www.liveinternet.ru Open in urlscan Pro
88.212.202.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.liveinternet.ru/click
Effective URL:
https://www.liveinternet.ru/
Submission: On August 09 via api (August 9th 2021, 8:58:47 pm UTC) from US

Summary HTTP 261 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 49 IPs in 8 countries across 40 domains to perform 261 HTTP transactions. The main IP is 88.212.202.50, located in Russian Federation and belongs to UNITEDNET, RU. The main domain is www.liveinternet.ru.
TLS certificate: Issued by R3 on August 5th 2021. Valid for: 3 months.

This is the only time www.liveinternet.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	88.212.202.50 88.212.202.50	39134 (UNITEDNET) (UNITEDNET)
24	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:6b8:a::a 2a02:6b8:a::a	13238 (YANDEX) (YANDEX)
19	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
1 3	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
13	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
11	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1 13	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
4 14	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2a02:6b8::16b 2a02:6b8::16b	13238 (YANDEX) (YANDEX)
3	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1	188.42.29.196 188.42.29.196	7979 (SERVERS-COM) (SERVERS-COM)
1	195.209.111.15 195.209.111.15	52007 (ADRIVER-AS) (ADRIVER-AS)
1	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	195.201.152.105 195.201.152.105	24940 (HETZNER-AS) (HETZNER-AS)
1 2	193.232.148.145 193.232.148.145	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1 2	195.201.87.224 195.201.87.224	24940 (HETZNER-AS) (HETZNER-AS)
1	80.64.106.150 80.64.106.150	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
2	2a02:6b8::402 2a02:6b8::402	13238 (YANDEX) (YANDEX)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:6b8::184 2a02:6b8::184	13238 (YANDEX) (YANDEX)
1	2a00:1148:db0... 2a00:1148:db00::28	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
30	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
15	77.88.21.179 77.88.21.179	13238 (YANDEX) (YANDEX)
5	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
7	2a02:26f0:6c0... 2a02:26f0:6c00:286::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6 14	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.221.88 185.33.221.88	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2b2::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	204.154.111.150 204.154.111.150	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
4	204.154.111.112 204.154.111.112	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
1	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.168 213.155.156.168	1299 (TELIANET ...) (TELIANET Telia Carrier)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	52.84.45.40 52.84.45.40	16509 (AMAZON-02) (AMAZON-02)
1 1	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
1 1	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
6	104.111.247.190 104.111.247.190	16625 (AKAMAI-AS) (AKAMAI-AS)
4	204.154.111.116 204.154.111.116	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
4	204.154.110.156 204.154.110.156	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
261	49

17 88.212.202.50 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host150.rax.ru

www.liveinternet.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.li.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8:a::a (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:6b8:20::215 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::16b (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.29.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.209.111.15 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)

pb.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

adfox-c2s-ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.152.105 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.105.152.201.195.clients.your-server.de

yhb.p.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.145 (Russian Federation) 1 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp6.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.201.87.224 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.224.87.201.195.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.150 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr5.rutarget.ru

adfox-hb-bidder.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::402 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

static-mon.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::184 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::28 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

r.mradx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 77.88.21.179 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: adfox-external-l3-engine.stable.qloud-b.yandex.net

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c9de437ec8a041e680e417db7e8751ec.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:6c00:286::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.34 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.88 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b2::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.154.111.150 (United States)

ASN36062 (DOUBLE-VERIFY, US)
PTR: nycp-hlb33.doubleverify.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.154.111.112 (United States)

ASN36062 (DOUBLE-VERIFY, US)
PTR: nycp-hlb09.doubleverify.com

tps620.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (United States)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Schopfheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.168 (Uppsala, Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.45.40 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-40.mrs52.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.45 (United Kingdom) 1 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.44 (United Kingdom) 1 redirects

ASN26120 (RHYTHMONE, US)

sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.247.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-247-190.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.154.111.116 (United States)

ASN36062 (DOUBLE-VERIFY, US)
PTR: nycp-hlb13.doubleverify.com

tps10212.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.154.110.156 (United States)

ASN36062 (DOUBLE-VERIFY, US)
PTR: nycp-hlb38.doubleverify.com

tps10281.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com c9de437ec8a041e680e417db7e8751ec.safeframe.googlesyndication.com 156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com 53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com	514 KB
34	doubleclick.net 6 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	464 KB
25	yandex.ru 1 redirects yandex.ru an.yandex.ru mc.yandex.ru matchid.adfox.yandex.ru	417 KB
23	doubleverify.com cdn.doubleverify.com cdn3.doubleverify.com rtb0.doubleverify.com tps620.doubleverify.com tps.doubleverify.com tps10212.doubleverify.com tps10281.doubleverify.com	223 KB
16	2mdn.net s0.2mdn.net	199 KB
15	adfox.ru ads.adfox.ru	674 B
13	yastatic.net 1 redirects yastatic.net	577 KB
11	yandex.com 3 redirects mc.yandex.com	4 KB
11	google.com 2 redirects adservice.google.com www.google.com	3 KB
10	liveinternet.ru 1 redirects www.liveinternet.ru	213 KB
8	googletagservices.com www.googletagservices.com	198 KB
7	li.ru i.li.ru	115 KB
6	serving-sys.com secure-ds.serving-sys.com	116 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
5	ampproject.org cdn.ampproject.org	101 KB
5	criteo.com 1 redirects bidder.criteo.com gum.criteo.com mug.criteo.com	7 KB
5	yandex.net static-mon.yandex.net avatars.mds.yandex.net	116 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	criteo.net static.criteo.net	39 KB
3	google.de adservice.google.de	1 KB
3	yadro.ru 1 redirects counter.yadro.ru	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	de17a.com 2 redirects d5p.de17a.com	722 B
2	buzzoola.com 1 redirects exchange.buzzoola.com	867 B
2	adhigh.net 1 redirects px.adhigh.net	742 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	582 B
1	1rx.io 1 redirects sync.1rx.io	697 B
1	smaato.net 1 redirects s.ad.smaato.net	430 B
1	travelaudience.com 1 redirects ads.travelaudience.com	610 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	584 B
1	dotomi.com dclk-match.dotomi.com	104 B
1	google.be adservice.google.be	853 B
1	mradx.net r.mradx.net	649 B
1	rutarget.ru adfox-hb-bidder.rutarget.ru	730 B
1	otm-r.com yhb.p.otm-r.com	256 B
1	creativecdn.com adfox-c2s-ams.creativecdn.com	213 B
1	adriver.ru pb.adriver.ru	307 B
1	betweendigital.com ads.betweendigital.com	924 B
1	mail.ru ad.mail.ru	342 B
1	googleadservices.com partner.googleadservices.com	660 B
261	40

	Domain	Requested by
30	tpc.googlesyndication.com	pagead2.googlesyndication.com www.liveinternet.ru securepubads.g.doubleclick.net cdn.ampproject.org 156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
24	pagead2.googlesyndication.com	www.liveinternet.ru pagead2.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net tpc.googlesyndication.com 53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com ad.doubleclick.net www.googletagservices.com
19	an.yandex.ru	www.liveinternet.ru an.yandex.ru yandex.ru
16	s0.2mdn.net	www.liveinternet.ru s0.2mdn.net
15	ads.adfox.ru
14	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net 53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com
13	yastatic.net	1 redirects an.yandex.ru yandex.ru www.liveinternet.ru yastatic.net
11	mc.yandex.com	3 redirects www.liveinternet.ru mc.yandex.ru
10	securepubads.g.doubleclick.net	yandex.ru www.googletagservices.com securepubads.g.doubleclick.net www.liveinternet.ru
10	www.liveinternet.ru	1 redirects www.liveinternet.ru
8	www.googletagservices.com	pagead2.googlesyndication.com yandex.ru securepubads.g.doubleclick.net 156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com www.liveinternet.ru cdn.doubleverify.com www.googletagservices.com
7	cdn.doubleverify.com	www.liveinternet.ru cdn.doubleverify.com s0.2mdn.net
7	www.google.com	2 redirects www.liveinternet.ru 156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com tpc.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.liveinternet.ru 156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com
7	i.li.ru	www.liveinternet.ru i.li.ru
6	secure-ds.serving-sys.com	s0.2mdn.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	tps10281.doubleverify.com	cdn.doubleverify.com
4	tps10212.doubleverify.com	53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com cdn.doubleverify.com
4	tps620.doubleverify.com	cdn.doubleverify.com 53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com
4	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	avatars.mds.yandex.net	www.liveinternet.ru yastatic.net
3	static.criteo.net	yandex.ru www.liveinternet.ru
3	mc.yandex.ru	1 redirects an.yandex.ru www.liveinternet.ru
3	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	counter.yadro.ru	1 redirects www.liveinternet.ru
2	image6.pubmatic.com	2 redirects
2	d5p.de17a.com	2 redirects
2	tps.doubleverify.com	cdn.doubleverify.com
2	googleads4.g.doubleclick.net	www.liveinternet.ru
2	53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	gum.criteo.com	1 redirects static.criteo.net
2	bidder.criteo.com	static.criteo.net
2	static-mon.yandex.net	i.li.ru www.liveinternet.ru
2	exchange.buzzoola.com	1 redirects www.liveinternet.ru
2	px.adhigh.net	1 redirects www.liveinternet.ru
2	yandex.ru	www.liveinternet.ru
1	sync.targeting.unrulymedia.com	1 redirects
1	sync.1rx.io	1 redirects
1	s.ad.smaato.net	1 redirects
1	ads.travelaudience.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	dclk-match.dotomi.com	53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com
1	ad.doubleclick.net	www.googletagservices.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	cdn3.doubleverify.com	cdn.doubleverify.com
1	adservice.google.be	securepubads.g.doubleclick.net
1	c9de437ec8a041e680e417db7e8751ec.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	mug.criteo.com
1	r.mradx.net	www.liveinternet.ru
1	adfox-hb-bidder.rutarget.ru	yandex.ru
1	yhb.p.otm-r.com	yandex.ru
1	adfox-c2s-ams.creativecdn.com	yandex.ru
1	pb.adriver.ru	yandex.ru
1	ads.betweendigital.com	yandex.ru
1	ad.mail.ru	yandex.ru
1	matchid.adfox.yandex.ru	yandex.ru
1	partner.googleadservices.com	pagead2.googlesyndication.com
261	61

This site contains links to these domains. Also see Links.

Domain
g.liveinternet.ru
mediametrics.ru
beautiflash.ru
alinamix.com
smart-lab.ru
www.technohelp.ru
www.03.ru
www.3dnews.ru
radio.mediametrics.ru
doctor.ru
chat.li.ru
wiki.liveinternet.ru
www.li.ru

Subject Issuer	Validity	Valid
*.liveinternet.ru R3	`2021-08-05` - `2021-11-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.li.ru R3	`2021-08-05` - `2021-11-03`	3 months	crt.sh
yandex.ru Yandex CA	`2021-03-18` - `2021-09-16`	6 months	crt.sh
bs.yandex.ru Yandex CA	`2021-05-31` - `2021-11-29`	6 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.yastatic.net Yandex CA	`2021-03-03` - `2021-09-01`	6 months	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
matchid.adfox.yandex.ru Yandex CA	`2021-03-16` - `2021-09-08`	6 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2020-11-13` - `2021-11-17`	a year	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-06` - `2022-02-16`	2 years	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.p.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-27` - `2022-02-06`	2 years	crt.sh
ltmse.com R3	`2021-07-30` - `2021-10-28`	3 months	crt.sh
*.buzzoola.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-30` - `2022-09-28`	2 years	crt.sh
*.rutarget.ru Thawte RSA CA 2018	`2021-05-17` - `2022-06-17`	a year	crt.sh
*.naydex.net Yandex CA	`2021-03-17` - `2021-09-15`	6 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.avatars.mds.yandex.net Yandex CA	`2021-03-12` - `2021-09-10`	6 months	crt.sh
*.mradx.net GeoTrust RSA CA 2018	`2021-07-23` - `2022-08-16`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.adfox.ru Yandex CA	`2021-07-27` - `2022-01-06`	5 months	crt.sh
*.google.be GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2022-01-17`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA	`2021-03-17` - `2022-03-22`	a year	crt.sh

This page contains 32 frames:

Primary Page: https://www.liveinternet.ru/
Frame ID: 21F8FA80C07B6042561BCE5F658C5FE8
Requests: 98 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210805/r20190131/zrt_lookup.html
Frame ID: A07B5BCBCAB17246EAA4DFFE8F4332D2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9165516179791802&output=html&adk=1812271804&adf=3025194257&lmt=1628542709&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.liveinternet.ru%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628542709039&bpp=109&bdt=115&idt=245&shv=r20210805&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5744149938372&frm=20&pv=2&ga_vid=1926450450.1628542709&ga_sid=1628542709&ga_hid=63719049&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1740732808598772&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=314
Frame ID: 9722628AD112B135C567B205C6643819
Requests: 1 HTTP requests in this frame

Frame: https://avatars.mds.yandex.net/get-direct/4474510/1oQc0AlscF6DCbh4K8pDag/x80
Frame ID: 9669ED93ADDE94801DACB5211B5416D3
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.liveinternet.ru
Frame ID: 64DEFB6DB0187C66287C4B1E602025D0
Requests: 2 HTTP requests in this frame

Frame: https://an.yandex.ru/system/adfox.js
Frame ID: B8B245D6CAD3612D1CA0F420B23FF731
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: A6EA407D4332EACDA3CA8ABC0C2713AD
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 61C5674A4958EC45F96A80F263666752
Requests: 9 HTTP requests in this frame

Frame: https://c9de437ec8a041e680e417db7e8751ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 285F24CF3475B5D4F165DFA804C2B60A
Requests: 1 HTTP requests in this frame

Frame: https://156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 3ACA8ECC953B86ED8B1A79BB9480DE87
Requests: 1 HTTP requests in this frame

Frame: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 84BEBC37CD0439121320C424B0E0F2FE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs
Frame ID: 597077A645C57B8C3D183624F25EA715
Requests: 16 HTTP requests in this frame

Frame: https://156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: D614256EA245A16E8E9AAB87A550242A
Requests: 9 HTTP requests in this frame

Frame: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B965C991B75CC620C4CAF3863929AC33
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/index.html
Frame ID: 6E149B659A2C4CD4CC229F2023666F38
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjZ__GZATAB&v=APEucNVH1Xbuk2I6JOhobBm0idKbJbgiWeZA8KJf-1lrCoiNonMZ6mnGkGh7qBcOTO9CLY7bGLdWKU4gKPScFwT7p4NLMAgEQrfPxRSNdN-CkL9GeYBE_tnH6mhCNXR7MBN0u1HL7sJtxZ7suepr0MF1z8JSh8yjhWZsKrzQTMKs84jo-ZD9r1Q
Frame ID: DDF9073DDA79B5C4B664D2AA3414C29A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aa_CnP-ztbnLmdez_ikZmV8qWQp6D5uq8i4B31bUGcqD8RNuz0eSxVuJGkx3RAUHV4VLV2aONZCcb3Rx6PoVzI6tv7ru7AEEHl0Xf0dqbocL5cmOu9RttBUqrplSCPPZDN5-Aiy79R0tmzhqbAitSmwoFv9g&cry=1&dbm_d=AKAmf-BVmN1x42lB9XVxUwRcUVTBTJ_EruZJ2lTJnbvgEzWP6YQWwXznqK8Xt4aMZx601MupP3YM5XBLlUDvqxPoSI_oNpcjok-IH0xZUXVvgP-Z9M9GLHvE4WdRwGwXubuwclFnrp7XqBelEG1k2jreuiHpU0E-h0PiqsVTgefogoUwc_UPRkAI-xC7DvpzHUtHDQ6kdwzFy0p2_Nj8WiN1re6HR5CAIXJZQxLT5AjRbmMNyp39l8mvKfVXiojnATV3kXk4uJBW7Jdg9RgzMAEJAx5qlcVg9ghyzEt8XpngE2m0JLMMDa7XjUPVZlFA0IsVtSoF1960U9v2HgmdXvjy24NryHFVR2ZJmdCtctqWpjmWjqwgwByhDGhIEGJ842EieaqkOpIFMEFkAbtAi6bPOpCWDi452KU2Jm8xYHX2xP3_SOhCeFLVXpPfkadV4_MxLKTZqfoQ0s_pBgGAIum_1Z8WW0EXAKzh8S5lIbjIwXXTHOSLHz4UNeJc6dZ-M9CdJo18eMmHHxs2oOP2z31Fd3Ih9IT-L1TJvcIKcF8eTHfuT_vNENMxPGy_onKrlpT2Yx01vrcJ7ZAoicFBmxVo2hIUNAcVtwhaxtGibhu_tS2DiEyRoudEds0FZv-Vwx2lChdk0xue2rO_bv8cE48pg_sDe0xShxVI0R-G_h1NgLCpo7Tq2Pi0OsdOY3XeKwBnuEmCsBnFZXWEClKgMEyrKrp2s-r1w4SkszCmr90V5AW35nPwqw72qbJbQbpp54x-BqyhHZvYmEuHm-4xqbTST-j-9QddHNNhrcIqmtmD1nyZaekQjsiSYWCO7oPKrrU2KIkhW3y4cN7Yos9a5kkEBrvStP01xsLGG3SYAYbgoVtbaz58AWStNvUXqh4tHj9VK8TzW99U5ZfxFeKambERw1QyaVU5B7i12ZPnSHIErYOSppuVvhPzROT7Q4w97NdEJcxXnqbQG9k35J_HOwOnU2w6o7W37oOvbJKofxeupP8ioRHuQPCVLQ_LoadUKrAxFdOBzdMmWCUSfv-Atxi5EF1baSLxz-MoKAIfValj52opnzaW61Ym7F-JA5I4_gpcTIzS_mZqm8_3tgXVgonyol7u2LlIQDTi9a47npLqcoRtJF8FVbi35SdVD2zl4zHf8iMlFQ4NFcU7b6MAf1KdNdZ1VPoF9hQSV-0CPy7P457LnETu7PH1_zZAdILJVKzc0G9vOtNMwyYVV5kosi9mPEX5twwT4DuEIxyxq6RqUDb3ZLfWxzk4V3BdS8A_41vbMcFPpiBIi_jogvs3f5XK2dnsAgmMp27XxfYk91dGNngql7csPlkVi4YaB9-W41a9EZbhwpdt93vUd4sGu2wUhFytIkfwi1hz-dj250G_MAMxW7s3hkvYE4xCncV1paz4W6V1EK0w1oM8woctSbU_H7S8nXn-8K7OXuSNpqbs8p1RM028aqE66EmG5vydKBpSzFMPHqozNSj68VVV5Jk_EQfBmLxS6YC_ohGYZip_gBevDVJP015xFXzUI76BmAoBd8ga45pLPVfj15xtqbsbu_PgRnQM6fscsO_pVOaywQ35-mu9ans-8lmXrPAPsgg8bofViE5EXd5aN6wORIF9Gsp6bmpcEcUpqBKoLvylsEzuS0h0GgAlVKz6ZNYsvbQ4vJmCyeYD6GaUcMZBtIfsfwTc0FDcl2TnqSD9wOQDgfFPiaCJDEpVZTVP6GjDwAERdLk4swFpH9vCm7wQDpAK8TdjQQ7_dO5_yZh7eRb1QLR6jE8GU-sz0PcsyepCn9iNSQ0Cun-GCYWjcjQv-_R8VD23MIy3kgpoYQ3-iHqhZv4V6nKK3fRoB14gUm-Xmn2ffOv79SeQazEhDrzMeUWfzIMhScqacf3t4zgAMX3a1AXN2FYqBSWzudLLh-6RedjF57ivrAIlHNZF6Wz0FahyBRWToC21n7V2hT1u7kIjPkJILBJM7SywRzRepTgk8UcL97dwJ_3RlxEJ3E_MYr8ca3iMbKE9zq5ZBz2s5S7kOHbZp4dciOjAfBm1FC61aaQvcYD5dbxAvePCBOQDYtdbz-zGovuSreBOrLd02eg50hmlN6r9xjRMxdLQO3-hvdGd3MgG95ULO5Viy5_dCmri3qvac9IwFq-8Fh1CnneBslPCQzJoB6JrSiso2mI7zxSZ2bv-v-uiSGKjrM7gKh93Bn7P2y-UUw1H-co9BTuZRkCnacOOmFXmEtee91rfdvvFKekEYF6EpJxSo6l_l0_qoV-RiJnxtZgMP4bt4nimWlHg-ZUUzcro_-4aFOc8En8GlAzNTaz98m3Q1q4R-Zbg3NNDOOQ5x06I4N2MBYOITf6okC8yTej3gWQviQvM59BpB1KhvlDty1vjfnVx8FnxaloLw0LUO86C8btoHvPXjl8UMzzo-CqYupSyx0cieHVL9B-BT4RCQudwxcznsG4_k5u-ikGF5b8OZbhFrC9zJlqXOFRxQM_S7wGqGwOEiS-BfRTdvOMmSmWeUZ1Q3986XWV6SL-K5r-xd1jocIc3mAHq9U6ltrDXdm44MPzZuLLDb2hW_NXR0RQzmEDZTUGKMinNGPj0M6rtAwZBuOeMCoo63SysDaOOwdsRdURzYe223lrp5-ikhSYc7y7qrpwZOetk5xr8bUnalqnjdEsEgQ0li1FXLr-qPdQYCKEJXdrGrAzieo2ht9VFOaJe0ziX_Px6wTx0y9DCppZjPu39OFOs5QnLwu6kJbsAEGKVXWcijAu9kxeZ2N0Ndo7bbgy3kcPmKrD4D2UhkfvXhtvY_6JWLJAMB07ef3ae6FV3l7vlmMAu1yP1VKZOTU1d2q1g2LBhajLtjXixLWZQfbFLnxJ9R2UmsWSOUATwJKYegRlY17hvDcDa59zHMgMWKXWbYOidhvGQfZ6mF6H3Na2bfo_N65YRYwS0VXrSBkfp75E0eKhbedE5gAaFIg1SxRimXg5uv1qoaEedB5iALKVJea56RZsj3igdxlNXq4tKM7iS2wzp8bB35b_Ce8BZnt0-kEjqEXLkGsKu4yAkvh0UDQ_XV6HsZZcu_yRBt7e4jBa00u6HT2PuTpDTRdbAvSnw7MldpfKdtA6lipqqhHRxyAKsI-rLtAmis5tgzq_L1WrQq58mVTUEbslVrasywMLODRR_1FQ1SKwHvaZ7i9E9cthXOoAgsflKPNh_CRenoLFvNIOD3UvbETQyCajIuIdQYLSSsWPqmzzuDwOyiam1e6ckl1wtFUuPAom0G1hq6iMQ6USTD3ohwKdAwJTbbnQH0hbiTK_gpKZN59QO0kE18kMfGNtaVnffKsyn2qj26tAoJd6QDG3DaMO3XO5p03jvOs2Jv5SyHUp2B_aAiJbBICcdOzQDRHfUCAABSJRf5p_gUyk2S0enUG7gzLEYl6P7P73DY5kC2VVXu97h22JyLeLnETOib-4QIMG1bg2t-wlePjgMX55eDxoj5KNyzdDwXiOmtTBshA&cid=CAASEuRoJGluyWuBoKxcocHmGK7UkA&rfl=2%2Chttps%253A%252F%252Fwww.liveinternet.ru%252F%240
Frame ID: 06748C74152B138C75D5854B64C12440
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 1FE188CE7FC381B0F2624AA779077118
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9ABF56BB9467DB8D7104168B9F5C4A7F
Requests: 3 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: E540077059514D249AC4145BED628073
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 1DDDABB2CBAF4EEA24FB2CB77874058D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: DA6D3F0E6015462B2BF2B629CE98F15E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9C866CFBB71629A8E7FB8C44BBF49DFE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: BC2B1A2B80DC0A4CFD4D53352B2BA440
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C456B7728D6CC422B4C55CB2463B38CD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A029BDCB8B4F6316CDA619443FD15BE9
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5F3A2B2665409195220374007B143527
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1685.js
Frame ID: 6F921F4ECE5A9AB5A4D4C655E2EF9E01
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0B07B140182AD9540027812DC8841D2C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6AC30156D7B6080BB33DBE5E11958B4A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html
Frame ID: 2F1B2F8429A793C6777C45A34FE5C852
Requests: 21 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1685.js
Frame ID: 1FC9EE7599A2BF8424F4B3FF39E78338
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.liveinternet.ru/click HTTP 302
https://www.liveinternet.ru/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /mc\.yandex\.ru\/metrika\/watch\.js/i

Page Statistics

261
Requests

100 %
HTTPS

45 %
IPv6

40
Domains

61
Subdomains

49
IPs

8
Countries

3313 kB
Transfer

10485 kB
Size

7
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://g.liveinternet.ru/login_page.html?new
Title: В почту

Search URL Search Domain Scan URL

URL: https://mediametrics.ru/rating/ru/hour.html
Title: Популярные новости

Search URL Search Domain Scan URL

URL: https://mediametrics.ru/rating/ru/hour.html?article=426499348
Title: «Беглый» солдат угнал машину в Великих Луках и уходил на ней от погони в Куньинском районе

Search URL Search Domain Scan URL

URL: https://mediametrics.ru/rating/ru/hour.html?article=426511721
Title: СК возбудил уголовное дело после гибели девяти человек во Владикавказе

Search URL Search Domain Scan URL

URL: https://mediametrics.ru/rating/ru/hour.html?article=426463246
Title: Нацистский чизкейк: "ВкусВилл" спровоцировал новый скандал

Search URL Search Domain Scan URL

URL: https://mediametrics.ru/rating/ru/hour.html?article=426476552
Title: Почему никогда не надо брать в руки копию протокола от работника ГИБДД?

Search URL Search Domain Scan URL

URL: https://mediametrics.ru/rating/ru/hour.html?article=426442669
Title: В Торжке семья главы города скупает за бесценок муниципальную собственность?

Search URL Search Domain Scan URL

URL: http://beautiflash.ru/post486060920/
Title: ОЧЕНЬ вкусный и простой пирог на кефире к чаю!

