/js/jquery-2.2.4.min.js
Requested by: Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Fri, 20 Apr 2018 12:54:00 GMT
server: nginx
etag: "5ad9e2e8-14e4a"
content-type: application/javascript
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 85578
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 modernizr.js Show response
zn2.gnezdo.news/new-lenta/ 3 KB
3 KB 316ms
191ms Script
application/javascript 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zn2.gnezdo.news/new-lenta/modernizr.js
Requested by: Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 840f575220d6b42197251483e8b3b486bce6f7c4c4bddfff022580d3bb39ce4b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Thu, 28 Jun 2018 10:55:00 GMT
server: nginx
etag: "5b34be84-aa9"
content-type: application/javascript
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2729
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 new_lenta_colors15.js Show response
zn2.gnezdo.news/js/ 5 KB
5 KB 314ms
190ms Script
application/javascript 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js
Requested by: Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: f6f11d50372d88190696b17264e1609349ae7195af0cd44e95ffe632f8a322f3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Wed, 19 Oct 2022 06:06:24 GMT
server: nginx
etag: "634f93e0-1253"
content-type: application/javascript
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 4691
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
996 B 104ms
36ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed

Requested by

Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/new-lenta/style15.css?1234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

110696077cf2c253e820eab00dba2c2c3de39600bab63e07fec24556d41eda14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zn2.gnezdo.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 May 2023 16:59:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 May 2023 16:34:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 May 2023 16:59:36 GMT

GET
H2 200 1pc.html Show response
news.gnezdo.ru/ Frame F0DE 1 KB
808 B 64ms
64ms Document
text/html 93.95.103.233
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://news.gnezdo.ru/1pc.html
Requested by: Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/gnezdo_news_tracker_new.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.103.233 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: awesome.pamaquine.org
Software: nginx /
Resource Hash: c6e0fc3d278b2e636153eac2d900942a0573459d0acaa4429f70d309212a2cf9

Request headers

Referer: https://news.gnezdo.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Wed, 03 May 2023 16:59:36 GMT
etag: W/"64392be0-41f"
expires: Thu, 04 May 2023 16:59:36 GMT
last-modified: Fri, 14 Apr 2023 10:33:04 GMT
server: nginx

GET
H2 200 watch.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 164 KB
69 KB 62ms
18ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Requested by

Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2000533c6e90247605bd21f9eac72084495d18353d748b1362a9243a61230d8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 03 May 2023 16:59:36 GMT
x-content-type-options: nosniff
content-encoding: br
age: 12213
x-jsd-version: 1.273.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 70179
x-served-by: cache-fra-eddf8230070-FRA, cache-lcy-eglc8600028-LCY
x-jsd-version-type: version
etag: W/"29111-EAomxDXqHJE8Pu6ApryFnesgbHU"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 89ms
26ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 May 2023 15:05:04 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6872
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Wed, 03 May 2023 17:05:04 GMT

GET
H2 200 products.js Show response
cstatic.weborama.fr/js/ 20 KB
7 KB 107ms
19ms Script
text/javascript 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cstatic.weborama.fr/js/products.js
Requested by: Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F14) /
Resource Hash: e997c350a113c5629432c0cfbaa960874da77cc36b1420658a678d4e3c7f4baf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
content-encoding: gzip
last-modified: Thu, 30 Mar 2023 06:38:14 GMT
server: ECAcc (paa/6F14)
age: 555444
etag: "164916729+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: max-age=604800
accept-ranges: bytes
content-length: 6765
expires: Wed, 10 May 2023 16:59:36 GMT

GET
H2 200 context.js Show response
an.yandex.ru/system/ 291 KB
85 KB 229ms
83ms Script
text/javascript 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

086de73609dbe5eed1b38629d2e6914a7a90521a9e5c08be5c892068ad7fd16e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-yandex-req-id: 1683133176610348-165628860620022261000234-production-app-host-vla-pcode-408
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 03 May 2023 17:59:36 GMT

GET
H2 200 pink-top.png
zn2.gnezdo.news/new-lenta/img/ 143 B
535 B 64ms
64ms Image
image/png 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/new-lenta/img/pink-top.png
Requested by: Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/new-lenta/style15.css?1234
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 91a23159638a846a426eb990ec53821e49518e78924d10f45ee5178ba44de83b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zn2.gnezdo.news/new-lenta/style15.css?1234
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Tue, 20 Aug 2019 12:24:00 GMT
server: nginx
etag: "5d5be660-8f"
content-type: image/png
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 143
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1644173_0904b2536f.jpg
zn2.gnezdo.news/img/300x300/173/ 20 KB
21 KB 64ms
62ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/img/300x300/173/1644173_0904b2536f.jpg
Requested by: Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: d7aa68953190a5bb9e15492c5550ee7efc76ba220d7a084cb5d8ffade389b10c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Sun, 30 Apr 2023 06:45:39 GMT
server: nginx
etag: "644e0e93-509c"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 20636
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 like.png
zn2.gnezdo.news/new-lenta/img/ 684 B
1 KB 66ms
63ms Image
image/png 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/new-lenta/img/like.png
Requested by: Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/new-lenta/style15.css?1234
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: b59d5d931ece7fab4c2378e6e3979c793f6e52e8a1bc6e7c1fa569e03d96f49f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zn2.gnezdo.news/new-lenta/style15.css?1234
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Thu, 28 Jun 2018 10:56:00 GMT
server: nginx
etag: "5b34bec0-2ac"
content-type: image/png
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 684
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 close.png
zn2.gnezdo.news/new-lenta/img/ 276 B
668 B 67ms
63ms Image
image/png 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/new-lenta/img/close.png
Requested by: Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/new-lenta/style15.css?1234
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 9b6b5e0c551bac6ccde502c3bf5c75d1efe6b1da975c0d251a4a17b8adcc74a5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://zn2.gnezdo.news/new-lenta/style15.css?1234
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Thu, 28 Jun 2018 10:56:00 GMT
server: nginx
etag: "5b34bec0-114"
content-type: image/png
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 276
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1459951_f98ad461f6.jpg
zn2.gnezdo.news/img/280x217/951/ 20 KB
20 KB 67ms
64ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/img/280x217/951/1459951_f98ad461f6.jpg
Requested by: Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: b27c88e59e3c34b7ecc8b0bca38a4c8daea60d855199772825cc70933b6e08b9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Thu, 10 Nov 2022 19:45:50 GMT
server: nginx
etag: "636d54ee-4e0c"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 19980
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1612208_c5eee1b336.jpg
zn2.gnezdo.news/img/280x217/208/ 11 KB
12 KB 67ms
64ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/img/280x217/208/1612208_c5eee1b336.jpg
Requested by: Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 43085076f8ac89a718facb1251c109394aa6d00bcfe5c00b090e0e92d5cab3d9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Sun, 26 Mar 2023 16:30:48 GMT
server: nginx
etag: "64207338-2d51"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 11601
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1644293_300af99ca8.jpg
zn2.gnezdo.news/img/300x300/293/ 20 KB
21 KB 68ms
65ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/img/300x300/293/1644293_300af99ca8.jpg
Requested by: Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 8223f2b1572b76ed0add5d9faa441a3d703efc6d4b53a51e62cef062f67b895c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Mon, 01 May 2023 09:23:18 GMT
server: nginx
etag: "644f8506-50a9"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 20649
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1555786_c5c44a045d.jpg
zn2.gnezdo.news/img/280x217/786/ 15 KB
16 KB 70ms
67ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/img/280x217/786/1555786_c5c44a045d.jpg
Requested by: Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 8cf14336f076f6387afbbfdb7fadb701aa3cc10b33b9d0e94ed9eb2a4bfd4eb4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Sun, 05 Feb 2023 08:55:21 GMT
server: nginx
etag: "63df6ef9-3d49"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 15689
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1225231_cdc9e3ef11.jpg
zn2.gnezdo.news/img/280x217/231/ 15 KB
16 KB 70ms
68ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/img/280x217/231/1225231_cdc9e3ef11.jpg
Requested by: Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: ad076dbee5c759d0d08c259e427eca036bbe2e8415ec75f2fb0215edc8928543

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Mon, 15 Nov 2021 05:53:00 GMT
server: nginx
etag: "6191f5bc-3de4"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 15844
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1618603_742a6fe928.jpg
zn2.gnezdo.news/img/280x217/603/ 9 KB
10 KB 125ms
123ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/img/280x217/603/1618603_742a6fe928.jpg
Requested by: Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 0c51922d39f4e8913387848d2f7600901561b07d0bd9acef3206671bc0659791

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Tue, 04 Apr 2023 04:02:34 GMT
server: nginx
etag: "642ba15a-25bd"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 9661
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1635548_2f18b83086.jpg
zn2.gnezdo.news/img/280x217/548/ 10 KB
10 KB 126ms
124ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/img/280x217/548/1635548_2f18b83086.jpg
Requested by: Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: f0afe0bd0f2d59875ff57857b9b8a91d8708ade1f6da6345828040de1e7e2001

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Tue, 18 Apr 2023 18:40:39 GMT
server: nginx
etag: "643ee427-2757"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 10071
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1280952_6cf4b44735.jpg
zn2.gnezdo.news/img/280x217/952/ 11 KB
12 KB 127ms
125ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/img/280x217/952/1280952_6cf4b44735.jpg
Requested by: Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: be450e094e932689916b0c110039b96d637600afba33dd944f6de2e5785c9d52

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Wed, 30 Mar 2022 08:43:19 GMT
server: nginx
etag: "62441827-2cfa"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 11514
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1284000_c02cd0d572.jpg
zn2.gnezdo.news/img/280x217/000/ 14 KB
14 KB 127ms
125ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/img/280x217/000/1284000_c02cd0d572.jpg
Requested by: Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: cd92f193fddd517bcc9c198f23212c47a4092e956f933cfa1ab49ae9842195c0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Sat, 09 Apr 2022 16:02:26 GMT
server: nginx
etag: "6251ae12-3689"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 13961
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1221868_a9cbb655a7.jpg
zn2.gnezdo.news/img/300x300/868/ 20 KB
20 KB 129ms
127ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/img/300x300/868/1221868_a9cbb655a7.jpg
Requested by: Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 29d689e2c07242937a9cac560a6fd47d35a09d9ee875f829a441152626adc4cf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Sat, 06 Nov 2021 07:58:00 GMT
server: nginx
etag: "61863588-4e08"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 19976
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1190423_342308e709.jpg
zn2.gnezdo.news/img/280x217/423/ 19 KB
19 KB 129ms
127ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/img/280x217/423/1190423_342308e709.jpg
Requested by: Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: cd87d1a1b32bb7c979ee4390800a505e8ed619f4686ef9cefccc575e17f66593

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Wed, 01 Sep 2021 20:25:00 GMT
server: nginx
etag: "612fe19c-4c1e"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 19486
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 9 KB
10 KB 96ms
26ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bddd7c9debeee9bccc8d6a0f0990743d3db200fe23fc08dbad9e60a007e52919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news.gnezdo.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 19:37:47 GMT
x-content-type-options: nosniff
age: 336109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9692
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:44:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 19:37:47 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 100ms
31ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news.gnezdo.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 23:01:51 GMT
x-content-type-options: nosniff
age: 323865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 23:01:51 GMT

GET
H2 200 1644173_0904b2536f.jpg
zn2.gnezdo.news/img/300x300/173/ 20 KB
21 KB 262ms
135ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/img/300x300/173/1644173_0904b2536f.jpg
Requested by: Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: d7aa68953190a5bb9e15492c5550ee7efc76ba220d7a084cb5d8ffade389b10c