Search URL Search Domain Scan URL

URL: http://beautiflash.ru/

Search URL Search Domain Scan URL

URL: http://beautiflash.ru/profile/
Title: Beauti_Flash

Search URL Search Domain Scan URL

URL: http://alinamix.com/post486060032/
Title: Земляничный зяблик

Search URL Search Domain Scan URL

URL: http://alinamix.com/

Search URL Search Domain Scan URL

URL: http://alinamix.com/profile/
Title: Alina_Mix

Search URL Search Domain Scan URL

URL: https://smart-lab.ru/brokers-rating/
Title: Рейтинг брокеров

Search URL Search Domain Scan URL

URL: http://www.technohelp.ru/
Title: Ноутбуки

Search URL Search Domain Scan URL

URL: http://www.03.ru/
Title: Советы врачей

Search URL Search Domain Scan URL

URL: http://www.3dnews.ru/
Title: Гаджеты и железки

Search URL Search Domain Scan URL

URL: http://radio.mediametrics.ru/
Title: Радио Медиаметрикс

Search URL Search Domain Scan URL

URL: http://smart-lab.ru/
Title: Курсы валют

Search URL Search Domain Scan URL

URL: https://www.technohelp.ru/
Title: Ремонт ноутбуков

Search URL Search Domain Scan URL

URL: http://doctor.ru/
Title: Медицина и здоровье на Doctor.ru:

Search URL Search Domain Scan URL

URL: http://doctor.ru/read/403
Title: Рак крови и беременность: Как работает фонд борьбы с лейкемией

Search URL Search Domain Scan URL

URL: http://doctor.ru/read/402
Title: Ферменты, переваривание и панкреатит

Search URL Search Domain Scan URL

URL: http://doctor.ru/read/401
Title: Артрозы

Search URL Search Domain Scan URL

URL: http://g.liveinternet.ru/login_page.html
Title: почта

Search URL Search Domain Scan URL

URL: http://chat.li.ru/
Title: чат

Search URL Search Domain Scan URL

URL: http://wiki.liveinternet.ru/
Title: помощь

Search URL Search Domain Scan URL

URL: http://www.li.ru/
Title: версия для pda

Search URL Search Domain Scan URL

URL: https://g.liveinternet.ru/recover.php
Title: Напомнить пароль

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.liveinternet.ru/click HTTP 302
https://www.liveinternet.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://counter.yadro.ru/hit;li_face?r;s1600*1200*24;uhttps%3A//www.liveinternet.ru/;hLiveInternet%20@%20%u0421%u0442%u0430%u0442%u0438%u0441%u0442%u0438%u043A%u0430%20%u0438%20%u0434%u043D%u0435%u0432%u043D%u0438%u043A%u0438%2C%20%u043F%u043E%u0447%u0442%u0430%20%u0438%20%u043F%u043E%u0438%u0441%u043A;0.9196482919322349 HTTP 302
https://counter.yadro.ru/hit;li_face?q;r;s1600*1200*24;uhttps%3A//www.liveinternet.ru/;hLiveInternet%20@%20%u0421%u0442%u0430%u0442%u0438%u0441%u0442%u0438%u043A%u0430%20%u0438%20%u0434%u043D%u0435%u0432%u043D%u0438%u043A%u0438%2C%20%u043F%u043E%u0447%u0442%u0430%20%u0438%20%u043F%u043E%u0438%u0441%u043A;0.9196482919322349

Request Chain 47

https://px.adhigh.net/rtb/yandex_hb HTTP 307
https://px.adhigh.net/rtb/yandex_hb?bounced=1

Request Chain 48

https://exchange.buzzoola.com/ssp/adfox HTTP 307
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

Request Chain 66

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9360.wF6ABsF6ZUaCQoT1pp0qLZQJe9e-qiBb75g_bInsXf1qYZtZdThEBHiIhmQ8kSf3.ifcVoR_cWaGKVY3V4zH3yYo0pCs%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9360.SA-j9F8aCFA8xZpHai5svHovQwZuIhd1ksEP79CX3HIHX3bJT0xUmhoE37QMSSuV7LqxfR3eXZ7OvslYpJeSP_mihPB54RSPI4YW-nN-pGQ%2C.covKKT-JuKIrLhtt0iGG12pBP70%2C

Request Chain 71

https://mc.yandex.com/watch/11963701?wmode=7&page-url=https%3A%2F%2Fwww.liveinternet.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A616%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A2%3Adp%3A0%3Als%3A15181943181%3Ahid%3A183469515%3Az%3A120%3Ai%3A20210809225830%3Aet%3A1628542710%3Ac%3A1%3Arn%3A976202981%3Au%3A1628542710808524821%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628542708599%3Ads%3A0%2C109%2C99%2C80%2C111%2C0%2C%2C726%2C1%2C%2C%2C%2C1051%3Adsn%3A0%2C109%2C100%2C79%2C111%2C0%2C%2C651%2C1%2C%2C%2C%2C1051%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628542710%3At%3ALiveInternet%20%40%20%D0%A1%D1%82%D0%B0%D1%82%D0%B8%D1%81%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B8%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%D0%B8%2C%20%D0%BF%D0%BE%D1%87%D1%82%D0%B0%20%D0%B8%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA HTTP 302
https://mc.yandex.com/watch/11963701/1?wmode=7&page-url=https%3A%2F%2Fwww.liveinternet.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A616%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A2%3Adp%3A0%3Als%3A15181943181%3Ahid%3A183469515%3Az%3A120%3Ai%3A20210809225830%3Aet%3A1628542710%3Ac%3A1%3Arn%3A976202981%3Au%3A1628542710808524821%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628542708599%3Ads%3A0%2C109%2C99%2C80%2C111%2C0%2C%2C726%2C1%2C%2C%2C%2C1051%3Adsn%3A0%2C109%2C100%2C79%2C111%2C0%2C%2C651%2C1%2C%2C%2C%2C1051%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628542710%3At%3ALiveInternet%20%40%20%D0%A1%D1%82%D0%B0%D1%82%D0%B8%D1%81%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B8%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%D0%B8%2C%20%D0%BF%D0%BE%D1%87%D1%82%D0%B0%20%D0%B8%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA

Request Chain 72

https://mc.yandex.com/watch/125905?wmode=7&page-url=https%3A%2F%2Fwww.liveinternet.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A244286069109%3Ahid%3A183469515%3Az%3A120%3Ai%3A20210809225829%3Aet%3A1628542710%3Ac%3A1%3Arn%3A101784587%3Au%3A1628542710164171915%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628542708599%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628542710%3At%3ALiveInternet%20%40%20%D0%A1%D1%82%D0%B0%D1%82%D0%B8%D1%81%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B8%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%D0%B8%2C%20%D0%BF%D0%BE%D1%87%D1%82%D0%B0%20%D0%B8%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA HTTP 302
https://mc.yandex.com/watch/125905/1?wmode=7&page-url=https%3A%2F%2Fwww.liveinternet.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A244286069109%3Ahid%3A183469515%3Az%3A120%3Ai%3A20210809225829%3Aet%3A1628542710%3Ac%3A1%3Arn%3A101784587%3Au%3A1628542710164171915%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628542708599%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628542710%3At%3ALiveInternet%20%40%20%D0%A1%D1%82%D0%B0%D1%82%D0%B8%D1%81%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B8%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%D0%B8%2C%20%D0%BF%D0%BE%D1%87%D1%82%D0%B0%20%D0%B8%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA

Request Chain 76

https://gum.criteo.com/sid/json?origin=publishertag&domain=liveinternet.ru&sn=ChromeSyncframe&so=0&topUrl=www.liveinternet.ru&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=zLV2InxxOGpBN0VhZWhUUGVFK1lJUEhPak1IUjc4WHYyUDltUnUrUVlDZUtONElSY2lHRHZrSyt0SmhYZEgxa28vVjQ0bkx3UUlpWmtmWmFuRlZRMElQc3p1LzlyR3JsakU3cXVRanFxVkJmMCtzd2hCMnJYNzczSmUrN2oyRExmQThURmE0UWluNUtCNmpFUmtMQW8rQ3JvNjhDaUJySDdNaS90cHNHU2t2OVBpc2ZSN0RZdjR1dktnemQ2NGt1NHBQYlFmRm9GM0szdkJnMkxvZGlSR21YZTZvZVptMHFUbmRKUmJxVzIzd1Z3QkVBeDAwOTg1UGlMc0xRNC8wUVhqaVFVQ0YvYUJzWjBqZkd3VXJ4dGFUZ0FJdz09fA&cppv=2

Request Chain 77

https://yastatic.net/pcode/adfox/loader.js HTTP 302
https://an.yandex.ru/system/adfox.js

Request Chain 134

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 160

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLqQS7gbiIDIzTKV1-bBnI&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLqQS7gbiIDIzTKV1-bBnI&google_cver=1&C=1

Request Chain 161

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YRGW.GTRLfUjNm5X.ad2hwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLqQS7gbiIDIzTKV1-bBnI&google_cver=1&google_hm=2

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGC_4H73RXdM_DNAS5-nVlc&google_cver=1

Request Chain 163

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA5NzkwMjA3MjAwMDgyMTcyNQ%3D%3D

Request Chain 171

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 181

https://cm.g.doubleclick.net/pixel?google_nid=doubleverify_ddp&google_ula=7327243&google_cm&google_hm=**&google_redir=https%3A%2F%2Ftps620.doubleverify.com%2Fbsevent.gif%3Fimpid%3Dc04eeb7c3e21446b966dfc81f034626c%26dvpx_gfbc%3D1&cbust=1628542712603748 HTTP 302
https://tps620.doubleverify.com/bsevent.gif?impid=c04eeb7c3e21446b966dfc81f034626c&dvpx_gfbc=1&cbust=1628542712603748&google_error=10

Request Chain 208

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPjWRfu-4oqHynf0pTDvsks&google_cver=1&google_push=AYg5qPJZ6pHALm0Wigftj5eGPkaOMDA26jSNvblPndE5BFUNLjmNp9Q72-wzPsx6O3NYWL1eVa2Wy2BX3Yg6OFhGPebC1RswABCE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk5NDUzNzY5MjQ3ODk2MTgxMw%3D%3D&google_push=AYg5qPJZ6pHALm0Wigftj5eGPkaOMDA26jSNvblPndE5BFUNLjmNp9Q72-wzPsx6O3NYWL1eVa2Wy2BX3Yg6OFhGPebC1RswABCE

Request Chain 209

https://ads.travelaudience.com/google_pixel?google_gid=CAESECGYX0xIaEZfgcP04coLI8I&google_cver=1&google_push=AYg5qPI1rPm3A6mpdlTFBQfmeVFyYmHe-GBj45NvPoku3k_2bOWEeeRBbrimM_XyHEgzoYgN1bD2jw9D7RT28uCbBTTJP5oaIpGB HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oQzqOZ2oQkquZFCzcZTdOA2&google_push=AYg5qPI1rPm3A6mpdlTFBQfmeVFyYmHe-GBj45NvPoku3k_2bOWEeeRBbrimM_XyHEgzoYgN1bD2jw9D7RT28uCbBTTJP5oaIpGB

Request Chain 210

https://d5p.de17a.com/cookies/google?google_gid=CAESELoyOgaGVngh_cqRfD-VTNI&google_cver=1&google_push=AYg5qPK6tiQ9NYbA-YSIMwZNuzIpcVvi0bnGL51VBHd9KIgOUSqQSFJZovKKp93pJ2x2xZS5cb-wK5Vau14C5XBiFo4eoVsIcz_J HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESELoyOgaGVngh_cqRfD-VTNI&google_cver=1&google_push=AYg5qPK6tiQ9NYbA-YSIMwZNuzIpcVvi0bnGL51VBHd9KIgOUSqQSFJZovKKp93pJ2x2xZS5cb-wK5Vau14C5XBiFo4eoVsIcz_J HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPK6tiQ9NYbA-YSIMwZNuzIpcVvi0bnGL51VBHd9KIgOUSqQSFJZovKKp93pJ2x2xZS5cb-wK5Vau14C5XBiFo4eoVsIcz_J

Request Chain 211

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMoONLCQX0kFZsLk3gDGLmw&google_cver=1&google_push=AYg5qPJbzx121bx0UgLtrG7yIRSlr4ZPTDp02yn9hconODsThDEPcG4Wc7FJowtZL_xt3Kt1OoQahPQg2bsJrKweXAZ7jKtnGaY HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMoONLCQX0kFZsLk3gDGLmw&google_cver=1&google_push=AYg5qPJbzx121bx0UgLtrG7yIRSlr4ZPTDp02yn9hconODsThDEPcG4Wc7FJowtZL_xt3Kt1OoQahPQg2bsJrKweXAZ7jKtnGaY&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=m_QIu3adTBGYS5SPfmqBdQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJbzx121bx0UgLtrG7yIRSlr4ZPTDp02yn9hconODsThDEPcG4Wc7FJowtZL_xt3Kt1OoQahPQg2bsJrKweXAZ7jKtnGaY

Request Chain 212

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBXhNaoA4Fjql4Ab86dfpxU&google_cver=1&google_push=AYg5qPL_LbkKNJELBSq70XipIVNyULUubGjNBqldh5o4KtK16lxia6dYRlKbhgLvkYl_r8uBJFkvpO8iwWX2cSkDqrg-FpcrPOw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPL_LbkKNJELBSq70XipIVNyULUubGjNBqldh5o4KtK16lxia6dYRlKbhgLvkYl_r8uBJFkvpO8iwWX2cSkDqrg-FpcrPOw

Request Chain 213

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP9b1EnF38JgZYMbD7OOb6w&google_cver=1&google_push=AYg5qPK0eErrX2jWtH3oVgYSaIzu65mm4b_xvz3d6NqxrFo6-6HYyP33bAvbmm-BxiONh3wCIyzUOBHleTvS-xvo8uQ0KADfyto6 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-2ca7c676-4ab8-4f98-a8dc-aaad51e3dadf-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPK0eErrX2jWtH3oVgYSaIzu65mm4b_xvz3d6NqxrFo6-6HYyP33bAvbmm-BxiONh3wCIyzUOBHleTvS-xvo8uQ0KADfyto6%26google_hm%3DAyynxnZKuE-YqNyqrVHj2t8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPK0eErrX2jWtH3oVgYSaIzu65mm4b_xvz3d6NqxrFo6-6HYyP33bAvbmm-BxiONh3wCIyzUOBHleTvS-xvo8uQ0KADfyto6&google_hm=AyynxnZKuE-YqNyqrVHj2t8

Request Chain 238

https://cm.g.doubleclick.net/pixel?google_nid=doubleverify_ddp&google_ula=7327243&google_cm&google_hm=**&google_redir=https%3A%2F%2Ftps10212.doubleverify.com%2Fevent.png%3Fimpid%3D72a884617b3941ffba39463f94c1f48e%26gdpr%3D%26gdpr_consent%3D%26dvpx_gfbc%3D1&cbust=1628542713551746 HTTP 302
https://tps10212.doubleverify.com/event.png?impid=72a884617b3941ffba39463f94c1f48e&gdpr=&gdpr_consent=&dvpx_gfbc=1&cbust=1628542713551746&google_error=10

Request Chain 240

https://cm.g.doubleclick.net/pixel?google_nid=doubleverify_ddp&google_ula=7327243&google_cm&google_hm=**&google_redir=https%3A%2F%2Ftps10281.doubleverify.com%2Fevent.png%3Fimpid%3Dce31859dc06841f8a0ffe1ca704be33d%26gdpr%3D%26gdpr_consent%3D%26dvpx_gfbc%3D1&cbust=1628542713686464 HTTP 302
https://tps10281.doubleverify.com/event.png?impid=ce31859dc06841f8a0ffe1ca704be33d&gdpr=&gdpr_consent=&dvpx_gfbc=1&cbust=1628542713686464&google_error=10

261 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.liveinternet.ru/
Redirect Chain

http://www.liveinternet.ru/click
https://www.liveinternet.ru/

35 KB
36 KB

210ms
100ms

Document
text/html

88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: a2c5356a9c8c24c28c3667502e33829d74dbac33025199c756518557bccba903

Request headers

Host: www.liveinternet.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.14.2
Date: Mon, 09 Aug 2021 20:58:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 36175
Connection: keep-alive
Accept-Ranges: bytes
Expires: Sat, 08 Aug 2020 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache

Redirect headers

Server: nginx/1.14.2
Date: Mon, 09 Aug 2021 20:58:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 41
Connection: keep-alive
Location: https://www.liveinternet.ru/
Expires: Sat, 08 Aug 2020 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
49 KB 59ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cbb86917356ee5dd8bef81f65f7d154577e7298abca0a615d9a3238cd8030a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49446
x-xss-protection: 0
server: cafe
etag: 18300585670800121929
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 09 Aug 2021 20:58:28 GMT

GET
H/1.1 200
OK main_new.css
i.li.ru/utf/ 13 KB
13 KB 204ms
94ms Stylesheet
text/css 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.li.ru/utf/main_new.css
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: 8b02ba8596b3e520cd06fc86d605cf133cd0ba2bf47a0ab48e25ab62b17abdc1

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 20:58:29 GMT
Last-Modified: Wed, 13 Mar 2019 18:52:25 GMT
Server: nginx/1.14.2
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13290
Expires: Mon, 09 Aug 2021 22:10:56 GMT

GET
H/1.1 200
OK global.js Show response
i.li.ru/utf/ 48 KB
12 KB 206ms
96ms Script
application/x-javascript 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.li.ru/utf/global.js
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: b650768f2426d107f7d36df05c09a7220941cec1ea265d2a82bcb6fcea341f2c

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 20:58:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Oct 2020 17:50:50 GMT
Server: nginx/1.14.2
Content-Type: application/x-javascript; charset=windows-1251
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11538
Expires: Mon, 09 Aug 2021 22:10:53 GMT

GET
H2 200 header-bidding.js Show response
yandex.ru/ads/system/ 152 KB
39 KB 187ms
57ms Script
text/javascript 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/header-bidding.js

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e1c33e3661729a49a22529bbe65b5185fa290d70d416f92373957f55477286b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
etag: 2525422710
x-yandex-req-id: 1628542709294735-5549424178540305210-sas2-0662-sas-l7-balancer-8080-BAL-2798
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 09 Aug 2021 21:58:29 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 278 KB
75 KB 184ms
54ms Script
text/javascript 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

b336b8326ef39a7b6d9d227dbe0832ebd7d145f518cc29db39ef7bc00d9af4f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
etag: 3349912352
x-yandex-req-id: 1628542709295011-1767181571944689420-sas2-0662-sas-l7-balancer-8080-BAL-3062
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 09 Aug 2021 21:58:29 GMT

GET
H2 200 widget.js Show response
an.yandex.ru/system/ 152 KB
40 KB 186ms
57ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/widget.js

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8d12a5f777553d5f620c9060b7335d45f053afbfdea43d647c04ed985fda4b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
strict-transport-security: max-age=31536000
content-encoding: br
etag: 2427331448
x-yandex-req-id: 1628542709296860-194872580047363385500390-production-app-host-sas-pcode-195
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 09 Aug 2021 21:58:29 GMT

GET
H/1.1 200
OK luki.ru.ico
www.liveinternet.ru/favicon/ 730 B
964 B 186ms
56ms Image
image/png 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.liveinternet.ru/favicon/luki.ru.ico
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: 65dba7d734eddb7d848b3837326697b4d5c40b3240968904bb6adabeb28f0cf2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.liveinternet.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.liveinternet.ru/
Cookie: chbx=guest
Connection: keep-alive
Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 20:58:29 GMT
Last-Modified: Sun, 08 Aug 2021 08:34:45 GMT
Server: nginx/1.14.2
Connection: keep-alive
Content-Type: image/png
Content-Length: 730
Expires: Thu, 12 Aug 2021 05:56:44 GMT

GET
H/1.1 200
OK ria.ru.ico
www.liveinternet.ru/favicon/ 633 B
867 B 184ms
55ms Image
image/png 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.liveinternet.ru/favicon/ria.ru.ico
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: 29d4f8f39378b5f34256e23a6e0c123aaab984079d77a427ba7e51d7324695a7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.liveinternet.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.liveinternet.ru/
Cookie: chbx=guest
Connection: keep-alive
Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 20:58:29 GMT
Last-Modified: Sun, 08 Aug 2021 11:34:35 GMT
Server: nginx/1.14.2
Connection: keep-alive
Content-Type: image/png
Content-Length: 633
Expires: Thu, 12 Aug 2021 14:10:12 GMT

GET
H/1.1 200
OK finance.rambler.ru.ico
www.liveinternet.ru/favicon/ 452 B
686 B 184ms
55ms Image
image/png 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.liveinternet.ru/favicon/finance.rambler.ru.ico
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: eb0f8aa7ef87acb57267c9235ad86ad40d00c57b3486cb98cf833dd0f2b37f60

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.liveinternet.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.liveinternet.ru/
Cookie: chbx=guest
Connection: keep-alive
Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 20:58:29 GMT
Last-Modified: Mon, 09 Aug 2021 12:21:29 GMT
Server: nginx/1.14.2
Connection: keep-alive
Content-Type: image/png
Content-Length: 452
Expires: Thu, 12 Aug 2021 19:58:23 GMT

GET
H/1.1 200
OK auto.rambler.ru.ico
www.liveinternet.ru/favicon/ 556 B
790 B 135ms
54ms Image
image/png 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.liveinternet.ru/favicon/auto.rambler.ru.ico
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: f65be7642dee2b876a8d171e194d56e8bdecb2d3dda928907d8a8233e3a10979

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.liveinternet.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.liveinternet.ru/
Cookie: chbx=guest
Connection: keep-alive
Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 20:58:29 GMT
Last-Modified: Sat, 07 Aug 2021 16:20:31 GMT
Server: nginx/1.14.2
Connection: keep-alive
Content-Type: image/png
Content-Length: 556
Expires: Thu, 12 Aug 2021 17:50:27 GMT

GET
H/1.1 200
OK tver24.com.ico
www.liveinternet.ru/favicon/ 2 KB
2 KB 59ms
55ms Image
image/png 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.liveinternet.ru/favicon/tver24.com.ico
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: 8031b8ff098bbe6d5c755fcb6365feebbf2e79d90dd4e5506b96acb353185bcd

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.liveinternet.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.liveinternet.ru/
Cookie: chbx=guest
Connection: keep-alive
Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 20:58:29 GMT
Last-Modified: Mon, 09 Aug 2021 11:24:42 GMT
Server: nginx/1.14.2
Connection: keep-alive
Content-Type: image/png
Content-Length: 1768
Expires: Thu, 12 Aug 2021 16:44:21 GMT

GET
H/1.1 200
OK w2.gif
i.li.ru/images/ 2 KB
2 KB 163ms
54ms Image
image/gif 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.li.ru/images/w2.gif
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: 784df16a14e5dc3820fc1995f07b61712d8d2531e387d16eeecb7af8672ecc30

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 20:58:29 GMT
Last-Modified: Tue, 26 Dec 2017 17:10:25 GMT
Server: nginx/1.14.2
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1659
Expires: Thu, 30 Jun 2022 21:00:00 GMT

GET
H/1.1 200
OK protoculous-effects-packer.js Show response
i.li.ru/static/js/ 62 KB
62 KB 93ms
93ms Script
application/x-javascript 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.li.ru/static/js/protoculous-effects-packer.js
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: 0854ba4aeda95830ad5cf264c39b0effcc23cd187e621b791e0982f6d58bfaf4

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 20:58:29 GMT
Last-Modified: Tue, 13 Nov 2018 17:34:36 GMT
Server: nginx/1.14.2
Content-Type: application/x-javascript; charset=windows-1251
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63308
Expires: Mon, 09 Aug 2021 22:10:06 GMT

GET
H/1.1 200
OK lici.js Show response
www.liveinternet.ru/utf/ 14 KB
14 KB 59ms
59ms Script
application/x-javascript 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.liveinternet.ru/utf/lici.js
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: b2b0b35a72deb6d7c8abddc64d177588f6060c7a37f1f6b93fa5d2bdf6c90fea

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.liveinternet.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.liveinternet.ru/
Connection: keep-alive
Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 20:58:29 GMT
Last-Modified: Tue, 20 Feb 2018 14:37:05 GMT
Server: nginx/1.14.2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14581
Content-Type: application/x-javascript; charset=utf-8

GET
H/1.1 200
OK li.js Show response
www.liveinternet.ru/utf/ 152 KB
152 KB 265ms
135ms Script
application/x-javascript 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.liveinternet.ru/utf/li.js
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: 7e6dbb0edae85e0f5e06f9a8024cd8ab08ee46844247f3a67a363c1c3484539f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.liveinternet.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.liveinternet.ru/
Cookie: chbx=guest
Connection: keep-alive
Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 20:58:29 GMT
Last-Modified: Tue, 27 Apr 2021 14:30:05 GMT
Server: nginx/1.14.2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 155335
Content-Type: application/x-javascript; charset=utf-8

GET
H/1.1 200
OK main_new.js Show response
www.liveinternet.ru/utf/ 5 KB
6 KB 224ms
94ms Script
application/x-javascript 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.liveinternet.ru/utf/main_new.js?v=5
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: f8e75cfee116c03faa91b6a117e8a638cca62eb82dc132e82cc1dc6d6ed0e5ab

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.liveinternet.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.liveinternet.ru/
Cookie: chbx=guest
Connection: keep-alive
Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 20:58:29 GMT
Last-Modified: Mon, 29 May 2017 21:41:05 GMT
Server: nginx/1.14.2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5387
Content-Type: application/x-javascript; charset=utf-8

GET
H/1.1 200
OK /
counter.yadro.ru/logo;groups/li/ 377 B
650 B 174ms
59ms Image
image/gif 88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/logo;groups/li/?52.1

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

ea31a1469bb4a282a0a25e9bd20d6667128a79be1fa4961e399ee41c0aa3fa87

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Aug 2021 20:58:32 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
Content-Type: image/gif
Cache-control: no-cache
Connection: keep-alive
Content-Length: 377
Expires: Sat, 08 Aug 2020 21:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/ 250 KB
93 KB 48ms
31ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9165516179791802&plah=www.liveinternet.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ed67178ebfd49fa50bdb5c16594ea20cba8bd39ba5d828d5044d6ebdcd85a3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95446
x-xss-protection: 0
server: cafe
etag: 2857229705057511613
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 09 Aug 2021 20:58:29 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210805/r20190131/ Frame A07B 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210805/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210805/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.liveinternet.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.liveinternet.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 09 Aug 2021 18:05:27 GMT
expires: Mon, 23 Aug 2021 18:05:27 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 10382
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK icons.png
i.li.ru/images/main_new/ 8 KB
8 KB 138ms
57ms Image
image/png 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.li.ru/images/main_new/icons.png
Requested by: Host: i.li.ru
URL: https://i.li.ru/utf/main_new.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: 3c4509da00ea790b9cd80646ad5bd0d2600c77888268abeeab96f89149018aa3

Request headers

Referer: https://i.li.ru/utf/main_new.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 20:58:29 GMT
Last-Modified: Tue, 26 Dec 2017 16:45:08 GMT
Server: nginx/1.14.2
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8130
Expires: Thu, 30 Jun 2022 21:00:00 GMT

GET
H/1.1

200
OK

hit;li_face
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;li_face?r;s1600*1200*24;uhttps%3A//www.liveinternet.ru/;hLiveInternet%20@%20%u0421%u0442%u0430%u0442%u0438%u0441%u0442%u0438%u043A%u0430%20%u0438%20%u0434%u043D%u0435%u...
https://counter.yadro.ru/hit;li_face?q;r;s1600*1200*24;uhttps%3A//www.liveinternet.ru/;hLiveInternet%20@%20%u0421%u0442%u0430%u0442%u0438%u0441%u0442%u0438%u043A%u0430%20%u0438%20%u0434%u043D%u0435...

43 B
528 B

59ms
58ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;li_face?q;r;s1600*1200*24;uhttps%3A//www.liveinternet.ru/;hLiveInternet%20@%20%u0421%u0442%u0430%u0442%u0438%u0441%u0442%u0438%u043A%u0430%20%u0438%20%u0434%u043D%u0435%u0432%u043D%u0438%u043A%u0438%2C%20%u043F%u043E%u0447%u0442%u0430%20%u0438%20%u043F%u043E%u0438%u0441%u043A;0.9196482919322349

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Aug 2021 20:58:32 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 08 Aug 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 09 Aug 2021 20:58:32 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;li_face?q;r;s1600*1200*24;uhttps%3A//www.liveinternet.ru/;hLiveInternet%20@%20%u0421%u0442%u0430%u0442%u0438%u0441%u0442%u0438%u043A%u0430%20%u0438%20%u0434%u043D%u0435%u0432%u043D%u0438%u043A%u0438%2C%20%u043F%u043E%u0447%u0442%u0430%20%u0438%20%u043F%u043E%u0438%u0441%u043A;0.9196482919322349
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sat, 08 Aug 2020 21:00:00 GMT

GET
H/1.1 200
OK logo2.png
i.li.ru/images/main_new/ 3 KB
3 KB 60ms
57ms Image
image/png 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.li.ru/images/main_new/logo2.png
Requested by: Host: i.li.ru
URL: https://i.li.ru/utf/main_new.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: 8a21b7710d4ed040db83cefa915374b851d59f7267cb5c6d60f4ecae323195ef

Request headers

Referer: https://i.li.ru/utf/main_new.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 20:58:29 GMT
Last-Modified: Tue, 26 Dec 2017 16:45:15 GMT
Server: nginx/1.14.2
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3315
Expires: Thu, 30 Jun 2022 21:00:00 GMT

GET
H/1.1 200
OK technohelp-logo.png
i.li.ru/static/images/ 14 KB
15 KB 203ms
136ms Image
image/png 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.li.ru/static/images/technohelp-logo.png
Requested by: Host: i.li.ru
URL: https://i.li.ru/utf/main_new.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: ff95237b3ce4ecb3458a74b63182e31a2e963b1ee147095210b7f2c0cf3ac898

Request headers

Referer: https://i.li.ru/utf/main_new.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 20:58:29 GMT
Last-Modified: Mon, 30 Mar 2015 13:51:45 GMT
Server: nginx/1.14.2
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14838
Expires: Mon, 09 Aug 2021 22:10:58 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
660 B 111ms
34ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.liveinternet.ru&callback=_gfp_s_&client=ca-pub-9165516179791802

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9165516179791802&plah=www.liveinternet.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

31edf058b58a1c31f6041090f0b9c2f4ea708ed47175075de4c3533de62ec239

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 58ms
26ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.liveinternet.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 20:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 48ms
17ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.liveinternet.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 20:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9722 0
19 B 67ms
57ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9165516179791802&output=html&adk=1812271804&adf=3025194257&lmt=1628542709&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.liveinternet.ru%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628542709039&bpp=109&bdt=115&idt=245&shv=r20210805&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5744149938372&frm=20&pv=2&ga_vid=1926450450.1628542709&ga_sid=1628542709&ga_hid=63719049&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1740732808598772&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=314

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9165516179791802&output=html&adk=1812271804&adf=3025194257&lmt=1628542709&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.liveinternet.ru%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628542709039&bpp=109&bdt=115&idt=245&shv=r20210805&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5744149938372&frm=20&pv=2&ga_vid=1926450450.1628542709&ga_sid=1628542709&ga_hid=63719049&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1740732808598772&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=314
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.liveinternet.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.liveinternet.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 09 Aug 2021 20:58:29 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 09-Aug-2021 21:13:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 09 Aug 2021 20:58:29 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 41ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eecda7280d7a8779cb5ff8bf7459b430bf970052106a1c4b186ff2eddd8c82d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:29 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628508781313717"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27998
x-xss-protection: 0
expires: Mon, 09 Aug 2021 20:58:29 GMT

GET
H2 200 widget.js Show response
yastatic.net/partner-code-bundles/42380/bundles/ 548 KB
100 KB 182ms
84ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/42380/bundles/widget.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b2b34f5a0134f1307848ad4dc4ef16ef7f86f3d2a5fa1843f513d80173b660ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:29 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 101626
last-modified: Mon, 09 Aug 2021 10:30:35 GMT
server: nginx/1.17.9
etag: "b269535af940666f7f73d6717140a8c5"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2051 03:33:27 GMT

POST
H2 200 jstracer Show response
an.yandex.ru/ 2 B
31 B 146ms
60ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/jstracer?pcode_native=42380&values=performance&adb=false&verison=42380&bundle_version=42380&widget_pf=loader

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 132 KB
47 KB 153ms
44ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

fb92ed767b019d2f70db2183625e2d49cdf405c775127c8815b86acc15982194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://www.liveinternet.ru
Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:29 GMT
content-encoding: br
last-modified: Mon, 09 Aug 2021 14:22:52 GMT
etag: "611112b5-bb1c"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 47900
expires: Mon, 09 Aug 2021 21:58:29 GMT

GET
H2 200 125905 Show response
an.yandex.ru/meta/ 47 KB
11 KB 212ms
210ms Fetch
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/125905?imp-id=28&target-ref=https%3A%2F%2Fwww.liveinternet.ru%2F&page-ref=&ad-session-id=3737091628542709454&ss-skip-token-length=30&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22w%22%3A1280%2C%22h%22%3A0%2C%22width%22%3A1280%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A160%2C%22top%22%3A15%2C%22fontFamily%22%3A%22arial%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&test-tag=217703406108685&tga-with-creatives=1&return-widget-settings=1&yaw_ver=42380&pcodever=42380&use-server-side-rendering=1&pcode-test-ids=400769%2C0%2C81%3B399037%2C0%2C96%3B400159%2C0%2C7%3B388660%2C0%2C21%3B390342%2C0%2C29%3B203897%2C0%2C93&uniformat=true&pcode-flags=%7B%22FEATURE_TOGGLE_FLAG%22%3A1%2C%22UNILOADER_BLACKLIST_RE%22%3A%5B%5D%2C%22REMOVE_ADAPTIVE_SETTINGS_COLOR%22%3A%22exp%22%2C%22REMOVE_ADAPTIVE_SETTINGS%22%3A%22exp%22%2C%22WIDGET_ADTUNE%22%3A%22exp%22%2C%22ADAPTIVE_320_50%22%3A%22all%22%2C%22ADFOX_MRC_VISIBILITY%22%3Atrue%2C%22SINGLE_CONTEXT_BLACKLIST%22%3A%5B%5D%2C%22ZEN_FORMAT_PRICE%22%3A%22exp%22%2C%22USE_PUNY_DOMAIN%22%3A%22exp%22%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22smart_tile%22%5D%2C%22USE_ADFOX_INSTEAD_CONTEXT%22%3Atrue%2C%22FIX_IMAGES_CALCULATIONS%22%3A%22exp%22%2C%22USE_SUPERBUNDLE%22%3Atrue%2C%22RESPONSIVE_POSTER%22%3A%22exp%22%2C%22SINGLE_CONTEXT%22%3Atrue%2C%22HBVER%22%3A42153%2C%22FULL_SSR_PERCENT_LOG_META%22%3A0.0001%2C%22SSR_UNIFORMAT%22%3A%221%22%2C%22RTB_BANNER_FLAGS%22%3A%22exp%22%2C%22ZEN_REDESIGN_TOUCH_CARD%22%3A%22exp%22%2C%22CONTENT_TYPE_CHARSET%22%3Atrue%2C%22VIDEO_PACKSHOT_ENABLE%22%3A%22exp%22%2C%22AVITO_IMAGE%22%3A%22exp%22%2C%22RMP_SEND_BEACON%22%3A%22exp%22%2C%22RMP_POSTER_2%22%3A%22sticky%22%7D&available-width=1280&pcode-icookie=7646397981628542709&grab=dExpdmVJbnRlcm5ldCBAINCh0YLQsNGC0LjRgdGC0LjQutCwINC4INC00L3QtdCy0L0%3D

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

b96f80b87ef9acefbf075414b169ce2d52a699d59279e7150c98a8251e57b54a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:29 GMT
content-encoding: gzip
last-modified: Mon, 09 Aug 2021 20:58:29 GMT
ssr: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1628542709538428-118953259391035133100451-production-app-host-sas-pcode-135
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 09 Aug 2021 20:58:29 GMT

GET
H2 200 a0b32b115874213fedb0.js Show response
yastatic.net/partner-code-bundles/42380/ 77 KB
17 KB 164ms
80ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/42380/a0b32b115874213fedb0.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

81cc8c992ec942a7e5b34980acf4ce4354e335c5db4fb40b7f97609c17a7a1ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.liveinternet.ru
Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:29 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 16790
last-modified: Mon, 09 Aug 2021 10:30:35 GMT
server: nginx/1.17.9
etag: "ee95c4582d758d8a132465fc2ca8642b"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2051 03:33:23 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.82/ 33 KB
9 KB 229ms
145ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.82/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

10c861bc88c25be1f3ee98f7652bc7fbb35857f42f923e00c6037b757c77685e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.liveinternet.ru
Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:29 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8879
last-modified: Mon, 28 Jun 2021 10:29:24 GMT
server: nginx/1.17.9
etag: "e4627697ff619d2b610d2b2fee975531"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2051 03:33:43 GMT

POST
H2 200 jstracer Show response
an.yandex.ru/ 2 B
262 B 54ms
53ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/jstracer

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

POST
H2 200 jstracer Show response
an.yandex.ru/ 2 B
31 B 47ms
46ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/jstracer

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

POST
H2 200 jstracer Show response
an.yandex.ru/ 2 B
31 B 45ms
45ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/jstracer

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 06992d8746aef3123a10.js Show response
yastatic.net/partner-code-bundles/42380/ 12 KB
5 KB 200ms
144ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/42380/06992d8746aef3123a10.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

c5d1423ea9bdd4526b1580df22afd434d86cf2498c3aed3697b8d83147d7ad8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.liveinternet.ru
Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:29 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4211
last-modified: Mon, 09 Aug 2021 10:30:34 GMT
server: nginx/1.17.9
etag: "d800869ff5395067b6f20679b8c7e9c3"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2051 03:33:22 GMT

GET
H2 200 b418af1722da54bef424.js Show response
yastatic.net/partner-code-bundles/42380/ 885 KB
145 KB 156ms
101ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/42380/b418af1722da54bef424.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

aa82f7c38653571ca6ee8a85138bc97a0bac10e2be1875e31f50a93c3694db7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.liveinternet.ru
Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:29 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 148188
last-modified: Mon, 09 Aug 2021 10:30:35 GMT
server: nginx/1.17.9
etag: "b58322e5aac3ae1336f6deb839b7951e"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2051 03:33:23 GMT

GET
H2 200 bbe379c76d545e8ab821.js Show response
yastatic.net/partner-code-bundles/42380/ 338 KB
62 KB 200ms
145ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/42380/bbe379c76d545e8ab821.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

8d5231d189ab0209f459587ae47f89ce0e743ae5701b15c315c3103d52fa453e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.liveinternet.ru
Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:29 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 62545
last-modified: Mon, 09 Aug 2021 10:30:35 GMT
server: nginx/1.17.9
etag: "ccc601a34a03ae28404e29f5d987719e"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2051 03:33:23 GMT

GET
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 86 B
373 B 157ms
48ms XHR
application/json 2a02:6b8::16b
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

0a8e98935863e61b63e0a8afdab74932b50426dc861e900ce5958003c68e4ca0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.liveinternet.ru
date: Mon, 09 Aug 2021 20:58:29 GMT
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 86
x-content-type-options: nosniff
content-type: application/json

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 117 KB
38 KB 94ms
32ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 2b12dde062253510003fb9fe9f4405bf1983f053bb9c7709a239ceee4c261af6

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:29 GMT
content-encoding: gzip
last-modified: Mon, 02 Aug 2021 10:15:57 GMT
server: nginx
etag: W/"6107c5dd-1d48a"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 10 Aug 2021 20:58:29 GMT

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
342 B 150ms
54ms XHR
application/json 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 09 Aug 2021 20:58:29 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.liveinternet.ru
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
924 B 230ms
73ms XHR
application/json 188.42.29.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.liveinternet.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
307 B 253ms
67ms XHR
text/plain 195.209.111.15
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.15 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.liveinternet.ru
Pragma: no-cache
Date: Mon, 09 Aug 2021 20:58:29 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
213 B 1086ms
22ms XHR
application/json 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.liveinternet.ru
date: Mon, 09 Aug 2021 20:58:30 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H2 200 yhb Show response
yhb.p.otm-r.com/ 11 B
256 B 1151ms
69ms XHR
text/plain 195.201.152.105
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yhb.p.otm-r.com/yhb
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.152.105 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.105.152.201.195.clients.your-server.de
Software: nginx/1.17.6 /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.liveinternet.ru
date: Mon, 09 Aug 2021 20:58:30 GMT
access-control-allow-credentials: true
server: nginx/1.17.6
content-length: 11
vary: Origin
content-type: text/plain; charset=utf-8

POST
H2

200

yandex_hb Show response
px.adhigh.net/rtb/
Redirect Chain

https://px.adhigh.net/rtb/yandex_hb
https://px.adhigh.net/rtb/yandex_hb?bounced=1

11 B
320 B

56ms
56ms

XHR
application/json

193.232.148.145
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.adhigh.net/rtb/yandex_hb?bounced=1
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.232.148.145 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: smtp6.sender.ltmse.com
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:29 GMT
server: nginx
x-backend-id: f6-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://www.liveinternet.ru
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 11
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:29 GMT
server: nginx
access-control-allow-origin: https://www.liveinternet.ru
x-backend-id: f6-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://px.adhigh.net/rtb/yandex_hb?bounced=1
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2

200

adfox Show response
exchange.buzzoola.com/ssp/
Redirect Chain

https://exchange.buzzoola.com/ssp/adfox
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

11 B
323 B

79ms
79ms

XHR
text/plain

195.201.87.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 195.201.87.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.87.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:29 GMT
server: nginx
serverid: TODO
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.liveinternet.ru
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 11

Redirect headers

date: Mon, 09 Aug 2021 20:58:29 GMT
server: nginx
access-control-allow-origin: https://www.liveinternet.ru
etag: W/"88f10f88fb65f558caa0d33b60faa2d3609ac19d3197b180bed653b8a8c5bf20"
serverid: TODO
location: /ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 0

POST
H/1.1 200
OK bid Show response
adfox-hb-bidder.rutarget.ru/ 11 B
730 B 251ms
103ms XHR
application/json 80.64.106.150
RASCOM-AS CJSC RA...

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-hb-bidder.rutarget.ru/bid
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.64.106.150 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS: s-fr5.rutarget.ru
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 09 Aug 2021 20:58:29 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Access-Control-Allow-Origin: https://www.liveinternet.ru
Rutarget-SameSite-Cookie: true
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name,Authorization
Content-Length: 11

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 132 KB
47 KB 138ms
47ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

fb92ed767b019d2f70db2183625e2d49cdf405c775127c8815b86acc15982194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:29 GMT
content-encoding: br
last-modified: Mon, 09 Aug 2021 14:22:52 GMT
etag: "611112b5-bb1c"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 47900
expires: Mon, 09 Aug 2021 21:58:29 GMT

GET
H/1.1 200
OK main.js Show response
static-mon.yandex.net/static/ 105 KB
106 KB 167ms
78ms XHR
application/javascript 2a02:6b8::402
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://static-mon.yandex.net/static/main.js?pid=liveinternet
Requested by: Host: i.li.ru
URL: https://i.li.ru/utf/global.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::402 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: f573042ba188e19d4ea50f38f16fd5f755629fbe2b9aae33fca9ac6c26ce2f86

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 20:58:29 GMT
Nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
X-Amz-Request-Id: cb81a0456a0aab8a
Transfer-Encoding: chunked
X-Consumed-Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 20:58:29 GMT
X-Robots-Tag: noindex, noarchive, nofollow
Vary: Origin
Report-To: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
X-Amz-Version-Id: null
Access-Control-Allow-Origin: https://www.liveinternet.ru
Access-Control-Expose-Headers: Content-Lenght
Cache-Control: max-age=600,private
Access-Control-Allow-Credentials: true
Content-Type: application/javascript
Content-Lenght: 107208

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
297 B 80ms
78ms XHR
text/plain 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:29 GMT
content-encoding: gzip
last-modified: Mon, 09 Aug 2021 20:58:29 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 09 Aug 2021 20:58:29 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 44ms
43ms Preflight 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.liveinternet.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Mon, 09 Aug 2021 20:58:29 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: https://www.liveinternet.ru
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 68ms
21ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=111&profileId=184&cb=63053393398
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.liveinternet.ru
date: Mon, 09 Aug 2021 20:58:29 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 x80
avatars.mds.yandex.net/get-direct/4474510/1oQc0AlscF6DCbh4K8pDag/ Frame 9669 3 KB
3 KB 136ms
44ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4474510/1oQc0AlscF6DCbh4K8pDag/x80
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 49765a99f6626bcac7b0b506f69db9718a6400307c5e2b8655a0e2e7d522838d

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:29 GMT
last-modified: Thu, 08 Apr 2021 20:01:37 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 3002
x-request-id: 24c99cbeb1896604

GET
H/1.1 200
OK 8B79EF.png
r.mradx.net/img/40/ Frame 9669 288 B
649 B 167ms
41ms Image
image/png 2a00:1148:db00::28
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.mradx.net/img/40/8B79EF.png
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a00:1148:db00::28 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 4a4553fd134d8a30751ea9530a99fd4ef7204cbcb0d95fef112e15134bd5edd2

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 20:58:29 GMT
Last-Modified: Fri, 01 Mar 2019 12:58:46 GMT
Server: nginx
ETag: "5c792c86-120"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 288
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 9669 329 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b01ba49da97481feb0aaee0d5721feb01def9ca22fca11ba5d920797f11c03dd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 x80
avatars.mds.yandex.net/get-direct/4474510/1oQc0AlscF6DCbh4K8pDag/ 3 KB
3 KB 96ms
44ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4474510/1oQc0AlscF6DCbh4K8pDag/x80
Requested by: Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/42380/bundles/widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 49765a99f6626bcac7b0b506f69db9718a6400307c5e2b8655a0e2e7d522838d

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:29 GMT
last-modified: Thu, 08 Apr 2021 20:01:37 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 3002
x-request-id: 24c99cbeb1896604

POST
H2 200 jstracer Show response
an.yandex.ru/ 2 B
31 B 46ms
46ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/jstracer?pcode_native=42380&values=block_render&adb=false&verison=42380&bundle_version=42380&widget_pf=loader

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

POST
H2 200 jstracer Show response
an.yandex.ru/ 2 B
31 B 59ms
59ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/jstracer?pcode_native=42380&values=performance&adb=false&verison=42380&bundle_version=42380&widget_pf=loader

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

POST
H2 204 events
bidder.criteo.com/csm/ 0
192 B 21ms
20ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.liveinternet.ru
date: Mon, 09 Aug 2021 20:58:29 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
337 B 35ms
33ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:29 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 04 Aug 2022 20:58:29 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
337 B 24ms
23ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:29 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 04 Aug 2022 20:58:29 GMT

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
123 B 68ms
68ms XHR
text/plain 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:30 GMT
content-encoding: gzip
last-modified: Mon, 09 Aug 2021 20:58:30 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 09 Aug 2021 20:58:30 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 62ms
62ms Preflight 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.liveinternet.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Mon, 09 Aug 2021 20:58:29 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: https://www.liveinternet.ru
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9360.wF6ABsF6ZUaCQoT1pp0qLZQJe9e-qiBb75g_bInsXf1qYZtZdThEBHiIhmQ8kSf3.ifcVoR_cWaGKVY3V4zH3yYo0pCs%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9360.SA-j9F8aCFA8xZpHai5svHovQwZuIhd1ksEP79CX3HIHX3bJT0xUmhoE37QMSSuV7LqxfR3eXZ7OvslYpJeSP_mihPB54RSPI4YW-nN-pGQ%2C.covKKT-JuKIrLhtt0iGG12pBP70%2C

43 B
331 B

45ms
44ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9360.SA-j9F8aCFA8xZpHai5svHovQwZuIhd1ksEP79CX3HIHX3bJT0xUmhoE37QMSSuV7LqxfR3eXZ7OvslYpJeSP_mihPB54RSPI4YW-nN-pGQ%2C.covKKT-JuKIrLhtt0iGG12pBP70%2C

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:30 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9360.SA-j9F8aCFA8xZpHai5svHovQwZuIhd1ksEP79CX3HIHX3bJT0xUmhoE37QMSSuV7LqxfR3eXZ7OvslYpJeSP_mihPB54RSPI4YW-nN-pGQ%2C.covKKT-JuKIrLhtt0iGG12pBP70%2C
date: Mon, 09 Aug 2021 20:58:30 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

HEAD
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.39/ 0
542 B 41ms
41ms XHR
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.39/host.js

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:30 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7306
last-modified: Wed, 22 May 2019 10:50:14 GMT
server: nginx/1.17.9
etag: "fb20ac226b37ae25c7039cf3e4afd1b2"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2051 03:33:58 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
159 B 45ms
44ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:30 GMT
last-modified: Mon, 09 Aug 2021 13:26:46 GMT
etag: "611112b5-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 09 Aug 2021 21:58:30 GMT

GET
H2 200 x80
avatars.mds.yandex.net/get-direct/4474510/1oQc0AlscF6DCbh4K8pDag/ Frame 9669 3 KB
3 KB 44ms
44ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4474510/1oQc0AlscF6DCbh4K8pDag/x80
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 49765a99f6626bcac7b0b506f69db9718a6400307c5e2b8655a0e2e7d522838d

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:30 GMT
last-modified: Thu, 08 Apr 2021 20:01:37 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 3002
x-request-id: 24c99cbeb1896604

GET
H2 200 context.js Show response
an.yandex.ru/system/ 278 KB
74 KB 54ms
54ms XHR
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

aa69b868b297f7955ba120696f2b7a493fddf40aa31670dcc11486e362fc62c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
strict-transport-security: max-age=31536000
content-encoding: br
etag: 721704401
x-yandex-req-id: 1628542710104035-773136740458381979600393-production-app-host-vla-pcode-69
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 09 Aug 2021 21:58:30 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/11963701/
Redirect Chain

https://mc.yandex.com/watch/11963701?wmode=7&page-url=https%3A%2F%2Fwww.liveinternet.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A616%3Afu%3A0%3Aen%3Autf-8%3A...
https://mc.yandex.com/watch/11963701/1?wmode=7&page-url=https%3A%2F%2Fwww.liveinternet.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A616%3Afu%3A0%3Aen%3Autf-8%...

335 B
373 B

50ms
49ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/11963701/1?wmode=7&page-url=https%3A%2F%2Fwww.liveinternet.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A616%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A2%3Adp%3A0%3Als%3A15181943181%3Ahid%3A183469515%3Az%3A120%3Ai%3A20210809225830%3Aet%3A1628542710%3Ac%3A1%3Arn%3A976202981%3Au%3A1628542710808524821%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628542708599%3Ads%3A0%2C109%2C99%2C80%2C111%2C0%2C%2C726%2C1%2C%2C%2C%2C1051%3Adsn%3A0%2C109%2C100%2C79%2C111%2C0%2C%2C651%2C1%2C%2C%2C%2C1051%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628542710%3At%3ALiveInternet%20%40%20%D0%A1%D1%82%D0%B0%D1%82%D0%B8%D1%81%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B8%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%D0%B8%2C%20%D0%BF%D0%BE%D1%87%D1%82%D0%B0%20%D0%B8%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

7b749fd0020427504906b7de4ffb3e298a6f2f6d059260d02a30e93957798b18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:30 GMT
x-content-type-options: nosniff
last-modified: Mon, 09-Aug-2021 20:58:30 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 335
x-xss-protection: 1; mode=block
expires: Mon, 09-Aug-2021 20:58:30 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:30 GMT
last-modified: Mon, 09-Aug-2021 20:58:30 GMT
location: /watch/11963701/1?wmode=7&page-url=https%3A%2F%2Fwww.liveinternet.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A616%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A2%3Adp%3A0%3Als%3A15181943181%3Ahid%3A183469515%3Az%3A120%3Ai%3A20210809225830%3Aet%3A1628542710%3Ac%3A1%3Arn%3A976202981%3Au%3A1628542710808524821%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628542708599%3Ads%3A0%2C109%2C99%2C80%2C111%2C0%2C%2C726%2C1%2C%2C%2C%2C1051%3Adsn%3A0%2C109%2C100%2C79%2C111%2C0%2C%2C651%2C1%2C%2C%2C%2C1051%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628542710%3At%3ALiveInternet%20%40%20%D0%A1%D1%82%D0%B0%D1%82%D0%B8%D1%81%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B8%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%D0%B8%2C%20%D0%BF%D0%BE%D1%87%D1%82%D0%B0%20%D0%B8%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 09-Aug-2021 20:58:30 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/125905/
Redirect Chain

https://mc.yandex.com/watch/125905?wmode=7&page-url=https%3A%2F%2Fwww.liveinternet.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afu%3A0%3Aen%3Au...
https://mc.yandex.com/watch/125905/1?wmode=7&page-url=https%3A%2F%2Fwww.liveinternet.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afu%3A0%3Aen%3...

297 B
678 B

49ms
49ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/125905/1?wmode=7&page-url=https%3A%2F%2Fwww.liveinternet.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A244286069109%3Ahid%3A183469515%3Az%3A120%3Ai%3A20210809225829%3Aet%3A1628542710%3Ac%3A1%3Arn%3A101784587%3Au%3A1628542710164171915%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628542708599%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628542710%3At%3ALiveInternet%20%40%20%D0%A1%D1%82%D0%B0%D1%82%D0%B8%D1%81%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B8%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%D0%B8%2C%20%D0%BF%D0%BE%D1%87%D1%82%D0%B0%20%D0%B8%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

c03779f4a581852ded7eecb7347953265fe679ab4714f34d7734301d6ba9df5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:30 GMT
x-content-type-options: nosniff
last-modified: Mon, 09-Aug-2021 20:58:30 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 297
x-xss-protection: 1; mode=block
expires: Mon, 09-Aug-2021 20:58:30 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:30 GMT
last-modified: Mon, 09-Aug-2021 20:58:30 GMT
location: /watch/125905/1?wmode=7&page-url=https%3A%2F%2Fwww.liveinternet.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A244286069109%3Ahid%3A183469515%3Az%3A120%3Ai%3A20210809225829%3Aet%3A1628542710%3Ac%3A1%3Arn%3A101784587%3Au%3A1628542710164171915%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628542708599%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628542710%3At%3ALiveInternet%20%40%20%D0%A1%D1%82%D0%B0%D1%82%D0%B8%D1%81%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B8%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%D0%B8%2C%20%D0%BF%D0%BE%D1%87%D1%82%D0%B0%20%D0%B8%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 09-Aug-2021 20:58:30 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 33ms
18ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210805&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

edb368f223ea12165d297c526d4eb3877b659c1b6dfc17aeed260eb52c3cc744

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 20:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8586
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 64DE 11 KB
5 KB 39ms
13ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.liveinternet.ru

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

371f0ceab6655c8448f64525b1d11186cb67ca91398655ddf145c93d77964f91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=www.liveinternet.ru
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.liveinternet.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.liveinternet.ru/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1796
set-cookie: uid=8bb7160c-b050-46e4-a34b-306ba8e42903; expires=Sat, 03 Sep 2022 20:58:29 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Mon, 09 Aug 2021 20:58:29 GMT
content-length: 4664

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 2486ms
2465ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 09 Aug 2021 20:58:32 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 64DE
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=liveinternet.ru&sn=ChromeSyncframe&so=0&topUrl=www.liveinternet.ru&cw=1
https://mug.criteo.com/sid?cpp=zLV2InxxOGpBN0VhZWhUUGVFK1lJUEhPak1IUjc4WHYyUDltUnUrUVlDZUtONElSY2lHRHZrSyt0SmhYZEgxa28vVjQ0bkx3UUlpWmtmWmFuRlZRMElQc3p1LzlyR3JsakU3cXVRanFxVkJmMCtzd2hCMnJYNzczSmUrN2...