Request headers

Referer: https://news.gnezdo.ru/
Origin: https://news.gnezdo.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Sun, 30 Apr 2023 06:45:39 GMT
server: nginx
etag: "644e0e93-509c"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 20636
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1459951_f98ad461f6.jpg
zn2.gnezdo.news/img/280x217/951/ 20 KB
20 KB 372ms
245ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/img/280x217/951/1459951_f98ad461f6.jpg
Requested by: Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: b27c88e59e3c34b7ecc8b0bca38a4c8daea60d855199772825cc70933b6e08b9

Request headers

Referer: https://news.gnezdo.ru/
Origin: https://news.gnezdo.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Thu, 10 Nov 2022 19:45:50 GMT
server: nginx
etag: "636d54ee-4e0c"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 19980
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1612208_c5eee1b336.jpg
zn2.gnezdo.news/img/280x217/208/ 11 KB
12 KB 383ms
256ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/img/280x217/208/1612208_c5eee1b336.jpg
Requested by: Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 43085076f8ac89a718facb1251c109394aa6d00bcfe5c00b090e0e92d5cab3d9

Request headers

Referer: https://news.gnezdo.ru/
Origin: https://news.gnezdo.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Sun, 26 Mar 2023 16:30:48 GMT
server: nginx
etag: "64207338-2d51"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 11601
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1644293_300af99ca8.jpg
zn2.gnezdo.news/img/300x300/293/ 20 KB
21 KB 379ms
253ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/img/300x300/293/1644293_300af99ca8.jpg
Requested by: Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 8223f2b1572b76ed0add5d9faa441a3d703efc6d4b53a51e62cef062f67b895c

Request headers

Referer: https://news.gnezdo.ru/
Origin: https://news.gnezdo.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Mon, 01 May 2023 09:23:18 GMT
server: nginx
etag: "644f8506-50a9"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 20649
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1555786_c5c44a045d.jpg
zn2.gnezdo.news/img/280x217/786/ 15 KB
16 KB 385ms
259ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/img/280x217/786/1555786_c5c44a045d.jpg
Requested by: Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 8cf14336f076f6387afbbfdb7fadb701aa3cc10b33b9d0e94ed9eb2a4bfd4eb4

Request headers

Referer: https://news.gnezdo.ru/
Origin: https://news.gnezdo.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Sun, 05 Feb 2023 08:55:21 GMT
server: nginx
etag: "63df6ef9-3d49"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 15689
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1225231_cdc9e3ef11.jpg
zn2.gnezdo.news/img/280x217/231/ 15 KB
16 KB 384ms
257ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/img/280x217/231/1225231_cdc9e3ef11.jpg
Requested by: Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: ad076dbee5c759d0d08c259e427eca036bbe2e8415ec75f2fb0215edc8928543

Request headers

Referer: https://news.gnezdo.ru/
Origin: https://news.gnezdo.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Mon, 15 Nov 2021 05:53:00 GMT
server: nginx
etag: "6191f5bc-3de4"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 15844
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1618603_742a6fe928.jpg
zn2.gnezdo.news/img/280x217/603/ 9 KB
10 KB 386ms
260ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/img/280x217/603/1618603_742a6fe928.jpg
Requested by: Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 0c51922d39f4e8913387848d2f7600901561b07d0bd9acef3206671bc0659791

Request headers

Referer: https://news.gnezdo.ru/
Origin: https://news.gnezdo.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Tue, 04 Apr 2023 04:02:34 GMT
server: nginx
etag: "642ba15a-25bd"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 9661
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1635548_2f18b83086.jpg
zn2.gnezdo.news/img/280x217/548/ 10 KB
10 KB 379ms
254ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/img/280x217/548/1635548_2f18b83086.jpg
Requested by: Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: f0afe0bd0f2d59875ff57857b9b8a91d8708ade1f6da6345828040de1e7e2001

Request headers

Referer: https://news.gnezdo.ru/
Origin: https://news.gnezdo.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Tue, 18 Apr 2023 18:40:39 GMT
server: nginx
etag: "643ee427-2757"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 10071
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1280952_6cf4b44735.jpg
zn2.gnezdo.news/img/280x217/952/ 11 KB
12 KB 380ms
255ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/img/280x217/952/1280952_6cf4b44735.jpg
Requested by: Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: be450e094e932689916b0c110039b96d637600afba33dd944f6de2e5785c9d52

Request headers

Referer: https://news.gnezdo.ru/
Origin: https://news.gnezdo.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Wed, 30 Mar 2022 08:43:19 GMT
server: nginx
etag: "62441827-2cfa"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 11514
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1284000_c02cd0d572.jpg
zn2.gnezdo.news/img/280x217/000/ 14 KB
14 KB 376ms
251ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/img/280x217/000/1284000_c02cd0d572.jpg
Requested by: Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: cd92f193fddd517bcc9c198f23212c47a4092e956f933cfa1ab49ae9842195c0

Request headers

Referer: https://news.gnezdo.ru/
Origin: https://news.gnezdo.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Sat, 09 Apr 2022 16:02:26 GMT
server: nginx
etag: "6251ae12-3689"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 13961
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1221868_a9cbb655a7.jpg
zn2.gnezdo.news/img/300x300/868/ 20 KB
20 KB 373ms
249ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/img/300x300/868/1221868_a9cbb655a7.jpg
Requested by: Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 29d689e2c07242937a9cac560a6fd47d35a09d9ee875f829a441152626adc4cf

Request headers

Referer: https://news.gnezdo.ru/
Origin: https://news.gnezdo.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Sat, 06 Nov 2021 07:58:00 GMT
server: nginx
etag: "61863588-4e08"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 19976
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1190423_342308e709.jpg
zn2.gnezdo.news/img/280x217/423/ 19 KB
19 KB 375ms
250ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.gnezdo.news/img/280x217/423/1190423_342308e709.jpg
Requested by: Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: cd87d1a1b32bb7c979ee4390800a505e8ed619f4686ef9cefccc575e17f66593

Request headers

Referer: https://news.gnezdo.ru/
Origin: https://news.gnezdo.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
last-modified: Wed, 01 Sep 2021 20:25:00 GMT
server: nginx
etag: "612fe19c-4c1e"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 19486
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fp.min.js Show response
news.gnezdo.ru/fingerprintjs/dist/ 33 KB
14 KB 69ms
68ms Script
application/javascript 93.95.103.233
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://news.gnezdo.ru/fingerprintjs/dist/fp.min.js
Requested by: Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/gnezdo_news_tracker_new.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.103.233 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: awesome.pamaquine.org
Software: nginx /
Resource Hash: 6f9a1e4f25be62559029ac5328a4c91d86c3123573d6f00d150f54884072965b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
content-encoding: gzip
last-modified: Fri, 14 Apr 2023 10:33:04 GMT
server: nginx
etag: "85ae-5f9495dc76806-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 14322

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fnews.gnezdo.ru%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3Aiwhcse2c9umawgksp9hl0f%3Afp%3A830%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fnews.gnezdo.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Aiwhcse2c9umawgksp9hl0f%3Afp%3A830%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-U...

264 B
393 B

71ms
70ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fnews.gnezdo.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Aiwhcse2c9umawgksp9hl0f%3Afp%3A830%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A2%3Adp%3A0%3Als%3A1189291761604%3Ahid%3A84011620%3Az%3A0%3Ai%3A20230503165936%3Aet%3A1683133177%3Ac%3A1%3Arn%3A1132057%3Arqn%3A1%3Au%3A1683133177929862929%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A1%2C134%2C106%2C1%2C136%2C0%2C%2C440%2C7%2C%2C%2C%2C821%3Aco%3A0%3Acpf%3A1%3Ans%3A1683133175638%3Ast%3A1683133177&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f632cbe0ff8594d601ed4fc03f5cdc54400ff3c9c987bc4bd5aed25ec71d7897

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 16:59:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 03-May-2023 16:59:36 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://news.gnezdo.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 264
x-xss-protection: 1; mode=block
expires: Wed, 03-May-2023 16:59:36 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 May 2023 16:59:36 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 03-May-2023 16:59:36 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Fnews.gnezdo.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Aiwhcse2c9umawgksp9hl0f%3Afp%3A830%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A2%3Adp%3A0%3Als%3A1189291761604%3Ahid%3A84011620%3Az%3A0%3Ai%3A20230503165936%3Aet%3A1683133177%3Ac%3A1%3Arn%3A1132057%3Arqn%3A1%3Au%3A1683133177929862929%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A1%2C134%2C106%2C1%2C136%2C0%2C%2C440%2C7%2C%2C%2C%2C821%3Aco%3A0%3Acpf%3A1%3Ans%3A1683133175638%3Ast%3A1683133177&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://news.gnezdo.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 03-May-2023 16:59:36 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
188 B 236ms
102ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 02 May 2023 15:04:13 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6450fc3d-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 03 May 2023 17:59:36 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/11859022/
Redirect Chain

https://mc.yandex.ru/watch/11859022?wmode=7&page-url=https%3A%2F%2Fnews.gnezdo.ru%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22gnez...
https://mc.yandex.ru/watch/11859022/1?wmode=7&page-url=https%3A%2F%2Fnews.gnezdo.ru%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22gn...

428 B
464 B

73ms
72ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/11859022/1?wmode=7&page-url=https%3A%2F%2Fnews.gnezdo.ru%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22gnezdoGroupId%22%3A%220%22%2C%22gnezdoSubId%22%3A0%2C%22gnezdoADGender%22%3A%22%22%2C%22gnezdoADAge%22%3A%22%22%2C%22gnezdoAIDGender%22%3A%22%22%2C%22gnezdoAIDAge%22%3A%22%22%2C%22gnezdoWBGender%22%3A%22%22%2C%22gnezdoWBAge%22%3A%22%22%2C%22gnezdoIp%22%3A%22178.33.144.179%22%2C%22gnezdoFP%22%3A%22%22%2C%22gnezdoDevice%22%3A%22desktop%22%2C%22gnezdoOs%22%3A%22windows%22%2C%22gnezdoBrowser%22%3A%22chrome%22%2C%22gnezdoBrowserV%22%3A%22113.0%22%2C%22gnezdoLentaId%22%3A%22def%22%7D&ut=noindex&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aiwhcse2c9umawgksp9hl0f%3Afp%3A830%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A1%3Adp%3A0%3Als%3A1333367250813%3Ahid%3A84011620%3Az%3A0%3Ai%3A20230503165936%3Aet%3A1683133177%3Ac%3A1%3Arn%3A368248901%3Arqn%3A1%3Au%3A1683133177929862929%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A1%2C134%2C106%2C1%2C136%2C0%2C%2C440%2C7%2C%2C%2C%2C821%3Aco%3A0%3Acpf%3A1%3Ans%3A1683133175638%3Arqnl%3A1%3Ast%3A1683133177%3At%3AGnezdo.ru&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f8ef92580507b6951324682c554dab70b4cf56d018aed4c11605628c0d897e72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 16:59:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 03-May-2023 16:59:36 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://news.gnezdo.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 428
x-xss-protection: 1; mode=block
expires: Wed, 03-May-2023 16:59:36 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 May 2023 16:59:36 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 03-May-2023 16:59:36 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/11859022/1?wmode=7&page-url=https%3A%2F%2Fnews.gnezdo.ru%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22gnezdoGroupId%22%3A%220%22%2C%22gnezdoSubId%22%3A0%2C%22gnezdoADGender%22%3A%22%22%2C%22gnezdoADAge%22%3A%22%22%2C%22gnezdoAIDGender%22%3A%22%22%2C%22gnezdoAIDAge%22%3A%22%22%2C%22gnezdoWBGender%22%3A%22%22%2C%22gnezdoWBAge%22%3A%22%22%2C%22gnezdoIp%22%3A%22178.33.144.179%22%2C%22gnezdoFP%22%3A%22%22%2C%22gnezdoDevice%22%3A%22desktop%22%2C%22gnezdoOs%22%3A%22windows%22%2C%22gnezdoBrowser%22%3A%22chrome%22%2C%22gnezdoBrowserV%22%3A%22113.0%22%2C%22gnezdoLentaId%22%3A%22def%22%7D&ut=noindex&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aiwhcse2c9umawgksp9hl0f%3Afp%3A830%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A1%3Adp%3A0%3Als%3A1333367250813%3Ahid%3A84011620%3Az%3A0%3Ai%3A20230503165936%3Aet%3A1683133177%3Ac%3A1%3Arn%3A368248901%3Arqn%3A1%3Au%3A1683133177929862929%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A1%2C134%2C106%2C1%2C136%2C0%2C%2C440%2C7%2C%2C%2C%2C821%3Aco%3A0%3Acpf%3A1%3Ans%3A1683133175638%3Arqnl%3A1%3Ast%3A1683133177%3At%3AGnezdo.ru&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://news.gnezdo.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 03-May-2023 16:59:36 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 34ms
34ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1358052403&t=pageview&_s=1&dl=https%3A%2F%2Fnews.gnezdo.ru%2F&ul=en-us&de=UTF-8&dt=Gnezdo.ru&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1882364505&gjid=508404349&cid=1106698416.1683133177&tid=UA-5044672-6&_gid=148190266.1683133177&_r=1&_slc=1&z=684293610