430 B
623 B

92ms
30ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=zLV2InxxOGpBN0VhZWhUUGVFK1lJUEhPak1IUjc4WHYyUDltUnUrUVlDZUtONElSY2lHRHZrSyt0SmhYZEgxa28vVjQ0bkx3UUlpWmtmWmFuRlZRMElQc3p1LzlyR3JsakU3cXVRanFxVkJmMCtzd2hCMnJYNzczSmUrN2oyRExmQThURmE0UWluNUtCNmpFUmtMQW8rQ3JvNjhDaUJySDdNaS90cHNHU2t2OVBpc2ZSN0RZdjR1dktnemQ2NGt1NHBQYlFmRm9GM0szdkJnMkxvZGlSR21YZTZvZVptMHFUbmRKUmJxVzIzd1Z3QkVBeDAwOTg1UGlMc0xRNC8wUVhqaVFVQ0YvYUJzWjBqZkd3VXJ4dGFUZ0FJdz09fA&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

bda381b27983a0d79c60ded7fa29f66a85bea4019b7acdb906b8108e936324c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 09 Aug 2021 20:58:29 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2434
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 09 Aug 2021 20:58:29 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=zLV2InxxOGpBN0VhZWhUUGVFK1lJUEhPak1IUjc4WHYyUDltUnUrUVlDZUtONElSY2lHRHZrSyt0SmhYZEgxa28vVjQ0bkx3UUlpWmtmWmFuRlZRMElQc3p1LzlyR3JsakU3cXVRanFxVkJmMCtzd2hCMnJYNzczSmUrN2oyRExmQThURmE0UWluNUtCNmpFUmtMQW8rQ3JvNjhDaUJySDdNaS90cHNHU2t2OVBpc2ZSN0RZdjR1dktnemQ2NGt1NHBQYlFmRm9GM0szdkJnMkxvZGlSR21YZTZvZVptMHFUbmRKUmJxVzIzd1Z3QkVBeDAwOTg1UGlMc0xRNC8wUVhqaVFVQ0YvYUJzWjBqZkd3VXJ4dGFUZ0FJdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1366
content-length: 541
expires: 0

GET
H2

200

adfox.js Show response
an.yandex.ru/system/ Frame B8B2
Redirect Chain

https://yastatic.net/pcode/adfox/loader.js
https://an.yandex.ru/system/adfox.js

278 KB
74 KB

57ms
56ms

Script
text/javascript

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/adfox.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e7151998d9ec7b1ea04c337b93a833232bc575e2da263025acd5d8aa2d031a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
strict-transport-security: max-age=31536000
content-encoding: br
etag: 1015122859
x-yandex-req-id: 1628542710306167-1171107140941457505300389-production-app-host-sas-pcode-217
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 09 Aug 2021 21:58:30 GMT

Redirect headers

date: Mon, 09 Aug 2021 20:58:30 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server: nginx/1.17.9
location: https://an.yandex.ru/system/adfox.js
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin: *
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
content-length: 0

GET
H2 200 sync_cookie_image_check
mc.yandex.com/ 43 B
79 B 49ms
49ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_check

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:30 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

POST
H2 200 1 Show response
mc.yandex.com/watch/125905/ 43 B
73 B 50ms
50ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/125905/1?page-url=https%3A%2F%2Fwww.liveinternet.ru%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A616%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A1%3Als%3A244286069109%3Ahid%3A183469515%3Az%3A120%3Ai%3A20210809225830%3Aet%3A1628542710%3Ac%3A1%3Arn%3A148674486%3Au%3A1628542710164171915%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1628542708599%3Ads%3A0%2C109%2C99%2C80%2C111%2C0%2C%2C726%2C1%2C1558%2C1558%2C19%2C1051%3Adsn%3A0%2C109%2C100%2C79%2C111%2C0%2C%2C651%2C1%2C1558%2C1558%2C19%2C1051%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628542710

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:30 GMT
last-modified: Mon, 09-Aug-2021 20:58:30 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 09-Aug-2021 20:58:30 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/11963701/ 43 B
73 B 46ms
46ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/11963701/1?page-url=https%3A%2F%2Fwww.liveinternet.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A2%3Adp%3A1%3Als%3A15181943181%3Ahid%3A183469515%3Az%3A120%3Ai%3A20210809225830%3Aet%3A1628542710%3Ac%3A1%3Arn%3A661106331%3Au%3A1628542710808524821%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1628542708599%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1558%2C1558%2C19%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1558%2C1558%2C19%2C%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628542710

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:30 GMT
last-modified: Mon, 09-Aug-2021 20:58:30 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 09-Aug-2021 20:58:30 GMT

GET
H2 200 125905 Show response
mc.yandex.com/watch/ 43 B
73 B 49ms
48ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/125905?page-url=https%3A%2F%2Fwww.liveinternet.ru%2F&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A1%3Als%3A244286069109%3Ahid%3A183469515%3Az%3A120%3Ai%3A20210809225830%3Aet%3A1628542710%3Ac%3A1%3Arn%3A1063111591%3Au%3A1628542710164171915%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1628542708599%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628542710%3At%3ALiveInternet%20%40%20%D0%A1%D1%82%D0%B0%D1%82%D0%B8%D1%81%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B8%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%D0%B8%2C%20%D0%BF%D0%BE%D1%87%D1%82%D0%B0%20%D0%B8%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:30 GMT
last-modified: Mon, 09-Aug-2021 20:58:30 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 09-Aug-2021 20:58:30 GMT

GET
H2 200 a0b32b115874213fedb0.js Show response
yastatic.net/partner-code-bundles/42380/ Frame B8B2 77 KB
17 KB 42ms
41ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/42380/a0b32b115874213fedb0.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

81cc8c992ec942a7e5b34980acf4ce4354e335c5db4fb40b7f97609c17a7a1ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.liveinternet.ru
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:30 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 16790
last-modified: Mon, 09 Aug 2021 10:30:35 GMT
server: nginx/1.17.9
etag: "ee95c4582d758d8a132465fc2ca8642b"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2051 03:33:23 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.82/ Frame B8B2 33 KB
9 KB 42ms
42ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.82/host.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

10c861bc88c25be1f3ee98f7652bc7fbb35857f42f923e00c6037b757c77685e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.liveinternet.ru
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:30 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8879
last-modified: Mon, 28 Jun 2021 10:29:24 GMT
server: nginx/1.17.9
etag: "e4627697ff619d2b610d2b2fee975531"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2051 03:33:43 GMT

GET
H2 200 06992d8746aef3123a10.js Show response
yastatic.net/partner-code-bundles/42380/ Frame B8B2 12 KB
5 KB 42ms
41ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/42380/06992d8746aef3123a10.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

c5d1423ea9bdd4526b1580df22afd434d86cf2498c3aed3697b8d83147d7ad8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.liveinternet.ru
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:30 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4211
last-modified: Mon, 09 Aug 2021 10:30:34 GMT
server: nginx/1.17.9
etag: "d800869ff5395067b6f20679b8c7e9c3"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2051 03:33:22 GMT

GET
H2 200 b418af1722da54bef424.js Show response
yastatic.net/partner-code-bundles/42380/ Frame B8B2 885 KB
145 KB 42ms
42ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/42380/b418af1722da54bef424.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

aa82f7c38653571ca6ee8a85138bc97a0bac10e2be1875e31f50a93c3694db7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.liveinternet.ru
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:30 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 148188
last-modified: Mon, 09 Aug 2021 10:30:35 GMT
server: nginx/1.17.9
etag: "b58322e5aac3ae1336f6deb839b7951e"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2051 03:33:23 GMT

GET
H2 200 bbe379c76d545e8ab821.js Show response
yastatic.net/partner-code-bundles/42380/ Frame B8B2 338 KB
62 KB 59ms
58ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/42380/bbe379c76d545e8ab821.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

8d5231d189ab0209f459587ae47f89ce0e743ae5701b15c315c3103d52fa453e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.liveinternet.ru
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:30 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 62545
last-modified: Mon, 09 Aug 2021 10:30:35 GMT
server: nginx/1.17.9
etag: "ccc601a34a03ae28404e29f5d987719e"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2051 03:33:23 GMT

GET
H2 200 /
an.yandex.ru/mapuid/yandex/ Frame B8B2 43 B
276 B 69ms
68ms Image
image/gif 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/yandex/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:30 GMT
content-encoding: gzip
last-modified: Mon, 09 Aug 2021 20:58:30 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 09 Aug 2021 20:58:30 GMT

GET
H2 200 1 Show response
an.yandex.ru/jserr/ Frame B8B2 0
49 B 69ms
69ms Script
text/plain 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/jserr/1

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:30 GMT
content-encoding: gzip
last-modified: Mon, 09 Aug 2021 20:58:30 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 09 Aug 2021 20:58:30 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/254948/getBulk/ 3 KB
1 KB 71ms
70ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/254948/getBulk/v2?dl=https%3A%2F%2Fwww.liveinternet.ru%2F&date=2021-08-09T22%3A58%3A30.769%2B02%3A00&pd=9&pdh=1200&pdw=1600&pr1=1225508844&pr=984526840&prr=&pv=22&pw=1&extid_loader=MTYyODU0MjcxMDgwODUyNDgyMQ%3D%3D&extid_tag_loader=www.liveinternet.ru&ylv=0.42380&ybv=0.42380&ytt=217703303350293&is-turbo=0&skip-token=&ad-session-id=3737091628542709454&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22w%22%3A1280%2C%22h%22%3A0%2C%22width%22%3A1280%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A160%2C%22top%22%3A360%2C%22fontFamily%22%3A%22arial%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=42380&pp=noj&ps=erxe&p2=y&puid1=&puid2=&puid3=&slotNumber=1&bids=W3siY2FtcGFpZ25faWQiOjcxNzc2NywicmVzcG9uc2VfdGltZSI6MzMyLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTMzNzg1NSJ9LHsiY2FtcGFpZ25faWQiOjc2MzEyOCwicmVzcG9uc2VfdGltZSI6MzIwLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMzYzMzQ0In0seyJjYW1wYWlnbl9pZCI6NzkzNTM4LCJyZXNwb25zZV90aW1lIjozMzQsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyODY0MTAyIn0seyJjYW1wYWlnbl9pZCI6Nzc2NTg5LCJyZXNwb25zZV90aW1lIjozMzksImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiIyMDpsaXZlaW50ZXJuZXRfOTcweDI1MF9oZWFkbWFpbiJ9LHsiY2FtcGFpZ25faWQiOjg1MTc2NSwicmVzcG9uc2VfdGltZSI6MTA5NiwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IktEaE16MXNYamtTajJRWWZzZGpZIn0seyJjYW1wYWlnbl9pZCI6MTQ2MDgyMiwicmVzcG9uc2VfdGltZSI6MTE2MiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6Ijk4MDkifSx7ImNhbXBhaWduX2lkIjo5NTg1MDEsInJlc3BvbnNlX3RpbWUiOjQzMiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEzNF9saXZlaW50ZXJuZXQucnVfZGVza3RvcF9hZGZveF9oZWFkbWFpbl85NzB4MjUwIn0seyJjYW1wYWlnbl9pZCI6NzY5MTYwLCJyZXNwb25zZV90aW1lIjozMjksImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjIxMzg3In0seyJjYW1wYWlnbl9pZCI6MTQ1ODE5MywicmVzcG9uc2VfdGltZSI6MzQ1LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiOTg5In1d&grab=dExpdmVJbnRlcm5ldCBAINCh0YLQsNGC0LjRgdGC0LjQutCwINC4INC00L3QtdCy0L3QuNC60LgsINC_0L7Rh9GC0LAg0Lgg0L_QvtC40YHQugoy0J_QvtC_0YPQu9GP0YDQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjLQoNC10LnRgtC40L3QsyDRgdCw0LnRgtC-0LIgCjIg0JTQvdC10LLQvdC40LrQuCDQl9Cw0LLQtdGB0YLQuCDQtNC90LXQstC90LjQuiAKMtCg0LXQutC-0LzQtdC90LTRg9C10LzRi9C1INGB0LDQudGC0YsgCjLQn9C-0LPQvtC00LA6INCzLiDQkdGA0Y7RgdGB0LXQu9GMLCDQkdC10LvRjNCz0LjRjyAKMtCa0YPRgNGB0Ysg0LLQsNC70Y7RgiDQvtGCIDA5LjA4IAoy0KDQtdC80L7QvdGCINC90L7Rg9GC0LHRg9C60L7QsiAKM9Cc0LXQtNC40YbQuNC90LAg0Lgg0LfQtNC-0YDQvtCy0YzQtSDQvdCwIERvY3Rvci5ydTogCg%3D%3D&utf8=%E2%9C%93&duid=MTYyODU0MjcxMDgwODUyNDgyMQ%3D%3D&pcode-test-ids=388008%2C0%2C94%3B399036%2C0%2C2%3B400159%2C0%2C9%3B400734%2C0%2C43%3B390341%2C0%2C37%3B203896%2C0%2C87&pcode-flags=%7B%22FEATURE_TOGGLE_FLAG%22%3A1%2C%22UNILOADER_BLACKLIST_RE%22%3A%5B%5D%2C%22WIDGET_ADTUNE%22%3A%22ctl%22%2C%22ADAPTIVE_320_50%22%3A%22all%22%2C%22ADFOX_MRC_VISIBILITY%22%3Atrue%2C%22SINGLE_CONTEXT_BLACKLIST%22%3A%5B%5D%2C%22ZEN_FORMAT_PRICE%22%3A%22exp%22%2C%22USE_PUNY_DOMAIN%22%3A%22exp%22%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22smart_tile%22%5D%2C%22USE_ADFOX_INSTEAD_CONTEXT%22%3Atrue%2C%22FIX_IMAGES_CALCULATIONS%22%3A%22exp%22%2C%22USE_SUPERBUNDLE%22%3Atrue%2C%22RESPONSIVE_POSTER%22%3A%22exp%22%2C%22SINGLE_CONTEXT%22%3Atrue%2C%22HBVER%22%3A42153%2C%22FULL_SSR_PERCENT_LOG_META%22%3A0.0001%2C%22SSR_UNIFORMAT%22%3A%221%22%2C%22RTB_BANNER_FLAGS%22%3A%22exp%22%2C%22ZEN_REDESIGN_TOUCH_CARD%22%3A%22exp%22%2C%22CONTENT_TYPE_CHARSET%22%3Atrue%2C%22VIDEO_PACKSHOT_ENABLE%22%3A%22exp%22%2C%22AVITO_IMAGE%22%3A%22exp%22%2C%22GLOBAL_SIZE_INFO%22%3Afalse%2C%22RMP_POSTER_2%22%3A%22float%22%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0Asmart_tile&pcode-icookie=4002853421628542709

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

6d8079941f0e42c7239813d26a58ae23976d25b69f7b2147eb84dbfe3018b9d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:30 GMT
content-encoding: gzip
last-modified: Mon, 09 Aug 2021 20:58:30 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 09 Aug 2021 20:58:30 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/254948/getBulk/ 9 KB
3 KB 272ms
272ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/254948/getBulk/v2?dl=https%3A%2F%2Fwww.liveinternet.ru%2F&date=2021-08-09T22%3A58%3A30.782%2B02%3A00&pd=9&pdh=1200&pdw=1600&pr1=493547554&pr=984526840&prr=&pv=22&pw=1&extid_loader=MTYyODU0MjcxMDgwODUyNDgyMQ%3D%3D&extid_tag_loader=www.liveinternet.ru&ylv=0.42380&ybv=0.42380&ytt=217703303350293&is-turbo=0&skip-token=&ad-session-id=3737091628542709454&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A180%2C%22top%22%3A804%2C%22fontFamily%22%3A%22arial%22%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=42380&pp=noj&ps=erxe&p2=ganf&puid1=&puid2=&puid3=&slotNumber=2&bids=W3siY2FtcGFpZ25faWQiOjcxNzc2NywicmVzcG9uc2VfdGltZSI6MzMyLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTMzNzg1MiJ9LHsiY2FtcGFpZ25faWQiOjc2MzEyOCwicmVzcG9uc2VfdGltZSI6MzIwLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMzI0MjY2In0seyJjYW1wYWlnbl9pZCI6NzkzNTM4LCJyZXNwb25zZV90aW1lIjozMzQsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyNjkzNzQzIn0seyJjYW1wYWlnbl9pZCI6Nzc2NTg5LCJyZXNwb25zZV90aW1lIjozMzksImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiIyMDpsaXZlaW50ZXJuZXRfMzAweDI1MF9ib3RfMSJ9LHsiY2FtcGFpZ25faWQiOjg1MTc2NSwicmVzcG9uc2VfdGltZSI6MTA5NiwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6ImZKNU1pMnhHNlR0TDBFVWNYWjVSIn0seyJjYW1wYWlnbl9pZCI6MTQ2MDgyMiwicmVzcG9uc2VfdGltZSI6MTE2MiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6Ijk4MTUifSx7ImNhbXBhaWduX2lkIjo5NTg1MDEsInJlc3BvbnNlX3RpbWUiOjQzMiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEzNF9saXZlaW50ZXJuZXQucnVfZGVza3RvcF9hZGZveF9ib3QxXzMwMHgyNTAifSx7ImNhbXBhaWduX2lkIjo3NjkxNjAsInJlc3BvbnNlX3RpbWUiOjMyOSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEyMjEzOTMifSx7ImNhbXBhaWduX2lkIjoxNDU4MTkzLCJyZXNwb25zZV90aW1lIjozNDUsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI5OTUifV0%3D&grab=dExpdmVJbnRlcm5ldCBAINCh0YLQsNGC0LjRgdGC0LjQutCwINC4INC00L3QtdCy0L3QuNC60LgsINC_0L7Rh9GC0LAg0Lgg0L_QvtC40YHQugoy0J_QvtC_0YPQu9GP0YDQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjLQoNC10LnRgtC40L3QsyDRgdCw0LnRgtC-0LIgCjIg0JTQvdC10LLQvdC40LrQuCDQl9Cw0LLQtdGB0YLQuCDQtNC90LXQstC90LjQuiAKMtCg0LXQutC-0LzQtdC90LTRg9C10LzRi9C1INGB0LDQudGC0YsgCjLQn9C-0LPQvtC00LA6INCzLiDQkdGA0Y7RgdGB0LXQu9GMLCDQkdC10LvRjNCz0LjRjyAKMtCa0YPRgNGB0Ysg0LLQsNC70Y7RgiDQvtGCIDA5LjA4IAoy0KDQtdC80L7QvdGCINC90L7Rg9GC0LHRg9C60L7QsiAKM9Cc0LXQtNC40YbQuNC90LAg0Lgg0LfQtNC-0YDQvtCy0YzQtSDQvdCwIERvY3Rvci5ydTogCg%3D%3D&utf8=%E2%9C%93&duid=MTYyODU0MjcxMDgwODUyNDgyMQ%3D%3D&pcode-test-ids=388008%2C0%2C94%3B399036%2C0%2C2%3B400159%2C0%2C9%3B400734%2C0%2C43%3B390341%2C0%2C37%3B203896%2C0%2C87&pcode-flags=%7B%22FEATURE_TOGGLE_FLAG%22%3A1%2C%22UNILOADER_BLACKLIST_RE%22%3A%5B%5D%2C%22WIDGET_ADTUNE%22%3A%22ctl%22%2C%22ADAPTIVE_320_50%22%3A%22all%22%2C%22ADFOX_MRC_VISIBILITY%22%3Atrue%2C%22SINGLE_CONTEXT_BLACKLIST%22%3A%5B%5D%2C%22ZEN_FORMAT_PRICE%22%3A%22exp%22%2C%22USE_PUNY_DOMAIN%22%3A%22exp%22%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22smart_tile%22%5D%2C%22USE_ADFOX_INSTEAD_CONTEXT%22%3Atrue%2C%22FIX_IMAGES_CALCULATIONS%22%3A%22exp%22%2C%22USE_SUPERBUNDLE%22%3Atrue%2C%22RESPONSIVE_POSTER%22%3A%22exp%22%2C%22SINGLE_CONTEXT%22%3Atrue%2C%22HBVER%22%3A42153%2C%22FULL_SSR_PERCENT_LOG_META%22%3A0.0001%2C%22SSR_UNIFORMAT%22%3A%221%22%2C%22RTB_BANNER_FLAGS%22%3A%22exp%22%2C%22ZEN_REDESIGN_TOUCH_CARD%22%3A%22exp%22%2C%22CONTENT_TYPE_CHARSET%22%3Atrue%2C%22VIDEO_PACKSHOT_ENABLE%22%3A%22exp%22%2C%22AVITO_IMAGE%22%3A%22exp%22%2C%22GLOBAL_SIZE_INFO%22%3Afalse%2C%22RMP_POSTER_2%22%3A%22float%22%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0Asmart_tile&pcode-icookie=4002853421628542709

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

db5e1175a250a03480e43d86e46b762a44d4d6b2cfaf01e337f231c96266b7a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:31 GMT
content-encoding: gzip
last-modified: Mon, 09 Aug 2021 20:58:31 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 09 Aug 2021 20:58:31 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/254948/getBulk/ 9 KB
3 KB 360ms
360ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/254948/getBulk/v2?dl=https%3A%2F%2Fwww.liveinternet.ru%2F&date=2021-08-09T22%3A58%3A30.787%2B02%3A00&pd=9&pdh=1200&pdw=1600&pr1=1134683053&pr=984526840&prr=&pv=22&pw=1&extid_loader=MTYyODU0MjcxMDgwODUyNDgyMQ%3D%3D&extid_tag_loader=www.liveinternet.ru&ylv=0.42380&ybv=0.42380&ytt=217703303350293&is-turbo=0&skip-token=&ad-session-id=3737091628542709454&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A480%2C%22top%22%3A804%2C%22fontFamily%22%3A%22arial%22%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=42380&pp=noj&ps=erxe&p2=ganf&puid1=&puid2=&puid3=&slotNumber=3&bids=W3siY2FtcGFpZ25faWQiOjcxNzc2NywicmVzcG9uc2VfdGltZSI6MzMyLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTMzNzg1MyJ9LHsiY2FtcGFpZ25faWQiOjc2MzEyOCwicmVzcG9uc2VfdGltZSI6MzIwLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMzI0MjY4In0seyJjYW1wYWlnbl9pZCI6NzkzNTM4LCJyZXNwb25zZV90aW1lIjozMzQsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyNjkzNzQ0In0seyJjYW1wYWlnbl9pZCI6Nzc2NTg5LCJyZXNwb25zZV90aW1lIjozMzksImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiIyMDpsaXZlaW50ZXJuZXRfMzAweDI1MF9ib3RfMiJ9LHsiY2FtcGFpZ25faWQiOjg1MTc2NSwicmVzcG9uc2VfdGltZSI6MTA5NiwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6InlPM1IyY0Y2UmRkOXZReWFOVGNMIn0seyJjYW1wYWlnbl9pZCI6MTQ2MDgyMiwicmVzcG9uc2VfdGltZSI6MTE2MiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6Ijk4MTYifSx7ImNhbXBhaWduX2lkIjo5NTg1MDEsInJlc3BvbnNlX3RpbWUiOjQzMiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEzNF9saXZlaW50ZXJuZXQucnVfZGVza3RvcF9hZGZveF9ib3QyXzMwMHgyNTAifSx7ImNhbXBhaWduX2lkIjo3NjkxNjAsInJlc3BvbnNlX3RpbWUiOjMyOSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEyMjEzOTQifSx7ImNhbXBhaWduX2lkIjoxNDU4MTkzLCJyZXNwb25zZV90aW1lIjozNDUsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI5OTYifV0%3D&grab=dExpdmVJbnRlcm5ldCBAINCh0YLQsNGC0LjRgdGC0LjQutCwINC4INC00L3QtdCy0L3QuNC60LgsINC_0L7Rh9GC0LAg0Lgg0L_QvtC40YHQugoy0J_QvtC_0YPQu9GP0YDQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjLQoNC10LnRgtC40L3QsyDRgdCw0LnRgtC-0LIgCjIg0JTQvdC10LLQvdC40LrQuCDQl9Cw0LLQtdGB0YLQuCDQtNC90LXQstC90LjQuiAKMtCg0LXQutC-0LzQtdC90LTRg9C10LzRi9C1INGB0LDQudGC0YsgCjLQn9C-0LPQvtC00LA6INCzLiDQkdGA0Y7RgdGB0LXQu9GMLCDQkdC10LvRjNCz0LjRjyAKMtCa0YPRgNGB0Ysg0LLQsNC70Y7RgiDQvtGCIDA5LjA4IAoy0KDQtdC80L7QvdGCINC90L7Rg9GC0LHRg9C60L7QsiAKM9Cc0LXQtNC40YbQuNC90LAg0Lgg0LfQtNC-0YDQvtCy0YzQtSDQvdCwIERvY3Rvci5ydTogCg%3D%3D&utf8=%E2%9C%93&duid=MTYyODU0MjcxMDgwODUyNDgyMQ%3D%3D&pcode-test-ids=388008%2C0%2C94%3B399036%2C0%2C2%3B400159%2C0%2C9%3B400734%2C0%2C43%3B390341%2C0%2C37%3B203896%2C0%2C87&pcode-flags=%7B%22FEATURE_TOGGLE_FLAG%22%3A1%2C%22UNILOADER_BLACKLIST_RE%22%3A%5B%5D%2C%22WIDGET_ADTUNE%22%3A%22ctl%22%2C%22ADAPTIVE_320_50%22%3A%22all%22%2C%22ADFOX_MRC_VISIBILITY%22%3Atrue%2C%22SINGLE_CONTEXT_BLACKLIST%22%3A%5B%5D%2C%22ZEN_FORMAT_PRICE%22%3A%22exp%22%2C%22USE_PUNY_DOMAIN%22%3A%22exp%22%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22smart_tile%22%5D%2C%22USE_ADFOX_INSTEAD_CONTEXT%22%3Atrue%2C%22FIX_IMAGES_CALCULATIONS%22%3A%22exp%22%2C%22USE_SUPERBUNDLE%22%3Atrue%2C%22RESPONSIVE_POSTER%22%3A%22exp%22%2C%22SINGLE_CONTEXT%22%3Atrue%2C%22HBVER%22%3A42153%2C%22FULL_SSR_PERCENT_LOG_META%22%3A0.0001%2C%22SSR_UNIFORMAT%22%3A%221%22%2C%22RTB_BANNER_FLAGS%22%3A%22exp%22%2C%22ZEN_REDESIGN_TOUCH_CARD%22%3A%22exp%22%2C%22CONTENT_TYPE_CHARSET%22%3Atrue%2C%22VIDEO_PACKSHOT_ENABLE%22%3A%22exp%22%2C%22AVITO_IMAGE%22%3A%22exp%22%2C%22GLOBAL_SIZE_INFO%22%3Afalse%2C%22RMP_POSTER_2%22%3A%22float%22%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0Asmart_tile&pcode-icookie=4002853421628542709

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

0f26f764a2c8868540a8917c1cc983acde3991141512a3eb9f94a345447cb8cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:31 GMT
content-encoding: gzip
last-modified: Mon, 09 Aug 2021 20:58:31 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 09 Aug 2021 20:58:31 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 72 KB
25 KB 330ms
275ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

b0b70b687832425e4bf71b8efa81bd6e21e6a1bef3a897698dcc56adffe4427a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "954 / 174 of 1000 / last-modified: 1628507548"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25157
x-xss-protection: 0
expires: Mon, 09 Aug 2021 20:58:31 GMT

GET
H2 204 event
ads.adfox.ru/254948/ 0
18 B 586ms
182ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/254948/event?duid=1628542710808524821&hash=bef35fb8c3eef098&pm=cyz&p5=jxahr&rand=geaxgtb&sj=YsQlS0omUFyZDz5ytYkJAKRnTZ41bRfBp1qoN3o2ny2Rg1CqveMCDL03H_uy&ad-session-id=3737091628542709454&utg=oxum&lts=fhbtewc&ytt=217703303350293&ybv=0.42380&ylv=0.42380&dl=https%3A%2F%2Fwww.liveinternet.ru%2F&pr=dewlkqy&p1=consd&rqs=9V5AG5fNcQr2lhFhqj350a_mRFahG3ab&p2=y

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:31 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 20:58:31 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame A6EA 72 KB
25 KB 30ms
15ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef19fd6d124a7091476c07301c0c01396bced9533342fa95fb4becb21158c960

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "954 / 904 of 1000 / last-modified: 1628507548"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25157
x-xss-protection: 0
expires: Mon, 09 Aug 2021 20:58:31 GMT

GET
H2 204 event
ads.adfox.ru/254948/ 0
230 B 367ms
172ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/254948/event?duid=1628542710808524821&hash=2d96f6eb5d460264&pm=bmo&pxo=r8aYv-W-j6jISvkAEiIwYKCO9JA1T2XuS27yQTDBQYcsprDM6moU9v3nFqhNhz1_g5guC8SJAonymAQ_Yrdkw_V0iP_N3fJi7qVfCRj68ghj7UvparLkXi_b73daVFre0XFMSrU4lfNVLsRiyDcRKR8sVmRD3clbh44ItK_eIyZbaIF82Y8P&p5=fwfya&rand=cnccrjv&sj=lb02M1_Dgr3UsamgIuFPPA2d2gyjlRpahH-CXvlLg-3zx-o85rEbNcpongob&ad-session-id=3737091628542709454&lts=fhbtewc&ytt=217703303350293&ybv=0.42380&ylv=0.42380&dl=https%3A%2F%2Fwww.liveinternet.ru%2F&pr=dewlkqy&p1=consc&rqs=9V5AG5fNcQr2lhFhaXhNIdMBSipSuZYz&rtb-si=b&p2=ganf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:31 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 20:58:31 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 61C5 72 KB
25 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef19fd6d124a7091476c07301c0c01396bced9533342fa95fb4becb21158c960

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "954 / 173 of 1000 / last-modified: 1628507548"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25157
x-xss-protection: 0
expires: Mon, 09 Aug 2021 20:58:31 GMT

GET
H2 204 event
ads.adfox.ru/254948/ 0
18 B 595ms
490ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/254948/event?duid=1628542710808524821&hash=1955625ac5ef7ee7&pm=bmo&pxo=swYm-kI-iho_Qv_CouQIdV_lRtnXFr6MKM7EZUpYtAaYFLnRLqIcADCGZExhJhexJ9LElzVgA2XmeMmxx7FnvtZrUtRt4iniHhCcMZCLpc59rlzMpY749Od2mS2J1KKBDtxvE_KGt_iiEli4m-Y_UHmW9xEe5_qEgkd6aZ8HF7asn64HnD8z&p5=fwfya&rand=icponlq&sj=760g_Opc_TgdZl-vHvFzOB3wJ3ehMsGIjDFtfaYqsCqjR09vKXqUME3gjUqz&ad-session-id=3737091628542709454&lts=fhbtewc&ytt=217703303350293&ybv=0.42380&ylv=0.42380&dl=https%3A%2F%2Fwww.liveinternet.ru%2F&pr=dewlkqy&p1=consc&rqs=9V5AG5fNcQr2lhFhPbRky-OWudXH0bJT&rtb-si=b&p2=ganf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:31 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 20:58:31 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 pubads_impl_2021080501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame A6EA 328 KB
114 KB 40ms
39ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

999dd215435801026f51fb5847df0b1127bd49541ef7d9aeb8b799a9669d8c56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Aug 2021 08:37:44 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116820
x-xss-protection: 0
expires: Mon, 09 Aug 2021 20:58:31 GMT

GET
H3-29 200 pubads_impl_2021080501.js Show response
securepubads.g.doubleclick.net/gpt/ 328 KB
114 KB 102ms
71ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

999dd215435801026f51fb5847df0b1127bd49541ef7d9aeb8b799a9669d8c56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Aug 2021 08:37:44 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116820
x-xss-protection: 0
expires: Mon, 09 Aug 2021 20:58:31 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 305 B
181 B 99ms
68ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.liveinternet.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

34410c69a5bbd49a30886cf5067ccf735b1926c49a9759a3d5778ad65a3c6fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 20:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156
x-xss-protection: 0
expires: Mon, 09 Aug 2021 20:58:31 GMT

GET
H3-29 200 pubads_impl_2021080501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 61C5 328 KB
114 KB 41ms
36ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

999dd215435801026f51fb5847df0b1127bd49541ef7d9aeb8b799a9669d8c56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Aug 2021 08:37:44 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116820
x-xss-protection: 0
expires: Mon, 09 Aug 2021 20:58:31 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame A6EA 107 B
122 B 33ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.liveinternet.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 20:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame A6EA 107 B
122 B 41ms
25ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.liveinternet.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 20:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame A6EA 45 KB
11 KB 362ms
358ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2927963525079695&correlator=2252265716598448&output=ldjh&impl=fifs&eid=31062031%2C31062073%2C31062187%2C31062194%2C20211866%2C31062064&vrg=2021080501&ptt=17&sc=1&sfv=1-0-38&ecs=20210809&iu_parts=22475160250%2Cmid&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cust_params=CPM%3D10&cookie=ID%3D615e073783449a38-22f269989cc900f4%3AT%3D1628542709%3ART%3D1628542709%3AS%3DALNI_MamP-NJyYvxY5xCQZ8q2mkHTRqL_Q&cdm=www.liveinternet.ru&bc=31&abxe=1&lmt=1628542711&dt=1628542711320&dlt=1628542711065&idt=221&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=180&adys=928&adks=602788822&ucis=llib4wdzfbvr&ifi=1&ifk=3348175858&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.liveinternet.ru%2F&top=https%3A%2F%2Fwww.liveinternet.ru%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=1287817354.1628542711&ga_sid=1628542711&ga_hid=726022122&ga_fc=false&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

d3020a543dc52d4be9964f5af747cd55329527fb82b55401ff20a6228791f4a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11428
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.liveinternet.ru
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c9de437ec8a041e680e417db7e8751ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 285F 6 KB
3 KB 63ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c9de437ec8a041e680e417db7e8751ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: c9de437ec8a041e680e417db7e8751ec.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.liveinternet.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.liveinternet.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 09 Aug 2021 20:58:31 GMT
expires: Tue, 09 Aug 2022 20:58:31 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 61C5 107 B
122 B 19ms
18ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.liveinternet.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 20:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 61C5 107 B
122 B 19ms
18ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.liveinternet.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 20:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 61C5 99 KB
32 KB 329ms
326ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=70331786557119&correlator=2591013197986318&output=ldjh&impl=fifs&eid=31062151%2C31062196%2C20211866&vrg=2021080501&ptt=17&sc=1&sfv=1-0-38&ecs=20210809&iu_parts=22475160250%2Cmid&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cust_params=CPM%3D10&cookie=ID%3D615e073783449a38-22f269989cc900f4%3AT%3D1628542709%3ART%3D1628542709%3AS%3DALNI_MamP-NJyYvxY5xCQZ8q2mkHTRqL_Q&cdm=www.liveinternet.ru&bc=31&abxe=1&lmt=1628542711&dt=1628542711412&dlt=1628542711155&idt=238&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=480&adys=928&adks=602788822&ucis=35rao9ws9k11&ifi=1&ifk=3348175858&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.liveinternet.ru%2F&top=https%3A%2F%2Fwww.liveinternet.ru%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=1210911366.1628542711&ga_sid=1628542711&ga_hid=1768233711&ga_fc=false&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

6e4a8f70f34d043d8d66e64e0bbcba12d4ed1025391bc2ab92783a780dc284e1

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COSIxq7qpPICFaPluwgdTW8F4g&gqi=&layout=/sadbundle/%24csp%253Der3%24/4377121263432410708/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COSIxq7qpPICFaPluwgdTW8F4g&gqi=&layout=/sadbundle/%24csp%253Der3%24/4377121263432410708/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32729
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Mon, 09 Aug 2021 20:58:31 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.liveinternet.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3ACA 6 KB
3 KB 36ms
15ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.liveinternet.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.liveinternet.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 09 Aug 2021 20:58:31 GMT
expires: Tue, 09 Aug 2022 20:58:31 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ 107 B
853 B 53ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=www.liveinternet.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 20:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 19ms
17ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.liveinternet.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 20:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
13 KB 300ms
299ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1740732808598772&correlator=333787908870577&output=ldjh&impl=fifs&eid=31062151%2C31062078%2C20211866&vrg=2021080501&ptt=17&sc=1&sfv=1-0-38&ecs=20210809&iu_parts=22475160250%2Cca-pub-4174476502446320-tag&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&cookie=ID%3D615e073783449a38-22f269989cc900f4%3AT%3D1628542709%3ART%3D1628542709%3AS%3DALNI_MamP-NJyYvxY5xCQZ8q2mkHTRqL_Q&bc=31&abxe=1&lmt=1628542711&dt=1628542711471&dlt=1628542708924&idt=2518&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=360&adks=2177437627&ucis=1&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.liveinternet.ru%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1280x250&msz=1280x250&ga_vid=1926450450.1628542709&ga_sid=1628542709&ga_hid=63719049&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

1a7f45bb245236d0d8877edbfbda5fb7151a48d56be6af72978c18b37902bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12896
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.liveinternet.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 84BE 6 KB
3 KB 29ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.liveinternet.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.liveinternet.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 09 Aug 2021 20:58:31 GMT
expires: Tue, 09 Aug 2022 20:58:31 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107240354000/ Frame 5970 188 KB
55 KB 34ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 13907
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55201
x-xss-protection: 0
server: sffe
date: Mon, 09 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "56e2a7f7d448fcb3"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:06:44 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 5970 13 KB
5 KB 46ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 13907
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4865
x-xss-protection: 0
server: sffe
date: Mon, 09 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ff227f97ed674b5b"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:06:44 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 5970 87 KB
27 KB 46ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 13907
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27852
x-xss-protection: 0
server: sffe
date: Mon, 09 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3719646983ab1de2"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:06:44 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 5970 4 KB
2 KB 47ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 13907
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Mon, 09 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "687e73129cfc4c8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:06:44 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 5970 40 KB
13 KB 47ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 13907
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12828
x-xss-protection: 0
server: sffe
date: Mon, 09 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4abe217821914203"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:06:44 GMT

GET
DATA 200
OK truncated
/ Frame 5970 223 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0fbbd55fab5105a5d7da65913990a11919601d4fc8f4b2327b9382ef05067582

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 14558475354628241767
tpc.googlesyndication.com/simgad/ Frame 5970 31 KB
31 KB 10ms
7ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14558475354628241767?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnV6XrDNV-W0OtK5P-TRCdh8eUiHg

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3491837f5d05f3c95088e0e64f70dc3f3105fc07658160a240a0c98f0551d8e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 17:33:32 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 18:08:51 GMT
server: sffe
age: 98699
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31279
x-xss-protection: 0
expires: Mon, 08 Aug 2022 17:33:32 GMT

GET
H2 200 ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5970 3 KB
3 KB 16ms
14ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ru.png

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 06:10:48 GMT
x-content-type-options: nosniff
server: cafe
age: 53263
etag: 6726277462267614359
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3041
x-xss-protection: 0
expires: Tue, 10 Aug 2021 06:10:48 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5970 344 B
573 B 16ms
13ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 18:40:15 GMT
x-content-type-options: nosniff
server: cafe
age: 8296
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 10 Aug 2021 18:40:15 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5970 0
0 17ms
14ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQcSSP-8ydHWgnP41yopsFPlDZ-YRgk4KjZZo2KuVhMKocT1m9IoEPBOgpf1apTVei9nEGxTQfBcbGiTwzBc-q3iumRaQ
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5970 0
0 49ms
47ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CbLOa95YRYZibF9CZ-gaT86WYBr-Jjptj1rPwiKANl96ivcABEAEglKushwFgufjHgNwBoAHv6auYA8gBAqkCsQTOfMe1sz7gAgCoAwHIAwiqBN8BT9DV-Bb1aFQPvifyUdSWCJygNrMZGDxFEvOnATvZTlYmDTaSpTDJzwm8AWRHN0Owfq8VGaWl-mrZE1AjuRrbG5dH6kR2euZukf59s24SuScVEsgT7CmK9wfi0GbCPvNtng76vxniZjkqL_7bwEURUj2EXBKHAQbGQrkle6x39LdsMVu_wgamxMF5wWxlBhNuigvEb8sCksFv8y-0fjSHELyGAXyGqeyotka7jMr5ozKdBbIZRBAdD8NJmHSGNoDLDfuZPV3Io1mxmlkOYVMxa7Mv2g8KriMM8U1uxBOPf8AE-f_4qJ4C4AQBkgUECAQYAZIFBAgFGASgBgKAB_mV1GeoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQo-Me0ggJCIDhgBAQARgdgAoDyAsB2BMM0BUBgBcBshcaChgIABIUcHViLTQxNzQ0NzY1MDI0NDYzMjA&sigh=oJtx7FkSZDs
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 event
ads.adfox.ru/254948/ 0
18 B 91ms
91ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/254948/event?duid=1628542710808524821&hash=826285976b5efeec&pm=bmu&pxo=r8aYv-W-j6jISvkAEiIwYKCO9JA1T2XuS27yQTDBQYcsprDM6moU9v3nFqhNhz1_g5guC8SJAonymAQ_Yrdkw_V0iP_N3fJi7qVfCRj68ghj7UvparLkXi_b73daVFre0XFMSrU4lfNVLsRiyDcRKR8sVmRD3clbh44ItK_eIyZbaIF82Y8P&p5=fwfya&rand=kaxbcnl&sj=lb02M1_Dgr3UsamgIuFPPA2d2gyjlRpahH-CXvlLg-3zx-o85rEbNcpongob&ad-session-id=3737091628542709454&lts=fhbtewc&ytt=217703303350293&ybv=0.42380&ylv=0.42380&dl=https%3A%2F%2Fwww.liveinternet.ru%2F&pr=dewlkqy&p1=consc&rqs=9V5AG5fNcQr2lhFhaXhNIdMBSipSuZYz&rtb-si=b&p2=ganf&resp-time=669

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:31 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 20:58:31 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A6EA 11 KB
8 KB 30ms
24ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021080501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6667977aca34056c108da346f1585b2c94cb490be963669bf99aa2374f67d004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 20:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8526
x-xss-protection: 0

GET
H3-29 200 container.html Show response
156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D614 6 KB
3 KB 23ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.liveinternet.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.liveinternet.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 09 Aug 2021 20:58:31 GMT
expires: Tue, 09 Aug 2022 20:58:31 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 event
ads.adfox.ru/254948/ 0
18 B 96ms
96ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/254948/event?duid=1628542710808524821&hash=4a6df996c0dac6d9&pm=bmu&pxo=swYm-kI-iho_Qv_CouQIdV_lRtnXFr6MKM7EZUpYtAaYFLnRLqIcADCGZExhJhexJ9LElzVgA2XmeMmxx7FnvtZrUtRt4iniHhCcMZCLpc59rlzMpY749Od2mS2J1KKBDtxvE_KGt_iiEli4m-Y_UHmW9xEe5_qEgkd6aZ8HF7asn64HnD8z&p5=fwfya&rand=kzqpzbi&sj=760g_Opc_TgdZl-vHvFzOB3wJ3ehMsGIjDFtfaYqsCqjR09vKXqUME3gjUqz&ad-session-id=3737091628542709454&lts=fhbtewc&ytt=217703303350293&ybv=0.42380&ylv=0.42380&dl=https%3A%2F%2Fwww.liveinternet.ru%2F&pr=dewlkqy&p1=consc&rqs=9V5AG5fNcQr2lhFhPbRky-OWudXH0bJT&rtb-si=b&p2=ganf&resp-time=649

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:31 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 20:58:31 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 61C5 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eecda7280d7a8779cb5ff8bf7459b430bf970052106a1c4b186ff2eddd8c82d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:31 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628508781313717"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27998
x-xss-protection: 0
expires: Mon, 09 Aug 2021 20:58:31 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 61C5 11 KB
9 KB 20ms
19ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021080501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98168f6fbc3b5b2a5261a44eb1a53faa6b05812b816a0ed26d0fb9f486902c64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 20:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8717
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A6EA 17 KB
6 KB 872ms
854ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 09 Aug 2021 20:58:32 GMT

GET
H3-29 200 container.html Show response
53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B965 6 KB
3 KB 16ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.liveinternet.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.liveinternet.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 09 Aug 2021 20:58:31 GMT
expires: Tue, 09 Aug 2022 20:58:31 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 61C5 17 KB
6 KB 829ms
829ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080501.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 09 Aug 2021 20:58:32 GMT

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 5970
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

42ms
38ms

Image
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Mon, 09 Aug 2021 20:58:31 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 14558475354628241767
tpc.googlesyndication.com/simgad/ Frame 5970 31 KB
31 KB 10ms
8ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14558475354628241767?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnV6XrDNV-W0OtK5P-TRCdh8eUiHg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3491837f5d05f3c95088e0e64f70dc3f3105fc07658160a240a0c98f0551d8e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 17:33:32 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 18:08:51 GMT
server: sffe
age: 98699
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31279
x-xss-protection: 0
expires: Mon, 08 Aug 2022 17:33:32 GMT

GET
H3-29 200 ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5970 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ru.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 06:10:48 GMT
x-content-type-options: nosniff
server: cafe
age: 53263
etag: 6726277462267614359
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3041
x-xss-protection: 0
expires: Tue, 10 Aug 2021 06:10:48 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5970 344 B
368 B 7ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 18:40:15 GMT
x-content-type-options: nosniff
server: cafe
age: 8296
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 10 Aug 2021 18:40:15 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/ Frame 6E14 11 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/index.html

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4ee1c82e4f44c50e77f518006f874a6d85c0821773c004747b01bb957f2f1e0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/4377121263432410708/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3275
date: Sat, 07 Aug 2021 22:08:34 GMT
expires: Sun, 07 Aug 2022 22:08:34 GMT
last-modified: Fri, 05 Feb 2021 15:21:21 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 168597
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D614 0
0 49ms
49ms Fetch
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C8kVo95YRYaSxHKPL7_UPzd6VkA7AhpGAZImk7IyvDa4CEAEglKushwFgufjHgNwBoAHQxqPhA8gBCakCi42barTXfj7gAgCoAwHIAwiqBPMBT9B-El83p0utUU6DiW23oi_jTcXbid83eBuGuvIDngfx4hy8zrs23hDgTV4X4FAxuj9OqUBz-4zBaESZGqNxZSKD0EXmDggSW4lmsjms2Dj-fpJeFpPdj8KjroS33aa26S9o6xE5cCUBH4YM_lzCe-foyuGV0Lac7uUA-Kosq9BQDo9WaIus2Tc4gbYN4AJiVyR_49U0clkzRLfX-_KOkkxChLfg9zURk4m_UF69GuqfNmwJwy7P6rfsYnPLoZz1d0GTUrinvNscuM9adIE9OWj72kBlDcDezUJ-l8V9uQbwucnsDdYtxEa0Chi5ldsT8ReHwATlgKvX9wHgBAGSBQQIBBgBkgUECAUYBKAGLoAHmLncHqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBC9zBjSCAkIgOGAEBABGB2ACgPICwHYEwzQFQGYFgGAFwGyFxoKGAgAEhRwdWItNDE3NDQ3NjUwMjQ0NjMyMA&sigh=3igbGiYSvxs&template_id=419
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210805/r20110914/ Frame D614 18 KB
7 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210805/r20110914/abg_lite_fy2019.js

Requested by

Host: 156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com
URL: https://156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:56:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 20:56:31 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/ Frame D614 2 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/window_focus_fy2019.js

Requested by

Host: 156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com
URL: https://156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 859
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 20:44:12 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/ Frame D614 14 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com
URL: https://156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:54:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 20:54:09 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame D614 0
0 15ms
15ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRrv7aFOogvLEm8qxDfrry1fg8T789EPFIwkQeZtfNs6BpNgku7cGUXya7JA2PM4QRaIRo9rts5cn46Fz7uktm3I81MLg
Requested by: Host: 156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com
URL: https://156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D614 124 KB
37 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com
URL: https://156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e9cb4cbda54b2611883c0963d41adcd7c9d4eda558e452c76991b875eeffad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:31 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628508775336984"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38212
x-xss-protection: 0
expires: Mon, 09 Aug 2021 20:58:31 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DDF9 624 B
297 B 17ms
16ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjZ__GZATAB&v=APEucNVH1Xbuk2I6JOhobBm0idKbJbgiWeZA8KJf-1lrCoiNonMZ6mnGkGh7qBcOTO9CLY7bGLdWKU4gKPScFwT7p4NLMAgEQrfPxRSNdN-CkL9GeYBE_tnH6mhCNXR7MBN0u1HL7sJtxZ7suepr0MF1z8JSh8yjhWZsKrzQTMKs84jo-ZD9r1Q