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://news.gnezdo.ru/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 May 2023 16:59:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://news.gnezdo.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync.html Show response
cstatic.weborama.fr/iframe/ Frame 0446 336 B
313 B 21ms
20ms Document
text/html 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=news.gnezdo.ru&site=485736
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/js/products.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F35) /
Resource Hash: 3e1dac2792ab6c6adeef95c5e0d28ad832c837d58922fa4ceafa0ed3bd0f96a7

Request headers

Referer: https://news.gnezdo.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 491704
cache-control: max-age=604800
content-encoding: gzip
content-length: 207
content-type: text/html
date: Wed, 03 May 2023 16:59:36 GMT
etag: "282943589+gzip"
expires: Wed, 10 May 2023 16:59:36 GMT
last-modified: Mon, 20 Sep 2021 08:52:49 GMT
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
server: ECAcc (paa/6F35)
vary: Accept-Encoding
x-cache: HIT

GET
H2 200 topics.js Show response
cstatic.weborama.fr/js/topics/ 1 KB
749 B 20ms
19ms Script
text/javascript 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cstatic.weborama.fr/js/topics/topics.js
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/js/products.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F22) /
Resource Hash: daa6e706a0764c808758a080119ca8c914f453bb753686d2255518d7c3d93a84

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
content-encoding: gzip
last-modified: Thu, 30 Mar 2023 06:45:23 GMT
server: ECAcc (paa/6F22)
age: 554635
etag: "1327094998+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: max-age=604800
accept-ranges: bytes
content-length: 650
expires: Wed, 10 May 2023 16:59:36 GMT

GET
H/1.1

200
OK

comptage_wreport.fcgi
gnezdoruanalytics.solution.weborama.fr/fcgi-bin/
Redirect Chain

https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1683133176&ta=1600x1200&co=24&ref=
https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1683133176&ta=1600x1200&co=24&ref=&BOUNCE=OK

67 B
721 B

78ms
78ms

Image
image/gif

195.54.48.26
WEBORAMA Weborama...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1683133176&ta=1600x1200&co=24&ref=&BOUNCE=OK
Requested by: Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/
Protocol: HTTP/1.1
Server: 195.54.48.26 , France, ASN12516 (WEBORAMA Weborama provides Internet Services, FR),
Reverse DNS: aub-collect-lb-c03-02-vip.weborama.fr
Software: Apache /
Resource Hash: 09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
pragma: no-cache
date: Wed, 03 May 2023 16:59:36 GMT
cache-control: no-cache
server: Apache
transfer-encoding: chunked
content-type: image/gif

Redirect headers

location: https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1683133176&ta=1600x1200&co=24&ref=&BOUNCE=OK
date: Wed, 03 May 2023 16:59:36 GMT
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
server: Apache
content-length: 399
content-type: text/html; charset=iso-8859-1

GET
H3

204

collect
dx.frontend.weborama.com/
Redirect Chain

https://dx.frontend.weborama.com/collect?touchpoint=0&src=wai&site=485736&url=https%3A%2F%2Fnews.gnezdo.ru%2F
https://dx.frontend.weborama.com/collect?touchpoint=0&src=wai&site=485736&url=https%3A%2F%2Fnews.gnezdo.ru%2F&bounce=1&random=183568723
https://rd.frontend.weborama.fr/rd?key=wamsync
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=FAWMrqGXan8U

0
17 B

31ms
28ms

Image
text/plain

34.111.205.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx.frontend.weborama.com/collect?dsp_id=0&eid=FAWMrqGXan8U
Requested by: Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/
Protocol: H3
Server: 34.111.205.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.205.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 16:59:36 GMT
via: 1.1 google
last-modified: Wed, 03 May 2023 16:59:36 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 May 2023 16:59:36 GMT
via: 1.1 google
last-modified: Wed, 03 May 2023 16:59:36 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dx.frontend.weborama.com/collect?dsp_id=0&eid=FAWMrqGXan8U
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 external_libs.v2.js Show response
cstatic.weborama.fr/iframe/ Frame 0446 8 KB
3 KB 30ms
29ms Script
text/javascript 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cstatic.weborama.fr/iframe/external_libs.v2.js
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=news.gnezdo.ru&site=485736
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F55) /
Resource Hash: 724d685239669ac4db6763d8fc4ff79d629067941a7bc5b738ef8a46f3970df1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=news.gnezdo.ru&site=485736
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:36 GMT
content-encoding: gzip
last-modified: Tue, 24 Jan 2023 09:15:53 GMT
server: ECAcc (paa/6F55)
age: 113847
etag: "892405118+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: max-age=604800
accept-ranges: bytes
content-length: 3050
expires: Wed, 10 May 2023 16:59:36 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 86ms
32ms XHR
text/plain 2a00:1450:400c:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-5044672-6&cid=1106698416.1683133177&jid=1882364505&gjid=508404349&_gid=148190266.1683133177&_u=IEBAAEAAAAAAACAAI~&z=687810189

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://news.gnezdo.ru/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 03 May 2023 16:59:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://news.gnezdo.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 /
fcgi7.gnezdo.ru/e/ Frame 0
0 267ms
70ms Preflight
image/gif 93.95.103.98
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fcgi7.gnezdo.ru/e/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.103.98 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://news.gnezdo.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, Content-Type, Set-Cookie, X-Requested-With
access-control-allow-methods: GET, POST, HEAD
access-control-allow-origin: https://news.gnezdo.ru
content-type: image/gif; charset=windows-1251
date: Wed, 03 May 2023 16:59:36 GMT
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
server: nginx

POST
H2 200 / Show response
fcgi7.gnezdo.ru/e/ 43 B
285 B 68ms
65ms XHR
image/gif 93.95.103.98
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fcgi7.gnezdo.ru/e/
Requested by: Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/gnezdo_news_tracker_new.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.103.98 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: 521cf178bfe1383169f315ec950be6da0037bbf4f5c36713cb2c0460583bf4e8

Request headers

Referer: https://news.gnezdo.ru/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: aplication/json; charset=UTF-8

Response headers

access-control-allow-origin: https://news.gnezdo.ru
date: Wed, 03 May 2023 16:59:36 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Origin, Accept, Content-Type, Set-Cookie, X-Requested-With
access-control-allow-methods: GET, POST, HEAD
content-type: image/gif; charset=windows-1251

GET
H2 200 /
fcgi7.gnezdo.ru/e/ 43 B
286 B 264ms
68ms Image
image/gif 93.95.103.98
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcgi7.gnezdo.ru/e/?tr=1&dr=&du=https%3A//news.gnezdo.ru/&guid=XV9n6WRSkvdkO6pjMn5xAg==&tracker_id=lenta&fp=451746a5853b755fce21d69333b39e8c&0.07129078936391653
Requested by: Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.103.98 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin: https://news.gnezdo.ru
date: Wed, 03 May 2023 16:59:36 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Origin, Accept, Content-Type, Set-Cookie, X-Requested-With
access-control-allow-methods: GET, POST, HEAD
content-type: image/gif; charset=windows-1251

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
409 B 211ms
65ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-5044672-6&cid=1106698416.1683133177&jid=1882364505&_u=IEBAAEAAAAAAACAAI~&z=535531090

Requested by

Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 16:59:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
409 B 217ms
72ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-5044672-6&cid=1106698416.1683133177&jid=1882364505&_u=IEBAAEAAAAAAACAAI~&z=535531090

Requested by

Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 16:59:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9992.1mENAXIHp2fXKPIvieOc0GEQik3OhPPw6OI7tAA1QWucJPx7YkaH9fWi9mfd1qFB.HggO6W8PYSyIGuwtawhxU_MWe80%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=9992.8SePM8nrRF-0z-xSccOWl3NzSheAi3k-3QPq2JPu5b7-bARqIJDHKFYP3afVkrBLgeXIZM9MzcwhZocNZiwZTCIUMI0kvQpKsXF3d78imc6lHYv49JZNpBTzdjic5NG1rl72f1cn1...

43 B
509 B

75ms
75ms

Image
image/gif

154.47.36.101
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=9992.8SePM8nrRF-0z-xSccOWl3NzSheAi3k-3QPq2JPu5b7-bARqIJDHKFYP3afVkrBLgeXIZM9MzcwhZocNZiwZTCIUMI0kvQpKsXF3d78imc6lHYv49JZNpBTzdjic5NG1rl72f1cn1wN4bUrTtKRrUZ_vPZB3G7CgcBLFF60JhV6ldB925B7bjbkpcK1pPla68iT2lvjSEEI50VbiuT3p_pFuXg6ZeNxB74mqfTeywfs%2C.2B97BDZzwozsSc-mvOWsrM1gLlo%2C

Requested by

Host: news.gnezdo.ru
URL: https://news.gnezdo.ru/

Protocol

Server

154.47.36.101 , United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:37 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=9992.8SePM8nrRF-0z-xSccOWl3NzSheAi3k-3QPq2JPu5b7-bARqIJDHKFYP3afVkrBLgeXIZM9MzcwhZocNZiwZTCIUMI0kvQpKsXF3d78imc6lHYv49JZNpBTzdjic5NG1rl72f1cn1wN4bUrTtKRrUZ_vPZB3G7CgcBLFF60JhV6ldB925B7bjbkpcK1pPla68iT2lvjSEEI50VbiuT3p_pFuXg6ZeNxB74mqfTeywfs%2C.2B97BDZzwozsSc-mvOWsrM1gLlo%2C
date: Wed, 03 May 2023 16:59:37 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 6ce31435459c4b0ca6be.js Show response
yastatic.net/partner-code-bundles/765904/ 14 KB
5 KB 103ms
50ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/765904/6ce31435459c4b0ca6be.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

efbf8f483d0e84da8dac096f1896c6af14a3e35ab503cddd5d254389a133e063

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://news.gnezdo.ru/
Origin: https://news.gnezdo.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:37 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4774
last-modified: Tue, 02 May 2023 15:29:16 GMT
server: nginx/1.17.9
etag: "02db05f856fe8058394e9b5aad9482f8"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 02 May 2053 23:31:42 GMT