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CJfnugEQw7j0ARjZ__GZATAB&v=APEucNVH1Xbuk2I6JOhobBm0idKbJbgiWeZA8KJf-1lrCoiNonMZ6mnGkGh7qBcOTO9CLY7bGLdWKU4gKPScFwT7p4NLMAgEQrfPxRSNdN-CkL9GeYBE_tnH6mhCNXR7MBN0u1HL7sJtxZ7suepr0MF1z8JSh8yjhWZsKrzQTMKs84jo-ZD9r1Q
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnCA1CTucK-rJ3TTBO14bvYeMT8fJnCtSmENr6dCU7iMJzL3AzSU1eNQZ9d3Hw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 09 Aug 2021 20:58:32 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0674 25 KB
13 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aa_CnP-ztbnLmdez_ikZmV8qWQp6D5uq8i4B31bUGcqD8RNuz0eSxVuJGkx3RAUHV4VLV2aONZCcb3Rx6PoVzI6tv7ru7AEEHl0Xf0dqbocL5cmOu9RttBUqrplSCPPZDN5-Aiy79R0tmzhqbAitSmwoFv9g&cry=1&dbm_d=AKAmf-BVmN1x42lB9XVxUwRcUVTBTJ_EruZJ2lTJnbvgEzWP6YQWwXznqK8Xt4aMZx601MupP3YM5XBLlUDvqxPoSI_oNpcjok-IH0xZUXVvgP-Z9M9GLHvE4WdRwGwXubuwclFnrp7XqBelEG1k2jreuiHpU0E-h0PiqsVTgefogoUwc_UPRkAI-xC7DvpzHUtHDQ6kdwzFy0p2_Nj8WiN1re6HR5CAIXJZQxLT5AjRbmMNyp39l8mvKfVXiojnATV3kXk4uJBW7Jdg9RgzMAEJAx5qlcVg9ghyzEt8XpngE2m0JLMMDa7XjUPVZlFA0IsVtSoF1960U9v2HgmdXvjy24NryHFVR2ZJmdCtctqWpjmWjqwgwByhDGhIEGJ842EieaqkOpIFMEFkAbtAi6bPOpCWDi452KU2Jm8xYHX2xP3_SOhCeFLVXpPfkadV4_MxLKTZqfoQ0s_pBgGAIum_1Z8WW0EXAKzh8S5lIbjIwXXTHOSLHz4UNeJc6dZ-M9CdJo18eMmHHxs2oOP2z31Fd3Ih9IT-L1TJvcIKcF8eTHfuT_vNENMxPGy_onKrlpT2Yx01vrcJ7ZAoicFBmxVo2hIUNAcVtwhaxtGibhu_tS2DiEyRoudEds0FZv-Vwx2lChdk0xue2rO_bv8cE48pg_sDe0xShxVI0R-G_h1NgLCpo7Tq2Pi0OsdOY3XeKwBnuEmCsBnFZXWEClKgMEyrKrp2s-r1w4SkszCmr90V5AW35nPwqw72qbJbQbpp54x-BqyhHZvYmEuHm-4xqbTST-j-9QddHNNhrcIqmtmD1nyZaekQjsiSYWCO7oPKrrU2KIkhW3y4cN7Yos9a5kkEBrvStP01xsLGG3SYAYbgoVtbaz58AWStNvUXqh4tHj9VK8TzW99U5ZfxFeKambERw1QyaVU5B7i12ZPnSHIErYOSppuVvhPzROT7Q4w97NdEJcxXnqbQG9k35J_HOwOnU2w6o7W37oOvbJKofxeupP8ioRHuQPCVLQ_LoadUKrAxFdOBzdMmWCUSfv-Atxi5EF1baSLxz-MoKAIfValj52opnzaW61Ym7F-JA5I4_gpcTIzS_mZqm8_3tgXVgonyol7u2LlIQDTi9a47npLqcoRtJF8FVbi35SdVD2zl4zHf8iMlFQ4NFcU7b6MAf1KdNdZ1VPoF9hQSV-0CPy7P457LnETu7PH1_zZAdILJVKzc0G9vOtNMwyYVV5kosi9mPEX5twwT4DuEIxyxq6RqUDb3ZLfWxzk4V3BdS8A_41vbMcFPpiBIi_jogvs3f5XK2dnsAgmMp27XxfYk91dGNngql7csPlkVi4YaB9-W41a9EZbhwpdt93vUd4sGu2wUhFytIkfwi1hz-dj250G_MAMxW7s3hkvYE4xCncV1paz4W6V1EK0w1oM8woctSbU_H7S8nXn-8K7OXuSNpqbs8p1RM028aqE66EmG5vydKBpSzFMPHqozNSj68VVV5Jk_EQfBmLxS6YC_ohGYZip_gBevDVJP015xFXzUI76BmAoBd8ga45pLPVfj15xtqbsbu_PgRnQM6fscsO_pVOaywQ35-mu9ans-8lmXrPAPsgg8bofViE5EXd5aN6wORIF9Gsp6bmpcEcUpqBKoLvylsEzuS0h0GgAlVKz6ZNYsvbQ4vJmCyeYD6GaUcMZBtIfsfwTc0FDcl2TnqSD9wOQDgfFPiaCJDEpVZTVP6GjDwAERdLk4swFpH9vCm7wQDpAK8TdjQQ7_dO5_yZh7eRb1QLR6jE8GU-sz0PcsyepCn9iNSQ0Cun-GCYWjcjQv-_R8VD23MIy3kgpoYQ3-iHqhZv4V6nKK3fRoB14gUm-Xmn2ffOv79SeQazEhDrzMeUWfzIMhScqacf3t4zgAMX3a1AXN2FYqBSWzudLLh-6RedjF57ivrAIlHNZF6Wz0FahyBRWToC21n7V2hT1u7kIjPkJILBJM7SywRzRepTgk8UcL97dwJ_3RlxEJ3E_MYr8ca3iMbKE9zq5ZBz2s5S7kOHbZp4dciOjAfBm1FC61aaQvcYD5dbxAvePCBOQDYtdbz-zGovuSreBOrLd02eg50hmlN6r9xjRMxdLQO3-hvdGd3MgG95ULO5Viy5_dCmri3qvac9IwFq-8Fh1CnneBslPCQzJoB6JrSiso2mI7zxSZ2bv-v-uiSGKjrM7gKh93Bn7P2y-UUw1H-co9BTuZRkCnacOOmFXmEtee91rfdvvFKekEYF6EpJxSo6l_l0_qoV-RiJnxtZgMP4bt4nimWlHg-ZUUzcro_-4aFOc8En8GlAzNTaz98m3Q1q4R-Zbg3NNDOOQ5x06I4N2MBYOITf6okC8yTej3gWQviQvM59BpB1KhvlDty1vjfnVx8FnxaloLw0LUO86C8btoHvPXjl8UMzzo-CqYupSyx0cieHVL9B-BT4RCQudwxcznsG4_k5u-ikGF5b8OZbhFrC9zJlqXOFRxQM_S7wGqGwOEiS-BfRTdvOMmSmWeUZ1Q3986XWV6SL-K5r-xd1jocIc3mAHq9U6ltrDXdm44MPzZuLLDb2hW_NXR0RQzmEDZTUGKMinNGPj0M6rtAwZBuOeMCoo63SysDaOOwdsRdURzYe223lrp5-ikhSYc7y7qrpwZOetk5xr8bUnalqnjdEsEgQ0li1FXLr-qPdQYCKEJXdrGrAzieo2ht9VFOaJe0ziX_Px6wTx0y9DCppZjPu39OFOs5QnLwu6kJbsAEGKVXWcijAu9kxeZ2N0Ndo7bbgy3kcPmKrD4D2UhkfvXhtvY_6JWLJAMB07ef3ae6FV3l7vlmMAu1yP1VKZOTU1d2q1g2LBhajLtjXixLWZQfbFLnxJ9R2UmsWSOUATwJKYegRlY17hvDcDa59zHMgMWKXWbYOidhvGQfZ6mF6H3Na2bfo_N65YRYwS0VXrSBkfp75E0eKhbedE5gAaFIg1SxRimXg5uv1qoaEedB5iALKVJea56RZsj3igdxlNXq4tKM7iS2wzp8bB35b_Ce8BZnt0-kEjqEXLkGsKu4yAkvh0UDQ_XV6HsZZcu_yRBt7e4jBa00u6HT2PuTpDTRdbAvSnw7MldpfKdtA6lipqqhHRxyAKsI-rLtAmis5tgzq_L1WrQq58mVTUEbslVrasywMLODRR_1FQ1SKwHvaZ7i9E9cthXOoAgsflKPNh_CRenoLFvNIOD3UvbETQyCajIuIdQYLSSsWPqmzzuDwOyiam1e6ckl1wtFUuPAom0G1hq6iMQ6USTD3ohwKdAwJTbbnQH0hbiTK_gpKZN59QO0kE18kMfGNtaVnffKsyn2qj26tAoJd6QDG3DaMO3XO5p03jvOs2Jv5SyHUp2B_aAiJbBICcdOzQDRHfUCAABSJRf5p_gUyk2S0enUG7gzLEYl6P7P73DY5kC2VVXu97h22JyLeLnETOib-4QIMG1bg2t-wlePjgMX55eDxoj5KNyzdDwXiOmtTBshA&cid=CAASEuRoJGluyWuBoKxcocHmGK7UkA&rfl=2%2Chttps%253A%252F%252Fwww.liveinternet.ru%252F%240

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d08e4d911d49db2fda2fddbd32f1518b39f257716d4d157a368cd652fad201d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13228
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 0674 2 KB
2 KB 32ms
7ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4232038&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0jeqkn_8lxlPco7SmRCEqrb&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322731993&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=7875686410&turl=https://www.liveinternet.ru/&DVP_PP_BUNDLE_ID=
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 20:58:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 12:31:25 GMT
Server: Microsoft-IIS/10.0
ETag: "e6262781a8dd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1338

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 0674 7 KB
3 KB 32ms
6ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0jeqkn_8lxlPco7SmRCEqrb&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322731993&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=7875686410&turl=https://www.liveinternet.ru/&DVP_PP_BUNDLE_ID=
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c59bd599dc9d1d8c82517689425700a1793831953f8ca6126a004dfcae20f293

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 20:58:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 14:36:56 GMT
Server: Microsoft-IIS/10.0
ETag: "0f4aa02c8dd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3215

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 0674 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 20:51:22 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0674 124 KB
37 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e9cb4cbda54b2611883c0963d41adcd7c9d4eda558e452c76991b875eeffad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:32 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628508775336984"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38212
x-xss-protection: 0
expires: Mon, 09 Aug 2021 20:58:32 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 0674 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:57:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 20:57:53 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0674 42 B
63 B 28ms
26ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BxtrFJKAeRzq0OcIOknNgRAawMmAdUiN-594JfC-1ulMB0_mStOocTNjTF4RbMUhP-ElYzGoQd0WvGI89KKjAUzAnPDZ4Ivfgh-tBIwf6mQmoWKK4

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1FE1 143 B
163 B 8ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com
URL: https://156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnCA1CTucK-rJ3TTBO14bvYeMT8fJnCtSmENr6dCU7iMJzL3AzSU1eNQZ9d3Hw; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 09 Aug 2021 20:42:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 935
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame D614 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7882adcf2283b6569a752b22abb4e2aaf1eb2a67c569afc29d956117f3f3357

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 6E14 9 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 19:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 10 Aug 2021 19:35:50 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6E14 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30059
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 10 Aug 2021 12:37:33 GMT

GET
H3-29 200 efd5af212b790b949ef103480dddb5e7.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/ Frame 6E14 69 KB
18 KB 9ms
8ms Script
application/x-javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/efd5af212b790b949ef103480dddb5e7.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8994af594d5b44a2244155d9e567be672557846242b3c65ce86eaaeb652c3744

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 168598
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18481
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:21:21 GMT
server: sffe
date: Sat, 07 Aug 2021 22:08:34 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Aug 2022 22:08:34 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210805/r20110914/ Frame 0674 24 KB
9 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210805/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aa_CnP-ztbnLmdez_ikZmV8qWQp6D5uq8i4B31bUGcqD8RNuz0eSxVuJGkx3RAUHV4VLV2aONZCcb3Rx6PoVzI6tv7ru7AEEHl0Xf0dqbocL5cmOu9RttBUqrplSCPPZDN5-Aiy79R0tmzhqbAitSmwoFv9g&cry=1&dbm_d=AKAmf-BVmN1x42lB9XVxUwRcUVTBTJ_EruZJ2lTJnbvgEzWP6YQWwXznqK8Xt4aMZx601MupP3YM5XBLlUDvqxPoSI_oNpcjok-IH0xZUXVvgP-Z9M9GLHvE4WdRwGwXubuwclFnrp7XqBelEG1k2jreuiHpU0E-h0PiqsVTgefogoUwc_UPRkAI-xC7DvpzHUtHDQ6kdwzFy0p2_Nj8WiN1re6HR5CAIXJZQxLT5AjRbmMNyp39l8mvKfVXiojnATV3kXk4uJBW7Jdg9RgzMAEJAx5qlcVg9ghyzEt8XpngE2m0JLMMDa7XjUPVZlFA0IsVtSoF1960U9v2HgmdXvjy24NryHFVR2ZJmdCtctqWpjmWjqwgwByhDGhIEGJ842EieaqkOpIFMEFkAbtAi6bPOpCWDi452KU2Jm8xYHX2xP3_SOhCeFLVXpPfkadV4_MxLKTZqfoQ0s_pBgGAIum_1Z8WW0EXAKzh8S5lIbjIwXXTHOSLHz4UNeJc6dZ-M9CdJo18eMmHHxs2oOP2z31Fd3Ih9IT-L1TJvcIKcF8eTHfuT_vNENMxPGy_onKrlpT2Yx01vrcJ7ZAoicFBmxVo2hIUNAcVtwhaxtGibhu_tS2DiEyRoudEds0FZv-Vwx2lChdk0xue2rO_bv8cE48pg_sDe0xShxVI0R-G_h1NgLCpo7Tq2Pi0OsdOY3XeKwBnuEmCsBnFZXWEClKgMEyrKrp2s-r1w4SkszCmr90V5AW35nPwqw72qbJbQbpp54x-BqyhHZvYmEuHm-4xqbTST-j-9QddHNNhrcIqmtmD1nyZaekQjsiSYWCO7oPKrrU2KIkhW3y4cN7Yos9a5kkEBrvStP01xsLGG3SYAYbgoVtbaz58AWStNvUXqh4tHj9VK8TzW99U5ZfxFeKambERw1QyaVU5B7i12ZPnSHIErYOSppuVvhPzROT7Q4w97NdEJcxXnqbQG9k35J_HOwOnU2w6o7W37oOvbJKofxeupP8ioRHuQPCVLQ_LoadUKrAxFdOBzdMmWCUSfv-Atxi5EF1baSLxz-MoKAIfValj52opnzaW61Ym7F-JA5I4_gpcTIzS_mZqm8_3tgXVgonyol7u2LlIQDTi9a47npLqcoRtJF8FVbi35SdVD2zl4zHf8iMlFQ4NFcU7b6MAf1KdNdZ1VPoF9hQSV-0CPy7P457LnETu7PH1_zZAdILJVKzc0G9vOtNMwyYVV5kosi9mPEX5twwT4DuEIxyxq6RqUDb3ZLfWxzk4V3BdS8A_41vbMcFPpiBIi_jogvs3f5XK2dnsAgmMp27XxfYk91dGNngql7csPlkVi4YaB9-W41a9EZbhwpdt93vUd4sGu2wUhFytIkfwi1hz-dj250G_MAMxW7s3hkvYE4xCncV1paz4W6V1EK0w1oM8woctSbU_H7S8nXn-8K7OXuSNpqbs8p1RM028aqE66EmG5vydKBpSzFMPHqozNSj68VVV5Jk_EQfBmLxS6YC_ohGYZip_gBevDVJP015xFXzUI76BmAoBd8ga45pLPVfj15xtqbsbu_PgRnQM6fscsO_pVOaywQ35-mu9ans-8lmXrPAPsgg8bofViE5EXd5aN6wORIF9Gsp6bmpcEcUpqBKoLvylsEzuS0h0GgAlVKz6ZNYsvbQ4vJmCyeYD6GaUcMZBtIfsfwTc0FDcl2TnqSD9wOQDgfFPiaCJDEpVZTVP6GjDwAERdLk4swFpH9vCm7wQDpAK8TdjQQ7_dO5_yZh7eRb1QLR6jE8GU-sz0PcsyepCn9iNSQ0Cun-GCYWjcjQv-_R8VD23MIy3kgpoYQ3-iHqhZv4V6nKK3fRoB14gUm-Xmn2ffOv79SeQazEhDrzMeUWfzIMhScqacf3t4zgAMX3a1AXN2FYqBSWzudLLh-6RedjF57ivrAIlHNZF6Wz0FahyBRWToC21n7V2hT1u7kIjPkJILBJM7SywRzRepTgk8UcL97dwJ_3RlxEJ3E_MYr8ca3iMbKE9zq5ZBz2s5S7kOHbZp4dciOjAfBm1FC61aaQvcYD5dbxAvePCBOQDYtdbz-zGovuSreBOrLd02eg50hmlN6r9xjRMxdLQO3-hvdGd3MgG95ULO5Viy5_dCmri3qvac9IwFq-8Fh1CnneBslPCQzJoB6JrSiso2mI7zxSZ2bv-v-uiSGKjrM7gKh93Bn7P2y-UUw1H-co9BTuZRkCnacOOmFXmEtee91rfdvvFKekEYF6EpJxSo6l_l0_qoV-RiJnxtZgMP4bt4nimWlHg-ZUUzcro_-4aFOc8En8GlAzNTaz98m3Q1q4R-Zbg3NNDOOQ5x06I4N2MBYOITf6okC8yTej3gWQviQvM59BpB1KhvlDty1vjfnVx8FnxaloLw0LUO86C8btoHvPXjl8UMzzo-CqYupSyx0cieHVL9B-BT4RCQudwxcznsG4_k5u-ikGF5b8OZbhFrC9zJlqXOFRxQM_S7wGqGwOEiS-BfRTdvOMmSmWeUZ1Q3986XWV6SL-K5r-xd1jocIc3mAHq9U6ltrDXdm44MPzZuLLDb2hW_NXR0RQzmEDZTUGKMinNGPj0M6rtAwZBuOeMCoo63SysDaOOwdsRdURzYe223lrp5-ikhSYc7y7qrpwZOetk5xr8bUnalqnjdEsEgQ0li1FXLr-qPdQYCKEJXdrGrAzieo2ht9VFOaJe0ziX_Px6wTx0y9DCppZjPu39OFOs5QnLwu6kJbsAEGKVXWcijAu9kxeZ2N0Ndo7bbgy3kcPmKrD4D2UhkfvXhtvY_6JWLJAMB07ef3ae6FV3l7vlmMAu1yP1VKZOTU1d2q1g2LBhajLtjXixLWZQfbFLnxJ9R2UmsWSOUATwJKYegRlY17hvDcDa59zHMgMWKXWbYOidhvGQfZ6mF6H3Na2bfo_N65YRYwS0VXrSBkfp75E0eKhbedE5gAaFIg1SxRimXg5uv1qoaEedB5iALKVJea56RZsj3igdxlNXq4tKM7iS2wzp8bB35b_Ce8BZnt0-kEjqEXLkGsKu4yAkvh0UDQ_XV6HsZZcu_yRBt7e4jBa00u6HT2PuTpDTRdbAvSnw7MldpfKdtA6lipqqhHRxyAKsI-rLtAmis5tgzq_L1WrQq58mVTUEbslVrasywMLODRR_1FQ1SKwHvaZ7i9E9cthXOoAgsflKPNh_CRenoLFvNIOD3UvbETQyCajIuIdQYLSSsWPqmzzuDwOyiam1e6ckl1wtFUuPAom0G1hq6iMQ6USTD3ohwKdAwJTbbnQH0hbiTK_gpKZN59QO0kE18kMfGNtaVnffKsyn2qj26tAoJd6QDG3DaMO3XO5p03jvOs2Jv5SyHUp2B_aAiJbBICcdOzQDRHfUCAABSJRf5p_gUyk2S0enUG7gzLEYl6P7P73DY5kC2VVXu97h22JyLeLnETOib-4QIMG1bg2t-wlePjgMX55eDxoj5KNyzdDwXiOmtTBshA&cid=CAASEuRoJGluyWuBoKxcocHmGK7UkA&rfl=2%2Chttps%253A%252F%252Fwww.liveinternet.ru%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9da31cabd7ad9f32c9a2c18ce1838a6eaeeca9fbf55995a3e5a2abb2aface6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:53:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9343
x-xss-protection: 0
server: cafe
etag: 12459758733850244510
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 20:53:34 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0674 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 19:11:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6423
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 19:11:29 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DDF9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLqQS7gbiIDIzTKV1-bBnI&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLqQS7gbiIDIzTKV1-bBnI&google_cver=1&C=1

43 B
1014 B

40ms
39ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLqQS7gbiIDIzTKV1-bBnI&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjZ__GZATAB&v=APEucNVH1Xbuk2I6JOhobBm0idKbJbgiWeZA8KJf-1lrCoiNonMZ6mnGkGh7qBcOTO9CLY7bGLdWKU4gKPScFwT7p4NLMAgEQrfPxRSNdN-CkL9GeYBE_tnH6mhCNXR7MBN0u1HL7sJtxZ7suepr0MF1z8JSh8yjhWZsKrzQTMKs84jo-ZD9r1Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Aug 2021 20:58:32 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 09 Aug 2021 20:58:32 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 09 Aug 2021 20:58:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLqQS7gbiIDIzTKV1-bBnI&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 09 Aug 2021 20:58:32 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DDF9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YRGW.GTRLfUjNm5X.ad2hwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLqQS7gbiIDIzTKV1-bBnI&google_cver=1&google_hm=2

43 B
894 B

42ms
42ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLqQS7gbiIDIzTKV1-bBnI&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjZ__GZATAB&v=APEucNVH1Xbuk2I6JOhobBm0idKbJbgiWeZA8KJf-1lrCoiNonMZ6mnGkGh7qBcOTO9CLY7bGLdWKU4gKPScFwT7p4NLMAgEQrfPxRSNdN-CkL9GeYBE_tnH6mhCNXR7MBN0u1HL7sJtxZ7suepr0MF1z8JSh8yjhWZsKrzQTMKs84jo-ZD9r1Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Aug 2021 20:58:32 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 09 Aug 2021 20:58:32 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECLqQS7gbiIDIzTKV1-bBnI&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame DDF9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGC_4H73RXdM_DNAS5-nVlc&google_cver=1

43 B
1004 B

47ms
45ms

Image
image/gif

185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGC_4H73RXdM_DNAS5-nVlc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjZ__GZATAB&v=APEucNVH1Xbuk2I6JOhobBm0idKbJbgiWeZA8KJf-1lrCoiNonMZ6mnGkGh7qBcOTO9CLY7bGLdWKU4gKPScFwT7p4NLMAgEQrfPxRSNdN-CkL9GeYBE_tnH6mhCNXR7MBN0u1HL7sJtxZ7suepr0MF1z8JSh8yjhWZsKrzQTMKs84jo-ZD9r1Q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Aug 2021 20:58:32 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9b525e8f-d463-44a1-95ca-feb48d835ae5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGC_4H73RXdM_DNAS5-nVlc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame DDF9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA5NzkwMjA3MjAwMDgyMTcyNQ%3D%3D

170 B
188 B

48ms
46ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA5NzkwMjA3MjAwMDgyMTcyNQ%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 09 Aug 2021 20:58:32 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9de82d25-d86b-46f1-b7df-98df46ce22f3
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA5NzkwMjA3MjAwMDgyMTcyNQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 7c9238132acc3501dec94b8706ed02bb.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/media/ Frame 6E14 21 KB
21 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/media/7c9238132acc3501dec94b8706ed02bb.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8df480865ef8a7c05d4c027f411316b42d88d8b2bfca6b98ef69d526b9933a11

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 168597
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21031
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:21:21 GMT
server: sffe
date: Sat, 07 Aug 2021 22:08:35 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Aug 2022 22:08:35 GMT

GET
H3-29 200 14179ad911314116ada58e9d7095233e.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/media/ Frame 6E14 3 KB
3 KB 15ms
14ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/media/14179ad911314116ada58e9d7095233e.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66b45568fef2ad5b4bf571ad8abf7c30ae5145db9cb2c6d077d8bbf514f0734c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 168597
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2771
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:21:21 GMT
server: sffe
date: Sat, 07 Aug 2021 22:08:35 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Aug 2022 22:08:35 GMT

GET
H3-29 200 f92f6b7385ab3161560abf7526ebabdd.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/media/ Frame 6E14 10 KB
2 KB 15ms
14ms Image
image/svg+xml 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/media/f92f6b7385ab3161560abf7526ebabdd.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff28b7bafd0d63947fa6ecaf304efc6f15fd297c4fe352efca937a0e6daeffcb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 168597
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1971
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:21:21 GMT
server: sffe
date: Sat, 07 Aug 2021 22:08:35 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Aug 2022 22:08:35 GMT

GET
H3-29 200 fc9f3426038acaf80eeed1d75f6c9a3b.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/media/ Frame 6E14 28 KB
28 KB 16ms
15ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/media/fc9f3426038acaf80eeed1d75f6c9a3b.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ac3537cdc9bc4b6dcd500b0161c2a585f0fc9b634f7b1db6f7873702858df88

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 168597
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28557
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:21:21 GMT
server: sffe
date: Sat, 07 Aug 2021 22:08:35 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Aug 2022 22:08:35 GMT

GET
H3-29 200 c561af94e35f155e6972954b80d23d7f.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/media/ Frame 6E14 7 KB
7 KB 17ms
16ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/media/c561af94e35f155e6972954b80d23d7f.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b095daa45c5aedc085f2017153d1aa6507ba6475cc0b7c7918d1eaa557671efd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 168597
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7576
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:21:21 GMT
server: sffe
date: Sat, 07 Aug 2021 22:08:35 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Aug 2022 22:08:35 GMT

GET
H/1.1 200
OK dvbs_src_internal99.js Show response
cdn.doubleverify.com/ Frame 0674 61 KB
19 KB 19ms
13ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4232038&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0jeqkn_8lxlPco7SmRCEqrb&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322731993&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=7875686410&turl=https://www.liveinternet.ru/&DVP_PP_BUNDLE_ID=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 20:58:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 12:31:42 GMT
Server: Microsoft-IIS/10.0
ETag: "08bf9811a8dd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19248

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9ABF 22 KB
8 KB 10ms
8ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 09 Aug 2021 19:13:45 GMT
expires: Tue, 09 Aug 2022 19:13:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6287
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1FE1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: 156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com
URL: https://156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnCA1CTucK-rJ3TTBO14bvYeMT8fJnCtSmENr6dCU7iMJzL3AzSU1eNQZ9d3Hw; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 09 Aug 2021 20:58:32 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 09-Aug-2021 21:58:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 09 Aug 2021 20:58:32 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 09 Aug 2021 20:58:32 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 a68bc50e4ef0f62a07ab13ad179bffa4.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/media/ Frame 6E14 4 KB
1 KB 9ms
7ms Image
image/svg+xml 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/media/a68bc50e4ef0f62a07ab13ad179bffa4.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4377121263432410708/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ceef67bb9bbe56cf1f624718113f0eb693bc7a747e6a8a8ed4f4ae93315da4e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 168597
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1219
x-xss-protection: 0
last-modified: Fri, 05 Feb 2021 15:21:21 GMT
server: sffe
date: Sat, 07 Aug 2021 22:08:35 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Aug 2022 22:08:35 GMT

GET
H/1.1 200
OK bst2tv3.html Show response
cdn3.doubleverify.com/ Frame E540 1 KB
1 KB 30ms
7ms Document
text/html 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/bst2tv3.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges: bytes
ETag: "01818ecfc6cf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 806
Cache-Control: max-age=65041
Date: Mon, 09 Aug 2021 20:58:32 GMT
Connection: keep-alive

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 0674 3 KB
2 KB 315ms
104ms Script
text/javascript 204.154.111.150
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_929424987354&jsTagObjCallback=__tagObject_callback_929424987354&num=6&ctx=1828362&cmp=115845&plc=4232038&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=929424987354&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.60&dvpx_strhd=0.60&brid=0&brver=&bridua=3&dup=null&turl=https://www.liveinternet.ru/&chro=0&hist=2&winh=250&winw=970&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0jeqkn_8lxlPco7SmRCEqrb&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322731993&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=7875686410&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=16&fcifrms=9&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3D%3AG6%3A%3FE6C%3F6E%5DCFTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3D%3AG6%3A%3FE6C%3F6E%5DCFTar9EEADTbpTauTaudbcfd3%60g5da6g22%606dd2h433h%60f5a6ec%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTaudbcfd3%60g5da6g22%606dd2h433h%60f5a6ec%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=20.10&callbackName=__verify_callback_929424987354
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.111.150 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb33.doubleverify.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: dd92dda870f3b98724c166fc91f1fb991e80cdc2ff010c0e1176e785339ee705

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
X-DV-Response: 1
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Date: Mon, 09 Aug 2021 20:58:31 GMT
Expires: 8/8/2021 8:58:32 PM

GET
H/1.1 200
OK dv-match6.js Show response
cdn.doubleverify.com/ Frame 1DDD 4 KB
2 KB 9ms
8ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-match6.js
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 20:58:32 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Mar 2018 04:45:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "03c84bdf3b8d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=67431
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1935