GET
H2 200 01a42d98a5833593221d.js Show response
yastatic.net/partner-code-bundles/765904/ 113 KB
24 KB 113ms
60ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/765904/01a42d98a5833593221d.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0ac68fe5450f1c163267a98c51b20199cd293a98aa3904df3f8129ae1b6cd660

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://news.gnezdo.ru/
Origin: https://news.gnezdo.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:37 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24131
last-modified: Tue, 02 May 2023 15:29:15 GMT
server: nginx/1.17.9
etag: "42a428bdb3d9ab5ee4d0973ca9a4cb4c"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 02 May 2053 23:31:42 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 113ms
66ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://news.gnezdo.ru/
Origin: https://news.gnezdo.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:37 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 02 May 2053 23:30:55 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 83ms
40ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://news.gnezdo.ru/
Origin: https://news.gnezdo.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:37 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 127dd0d3d1f144aa
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 May 2024 22:44:06 GMT

GET
H2 404 320977 Show response
an.yandex.ru/meta/ 29 B
423 B 79ms
79ms XHR
text/html 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/320977?target-ref=https%3A%2F%2Fnews.gnezdo.ru%2F&charset=utf-8&pcode-test-ids=764545%2C0%2C52%3B764765%2C0%2C42%3B763310%2C0%2C66%3B763288%2C0%2C17%3B755255%2C0%2C1%3B761617%2C0%2C18%3B734893%2C0%2C36%3B755660%2C0%2C20%3B764267%2C0%2C20%3B765904%2C0%2C23%3B681846%2C0%2C41&pcode-flags-map=eJylWNly2zYU%2FZWOnjspV5DMG0iCEkYkwQKgFSWTwaix6qj10nHsNE0m%2F94LgJZIyYa6vNgUpXNwcdcDfJtdYKHEgq0ULlWNc1KrinFFW5XjtiV89vrdt9nnzfXjdvZ6JnlPZj%2FOHrafHuglfEYoDKNk9v39jweajrOyL6RQrFUd7gVxMiR%2BFoWWgbQ4r4kiBWsOJDUVUhtzQUvC9AN8mzOFeTOh3X7544g1DmPDWlJhaAvWt1JxUlJOCk2Ju85tWeBFUbDfG2xENX0tKWd1DWyt1A%2BEqxWWxYKUStKGKFZVgkg3bxh4yZHPJJVgIm5LlbNyrSPRYY4bIoG%2FJBWGdSecFa7FlDRKInQg5UTytQ5AS%2BSK8aUinDN3KJMYRUm2ZxiCIQoMf2u6hMeeX5A1MK7AJEHnrZsOeUmYnND9Hw4hDccF4YKyKTJBURgGU2ycZZHB9i2tGS7BlTqxcTMJ%2B8P943YEi4I0zDwLg4ALYSrhCHOcbSMQRE4Q0iqWCwJbnbp8e7v55Xo7QYYoyOwOK%2FpGNbDWgtD5QqpWupeM4jDzDXANaUPeKN6rkjWYti5Y7CVBiPbr5ZwtwVhYS805LZ1IP4lT9OyCCkpMcpo74YHvIRuOt6QNVNVDEa1oKReKNnhOnNjIj1LvgH2q6JxxHVSOS9qLH%2F4hwxpru63BCtcrvBZuZJgMfi6rDupKdKyFxNDFzvppUQae502xkRfaPXcFK3ULAmgr3evFQDOkUsXAy0Tn7tN6irxxpgUsmSTBKZxWuqesdBFBdv4XhicDLnDdT6IVes%2Bja4J5qxrGoWIxp%2Fho35NijWPPG7zccco4lWuVr6Hnk1XHuNthKEFD7T3lxdDhC8GdwMxP0lFGUqEKDF1SKlwUECXh6BJxFsa%2BP8GaLBaQ0nKh3dThsqTt3E0SxZG13MwmSGW57ogK3VZHaRKPwtPwAvwkaE5r8Jp7uSxBLyL1sChqWizPrP7EYUahVQgKGmxFYQJSvYkKF%2B5qztJgGH%2FWjoHEDnjJzPCr8TrHxXI0Zl2UyAuiMJiEY0FMw4dxfzpmjtF%2BHCAbBz2XOKmgyheqZnNauHFpOLQ0MLOivNE5y0n7NGk6TnJ3U0XQFQN%2FkrwwdThkEkgVEBXgAd0oRcH1TBHCWfvIz%2FwoGiupI800CAl4UdGWSgJJWixBfjjrC0Wxh9DERNFgLtXPPemJJj9nVowQivdDXC446J0jy4w60RlIW%2BgvFGZofcaqxE%2BGiINAqQE6%2BB1Xuo5opcWTMlPfHYAkzVC2H%2FcVp0BTr5XF68nfuTc3xedLJehbZ%2FojlIVDlEYIYRJm6hX3ulnkJXsW6LWlZnBqYoTSCPnHK6sGFDF2rxUEnvX1KBm1XtAabimZ20MpivzwqUpg7IKqh61C0ijQwVYHmL5jR%2FrpkeOEL0nD013IuXsPEKbUH9fGQYI%2B43rTxs%2BdMVAWoEFU2IoQS9opyU3fOtdJEYjT0IKPlq5qplVqOUjmMyTpUAUvkZjkmnD8uvuibjZf1Mft7urjwwt05nSkliTHuQKh6DxqeTCRJqVoq3m1gCwZJUwLk9X0yXkPXVnlvT6MFYReuCs08b1oGHicK9ugZQ%2FKwla6cbRpKv18ceagCUy2VGv8dm2agzK6bAz7Nvt1%2B%2FDhY7O5v9rdzl77Maibm7tfdtdb8WFzvbu9mr0Ovk9YYxhnoySwbRFkmsprnQn6%2FDpe4N3sZrO7fnX%2FCLb9tbm93H6B5592N5ur7afJq6vNjXlz%2BXV7a3%2B%2B%2Bbx7uLOPN69GHy5vd8NbzbxngBf3m6%2FXd18%2FDl9%2Fvbf%2FH%2B83r263f346%2BcFvm7ubnYG%2Bf36L44o7hNYdPvSU5xOwzk98JvCAtCXbYglpAp2Kz4d%2BpSSeO3U7TIdg1OwqAinHCS4knBzPAOPQC07lCW07GMtan%2FxLcZKEKETpi4SjdgT9w%2B3LA5Mgcj%2FODU3bN%2FkZO2I%2FTGwkzK2MuQEBJEzdnBR23Bk56O45QJN4Qz2ShkFY%2BtaUErk4c7SB03yaWqSN4dG0rWm7dIcGFJeX7Q%2BveoSA8jyu4FNU4PkjmQbtx94HQbPSYXRjQ1Aae%2B1Ss3YOqYvn%2BtKmr0utDsB82%2Ff17c%2FJ4eiZKw0Q%2FfGwh9poFXtwAOlY1FgIraT5GTdECTpPAd17chyYXd%2Fd%2Ff5feE425T1PolO446yZCpcPD9dHHg19b%2Fp7FbobAQqDND2BPHuqvLrfXO62tw8v4I%2Bn5GE6DWU4esM63SuGHzfMXZlxHMTxicjRSvfZE8iJU3zkD0MEktreHClJGmg1kjiRYZRmVl3NIa0DqOZ6fcZShLwTS03kbWs%2BHMApFAjD%2FExwomC4dzSz9PjKS1%2FDedHxxZyn6%2FH73xCwm%2B8%3D&pcode-icookie=0rLJXGN3jUJVn%2Ftl9N9MpXfZcMMKi2v3t3Q2ZajW%2B80uVtGvRN31GXkwOYaOy9tywKm%2FPLnpXbcjgE9fTbMlVIiV7fM%3D&duid=MTY4MzEzMzE3NzkyOTg2MjkyOQ%3D%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=536561674354690&ad-session-id=5358391683133177056&target-id=46819344&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fnews.gnezdo.ru&top-ancestor-undetermined=0&pcode-version=765904&pcodever=765904&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22supportHDRBrightness%22%3Afalse%2C%22isInIframe%22%3Afalse%2C%22w%22%3A801%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A1839%2C%22top%22%3A1091%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=1888&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxOH0KEqeykOWo6yIYqEOFcl5WmqpNF4tmqZWrVrVqCiezFW4HTwdXalNzTnzcLEeNwO2qVqxEFLV_PvP884AeMsAVRhgyJ87evLorulST-RmCIoQwwggj-CqEuhi2UWvRKBFTFvQCdMEo6BWxiUSlN6QmkjgxpiZVpDLEKQpFkznzm8yZhUxrhJOajBEIldSQqNVgUjdPrKFGykmq1alinep8icNr0IKoPYQ5QUpPH-uUYDPTjHTUaS1YHl7xi3Dkk7RALxKPsEiKuPgewcF41VPUwj5ITgkduoAXQQkKd3wndNIE5-Z62IXj0MY6v_gsEk_RbMMss5kfKRIYI38h59OoI2NMlrhOpCY1caJLC5RnYXnyznQs2B5OEdTnZp-H_Vw4JvMoQpL8MBWVLiZSUxkidWeFeNAG5kyJC0ZCmTrWuk0pUxNxWoDIaTxFCT2C-pfDWkSPllXCIvqpkurJPZg7XnzmP437fzmevBb-__PP4Z-81IMBhslMjBJtArEY9Umko2J0qSqCHWuqUaskM8RMzKrmvZH9ju2hlqA-Pv7NKnmsj-LhKzzsOvr3WfAgwz4pr_9x3Uu04pNXyrP8A1Z7S3XKwlMKIYlMrSRzUmE4WP7zDRn1hB55u6DYKEUz2oPvLOGhpbMUrymH5w1OluPh96VN7gTOADPj1htlykGcaFS61maEWo3WSEoSTzMZHLYrGTyK0YE91tsS7_nkvQNrXchovYH65RHOCJw-8iAETbt6wN_VMB8jfDQ4dg9jfd5t_N3G3nIE9VhizzFu8Z-5x73xzqwWi8XeGZAjo1JNu0vXVE_mjEz0dPwHHc73WbQXjTovJORtuNDD_8KnIPwO8ffKWufpewQNGef8qz99HsaoyPfbOAcWnISutWz1nnJq94zs5-Nd3cJub3-gxXcntFZPlqNk5S32wm7rHc1rFyRNs41rqQXY1R_bk9r5AcwJc1dgfuuqoD1pvXRW29r5UpflQ7LK9QYyu_RP-ivwaTbBbg3rAg9OknCl8xftr4Sn1Sc60CMVTSofbiKQ-dCrR0RRV5a9INEs5yqQh5f12-Xp6ttceXbPYh7fpsrZHLvvrx3D87rXCyDM2PhZNG_SIoBY3YFbx3Ccm9qau4O1CiTokB0O0URYK790NB_Gwmt7XOp3FHauQG93NtL1XcAIK_F7XdhpbDwqgO1L4cmK26CYj62lCa-waf8eqMnNN6Q1y0lel03udza4tQBJX2h_3C6BIrG9n6Krj-VWP9uZdf-x-yf-x9VocVjNCCH1zsghisnDOy9nXs297biFk6Yi18epT09OPPkmWJkJ6M8DyooDN7eEaFhx-lHRBF4Wd5sKwK6Egtkox-2uSyW0XMHltFsG_fmCIZ1ljhBqRPPjfznIstxdNQTWXKrIcuN25LtfSt22yJ0maJ_po_KDoX4FvRBWRvS2YPSk1pXbccmyL4dt8zpIarVSo4-NEY1mKNB2QjjxK2l7s2ZXWUaYZ0-QxRvUKZmLVG75iZsrjt_wcLb7hifoYdmsoKVdzik5DsFUtBa0QeAvfejopc3_8GNDDMGSbttnOXYX_oOgbdYhs1xv2V0EjdLkNjhnU_BRkI1hRuOi0u9EzPnY63V_CYbxZFwryXl77Af1DnPCD3a4YuhSnPUOEgQMtv3PCBqoL-1zBzQj_t8cHozO6a59L7cQ5t6yTquS1yxv-NP7SRyry4uCZrW7Gurm3MNlOxvMV_kbvMiBPAcaXQQufINSzzR7Zg9SIq3GWMHDwcPBwwEwcFcdBmi3Xo-ACB6ohgg0cOBGcA2gIHIA1gaQspkzwJvmAVgJyA%3D%3D&uniformat=true&callback=Ya%5B1395686973996%5D

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

fddb6fcfd2c86ef930d5427c3e664c6243d0fe3e9fda457e47a8bc5a852e0fc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.gnezdo.ru/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 03 May 2023 16:59:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 03 May 2023 16:59:37 GMT
x-yandex-req-id: 1683133177107101-1113231094336826150900154-production-app-host-vla-pcode-69
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://news.gnezdo.ru
content-type: text/html; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 03 May 2023 16:59:37 GMT

GET
H2 200 f5668030dddf1767d377.js Show response
yastatic.net/partner-code-bundles/765904/ 23 KB
8 KB 74ms
71ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/765904/f5668030dddf1767d377.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

2c4b64f32c77ae51fa901a3250abfebd5cb0e8e7717655d6cf4547d407d0d698

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://news.gnezdo.ru/
Origin: https://news.gnezdo.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:37 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7930
last-modified: Tue, 02 May 2023 15:29:17 GMT
server: nginx/1.17.9
etag: "b3772a96b85e077d945e94301f079ba7"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 02 May 2053 23:31:42 GMT

GET
H2 200 8f2e3924a1b3d16038ff.js Show response
yastatic.net/partner-code-bundles/765904/ 7 KB
3 KB 73ms
70ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/765904/8f2e3924a1b3d16038ff.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e7dc95d4d7f805b5894b65cc10edb717111758393e098f07748925578d436d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://news.gnezdo.ru/
Origin: https://news.gnezdo.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:37 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 2070
last-modified: Tue, 02 May 2023 15:29:16 GMT
server: nginx/1.17.9
etag: "a47699bb5be9ad06812ffaa5f2406111"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 02 May 2053 23:31:42 GMT

GET
H2 200 b9113c78a67603c14d5c.js Show response
yastatic.net/partner-code-bundles/765904/ 617 KB
118 KB 29ms
29ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/765904/b9113c78a67603c14d5c.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

5e570ead59f0431f865696aabc8d0e22f5ef151d010b11c0446fe46fcc9033f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://news.gnezdo.ru/
Origin: https://news.gnezdo.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:37 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 119931
last-modified: Tue, 02 May 2023 15:29:16 GMT
server: nginx/1.17.9
etag: "5f4ac2da802f7d29bb27bfe645ae8f1a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 02 May 2053 23:31:42 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/11859022/ 43 B
149 B 70ms
69ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/11859022/1?page-url=https%3A%2F%2Fnews.gnezdo.ru%2F&charset=utf-8&ut=noindex&hittoken=1683133176_2cacc1a3961298fdc9c4552ac783651484b9ff636b02d09e0839548e5293d4da&browser-info=pa%3A1%3Aar%3A1%3Avf%3Aiwhcse2c9umawgksp9hl0f%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A1%3Adp%3A1%3Als%3A1333367250813%3Ahid%3A84011620%3Az%3A0%3Ai%3A20230503165937%3Aet%3A1683133177%3Ac%3A1%3Arn%3A933186257%3Arqn%3A2%3Au%3A1683133177929862929%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1683133175638%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1683133177&t=gdpr(14)clc(0-0-0)rqnt(2)aw(1)ti(2)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.gnezdo.ru/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 03 May 2023 16:59:37 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 03-May-2023 16:59:37 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://news.gnezdo.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-May-2023 16:59:37 GMT

GET
H2 200 sync Show response
ds.frontend.weborama.fr/ Frame 0446 2 KB
2 KB 74ms
27ms Script
application/javascript 34.149.247.216
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ds.frontend.weborama.fr/sync?key=all&src=products.js&site=485736&v=20230118&callback=Utils.handleDataSync&ref=news.gnezdo.ru
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.247.216 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 216.247.149.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: 3a8a901798a60bfc07d310c3c35ae779e981e4c42d3c3e0e12263a4c774afac6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 16:59:37 GMT
via: 1.1 google
last-modified: Wed, 03 May 2023 16:59:37 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1950
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 320977 Show response
mc.yandex.ru/watch/ 399 B
882 B 69ms
69ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/320977?wmode=7&page-url=https%3A%2F%2Fnews.gnezdo.ru%2F&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aiwhcse2c9umawgksp9hl0f%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A3%3Adp%3A1%3Als%3A1045366970863%3Ahid%3A84011620%3Az%3A0%3Ai%3A20230503165937%3Aet%3A1683133177%3Ac%3A1%3Arn%3A948308981%3Au%3A1683133177929862929%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1683133175638%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1683133177%3At%3AGnezdo.ru&t=gdpr(14)mc(p-1)clc(0-0-0)lt(6000)aw(1)ti(2)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

c9797801cfb2ff6da8959771f9f8980f7e8b9fbb6fbb28feaa1b728d05e7ef7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 16:59:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 03-May-2023 16:59:37 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://news.gnezdo.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 399
x-xss-protection: 1; mode=block
expires: Wed, 03-May-2023 16:59:37 GMT

GET
H2

200

/ Show response
loadus.exelator.com/load/ Frame BAF0
Redirect Chain

https://loadus.exelator.com/load/?p=204&g=1020&j=w
https://loadus.exelator.com/load/?p=204&g=1020&j=w&xl8blockcheck=1

205 B
1023 B

33ms
33ms

Document
text/html

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://loadus.exelator.com/load/?p=204&g=1020&j=w&xl8blockcheck=1
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: c039e010b07d3995fb45f4f95cfee7853a414eb7a940617faf98fae5f3a85f1c

Request headers

Referer: https://cstatic.weborama.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials: true
cache-control: no-cache
content-type: text/html;charset=UTF-8
date: Wed, 03 May 2023 16:59:37 GMT
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
server: nginx
x-powered-by: Undertow/1

Redirect headers

access-control-allow-credentials: true
cache-control: no-cache
content-length: 0
content-type: image/gif
date: Wed, 03 May 2023 16:59:37 GMT
location: https://loadus.exelator.com/load/?p=204&g=1020&j=w&xl8blockcheck=1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
server: nginx
x-powered-by: Undertow/1

GET
H2 200 prx Show response
bsd.frontend.weborama.fr/ Frame 0446 25 B
361 B 78ms
30ms Script
application/javascript 34.107.182.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://bsd.frontend.weborama.fr/prx?callback=Utils.handleDataSync
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.182.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.182.107.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: d05d4d69100284cb991eb0227b0859cc2942030d0ba419eee2e4aa55293b96db

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 16:59:36 GMT
via: 1.1 google
last-modified: Wed, 03 May 2023 16:59:37 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

transp.gif
cstatic.weborama.fr/ Frame 0446
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm=&google_tc=
https://wam-google.solution.weborama.fr/pixel?google_error=15
https://cstatic.weborama.fr/transp.gif?google_error=15

67 B
213 B

20ms
19ms

Image
image/gif

93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cstatic.weborama.fr/transp.gif?google_error=15
Protocol: H2
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F0D) /
Resource Hash: 09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:37 GMT
last-modified: Wed, 28 Mar 2007 16:51:29 GMT
server: ECAcc (paa/6F0D)
age: 491331
etag: "378373511"
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: max-age=604800
accept-ranges: bytes
content-length: 67
expires: Wed, 10 May 2023 16:59:37 GMT

Redirect headers

location: https://cstatic.weborama.fr/transp.gif?google_error=15
date: Wed, 03 May 2023 16:59:37 GMT
server: Apache
content-length: 262
content-type: text/html; charset=iso-8859-1

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 0446
Redirect Chain

https://secure.adnxs.com/getuid?https://idsync.frontend.weborama.fr/ids?key=appnexus&value=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dappnexus%26value%3D%24UID
https://idsync.frontend.weborama.fr/ids?key=appnexus&value=8969514934376035788

0
46 B

58ms
26ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=appnexus&value=8969514934376035788
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 16:59:36 GMT
via: 1.1 google
last-modified: Wed, 03 May 2023 16:59:37 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

Date: Wed, 03 May 2023 16:59:37 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.33.144.179; 178.33.144.179; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 28f40b66-9608-4172-8b28-abc85ef381bc
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://idsync.frontend.weborama.fr/ids?key=appnexus&value=8969514934376035788
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

204

ids
idsync.frontend.weborama.fr/ Frame 0446
Redirect Chain

https://rtd-tm.everesttech.net/upi/pid/I4EAHwnE?redir=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dtubemogul%26value%3D%24%7BUSER_ID%7D
https://rtd-tm.everesttech.net/ct/upi/pid/I4EAHwnE?redir=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dtubemogul%26value%3D%24%7BUSER_ID%7D&_test=ZFKS_QAF5etAdgAf
https://idsync.frontend.weborama.fr/ids?key=tubemogul&value=ZFKS_QAF5etAdgAf

0
17 B

26ms
26ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=tubemogul&value=ZFKS_QAF5etAdgAf
Protocol: H3
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 16:59:36 GMT
via: 1.1 google
last-modified: Wed, 03 May 2023 16:59:37 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

x-served-by: cache-lcy-eglc8600052-LCY
pragma: no-cache
date: Wed, 03 May 2023 16:59:37 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1683133177.434793,VS0,VE81
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://idsync.frontend.weborama.fr/ids?key=tubemogul&value=ZFKS_QAF5etAdgAf
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 0446
Redirect Chain

https://gum.criteo.com/sync?c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40
https://gum.criteo.com/sync?s=1&c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40
https://idsync.frontend.weborama.fr/ids?key=criteov2&value=UWTpnGd2x4qfPtnbarHIQCLn-yRh539F

0
286 B

73ms
25ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=criteov2&value=UWTpnGd2x4qfPtnbarHIQCLn-yRh539F
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 16:59:36 GMT
via: 1.1 google
last-modified: Wed, 03 May 2023 16:59:37 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=criteov2&value=UWTpnGd2x4qfPtnbarHIQCLn-yRh539F
date: Wed, 03 May 2023 16:59:36 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1288179
content-length: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 0446
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10014&redir=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dmediamath%26value%3D%5BMM_UUID%5D
https://idsync.frontend.weborama.fr/ids?key=mediamath&value=55926452-92f9-4a00-816d-6d5aea1ea3b7