GET
H3-29 200 gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js Show response
pagead2.googlesyndication.com/bg/ Frame 9ABF 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80d95328167947c0003a2c066f849c12427e849751483e62f0d6fd55b6278fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:29:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13306
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 20:29:05 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9ABF 0
20 B 30ms
29ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOLhv-JYRYa6lAqqU9u8PwPePoA0AAAAAOAHgBAI&bg=!LS6lLmrNAAbOj6irzo87ACkAdvg8Wuqyzyl08Jd98_L2SHLDb5TAECXtQFaal4kthzjiFuD_23em8wIAAACkUgAAABhoAQcKAH3sN6JqsPQf0l5q7LBZ807WDqrufX4eM8VxyaYnrlSSaXrRiCzZL_CszF9aOr7sZtKavjXx3UZk_FB71o-5kEerinYhFLGPE6PJfHOZwvnjDu-HXm7q1vdHt4QwJu-6clGXHiWCSx9fnnauruy2O7aaZ-AViAOGtygQg4IVJJkDEuSSVlp03odQcwi_9XQeZ25uJh4cdx-eJITcl-RGwLAEQJ7fEMto9T-w3txidPz3qM-SoxddtoMpVUK6UxFltWsVAG2927ZPCV1-l9vgDWCJ3gpQLum5KwAztuNJpKNuWNjQmdHQOPLlu8gw8LO5RX5KzkBUmbBVfyuKUNz1Bq4fRiyl_YEMA-vuYlQI2BC0fshQIvJA5BSpqwqeLdUIjAwAfwG33NQfmr-Xh2ZBFSVxP8CxNyKRbre4Uj5yxTioBZKUkuiITa7L6yr5s8KmJrOwOUfM7QYZS1yMzRrpxEBdHTsoscfOcJdmWcC0PH1iJVTxk3vFRgEKUOZYkrhhefLdG-hCg3X0USZA95giVF4CUhbeM8yeYIbRptfRlxVUBTzBosqPazeFOl_PZ1KudkqqFGh-dg_9eXUzsAT5UP1mZLiYzqpv38h9Tc3u8a7Prnlfp5phfPO7HGkTslnEEzrAurLCILBeRTrIzjOkh84ZUQKvo9dAu47JqoG7SuaGy7Fhe60TqpSLa_n0cn52GBa_atAFuluOIksmoVN7F-RUOQ5F3dxLsvkmNYaXmwiuYdYi4bmVOWsRCBDt5qPUgu6rQWfg1E-CbdBBVUNjSXoTeblrh4H-IoqXUdiu6vQsMo4wyn59Vo-ma7UmkIR_WaR1O_cokhCv78kraNHb1sbaZ8O4VcxFZilYwMNjQJ9QwoyziW_iRh70pIKqOOvf521fsQG_yeObP6vw240PHV5i5e0xXyDiQAsm0o5dSYFMSNvt2M4uhvcSlr1599aG8U8XNIkYvEDotR3T0GaRcOJ4tGJ6LXjGcrrWYURBGR6mqDNCclw72Out4oH2jn9AhsbLdEb8NkZ2FYTLelBlM37MD8xtJTxAKqfUxTQ8RUJSquL-D6sBeDZQllWCWRAXLL8ZqSoKLs9_kyI3tk3T0-4GggpgknkWQsbWu8Vee6f0_a-vq-2nIOEVFo0xQMccW8dfMK_V0Sj-WESfFQICPXHqpVGR3o8bDMQYvik1CMpexGSPff9SF0sfRhxopg-h6VQ5kA

Requested by

Host: 53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com
URL: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event
ads.adfox.ru/254948/ 0
66 B 663ms
663ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/254948/event?duid=1628542710808524821&hash=17fc76458018112d&pm=cza&p5=jxahr&rand=gnykwxh&sj=YsQlS0omUFyZDz5ytYkJAKRnTZ41bRfBp1qoN3o2ny2Rg1CqveMCDL03H_uy&ad-session-id=3737091628542709454&utg=oxum&lts=fhbtewc&ytt=217703303350293&ybv=0.42380&ylv=0.42380&dl=https%3A%2F%2Fwww.liveinternet.ru%2F&pr=dewlkqy&p1=consd&rqs=9V5AG5fNcQr2lhFhqj350a_mRFahG3ab&p2=y

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 20:58:33 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H/1.1 200
OK bsevent.gif
tps620.doubleverify.com/ Frame 0674 807 B
1 KB 331ms
96ms Ping
image/gif 204.154.111.112
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps620.doubleverify.com/bsevent.gif?impid=c04eeb7c3e21446b966dfc81f034626c&dvp_or2=1&cbust=1628542712599338
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.111.112 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb09.doubleverify.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 09 Aug 2021 20:58:31 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 8/8/2021 8:58:32 PM

GET
H3-29 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 0674 9 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37bfceb04cc7a18df0c1da8269c382b3b088e870ab39a0987ae17a54589b2dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:40:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4105
x-xss-protection: 0
last-modified: Wed, 04 Aug 2021 13:52:44 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 09 Aug 2021 21:40:17 GMT

GET
H/1.1

200
OK

bsevent.gif
tps620.doubleverify.com/ Frame 0674
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=doubleverify_ddp&google_ula=7327243&google_cm&google_hm=**&google_redir=https%3A%2F%2Ftps620.doubleverify.com%2Fbsevent.gif%3Fimpid%3Dc04eeb7c3e21446b9...
https://tps620.doubleverify.com/bsevent.gif?impid=c04eeb7c3e21446b966dfc81f034626c&dvpx_gfbc=1&cbust=1628542712603748&google_error=10

807 B
1 KB

270ms
93ms

Image
image/gif

204.154.111.112
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps620.doubleverify.com/bsevent.gif?impid=c04eeb7c3e21446b966dfc81f034626c&dvpx_gfbc=1&cbust=1628542712603748&google_error=10
Requested by: Host: 53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com
URL: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.111.112 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb09.doubleverify.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Aug 2021 20:58:31 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 8/8/2021 8:58:32 PM

Redirect headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://tps620.doubleverify.com/bsevent.gif?impid=c04eeb7c3e21446b966dfc81f034626c&dvpx_gfbc=1&cbust=1628542712603748&google_error=10
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 impl_v78.js Show response
www.googletagservices.com/dcm/ Frame 0674 37 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v78.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07000140ab52c28ef2a522fae638638b2783786e8e2ae8cb883cc1f0a0c00df0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 17:58:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15595
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 17:50:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Aug 2022 17:58:05 GMT

GET
H2 200 B9689862.280630144;dc_ver=78.226;sz=728x90;u_sd=1;dc_adk=622863437;ord=6uhyy4;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=2,https%3A%2F%2Fwww.liveinte... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 0674 44 KB
20 KB 121ms
55ms Script
text/javascript 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=78.226;sz=728x90;u_sd=1;dc_adk=622863437;ord=6uhyy4;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=2,https%3A%2F%2Fwww.liveinternet.ru%2F$0;xdt=1;crlt=l76)o!0GYS;osda=2;sttr=28;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v78.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

846549b16dc7c66bc6f4fdfa556c81d7a0f393a825fb79a0f1b7a49c8604c718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19761
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame DA6D 12 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.liveinternet.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.liveinternet.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 09 Aug 2021 20:29:03 GMT
expires: Tue, 09 Aug 2022 20:29:03 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1769
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9C86 783 B
533 B 22ms
21ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d750ae04b4c904e791a66ff98e62d97247225292be3dd41adbe6ec1962710049

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9scIrq4e8HDIj3a496GtIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.liveinternet.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.liveinternet.ru/

Response headers

expires: Mon, 09 Aug 2021 20:58:32 GMT
date: Mon, 09 Aug 2021 20:58:32 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-9scIrq4e8HDIj3a496GtIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame BC2B 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.liveinternet.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.liveinternet.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 09 Aug 2021 20:29:03 GMT
expires: Tue, 09 Aug 2022 20:29:03 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1769
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C456 783 B
532 B 18ms
18ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6f7a85903d607f138b972e18e4386c00c3d1f46c214222e06b055be52d091d85

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-/ZWg6vvF+lppfTGXZlKmxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.liveinternet.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.liveinternet.ru/

Response headers

expires: Mon, 09 Aug 2021 20:58:32 GMT
date: Mon, 09 Aug 2021 20:58:32 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-/ZWg6vvF+lppfTGXZlKmxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A029 12 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.liveinternet.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.liveinternet.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 09 Aug 2021 20:29:03 GMT
expires: Tue, 09 Aug 2022 20:29:03 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1769
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5F3A 783 B
531 B 17ms
16ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f0c8f65eea90c6283fccfa9efca810f1194dbd98095a847c359f83d816ccca11

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Yc4cWo9h0i2rlvU6Fb3Peg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.liveinternet.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.liveinternet.ru/

Response headers

expires: Mon, 09 Aug 2021 20:58:32 GMT
date: Mon, 09 Aug 2021 20:58:32 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Yc4cWo9h0i2rlvU6Fb3Peg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 0674 114 KB
40 KB 36ms
7ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com
Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 19:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Aug 2021 19:55:34 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210805/r20110914/elements/html/ Frame 0674 8 KB
3 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210805/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=78.226;sz=728x90;u_sd=1;dc_adk=622863437;ord=6uhyy4;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=2,https%3A%2F%2Fwww.liveinternet.ru%2F$0;xdt=1;crlt=l76)o!0GYS;osda=2;sttr=28;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 20:53:58 GMT

GET
H/1.1 200
OK dv-measurements1685.js Show response
cdn.doubleverify.com/ Frame 6F92 492 KB
89 KB 8ms
6ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1685.js
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7e9ea3086a0fdff681e0255f6ed807081a5bd68e43562d851eda0a361d7eaf7a

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 20:58:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Aug 2021 10:48:34 GMT
Server: Microsoft-IIS/10.0
ETag: "0adfc6fe789d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91036

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0B07 1 KB
749 B 8ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com
URL: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 09 Aug 2021 03:09:05 GMT
expires: Tue, 10 Aug 2021 03:09:05 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 64167
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 0674 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5796e19a9db28a1b8bcf230adaae3e818a1b991cb2e61a9c3dce3ac7fe8caaf1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6AC3 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 09 Aug 2021 19:13:45 GMT
expires: Tue, 09 Aug 2022 19:13:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6287
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js Show response
pagead2.googlesyndication.com/bg/ Frame DA6D 35 KB
13 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80d95328167947c0003a2c066f849c12427e849751483e62f0d6fd55b6278fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:29:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13306
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 20:29:05 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 0674 7 KB
3 KB 8ms
7ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=9689862&sid=2641434&plc=280630144&num=&adid=&advid=2276943&adsrv=1&btreg=503233716&btadsrv=doubleclick&crt=150375118&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c59bd599dc9d1d8c82517689425700a1793831953f8ca6126a004dfcae20f293

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 20:58:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 14:36:56 GMT
Server: Microsoft-IIS/10.0
ETag: "0f4aa02c8dd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3215

GET
H3-29 200 index.html Show response
s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/ Frame 2F1B 5 KB
2 KB 24ms
8ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e2608f3ec505238671a006689f7d38114a785b3c8d9c70d19daf5ba1db406a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 1765
date: Mon, 09 Aug 2021 14:38:52 GMT
expires: Tue, 10 Aug 2021 14:38:52 GMT
last-modified: Tue, 04 May 2021 21:40:14 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 22781
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0674 0
545 B 928ms
48ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstMN-4es5tQBkXYNcktgiTAgyGdQSgvpJXnGoxDOwlDuidNTn1tpFjj6vsMtcQC5Sks13MbVpEeLt2zJmTvZTmlocKioozuD2lHTv_KWXicLIv5WJ8_KX6LhyNmqdE6nK6ojq7Xr21aFjZAxOzmdAqq6Pd63a4Ck1Q&sig=Cg0ArKJSzKhl6MgdzJwUEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=194&cbvp=1&cstd=184&cisv=r20210805.08578&adurl=

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 20:58:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 6F92 3 KB
2 KB 307ms
102ms Script
text/javascript 204.154.111.150
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=198&ttfrms=51&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3D%3AG6%3A%3FE6C%3F6E%5DCFTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3D%3AG6%3A%3FE6C%3F6E%5DCFTar9EEADTbpTauTaudbcfd3%60g5da6g22%606dd2h433h%60f5a6ec%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTaudbcfd3%60g5da6g22%606dd2h433h%60f5a6ec%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&uid=1628542713048617&jsCallback=dvCallback_1628542713048731&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1685&tgjsver=1685&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2F53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=11&brh=2&dvp_epl=352&noc=16&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.liveinternet.ru/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0jeqkn_8lxlPco7SmRCEqrb&DVP_DBM_1=3060631&DVP_DBM_2=11817078&DVP_DBM_3=32228440&DVP_DBM_4=322731993&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=7875686410&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=314461731077.48206&dvp_tukv=543740253399.0102&dvp_uuid=12787140253.62208&dvp_strhd=0.5&dvpx_strhd=0.5&dvp_mib=1&dvp_tuid=329804160565
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1685.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.111.150 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb33.doubleverify.com
Software: /
Resource Hash: cfd4f6f605faa77725b9c82edf7a79ab5b0c4380c269b7e0cae847cf7f4fc58b

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Aug 2021 20:58:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 8/8/2021 8:58:33 PM

GET
H3-29 200 gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js Show response
pagead2.googlesyndication.com/bg/ Frame BC2B 35 KB
13 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80d95328167947c0003a2c066f849c12427e849751483e62f0d6fd55b6278fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:29:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13306
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 20:29:05 GMT

GET
H2 204 event
ads.adfox.ru/254948/ 0
18 B 174ms
167ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/254948/event?duid=1628542710808524821&hash=06d1d4c875b63986&pm=bmp&pxo=r8aYv-W-j6jISvkAEiIwYKCO9JA1T2XuS27yQTDBQYcsprDM6moU9v3nFqhNhz1_g5guC8SJAonymAQ_Yrdkw_V0iP_N3fJi7qVfCRj68ghj7UvparLkXi_b73daVFre0XFMSrU4lfNVLsRiyDcRKR8sVmRD3clbh44ItK_eIyZbaIF82Y8P&p5=fwfya&rand=gpsyxbt&sj=lb02M1_Dgr3UsamgIuFPPA2d2gyjlRpahH-CXvlLg-3zx-o85rEbNcpongob&ad-session-id=3737091628542709454&lts=fhbtewc&ytt=217703303350293&ybv=0.42380&ylv=0.42380&dl=https%3A%2F%2Fwww.liveinternet.ru%2F&pr=dewlkqy&p1=consc&rqs=9V5AG5fNcQr2lhFhaXhNIdMBSipSuZYz&rtb-si=b&p2=ganf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 20:58:33 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5970 42 B
64 B 35ms
34ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqjbrjQ56wvA59jKp48dnP1ZFzCpF-hJ_W52Dfr_Uh7lATi5zvyYaa7ICG-JNK08E3O-rxi0yQuZ8emzNsa9_j7owuG-JbFw8RA1wG59hJ8PcFzvmIQDAUopfHTw&sai=AMfl-YSElZVaLT4iTCTtL7GDddiBTYJ2_1adK31uz9eEGnktdgl06YqKR9vtlaaepiraKC2hLCJEJdjDy960toGWktYpV-mPyqUZKqEhER82HlyyZuXxxsYH1VpRKrk&sig=Cg0ArKJSzAvj6xRbtQAIEAE&cid=CAASF-RoEyJyX_XPMcthm2p1SX8dh7JYbMwk&id=ampim&o=180,928&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1102&mtos=0,0,1102,1102,1102&tos=0,0,1102,0,0&tfs=180&tls=1282&g=100&h=100&tt=1282&r=v&avms=ampa&adk=602788822

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js Show response
pagead2.googlesyndication.com/bg/ Frame A029 35 KB
13 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80d95328167947c0003a2c066f849c12427e849751483e62f0d6fd55b6278fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:29:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13306
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 20:29:05 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D614 42 B
64 B 35ms
34ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssl7jEIkKH52yoJ_0oNNp6VmCjf4YPRem-4WMYZ5sm9gj8bGQjiA4oKc69kOC_IRwMtIsoH6cgDYIXKshQb3TkC67YBXmhkH2EvXl4DGcJZG4tErdpi93Fn3h0jxg&sai=AMfl-YS8HLeHSwoaVZOWLChND35OORnu-RkkVz99yEH62XXvdgw1wJndYRCiKWrsNHeD0xDKChOwZwNclXsWuVDlMhUOJ2Q0AHwgzw1GiqU63drIqqm1aPLClgrucgk&sig=Cg0ArKJSzHohcVcn_ZR3EAE&cid=CAASF-Roqdzj0iChFIi8CJSQUSVRien9BBqw&id=lidar2&mcvt=1013&p=0,0,250,300&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20210809&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=602788822&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628542711804&dlt=52&rpt=351&isd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event
ads.adfox.ru/254948/ 0
18 B 108ms
107ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/254948/event?duid=1628542710808524821&hash=111f6ef2fa84f839&pm=bmp&pxo=swYm-kI-iho_Qv_CouQIdV_lRtnXFr6MKM7EZUpYtAaYFLnRLqIcADCGZExhJhexJ9LElzVgA2XmeMmxx7FnvtZrUtRt4iniHhCcMZCLpc59rlzMpY749Od2mS2J1KKBDtxvE_KGt_iiEli4m-Y_UHmW9xEe5_qEgkd6aZ8HF7asn64HnD8z&p5=fwfya&rand=lqrqibq&sj=760g_Opc_TgdZl-vHvFzOB3wJ3ehMsGIjDFtfaYqsCqjR09vKXqUME3gjUqz&ad-session-id=3737091628542709454&lts=fhbtewc&ytt=217703303350293&ybv=0.42380&ylv=0.42380&dl=https%3A%2F%2Fwww.liveinternet.ru%2F&pr=dewlkqy&p1=consc&rqs=9V5AG5fNcQr2lhFhPbRky-OWudXH0bJT&rtb-si=b&p2=ganf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 20:58:33 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 0B07 0
104 B 102ms
64ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAKrOg2XugXBEHxUQfkJ_CQ&google_cver=1&google_push=AYg5qPL0wdXoPidzHtgp5EMMmz16p8FWFfcWGN-st1V8b3U1Er3rXTttyJofc6qiBygcB4fWy_7DUG_6P9rsJKMuruerGGNk0lkG
Requested by: Host: 53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com
URL: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:33 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0B07
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPjWRfu-4oqHynf0pTDvsks&google_cver=1&google_push=AYg5qPJZ6pHALm0Wigftj5eGPkaOMDA26jSNvblPndE5BFUNLjmNp9Q72-wzPsx6O3NYWL1eVa2Wy2BX3Yg6OF...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk5NDUzNzY5MjQ3ODk2MTgxMw%3D%3D&google_push=AYg5qPJZ6pHALm0Wigftj5eGPkaOMDA26jSNvblPndE5BFUNLjmNp9Q72-wzPsx6O3NYWL1eVa2Wy2BX3Yg6OFhGPe...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk5NDUzNzY5MjQ3ODk2MTgxMw%3D%3D&google_push=AYg5qPJZ6pHALm0Wigftj5eGPkaOMDA26jSNvblPndE5BFUNLjmNp9Q72-wzPsx6O3NYWL1eVa2Wy2BX3Yg6OFhGPebC1RswABCE

Requested by

Host: 53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com
URL: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk5NDUzNzY5MjQ3ODk2MTgxMw%3D%3D&google_push=AYg5qPJZ6pHALm0Wigftj5eGPkaOMDA26jSNvblPndE5BFUNLjmNp9Q72-wzPsx6O3NYWL1eVa2Wy2BX3Yg6OFhGPebC1RswABCE
Date: Mon, 09 Aug 2021 20:58:33 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0B07
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESECGYX0xIaEZfgcP04coLI8I&google_cver=1&google_push=AYg5qPI1rPm3A6mpdlTFBQfmeVFyYmHe-GBj45NvPoku3k_2bOWEeeRBbrimM_XyHEgzoYgN1bD2jw9D7RT28uCb...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oQzqOZ2oQkquZFCzcZTdOA2&google_push=AYg5qPI1rPm3A6mpdlTFBQfmeVFyYmHe-GBj45NvPoku3k_2bOWEeeRBbrimM_XyHEgzoYgN1bD2jw9D7RT28uCbBTTJP5oaIpGB

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oQzqOZ2oQkquZFCzcZTdOA2&google_push=AYg5qPI1rPm3A6mpdlTFBQfmeVFyYmHe-GBj45NvPoku3k_2bOWEeeRBbrimM_XyHEgzoYgN1bD2jw9D7RT28uCbBTTJP5oaIpGB

Requested by

Host: 53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com
URL: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 09 Aug 2021 20:58:33 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oQzqOZ2oQkquZFCzcZTdOA2&google_push=AYg5qPI1rPm3A6mpdlTFBQfmeVFyYmHe-GBj45NvPoku3k_2bOWEeeRBbrimM_XyHEgzoYgN1bD2jw9D7RT28uCbBTTJP5oaIpGB
x-host: tde-deliveryengine-production-9c5d4fb75-n2vv5
alt-svc: clear
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0B07
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESELoyOgaGVngh_cqRfD-VTNI&google_cver=1&google_push=AYg5qPK6tiQ9NYbA-YSIMwZNuzIpcVvi0bnGL51VBHd9KIgOUSqQSFJZovKKp93pJ2x2xZS5cb-wK5Vau14C5XBiFo4eoVs...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESELoyOgaGVngh_cqRfD-VTNI&google_cver=1&google_push=AYg5qPK6tiQ9NYbA-YSIMwZNuzIpcVvi0bnGL51VBHd9KIgOUSqQSFJZovKKp93pJ2x2xZS5cb-wK5Vau14C5XBiFo4eo...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPK6tiQ9NYbA-YSIMwZNuzIpcVvi0bnGL51VBHd9KIgOUSqQSFJZovKKp93pJ2x2xZS5cb-wK5Vau14C5XBiFo4eoVsIcz_J

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPK6tiQ9NYbA-YSIMwZNuzIpcVvi0bnGL51VBHd9KIgOUSqQSFJZovKKp93pJ2x2xZS5cb-wK5Vau14C5XBiFo4eoVsIcz_J

Requested by

Host: 53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com
URL: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPK6tiQ9NYbA-YSIMwZNuzIpcVvi0bnGL51VBHd9KIgOUSqQSFJZovKKp93pJ2x2xZS5cb-wK5Vau14C5XBiFo4eoVsIcz_J
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0B07
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=m_QIu3adTBGYS5SPfmqBdQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

34ms
32ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=m_QIu3adTBGYS5SPfmqBdQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJbzx121bx0UgLtrG7yIRSlr4ZPTDp02yn9hconODsThDEPcG4Wc7FJowtZL_xt3Kt1OoQahPQg2bsJrKweXAZ7jKtnGaY

Requested by

Host: 53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com
URL: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=m_QIu3adTBGYS5SPfmqBdQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJbzx121bx0UgLtrG7yIRSlr4ZPTDp02yn9hconODsThDEPcG4Wc7FJowtZL_xt3Kt1OoQahPQg2bsJrKweXAZ7jKtnGaY
date: Mon, 09 Aug 2021 20:58:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0B07
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBXhNaoA4Fjql4Ab86dfpxU&google_cver=1&google_push=AYg5qPL_LbkKNJELBSq70XipIVNyULUubGjNBqldh5o4KtK16lxia6dYRlKbhgLvkYl_r8uBJFkvpO8iwWX2cSkD...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPL_LbkKNJELBSq70XipIVNyULUubGjNBqldh5o4KtK16lxia6dYRlKbhgLvkYl_r8uBJFkvpO8iwWX2cSkDqrg-FpcrPOw

170 B
188 B

35ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPL_LbkKNJELBSq70XipIVNyULUubGjNBqldh5o4KtK16lxia6dYRlKbhgLvkYl_r8uBJFkvpO8iwWX2cSkDqrg-FpcrPOw

Requested by

Host: 53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com
URL: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 09 Aug 2021 20:58:33 GMT
via: 1.1 ce698fda3f892ed6ad58fa176c04a520.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MRS52-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPL_LbkKNJELBSq70XipIVNyULUubGjNBqldh5o4KtK16lxia6dYRlKbhgLvkYl_r8uBJFkvpO8iwWX2cSkDqrg-FpcrPOw
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: oZBgmculQQW5a6JATQuruoHwKAlq4Ud5tw1gnjG7DR62inqEZaxhkw==

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0B07
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
https://sync.targeting.unrulymedia.com/csync/RX-2ca7c676-4ab8-4f98-a8dc-aaad51e3dadf-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPK0eErrX2jWtH3oVgYSa...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPK0eErrX2jWtH3oVgYSaIzu65mm4b_xvz3d6NqxrFo6-6HYyP33bAvbmm-BxiONh3wCIyzUOBHleTvS-xvo8uQ0KADfyto6&google_hm=AyynxnZKuE-YqNyqrVHj2t8

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPK0eErrX2jWtH3oVgYSaIzu65mm4b_xvz3d6NqxrFo6-6HYyP33bAvbmm-BxiONh3wCIyzUOBHleTvS-xvo8uQ0KADfyto6&google_hm=AyynxnZKuE-YqNyqrVHj2t8

Requested by

Host: 53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com
URL: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPK0eErrX2jWtH3oVgYSaIzu65mm4b_xvz3d6NqxrFo6-6HYyP33bAvbmm-BxiONh3wCIyzUOBHleTvS-xvo8uQ0KADfyto6&google_hm=AyynxnZKuE-YqNyqrVHj2t8
date: Mon, 09 Aug 2021 20:58:33 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX2ca7c6764ab84f98a8dcaaad51e3dadf003
content-type: text/html

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 0B07 0
12 B 35ms
31ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JFDFCGEt7dK8evBAxnxCQDxo7x8hVRngIcht45hHGDzPJMZy84Bc4AVh3zd1OcqetmZCxF

Requested by

Host: 53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com
URL: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK dv-measurements1685.js Show response
cdn.doubleverify.com/ Frame 1FC9 492 KB
89 KB 10ms
9ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1685.js
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7e9ea3086a0fdff681e0255f6ed807081a5bd68e43562d851eda0a361d7eaf7a

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 20:58:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Aug 2021 10:48:34 GMT
Server: Microsoft-IIS/10.0
ETag: "0adfc6fe789d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91036

GET
H3-29 200 styles.css
s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/css/ Frame 2F1B 3 KB
1 KB 12ms
7ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/css/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

989c8c3c29332b6df258222e25567d3e7258e7b1417cc7f7230bdf29f88e6294

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:40:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29866
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1000
x-xss-protection: 0
last-modified: Tue, 04 May 2021 21:40:15 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 10 Aug 2021 12:40:47 GMT

GET
H3-29 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame 2F1B 131 KB
44 KB 19ms
10ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a134a4f4968b6d1236867542326458915854a8f1c52d4235b8e952ead82dffd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:50:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45173
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:56:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Aug 2021 21:05:48 GMT

GET
H3-29 200 GSAPLoader.js Show response
s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/js/ Frame 2F1B 535 B
320 B 16ms
8ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/js/GSAPLoader.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97a68287e425328b59b4f4107ba31bb2da1ad8d1fdf56ceccf000967caf7b810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:40:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29866
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 296
x-xss-protection: 0
last-modified: Tue, 04 May 2021 21:40:15 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 10 Aug 2021 12:40:47 GMT

GET
H2 200 jquery.js Show response
secure-ds.serving-sys.com/BurstingcachedScripts/libraries/jquery/1_42_0/ Frame 2F1B 160 KB
48 KB 105ms
28ms Script
application/javascript 104.111.247.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingcachedScripts/libraries/jquery/1_42_0/jquery.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.247.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-190.deploy.static.akamaitechnologies.com
Software: / ARR/2.5
Resource Hash: 95c023c80dfe0d30304c58244878995061f87801a66daa5d6bf4f2512be0e6f9

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:33 GMT
content-encoding: gzip
last-modified: Mon, 09 Dec 2013 18:58:20 GMT
server
x-powered-by: ARR/2.5
etag: "06e6ba010f5ce1:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 48713
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H3-29 200 SplitText.min.js Show response
s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/js/ Frame 2F1B 7 KB
3 KB 17ms
9ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/js/SplitText.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4aa9210ddc672e43bb409243fc14424e411a2a76fa7b7250c0c99da0e19d329e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 13:30:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26870
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3087
x-xss-protection: 0
last-modified: Tue, 04 May 2021 21:40:15 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 10 Aug 2021 13:30:43 GMT