0
46 B

52ms
25ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=mediamath&value=55926452-92f9-4a00-816d-6d5aea1ea3b7
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 16:59:36 GMT
via: 1.1 google
last-modified: Wed, 03 May 2023 16:59:37 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

Date: Wed, 03 May 2023 16:59:37 GMT
Server: MT3 830 785530e master cdg-pixel-x31 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://idsync.frontend.weborama.fr/ids?key=mediamath&value=55926452-92f9-4a00-816d-6d5aea1ea3b7
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Wed, 03 May 2023 16:59:36 GMT

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame 0446
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dsmartadserver%26value%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?url=https://idsync.frontend.weborama.fr/ids?key=smartadserver&value=[sas_uid]&cklb=1

0
316 B

21ms
21ms

Image
text/plain

185.86.138.150
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://idsync.frontend.weborama.fr/ids?key=smartadserver&value=[sas_uid]&cklb=1
Protocol: HTTP/1.1
Server: 185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 16:59:37 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://idsync.frontend.weborama.fr/ids?key=smartadserver&value=[sas_uid]&cklb=1
pragma: no-cache
date: Wed, 03 May 2023 16:59:37 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 401736.gif
idsync.rlcdn.com/ Frame 0446 42 B
449 B 83ms
25ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/401736.gif?partner_uid=OnWbCHEOI8NoK1L5/X5Xku
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:37 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3 204 collect
dx.frontend.weborama.com/ Frame 0446 0
17 B 28ms
26ms Image
text/plain 34.111.205.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx.frontend.weborama.com/collect?dsp_id=0&eid=FAWMrqGXan8U
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.205.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.205.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 16:59:37 GMT
via: 1.1 google
last-modified: Wed, 03 May 2023 16:59:37 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 0446 70 B
266 B 118ms
36ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=4n2tpwc&ttd_tpi=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 03 May 2023 16:59:37 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 0446
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2964&partner_device_id=FAWMrqGXan8U
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=FAWMrqGXan8U

95 B
439 B

30ms
30ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=FAWMrqGXan8U

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:37 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Wed, 03 May 2023 16:59:37 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=FAWMrqGXan8U
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58779/ Frame 0446
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=WEBMA&gdpr=false
https://ups.analytics.yahoo.com/ups/58779/cms?partner_id=WEBMA&gdpr=false

0
126 B

114ms
29ms

Image
text/plain

3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58779/cms?partner_id=WEBMA&gdpr=false

Protocol

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:37 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date: Wed, 03 May 2023 16:59:37 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0105.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
content-language: en
location: https://ups.analytics.yahoo.com/ups/58779/cms?partner_id=WEBMA&gdpr=false
content-type: text/html
cache-control: no-store
content-length: 355

GET
H/1.1 502
Bad Gateway sync-uid.php
sync-uid.leadplace.fr/ Frame 0446 0
0 97ms
20ms Image
text/html 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-uid.leadplace.fr/sync-uid.php?part=weborama&id=OnWbCHEOI8NoK1L5/X5Xku
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

GET
H/1.1

200

p
a.audrte.com/ Frame 0446
Redirect Chain

https://a.audrte.com/match?p=1468142154&uid=OnWbCHEOI8NoK1L5/X5Xku
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZGk2VDFseGtCbHhSd2VSUjNDaExhSFpRQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
424 B

95ms
95ms

Image
image/png

3.215.146.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Protocol: HTTP/1.1
Server: 3.215.146.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-146-42.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Wed, 03 May 2023 16:59:37 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Wed, 03 May 2023 16:59:37 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK /
b1sync.zemanta.com/usersync/weborama/ Frame 0446 26 B
127 B 380ms
91ms Image
image/gif 64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1sync.zemanta.com/usersync/weborama/?webouuid=OnWbCHEOI8NoK1L5/X5Xku
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Wed, 03 May 2023 16:59:37 GMT
Content-Length: 26
Content-Type: image/gif

GET
H2 200 match
c1.adform.net/serving/cookie/ Frame 0446 35 B
501 B 140ms
36ms Image
image/gif 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=1145&cid=OnWbCHEOI8NoK1L5/X5Xku

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 16:59:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 0446
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=T25XYkNIRU9JOE5vSzFMNS9YNVhrdQ
https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=T25XYkNIRU9JOE5vSzFMNS9YNVhrdQ&dcc=t

43 B
855 B

195ms
194ms

Image
image/gif

67.220.224.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=T25XYkNIRU9JOE5vSzFMNS9YNVhrdQ&dcc=t

Protocol

HTTP/1.1

Server

67.220.224.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 May 2023 16:59:37 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8D78NDCRN2HB2N7ZEW9P
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 03 May 2023 16:59:37 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KHJP54K93P8VX6HKZTQB
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=T25XYkNIRU9JOE5vSzFMNS9YNVhrdQ&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

204

ids
idsync.frontend.weborama.fr/ Frame 0446
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&rdf=1
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=34CE9AA6-34BD-42F1-89B6-69E40DAB93B0

0
17 B

25ms
25ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=34CE9AA6-34BD-42F1-89B6-69E40DAB93B0
Protocol: H3
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 16:59:36 GMT
via: 1.1 google
last-modified: Wed, 03 May 2023 16:59:37 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=34CE9AA6-34BD-42F1-89B6-69E40DAB93B0
date: Wed, 03 May 2023 16:59:37 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 sync_cookie_image_check
mc.webvisor.org/ 43 B
67 B 74ms
73ms Image
image/gif 154.47.36.101
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_check

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.47.36.101 , United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 16:59:37 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

POST
H2 200 1 Show response
mc.yandex.ru/watch/320977/ 43 B
74 B 70ms
69ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/320977/1?page-url=https%3A%2F%2Fnews.gnezdo.ru%2F&charset=utf-8&cnt-class=1&hittoken=1683133177_b3c4b890bc41a9ae22cca987478cff233a5cba1e2698f6daa8d16bfccb56f92d&browser-info=pa%3A1%3Aar%3A1%3Avf%3Aiwhcse2c9umawgksp9hl0f%3Afp%3A830%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A3%3Adp%3A1%3Als%3A1045366970863%3Ahid%3A84011620%3Az%3A0%3Ai%3A20230503165937%3Aet%3A1683133177%3Ac%3A1%3Arn%3A423272515%3Arqn%3A1%3Au%3A1683133177929862929%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A1%2C134%2C106%2C1%2C136%2C0%2C%2C440%2C7%2C1608%2C1608%2C1%2C821%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1683133175638%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1683133177&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(1)lt(6000)aw(1)ti(2)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.gnezdo.ru/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 03 May 2023 16:59:37 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 03-May-2023 16:59:37 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://news.gnezdo.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-May-2023 16:59:37 GMT

GET
H2 200 320977 Show response
mc.yandex.ru/watch/ 43 B
86 B 69ms
68ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/320977?page-url=https%3A%2F%2Fnews.gnezdo.ru%2F&charset=utf-8&cnt-class=1&hittoken=1683133177_b3c4b890bc41a9ae22cca987478cff233a5cba1e2698f6daa8d16bfccb56f92d&browser-info=pv%3A1%3Aar%3A1%3Avf%3Aiwhcse2c9umawgksp9hl0f%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A3%3Adp%3A1%3Als%3A1045366970863%3Ahid%3A84011620%3Az%3A0%3Ai%3A20230503165937%3Aet%3A1683133177%3Ac%3A1%3Arn%3A832131402%3Arqn%3A2%3Au%3A1683133177929862929%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1683133175638%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1683133177%3At%3AGnezdo.ru&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(2)lt(6000)aw(1)ti(2)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://news.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 16:59:37 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 03-May-2023 16:59:37 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://news.gnezdo.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-May-2023 16:59:37 GMT

GET
H2 204 ids
idsync.frontend.weborama.fr/ Frame BAF0 0
46 B 28ms
27ms Image
text/plain 34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=nielsen&value=dcb50237989550959fe00ab65c696d82
Requested by: Host: loadus.exelator.com
URL: https://loadus.exelator.com/load/?p=204&g=1020&j=w&xl8blockcheck=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://loadus.exelator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 16:59:36 GMT
via: 1.1 google
last-modified: Wed, 03 May 2023 16:59:37 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gnezdo.ru/	1970-01-20 21:08:13	Name: uid Value: XV9n6WRSkvdkO6pjMn5xAg==
.news.gnezdo.ru/	1970-01-20 20:17:49	Name: gnezdo_uid Value: XV9n6WRSkvdkO6pjMn5xAg==
.gnezdo.ru/	1970-01-20 20:17:49	Name: _ym_uid Value: 1683133177929862929
.gnezdo.ru/	1970-01-20 20:17:49	Name: _ym_d Value: 1683133177
.gnezdo.ru/	1970-01-20 21:08:13	Name: _ga Value: GA1.2.1106698416.1683133177
.gnezdo.ru/	1970-01-20 11:33:39	Name: _gid Value: GA1.2.148190266.1683133177
.gnezdo.ru/	1970-01-20 11:32:13	Name: _gat Value: 1
.weborama.com/	1970-01-20 20:58:08	Name: wui Value: C557FB91-6DFE-4256-ACD8-1BAA16E7BED8
.weborama.fr/	1970-01-20 20:58:08	Name: AFFICHE_W Value: FAWMrqGXan8U12
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 974680891683133176
.yandex.ru/	1970-01-20 21:08:13	Name: i Value: 3yEP+YmS/aUdNiCykqn5ez/R1eldeWTkYHCZw/GqCLBo6WV8W1WAl7ELEWZaP+B/1btVqY0QPS62WGuUib4XduUILGI=
.yandex.ru/	1970-01-20 21:08:13	Name: yandexuid Value: 3500520671683133176
.yandex.ru/	1970-01-20 20:17:49	Name: yuidss Value: 3500520671683133176
.yandex.ru/	1970-01-20 20:17:49	Name: bh Value: KgI/MA==
.gnezdo.ru/	1970-01-20 11:33:25	Name: _ym_isad Value: 2
.weborama.fr/	1970-01-20 11:32:14	Name: wbo_temps_reel Value: NDg1NzM2
.gnezdo.ru/	1970-01-20 11:32:14	Name: _ym_visorc Value: w
.mc.webvisor.org/	1970-01-20 11:32:13	Name: sync_cookie_csrf Value: 1432254849fake
.mc.yandex.ru/	1970-01-20 11:32:13	Name: sync_cookie_csrf Value: 836411851fake
.webvisor.org/	1970-01-20 21:08:13	Name: yandexuid Value: 3500520671683133176
.webvisor.org/	1970-01-20 21:08:13	Name: yuidss Value: 3500520671683133176
.webvisor.org/	1970-01-20 21:08:13	Name: i Value: 3yEP+YmS/aUdNiCykqn5ez/R1eldeWTkYHCZw/GqCLBo6WV8W1WAl7ELEWZaP+B/1btVqY0QPS62WGuUib4XduUILGI=
.mc.webvisor.org/	1970-01-20 11:33:39	Name: sync_cookie_ok Value: synced
cstatic.weborama.fr/	1970-01-20 11:35:31	Name: _xttrk2_all Value: 1
cstatic.weborama.fr/	1970-01-20 11:35:31	Name: _xttrk2_ids Value: 1
cstatic.weborama.fr/	1970-01-20 11:35:31	Name: _xttrk2 Value: 1
cstatic.weborama.fr/	1970-01-20 11:35:31	Name: _xttrk2_mpub Value: 1
cstatic.weborama.fr/	1970-01-20 11:35:31	Name: _xttrk2_uk Value: 1
.yandex.ru/	1970-01-20 20:17:49	Name: ymex Value: 1714669176.yrts.1683133176#1714669176.yrtsi.1683133176
.criteo.com/	1970-01-20 20:53:49	Name: uid Value: 6a812265-6afe-48cf-80c6-35031d42991a
.rlcdn.com/	1970-01-20 20:17:49	Name: rlas3 Value: LWgfHo7RpReR/SqoIZaqJWS3nT2/pR3ulw0kziufaZg=
.rlcdn.com/	1970-01-20 12:58:37	Name: pxrc Value: CAA=
.tapad.com/	1970-01-20 12:58:37	Name: TapAd_TS Value: 1683133177344
.tapad.com/	1970-01-20 12:58:37	Name: TapAd_DID Value: b8159a17-7be0-4f15-b482-c5a5d48bbcdb
.adnxs.com/	1970-01-20 13:41:49	Name: uuid2 Value: 8969514934376035788
.tapad.com/	1970-01-20 12:58:37	Name: TapAd_3WAY_SYNCS Value:
.mathtag.com/	1970-01-20 20:58:08	Name: uuid Value: 55926452-92f9-4a00-816d-6d5aea1ea3b7
.smartadserver.com/	1970-01-20 20:19:15	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 20:19:15	Name: pbw Value: %24b%3d16999%3b%24o%3d11100
.exelator.com/	1970-01-20 14:25:01	Name: EE Value: "dcb50237989550959fe00ab65c696d82"
.smartadserver.com/	1970-01-20 20:19:15	Name: pid Value: 4409585435115207621
.everesttech.net/	1970-01-20 20:17:49	Name: everest_g_v2 Value: g_surferid~ZFKS_QAF5etAdgAf
.exelator.com/	1970-01-20 14:25:01	Name: ud Value: "eJxrXxzq6XKLQSElOcnUwMjY3NLC0tTUwNLUMi3VwCAxycw02czSLMXCaHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQeEl%252BUWb6IregxUUpaQyLSopPBR%252F%252B6A4AeUYqIA%253D%253D"
.yahoo.com/	1970-01-20 20:18:10	Name: A3 Value: d=AQABBPmSUmQCEDCjSxh8TadKiv5WDIqe9hAFEv__AP8AAAAAAOWfJm0AAAAAgA&S=AQAAAsJmw3rFpMO39-reBzEHu4k
.pubmatic.com/	1970-01-20 11:33:39	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 20:17:49	Name: KADUSERCOOKIE Value: 34CE9AA6-34BD-42F1-89B6-69E40DAB93B0
.audrte.com/	1970-01-20 11:53:49	Name: arcki2 Value: di6T1lxkBlxRweRR3ChLaHZQA!20220908!1683133177731!ip#178.33.144.179
.audrte.com/	1970-01-20 11:53:49	Name: arcki2_weborama Value: OnWbCHEOI8NoK1L5/X5Xku!20220908!1683133177734
.amazon-adsystem.com/	1970-01-20 17:22:08	Name: ad-id Value: A2m6n0APpkX7mSvBl2nudY0
.amazon-adsystem.com/	1970-01-20 21:08:13	Name: ad-privacy Value: 0
.doubleclick.net/	1970-01-20 21:08:13	Name: IDE Value: AHWqTUnbE9og41hlw-KhL96PnS_T4bRFj1VAWUcfePh7nMfnpVl_4Zo142-tOE-D_8o
.audrte.com/	1970-01-20 11:53:49	Name: arcki2_ddp2 Value: di6T1lxkBlxRweRR3ChLaHZQA!20220908!1683133177877

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cstatic.weborama.fr/js/topics/topics.js(Line 10) Message: Unrecognized feature: 'browsing-topics'.
network	error	URL: https://an.yandex.ru/meta/320977?target-ref=https%3A%2F%2Fnews.gnezdo.ru%2F&charset=utf-8&pcode-test-ids=764545%2C0%2C52%3B764765%2C0%2C42%3B763310%2C0%2C66%3B763288%2C0%2C17%3B755255%2C0%2C1%3B761617%2C0%2C18%3B734893%2C0%2C36%3B755660%2C0%2C20%3B764267%2C0%2C20%3B765904%2C0%2C23%3B681846%2C0%2C41&pcode-flags-map=eJylWNly2zYU%2FZWOnjspV5DMG0iCEkYkwQKgFSWTwaix6qj10nHsNE0m%2F94LgJZIyYa6vNgUpXNwcdcDfJtdYKHEgq0ULlWNc1KrinFFW5XjtiV89vrdt9nnzfXjdvZ6JnlPZj%2FOHrafHuglfEYoDKNk9v39jweajrOyL6RQrFUd7gVxMiR%2BFoWWgbQ4r4kiBWsOJDUVUhtzQUvC9AN8mzOFeTOh3X7544g1DmPDWlJhaAvWt1JxUlJOCk2Ju85tWeBFUbDfG2xENX0tKWd1DWyt1A%2BEqxWWxYKUStKGKFZVgkg3bxh4yZHPJJVgIm5LlbNyrSPRYY4bIoG%2FJBWGdSecFa7FlDRKInQg5UTytQ5AS%2BSK8aUinDN3KJMYRUm2ZxiCIQoMf2u6hMeeX5A1MK7AJEHnrZsOeUmYnND9Hw4hDccF4YKyKTJBURgGU2ycZZHB9i2tGS7BlTqxcTMJ%2B8P943YEi4I0zDwLg4ALYSrhCHOcbSMQRE4Q0iqWCwJbnbp8e7v55Xo7QYYoyOwOK%2FpGNbDWgtD5QqpWupeM4jDzDXANaUPeKN6rkjWYti5Y7CVBiPbr5ZwtwVhYS805LZ1IP4lT9OyCCkpMcpo74YHvIRuOt6QNVNVDEa1oKReKNnhOnNjIj1LvgH2q6JxxHVSOS9qLH%2F4hwxpru63BCtcrvBZuZJgMfi6rDupKdKyFxNDFzvppUQae502xkRfaPXcFK3ULAmgr3evFQDOkUsXAy0Tn7tN6irxxpgUsmSTBKZxWuqesdBFBdv4XhicDLnDdT6IVes%2Bja4J5qxrGoWIxp%2Fho35NijWPPG7zccco4lWuVr6Hnk1XHuNthKEFD7T3lxdDhC8GdwMxP0lFGUqEKDF1SKlwUECXh6BJxFsa%2BP8GaLBaQ0nKh3dThsqTt3E0SxZG13MwmSGW57ogK3VZHaRKPwtPwAvwkaE5r8Jp7uSxBLyL1sChqWizPrP7EYUahVQgKGmxFYQJSvYkKF%2B5qztJgGH%2FWjoHEDnjJzPCr8TrHxXI0Zl2UyAuiMJiEY0FMw4dxfzpmjtF%2BHCAbBz2XOKmgyheqZnNauHFpOLQ0MLOivNE5y0n7NGk6TnJ3U0XQFQN%2FkrwwdThkEkgVEBXgAd0oRcH1TBHCWfvIz%2FwoGiupI800CAl4UdGWSgJJWixBfjjrC0Wxh9DERNFgLtXPPemJJj9nVowQivdDXC446J0jy4w60RlIW%2BgvFGZofcaqxE%2BGiINAqQE6%2BB1Xuo5opcWTMlPfHYAkzVC2H%2FcVp0BTr5XF68nfuTc3xedLJehbZ%2FojlIVDlEYIYRJm6hX3ulnkJXsW6LWlZnBqYoTSCPnHK6sGFDF2rxUEnvX1KBm1XtAabimZ20MpivzwqUpg7IKqh61C0ijQwVYHmL5jR%2FrpkeOEL0nD013IuXsPEKbUH9fGQYI%2B43rTxs%2BdMVAWoEFU2IoQS9opyU3fOtdJEYjT0IKPlq5qplVqOUjmMyTpUAUvkZjkmnD8uvuibjZf1Mft7urjwwt05nSkliTHuQKh6DxqeTCRJqVoq3m1gCwZJUwLk9X0yXkPXVnlvT6MFYReuCs08b1oGHicK9ugZQ%2FKwla6cbRpKv18ceagCUy2VGv8dm2agzK6bAz7Nvt1%2B%2FDhY7O5v9rdzl77Maibm7tfdtdb8WFzvbu9mr0Ovk9YYxhnoySwbRFkmsprnQn6%2FDpe4N3sZrO7fnX%2FCLb9tbm93H6B5592N5ur7afJq6vNjXlz%2BXV7a3%2B%2B%2Bbx7uLOPN69GHy5vd8NbzbxngBf3m6%2FXd18%2FDl9%2Fvbf%2FH%2B83r263f346%2BcFvm7ubnYG%2Bf36L44o7hNYdPvSU5xOwzk98JvCAtCXbYglpAp2Kz4d%2BpSSeO3U7TIdg1OwqAinHCS4knBzPAOPQC07lCW07GMtan%2FxLcZKEKETpi4SjdgT9w%2B3LA5Mgcj%2FODU3bN%2FkZO2I%2FTGwkzK2MuQEBJEzdnBR23Bk56O45QJN4Qz2ShkFY%2BtaUErk4c7SB03yaWqSN4dG0rWm7dIcGFJeX7Q%2BveoSA8jyu4FNU4PkjmQbtx94HQbPSYXRjQ1Aae%2B1Ss3YOqYvn%2BtKmr0utDsB82%2Ff17c%2FJ4eiZKw0Q%2FfGwh9poFXtwAOlY1FgIraT5GTdECTpPAd17chyYXd%2Fd%2Ff5feE425T1PolO446yZCpcPD9dHHg19b%2Fp7FbobAQqDND2BPHuqvLrfXO62tw8v4I%2Bn5GE6DWU4esM63SuGHzfMXZlxHMTxicjRSvfZE8iJU3zkD0MEktreHClJGmg1kjiRYZRmVl3NIa0DqOZ6fcZShLwTS03kbWs%2BHMApFAjD%2FExwomC4dzSz9PjKS1%2FDedHxxZyn6%2FH73xCwm%2B8%3D&pcode-icookie=0rLJXGN3jUJVn%2Ftl9N9MpXfZcMMKi2v3t3Q2ZajW%2B80uVtGvRN31GXkwOYaOy9tywKm%2FPLnpXbcjgE9fTbMlVIiV7fM%3D&duid=MTY4MzEzMzE3NzkyOTg2MjkyOQ%3D%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=536561674354690&ad-session-id=5358391683133177056&target-id=46819344&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fnews.gnezdo.ru&top-ancestor-undetermined=0&pcode-version=765904&pcodever=765904&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22supportHDRBrightness%22%3Afalse%2C%22isInIframe%22%3Afalse%2C%22w%22%3A801%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A1839%2C%22top%22%3A1091%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=1888&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxOH0KEqeykOWo6yIYqEOFcl5WmqpNF4tmqZWrVrVqCiezFW4HTwdXalNzTnzcLEeNwO2qVqxEFLV_PvP884AeMsAVRhgyJ87evLorulST-RmCIoQwwggj-CqEuhi2UWvRKBFTFvQCdMEo6BWxiUSlN6QmkjgxpiZVpDLEKQpFkznzm8yZhUxrhJOajBEIldSQqNVgUjdPrKFGykmq1alinep8icNr0IKoPYQ5QUpPH-uUYDPTjHTUaS1YHl7xi3Dkk7RALxKPsEiKuPgewcF41VPUwj5ITgkduoAXQQkKd3wndNIE5-Z62IXj0MY6v_gsEk_RbMMss5kfKRIYI38h59OoI2NMlrhOpCY1caJLC5RnYXnyznQs2B5OEdTnZp-H_Vw4JvMoQpL8MBWVLiZSUxkidWeFeNAG5kyJC0ZCmTrWuk0pUxNxWoDIaTxFCT2C-pfDWkSPllXCIvqpkurJPZg7XnzmP437fzmevBb-__PP4Z-81IMBhslMjBJtArEY9Umko2J0qSqCHWuqUaskM8RMzKrmvZH9ju2hlqA-Pv7NKnmsj-LhKzzsOvr3WfAgwz4pr_9x3Uu04pNXyrP8A1Z7S3XKwlMKIYlMrSRzUmE4WP7zDRn1hB55u6DYKEUz2oPvLOGhpbMUrymH5w1OluPh96VN7gTOADPj1htlykGcaFS61maEWo3WSEoSTzMZHLYrGTyK0YE91tsS7_nkvQNrXchovYH65RHOCJw-8iAETbt6wN_VMB8jfDQ4dg9jfd5t_N3G3nIE9VhizzFu8Z-5x73xzqwWi8XeGZAjo1JNu0vXVE_mjEz0dPwHHc73WbQXjTovJORtuNDD_8KnIPwO8ffKWufpewQNGef8qz99HsaoyPfbOAcWnISutWz1nnJq94zs5-Nd3cJub3-gxXcntFZPlqNk5S32wm7rHc1rFyRNs41rqQXY1R_bk9r5AcwJc1dgfuuqoD1pvXRW29r5UpflQ7LK9QYyu_RP-ivwaTbBbg3rAg9OknCl8xftr4Sn1Sc60CMVTSofbiKQ-dCrR0RRV5a9INEs5yqQh5f12-Xp6ttceXbPYh7fpsrZHLvvrx3D87rXCyDM2PhZNG_SIoBY3YFbx3Ccm9qau4O1CiTokB0O0URYK790NB_Gwmt7XOp3FHauQG93NtL1XcAIK_F7XdhpbDwqgO1L4cmK26CYj62lCa-waf8eqMnNN6Q1y0lel03udza4tQBJX2h_3C6BIrG9n6Krj-VWP9uZdf-x-yf-x9VocVjNCCH1zsghisnDOy9nXs297biFk6Yi18epT09OPPkmWJkJ6M8DyooDN7eEaFhx-lHRBF4Wd5sKwK6Egtkox-2uSyW0XMHltFsG_fmCIZ1ljhBqRPPjfznIstxdNQTWXKrIcuN25LtfSt22yJ0maJ_po_KDoX4FvRBWRvS2YPSk1pXbccmyL4dt8zpIarVSo4-NEY1mKNB2QjjxK2l7s2ZXWUaYZ0-QxRvUKZmLVG75iZsrjt_wcLb7hifoYdmsoKVdzik5DsFUtBa0QeAvfejopc3_8GNDDMGSbttnOXYX_oOgbdYhs1xv2V0EjdLkNjhnU_BRkI1hRuOi0u9EzPnY63V_CYbxZFwryXl77Af1DnPCD3a4YuhSnPUOEgQMtv3PCBqoL-1zBzQj_t8cHozO6a59L7cQ5t6yTquS1yxv-NP7SRyry4uCZrW7Gurm3MNlOxvMV_kbvMiBPAcaXQQufINSzzR7Zg9SIq3GWMHDwcPBwwEwcFcdBmi3Xo-ACB6ohgg0cOBGcA2gIHIA1gaQspkzwJvmAVgJyA%3D%3D&uniformat=true&callback=Ya%5B1395686973996%5D Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync-uid.leadplace.fr/sync-uid.php?part=weborama&id=OnWbCHEOI8NoK1L5/X5Xku Message: Failed to load resource: the server responded with a status of 502 (Bad Gateway)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aax-eu.amazon-adsystem.com
an.yandex.ru
b1sync.zemanta.com
bsd.frontend.weborama.fr
c1.adform.net
cdn.jsdelivr.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cstatic.weborama.fr
ds.frontend.weborama.fr
dx.frontend.weborama.com
fcgi7.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
gnezdoruanalytics.solution.weborama.fr
gum.criteo.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
image6.pubmatic.com
loadus.exelator.com
match.adsrvr.org
mc.webvisor.org
mc.yandex.ru
news.gnezdo.ru
pixel.mathtag.com
pixel.tapad.com
rd.frontend.weborama.fr
rtd-tm.everesttech.net
secure.adnxs.com
stats.g.doubleclick.net
sync-uid.leadplace.fr
sync.smartadserver.com
ups.analytics.yahoo.com
wam-google.solution.weborama.fr
www.google-analytics.com
www.google.com
www.google.fr
yastatic.net
zn2.gnezdo.news
142.250.185.194
145.239.192.166
15.197.193.217
151.101.194.49
154.47.36.101
185.64.189.115
185.86.138.150
185.89.211.84
195.54.48.26
2.18.233.201
212.82.100.182
2a00:1450:4001:806::2003
2a00:1450:4001:811::2004
2a00:1450:4001:811::200a
2a00:1450:4001:813::2003
2a00:1450:4001:829::200e
2a00:1450:400c:c02::9d
2a02:2638:d::d
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::90
2a04:4e42:400::485
3.215.146.42
3.71.149.231
34.107.182.139
34.111.113.62
34.111.131.239
34.111.205.194
34.149.247.216
35.190.24.218
35.244.174.68
37.157.5.132
54.78.254.47
64.202.112.127
67.220.224.150
91.216.195.7
93.184.221.133
93.95.103.233
93.95.103.98
93.95.99.151
01266b002c3a5fd944f5d5a6c9a7bcedf1274ea6c9baef3d2f14457d364014da
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
086de73609dbe5eed1b38629d2e6914a7a90521a9e5c08be5c892068ad7fd16e
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
0ac68fe5450f1c163267a98c51b20199cd293a98aa3904df3f8129ae1b6cd660
0c51922d39f4e8913387848d2f7600901561b07d0bd9acef3206671bc0659791
110696077cf2c253e820eab00dba2c2c3de39600bab63e07fec24556d41eda14
1c38153acac347bda02a24b09e16db230167f0a51d6d1974ff1e505c1282bdd6
2000533c6e90247605bd21f9eac72084495d18353d748b1362a9243a61230d8e
29d689e2c07242937a9cac560a6fd47d35a09d9ee875f829a441152626adc4cf
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c4b64f32c77ae51fa901a3250abfebd5cb0e8e7717655d6cf4547d407d0d698
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3a8a901798a60bfc07d310c3c35ae779e981e4c42d3c3e0e12263a4c774afac6
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3e1dac2792ab6c6adeef95c5e0d28ad832c837d58922fa4ceafa0ed3bd0f96a7
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
43085076f8ac89a718facb1251c109394aa6d00bcfe5c00b090e0e92d5cab3d9
521cf178bfe1383169f315ec950be6da0037bbf4f5c36713cb2c0460583bf4e8
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5e570ead59f0431f865696aabc8d0e22f5ef151d010b11c0446fe46fcc9033f4
679c798fd4e7e8b2e875df662470ae6a0e01f5d8490a8d22bca5d419b30987cd
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6f9a1e4f25be62559029ac5328a4c91d86c3123573d6f00d150f54884072965b
724d685239669ac4db6763d8fc4ff79d629067941a7bc5b738ef8a46f3970df1
8223f2b1572b76ed0add5d9faa441a3d703efc6d4b53a51e62cef062f67b895c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
840f575220d6b42197251483e8b3b486bce6f7c4c4bddfff022580d3bb39ce4b
8cf14336f076f6387afbbfdb7fadb701aa3cc10b33b9d0e94ed9eb2a4bfd4eb4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91a23159638a846a426eb990ec53821e49518e78924d10f45ee5178ba44de83b
95f9f7d5fc896cddb14ac87de2c177488da4249aa25c977a620cf99463d615d4
9b6b5e0c551bac6ccde502c3bf5c75d1efe6b1da975c0d251a4a17b8adcc74a5
ad076dbee5c759d0d08c259e427eca036bbe2e8415ec75f2fb0215edc8928543
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b27c88e59e3c34b7ecc8b0bca38a4c8daea60d855199772825cc70933b6e08b9
b59d5d931ece7fab4c2378e6e3979c793f6e52e8a1bc6e7c1fa569e03d96f49f
bddd7c9debeee9bccc8d6a0f0990743d3db200fe23fc08dbad9e60a007e52919
be450e094e932689916b0c110039b96d637600afba33dd944f6de2e5785c9d52
c039e010b07d3995fb45f4f95cfee7853a414eb7a940617faf98fae5f3a85f1c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c6e0fc3d278b2e636153eac2d900942a0573459d0acaa4429f70d309212a2cf9
c9797801cfb2ff6da8959771f9f8980f7e8b9fbb6fbb28feaa1b728d05e7ef7f
cd87d1a1b32bb7c979ee4390800a505e8ed619f4686ef9cefccc575e17f66593
cd92f193fddd517bcc9c198f23212c47a4092e956f933cfa1ab49ae9842195c0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d05d4d69100284cb991eb0227b0859cc2942030d0ba419eee2e4aa55293b96db
d7aa68953190a5bb9e15492c5550ee7efc76ba220d7a084cb5d8ffade389b10c
daa6e706a0764c808758a080119ca8c914f453bb753686d2255518d7c3d93a84
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e7dc95d4d7f805b5894b65cc10edb717111758393e098f07748925578d436d33
e997c350a113c5629432c0cfbaa960874da77cc36b1420658a678d4e3c7f4baf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbf8f483d0e84da8dac096f1896c6af14a3e35ab503cddd5d254389a133e063
f0afe0bd0f2d59875ff57857b9b8a91d8708ade1f6da6345828040de1e7e2001
f36cccce1ab1982abe9dcbe19efcdd88e3d4d6f0bef2fd343b74aa3115c7e808
f3d3d5e79c6c3971916ebb40d8f16c3d584efe53669023273eeca33928178bfe
f632cbe0ff8594d601ed4fc03f5cdc54400ff3c9c987bc4bd5aed25ec71d7897
f67d45656c4217a8de9552dd869658c87855bf795dc34e8abfdff37bfa62fd9f
f6f11d50372d88190696b17264e1609349ae7195af0cd44e95ffe632f8a322f3
f8ef92580507b6951324682c554dab70b4cf56d018aed4c11605628c0d897e72
fddb6fcfd2c86ef930d5427c3e664c6243d0fe3e9fda457e47a8bc5a852e0fc9

news.gnezdo.ru Open in urlscan Pro 93.95.103.233 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

96 Requests

83 %HTTPS

28 %IPv6

30 Domains

40 Subdomains

31 IPs

8 Countries

949 kBTransfer

1950 kBSize

52 Cookies

5 Outgoing links

Page URL History

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

news.gnezdo.ru Open in urlscan Pro
93.95.103.233 Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

83 %
HTTPS

28 %
IPv6

30
Domains

40
Subdomains

31
IPs

8
Countries

949 kB
Transfer

1950 kB
Size

52
Cookies

96 HTTP transactions
0 data transactions