GET
H3-29 200 standard_banner.js Show response
s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/js/ Frame 2F1B 5 KB
2 KB 21ms
14ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/js/standard_banner.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c70694344a860e4c7b3f289b091832746381bf2e45b4b4e8b165e492713b11e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31336
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1814
x-xss-protection: 0
last-modified: Tue, 04 May 2021 21:40:15 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 10 Aug 2021 12:16:17 GMT

GET
H3-29 200 animation_728x90.js Show response
s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/js/ Frame 2F1B 4 KB
1 KB 21ms
13ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/js/animation_728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d90c80a363443ad358235ee7314bc289c5ffbe54c741e08cfdc5bcec721d213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 02:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65227
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1502
x-xss-protection: 0
last-modified: Tue, 04 May 2021 21:40:15 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 10 Aug 2021 02:51:26 GMT

GET
H3-29 200 bg_1x_728x90.jpg
s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/images/ Frame 2F1B 15 KB
15 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/images/bg_1x_728x90.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

827ab8e7f80cf8375ef32fd16860bd539980852afb97aaa04d7e723b75825103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:07:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 04 May 2021 21:40:14 GMT
server: sffe
age: 46288
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15124
x-xss-protection: 0
expires: Tue, 10 Aug 2021 08:07:05 GMT

GET
H3-29 200 qutation_2x_32x29_t.png
s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/images/ Frame 2F1B 311 B
333 B 7ms
6ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/images/qutation_2x_32x29_t.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

326d4e93c2728f679c36400861f65890a803ed6d1440804a97eca43cba62b721

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 08:22:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 04 May 2021 21:40:14 GMT
server: sffe
age: 45339
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Tue, 10 Aug 2021 08:22:54 GMT

GET
H3-29 200 qutation_2x_31x29_b.png
s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/images/ Frame 2F1B 305 B
327 B 7ms
7ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/images/qutation_2x_31x29_b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9e5b678bdb57741e199fc18063101931a9fd47a720d71e79c6f44206d3deae1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 22:43:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 04 May 2021 21:40:15 GMT
server: sffe
age: 80127
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 305
x-xss-protection: 0
expires: Mon, 09 Aug 2021 22:43:06 GMT

GET
H3-29 200 kid_photo_1x_484x285.jpg
s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/images/ Frame 2F1B 12 KB
12 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/images/kid_photo_1x_484x285.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9672da15667ed18594b1d485a90b0472248eee49d2f5fe6c2ec123d798442d2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 04:49:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 04 May 2021 21:40:15 GMT
server: sffe
age: 58139
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12190
x-xss-protection: 0
expires: Tue, 10 Aug 2021 04:49:34 GMT

GET
H3-29 200 copy2_1x_349x90.png
s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/images/ Frame 2F1B 12 KB
12 KB 7ms
7ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/images/copy2_1x_349x90.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baa0df7ee8309c20f467892490221a36a38e414218fdcb72b7efe6ef6a0caa5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 02:28:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 04 May 2021 21:40:15 GMT
server: sffe
age: 66626
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11781
x-xss-protection: 0
expires: Tue, 10 Aug 2021 02:28:07 GMT

GET
H3-29 200 yellow_bar_1x_3x3.png
s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/images/ Frame 2F1B 82 B
104 B 10ms
9ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/images/yellow_bar_1x_3x3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32df97266d54ad6f94a79ecd83e10a0b6664078f243fe6fef3e9b5de153e6ea4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 04:49:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 04 May 2021 21:40:15 GMT
server: sffe
age: 58139
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82
x-xss-protection: 0
expires: Tue, 10 Aug 2021 04:49:34 GMT

GET
H3-29 200 logos_bar_2x_244x90.png
s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/images/ Frame 2F1B 25 KB
26 KB 10ms
10ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/images/logos_bar_2x_244x90.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab151ec0f154b42d3dad22c39e15ff4487b29f4e1c2844bf4fa39cad6cec706c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 04:07:15 GMT
x-content-type-options: nosniff
last-modified: Tue, 04 May 2021 21:40:15 GMT
server: sffe
age: 60678
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26101
x-xss-protection: 0
expires: Tue, 10 Aug 2021 04:07:15 GMT

GET
H3-29 200 iRicVbaePdLi90mWh_i3qmjfYPepQ9h53Asz6zNDGI4.js Show response
pagead2.googlesyndication.com/bg/ Frame 6AC3 35 KB
13 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iRicVbaePdLi90mWh_i3qmjfYPepQ9h53Asz6zNDGI4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89189c55b69e3dd2e2f7499687f8b7aa68df60f7a943d879dc0b33eb3343188e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 01:49:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 414518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13400
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Aug 2022 01:49:55 GMT

GET
H2 200 TweenLite.min.js Show response
secure-ds.serving-sys.com/BurstingcachedScripts/libraries/greensock/1_18_0/ Frame 2F1B 26 KB
10 KB 46ms
43ms Script
application/javascript 104.111.247.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingcachedScripts/libraries/greensock/1_18_0/TweenLite.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/js/GSAPLoader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.247.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-190.deploy.static.akamaitechnologies.com
Software: / ARR/2.5
Resource Hash: 7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:33 GMT
content-encoding: gzip
last-modified: Thu, 10 Sep 2015 18:26:18 GMT
server
x-powered-by: ARR/2.5
etag: "081312ff6ebd01:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 9783
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 TweenMax.min.js Show response
secure-ds.serving-sys.com/BurstingcachedScripts/libraries/greensock/1_18_0/ Frame 2F1B 105 KB
37 KB 46ms
44ms Script
application/javascript 104.111.247.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingcachedScripts/libraries/greensock/1_18_0/TweenMax.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/js/GSAPLoader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.247.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-190.deploy.static.akamaitechnologies.com
Software: / ARR/2.5
Resource Hash: 001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:33 GMT
content-encoding: gzip
last-modified: Thu, 10 Sep 2015 18:26:18 GMT
server
x-powered-by: ARR/2.5
etag: "081312ff6ebd01:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 37447
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 TimelineLite.min.js Show response
secure-ds.serving-sys.com/BurstingcachedScripts/libraries/greensock/1_18_0/ Frame 2F1B 12 KB
4 KB 53ms
51ms Script
application/javascript 104.111.247.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingcachedScripts/libraries/greensock/1_18_0/TimelineLite.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/js/GSAPLoader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.247.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-190.deploy.static.akamaitechnologies.com
Software: / ARR/3.0
Resource Hash: 74e018b7e6c3b5cc0e0cc790f256033b97b3783c5853529bc6101b6a7ed23159

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:33 GMT
content-encoding: gzip
last-modified: Thu, 10 Sep 2015 18:26:18 GMT
server
x-powered-by: ARR/3.0
etag: "081312ff6ebd01:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4252
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 easepack.min.js Show response
secure-ds.serving-sys.com/BurstingcachedScripts/libraries/greensock/1_18_0/easing/ Frame 2F1B 5 KB
2 KB 53ms
52ms Script
application/javascript 104.111.247.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingcachedScripts/libraries/greensock/1_18_0/easing/easepack.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/js/GSAPLoader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.247.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-190.deploy.static.akamaitechnologies.com
Software: / ARR/2.5
Resource Hash: 37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:33 GMT
content-encoding: gzip
last-modified: Thu, 10 Sep 2015 18:26:18 GMT
server
x-powered-by: ARR/2.5
etag: "081312ff6ebd01:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1994
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 cssplugin.min.js Show response
secure-ds.serving-sys.com/BurstingcachedScripts/libraries/greensock/1_18_0/plugins/ Frame 2F1B 38 KB
15 KB 54ms
52ms Script
application/javascript 104.111.247.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingcachedScripts/libraries/greensock/1_18_0/plugins/cssplugin.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/js/GSAPLoader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.247.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-190.deploy.static.akamaitechnologies.com
Software: / ARR/2.5
Resource Hash: cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 20:58:33 GMT
content-encoding: gzip
last-modified: Thu, 10 Sep 2015 18:26:18 GMT
server
x-powered-by: ARR/2.5
etag: "081312ff6ebd01:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 15505
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 1FC9 3 KB
2 KB 106ms
105ms Script
text/javascript 204.154.111.150
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=183&ttfrms=10&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3D%3AG6%3A%3FE6C%3F6E%5DCFTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3D%3AG6%3A%3FE6C%3F6E%5DCFTar9EEADTbpTauTaudbcfd3%60g5da6g22%606dd2h433h%60f5a6ec%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTaudbcfd3%60g5da6g22%606dd2h433h%60f5a6ec%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=971&ddur=9&uid=1628542713431731&jsCallback=dvCallback_1628542713431491&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1685&tgjsver=1685&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2F53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=11&brh=2&dvp_epl=352&noc=16&ctx=13311291&cmp=9689862&sid=2641434&plc=280630144&crt=150375118&btreg=503233716&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&mib=1&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=314461731077.48206&dvp_tukv=39132587373.83299&dvp_uuid=3973860329.041911&dvp_strhd=0.3000030517578125&dvpx_strhd=0.3000030517578125&dvp_mib=1&dvp_tuid=832339778092
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1685.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.111.150 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb33.doubleverify.com
Software: Microsoft-IIS/10.0 /
Resource Hash: dfd0864c8bf0c8995056369eb10337582a6c7beb170b970e737c7c84ca4ed1f3

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Aug 2021 20:58:33 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 8/8/2021 8:58:33 PM

GET
H/1.1 200
OK optional.js Show response
static-mon.yandex.net/static/ 44 B
272 B 137ms
46ms XHR
text/html 2a02:6b8::402
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://static-mon.yandex.net/static/optional.js?pid=liveinternet&script_key=b1f287rSP8fT9z02wNfS1U3hYVEmAiCQ&reasure=false
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::402 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: cf11d4552cb0f966fa38fcc595b0c4f47c2f489d90867df1b06940d4404b482c

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.liveinternet.ru
Date: Mon, 09 Aug 2021 20:58:33 GMT
Access-Control-Allow-Credentials: true
Content-Length: 44
Vary: Origin
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

event.png
tps10212.doubleverify.com/ Frame 6F92
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=doubleverify_ddp&google_ula=7327243&google_cm&google_hm=**&google_redir=https%3A%2F%2Ftps10212.doubleverify.com%2Fevent.png%3Fimpid%3D72a884617b3941ffb...
https://tps10212.doubleverify.com/event.png?impid=72a884617b3941ffba39463f94c1f48e&gdpr=&gdpr_consent=&dvpx_gfbc=1&cbust=1628542713551746&google_error=10

67 B
320 B

355ms
93ms

Ping
image/png

204.154.111.116
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps10212.doubleverify.com/event.png?impid=72a884617b3941ffba39463f94c1f48e&gdpr=&gdpr_consent=&dvpx_gfbc=1&cbust=1628542713551746&google_error=10
Requested by: Host: 53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com
URL: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.111.116 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb13.doubleverify.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Aug 2021 20:58:33 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=0
Content-Length: 98
Expires: 8/8/2021 8:58:33 PM

Redirect headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://tps10212.doubleverify.com/event.png?impid=72a884617b3941ffba39463f94c1f48e&gdpr=&gdpr_consent=&dvpx_gfbc=1&cbust=1628542713551746&google_error=10
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 370
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 steelfish_eb.woff
s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/fonts/ Frame 2F1B 42 KB
42 KB 9ms
9ms Font
font/woff 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/fonts/steelfish_eb.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/css/styles.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68b2c70e99bb0d7bd47832928b432d996022b9e3643aabc1139c82543c968a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 00:29:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 04 May 2021 21:40:15 GMT
server: sffe
age: 73761
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42632
x-xss-protection: 0
expires: Tue, 10 Aug 2021 00:29:12 GMT

GET
H/1.1

200
OK

event.png
tps10281.doubleverify.com/ Frame 1FC9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=doubleverify_ddp&google_ula=7327243&google_cm&google_hm=**&google_redir=https%3A%2F%2Ftps10281.doubleverify.com%2Fevent.png%3Fimpid%3Dce31859dc06841f8a...
https://tps10281.doubleverify.com/event.png?impid=ce31859dc06841f8a0ffe1ca704be33d&gdpr=&gdpr_consent=&dvpx_gfbc=1&cbust=1628542713686464&google_error=10

67 B
348 B

292ms
95ms

Ping
image/png

204.154.110.156
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps10281.doubleverify.com/event.png?impid=ce31859dc06841f8a0ffe1ca704be33d&gdpr=&gdpr_consent=&dvpx_gfbc=1&cbust=1628542713686464&google_error=10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.110.156 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb38.doubleverify.com
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 09 Aug 2021 20:58:33 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=0
Content-Length: 98
Expires: 8/8/2021 8:58:33 PM

Redirect headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://tps10281.doubleverify.com/event.png?impid=ce31859dc06841f8a0ffe1ca704be33d&gdpr=&gdpr_consent=&dvpx_gfbc=1&cbust=1628542713686464&google_error=10
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 370
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event
ads.adfox.ru/254948/ 0
18 B 84ms
83ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/254948/event?duid=1628542710808524821&hash=0298facb593b5ecb&pm=bmn&p5=jxahr&rand=lkqlths&sj=YsQlS0omUFyZDz5ytYkJAKRnTZ41bRfBp1qoN3o2ny2Rg1CqveMCDL03H_uy&ad-session-id=3737091628542709454&utg=oxum&lts=fhbtewc&ytt=217703303350293&ybv=0.42380&ylv=0.42380&dl=https%3A%2F%2Fwww.liveinternet.ru%2F&pr=dewlkqy&p1=consd&rqs=9V5AG5fNcQr2lhFhqj350a_mRFahG3ab&p2=y

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 20:58:33 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0674 0
60 B 189ms
49ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 20:58:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0674 42 B
64 B 33ms
32ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttHeIDilrpvgDDhXQ6ZKoGQcALST-9dZYK6bBosrapcxKsP76o6t1fG3RMs91m4yYpQ8TEmvU33sijvVPD4YBIpW7DO79O9jgsjLoCV6NKNOGrhudFGyufM3rjIQ&sai=AMfl-YSlbe_tF4niR3O6ZmVyYWuzeOl-3k92OBqgJ5lhZf9okzlgNPj8fEYrSvFbSjUfDCQMfKTslu2BxG24HwxVWf0rxhFUX7ipFN-hH6Xt8GBloZAofQ5S5uaIoAw&sig=Cg0ArKJSzGybgJr9r1jyEAE&cid=CAASEuRoJGluyWuBoKxcocHmGK7UkA&id=lidar2&mcvt=1023&p=360,315,450,1043&asp=360,315,450,1043&mtos=846,1023,1023,1023,1023&tos=846,177,0,0,0&v=20210809&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2177437627&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628542712016&dlt=179&rpt=874&isd=0&lsd=0&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 31ms
28ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210805&jk=1740732808598772&bg=!qaqlqu7NAAbOj6irzo87ACkAdvg8WvtCsX1CJGK-bbtivUPkYDcUxQo1LF2wpWBNBcNXxrKpP0YS8AIAAAJ0UgAAAENoAQcKAEkhqTjFsed1dP7uOYIuj6HKLJmIjBjgfNr5TYD6rTil_gJlACnm1CHagxrxzgCZHJagUgWrpXVq0saw7Guj4hC4JXvbdWB0A0m9mQKGst87rFcyIhMdZnsZsjIdjzjHa-0eQDJivJRiHL9dMTbIXg3sVLw7ACNydpOGaYPhEynODaRqtg3KftAwabgwqWl9Sx2XzpCZhLOvfcpzVtlbVGC00zlvBYCwKsmBeeXnvQYwvWGo_Cofad-D-JAxEK6yFfFiDeesjr-5zPkLVhKJ0g0xwnG45bWZbdBbfitBXjj56PR31MGpvWM642gVcpZ3hu-abXk_QZVlFQ8MbM0T8aWldedSn7I2vV6fcp9qExZbYKasvv-AhIpuMmD_Wxn3LaCB8RldJL9VUQXWCE8rqsfXK02D2NUh17R-iSs2teLAcYy05EzekvkiPv8AabRAy2TlPVlQDKwFwJwNJsqPJ1goNHucz4ita0PLf-DGumk3M_Gg7Jy7-mNzJphMv-2mkkeJVPocxb50NwlvdettCzt6RhkqWLY7EeJcXMmDFANERXhatRnu3OjRtJ4WnBNCfGDNm0Q3IkojGfi8CsqGzVBpPtF1TjAsC735gLZkZ6OApaWXNUIPwN-h1GY8aofA3faSuo8ShVM475I2rP6HkxyzLV86MSFeojTzxxa6bPQvbryr8yw1jFkXf6NLOvbsWJwcBkZWQB4x8NmpB1fCiPOn-H2R2LDSwxP9gCNq2gnrfj-ZSAY1Yo7SpDE3LbX49CU7MXA2fDvrMfY6Rt1ur4zzadkmhGvB7FSShUObr7pgqPSZNBHrDQiK265XGKk77TxG1tlrNZdpo2D3nexaAy6wL45uJ1LhgnozYrbgGmaycELnL-8TitSY2ftWOOYznFJ7EFRvyYVtpMrnBJPgBh4g19lYPvk0gLg8QxubFOqD2LX-ZOQPDhoAD0mG-g6avavVbw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A6EA 0
20 B 31ms
28ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021080501&jk=2927963525079695&bg=!e3ileDzNAAbOj6irzo87ACkAdvg8Wu83wQkSBY9a_159up6duMJmgOX6onwJ1DGkq64iNZO5ceJ7eQIAAAKJUgAAACRoAQcKAN_2gGLH2pZdkVmziIpUpiIkpqIRWMGsGXXwEAiTmmEC3bdcRQPX_RbCE-au5J73vpvZlTOnlNo4H1cAzyQeICbLemdrGuYYEIVv39UFbk1i2xO5vcHjlGSu_EJQoGG4DqJTmQX1U-xYq2d85j4Xb4rY6rpFVf35OZC_qc9Oish-2d0ykN4BY0-H8tHZpN7oMBz-qI459LZ4G7IS5h3Vi1XJXxK5z0O7GGbAMbECbweRcF9sjTQ0H7Y-nJ0tLRDHBeWIb9YtHX-XItjzt6SYvGWN9YUz0z1OaNh_7F3TbrnYmQKWptHFD2UF3LlZ87GNf7mwwl5ChORmiFpj4iT0RHYzmK2rWWqnbdEO1PH6eil1IJMGGpaa2HdxFvTU3lGZO7CeD4dNLpe20EcEoXGvTeuKv2PlIYUFoRm593oSTl2wVnVoZA1a_sDD4l725iwtiF7h_2LfyzVWlUblV0FkY7lBLCQX5b4qna-wih876d33tR14Yp2F0TNRAbgml0qDn-jUUv2j76btCoe-Npsk_fBXE54-ZPVj6zRtJ-bjIA3NRUU8D2eJKYzhipBC2RcmNxpY_Q7fqnABkKgi8MXt1NV2SJgy__CIj0Vcud-PiKVL6pVtQqofzEDpsswL5HlhN4fGOxtQa-D9bMoYTQ_0X-P7jSIKdeTwWr3X7KXUGCFxFN54b9LWDjUmaHFrC6mp0iYEZdSxp9vaNv0BUMcLgNE-gIEmq_CHaIA0c7M2lRMzW9_1aSD1tqOsb9hGSQmTzZKEAVF2I-HFWAxYceQYDx3783FWei2pkYQYZnPfglTvzkXraURyPPGyI0hlCSxafqQDI2DAYD6U6xprw5vqWpDoCEveLt6AWQZ2KOjuXN6ntlAI9OuDIIPX5-aMz6vq08NpqncPBy8RinCyOYzTSqDKGHPkZv1sPqvxw2qfLj8XzJNyAljQ5vy81I1qTkXvCSF3Voc8hQo-tasi6orqGuNTdsWYpHABNij-D7y_G2lNcMxmTSceHFwmYN9tfnnVViMr-MdXFVrohWHVrZsL3-rj7MGwsnHmq1zetRGOdemWtlj9rM8xyPAvBL5LTb65Kl5w6Cpzm-nufFG8gXTZ28v2vSGg8NeNL-UEhuczs4ssH0VuZvVEYkFou3ImDB06xHQonlN7yXEDFiyLV45izoS0KB4hRpMuzTQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 61C5 0
20 B 31ms
31ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021080501&jk=70331786557119&bg=!PzylPHjNAAbOj6irzo87ACkAdvg8WkHKhRI4axcO8jsED-BdacafAKwgypUi0HFAJBTTX3hi8WHPrQIAAAJpUgAAABhoAQeZAo8eOsb0NPOk9S5Dk8t2NPaTUmWyIhQwHiaKr2AX2GAtOksBh1DTkjp_RcNEX-9fG_yk76rlvfM4ICzfmFHNFy5wvAugZ1XhUw3r1KWuJhJYhxWFkddWM4CN_E6--SKrwNPfyBpxJ9fe8ifAsXvpApiRxyh4z8fHVwSFNJEfX-we3eLdk5eh587ObfOHbro4cqK455Q-uY7eWlYn8JuDfoYauo92KDJSERM6DiYeuWG7y4h0AH3DxZ57SII6YvpHn3jVBFOQAzv7gRpURRC-B0XdXBWVx56M1jo_km1pHRl1YwuaijnBxBPi56mhORdPpiMQ_Wl-dNQRMa6Bv6CkOqy8JTNGuhq6PCEcrTPv_5rVKOeCnFRkJchT-DEyCetGopDx7K0cFh2Q3pQQB_k97K3-ZLxggFmPp0GTFdteaQnkGkgWHZvw1mds3vfRQ8kYRIlkrD7XsQLK3L4cpGimqLi6nM34KYNO6oueGH9TgS7hwUOH-INWIW9PwSs4OmE1lBGEHuz715rfbHFhw54aEKnIUDL4ln-PxjHiQMDsSXDHgR2-gSijW01i0J633-pttEByLd2sAtq5UNcN2nEOvoqbTNnuTNbGiZMn4zziF6y5d_981Ka-1776WkK9dimzhhfUkT7kH3kiYMATRURi4fc-jHRWMduSPzPtzUmKFvmqn_uJHk5HxWl9YSKLwoMPkcbpmx97e_nGHuhMFrOF1zVVTvctfvQK0UfLsjYQ0Rox-BO0y4U0_9YArsrs1UIZ6RfuE8BibfmZTUM6PKe1QJWJA9ergzyYvV0UGQbpss-7XI4nGRIBYinHRud71xLGk7O28smvnkzxgNIOUywEO4kGbdOHCm0QJzucPWBds51V

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6AC3 0
20 B 31ms
30ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjZBo-JYRYdLpLNXd7_UPo6afuA4AAAAAOAHgBAI&bg=!paalpuLNAAbOj6irzo87ACkAdvg8WrBe1_R73KaoJj1tULHIUpTCamx-26xBrdAcPKbFmxrhjD129wIAAAHiUgAAABdoAQcKAE-Iu2kExCyF5zxeUntnNkpEuE5TSmfLJ7LK_iOoZ1c_L2l3fAIDyHffQC2K1LnU1Xv9kg2zVs86d_gsrjHbHVd-CI95KyrFtCp1anUDGl8TmQMjVY_-JHQ5_CQSj2dn2QbVMB3kwrQK-FItUFS2xX5qgz4PSnOshBtfyQUPUTq1UzQqzKG58iN-oz8dFttS7LfK9UokAzPyrqEnKJb4W0FVuxBybE-GyHKUkjtiFNP3IOYcRiJytoFZfbxRLQsI-eRL4elLAmqXJIeFk62ZXOaIAwmidFg5Wvh6jC5ejwn5IaXZM6FaI00TFWDXyHch2PgZRtstvarRGsq6eY0P4J3HVi32QGbm0a-Vd46zw83vQ6IF5Ct7LqlqVZFljtaPl4TaDb13R03UIZYN6S5UPKrjBe9xrjOSBZeQneTaRaVIXisA-64hYqjlZHTwFRN7ZNWwzzwYun9pocs-fna8wHLrj18f6NFzeln_5qDzjNgc9tB7GqzIMbAc5qE8SWvHUXHlPtDECpn7K08CbODyQDy0VSH0vVyoVNA6uo6MbjRHRrfG3PvHbGHB9T8YZMbn0OSDLyHs0rGltjycq9JcZo3VhkSZF-ePxW5JIsyl5XhYJ8M-_5ugtC3LPfPhkRzS-rYeMEzybzoZa2D58khS_TTpjlehy4-NpHQEIr2zOJNtw9g17AhofekGXXqJGHb4uJK1JeIpbsLTVQy26exjOUmu7b_dLa-5uyeolS1I-l_JUaRdpCgaahDtCVD3A9h8aKCIZ7afM80JQANn25k8CvCDVsFu9s-BEAJiGawAgYDpxneTKIQubG97sONme4Bj56HRIVOQ_ICS1PZJgaCt6uOqulzDF37s5qWJC0Ro6LPF8K4jIRkKELlNCmB0b0RLrXMq4pmd2JPpIrVvpUMRmQIZ9ZCBMDOv7AMlsPpm-ihNQ7cwOF5tKFzI6AU_p1Ngq6hvVg9G4jekm-9heuB_H8U0cMN3MMEd6TuUYyvvR2ybZ0Zc2E8PgMgQ2upe_qoFrQJ2cQDTPfAklXxPjw_YTDpxwvF0Qc_XjI5DtPgB29fgj0TNCVAyXCfVDGijIwn7WGSydPDVJ60brVJf5zvknCTnIcxA6fcScXHjqKAkl4M_ir5H-GicLo15X2D9vmrsvt6EZlxcRR_Jrhj2qy8w6qnbRn9cmtY

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0674 42 B
64 B 27ms
27ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssz9kezweV5kHIc-mCiajQaN_TJmkW7oqG_lKiviVHRRA2RK2fV-KRErFcitVm_MYNimqrtDY1op0fJQT1LwaSgqQDAMCj7&sig=Cg0ArKJSzLOU8YWhHuazEAE&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210809&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=622863437&rs=6&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628542712016&rpt=1109&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event
ads.adfox.ru/254948/ 0
66 B 82ms
82ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/254948/event?duid=1628542710808524821&hash=7c8533fcd72338d3&pm=bmn&pxo=r8aYv-W-j6jISvkAEiIwYKCO9JA1T2XuS27yQTDBQYcsprDM6moU9v3nFqhNhz1_g5guC8SJAonymAQ_Yrdkw_V0iP_N3fJi7qVfCRj68ghj7UvparLkXi_b73daVFre0XFMSrU4lfNVLsRiyDcRKR8sVmRD3clbh44ItK_eIyZbaIF82Y8P&p5=fwfya&rand=ckbftdj&sj=lb02M1_Dgr3UsamgIuFPPA2d2gyjlRpahH-CXvlLg-3zx-o85rEbNcpongob&ad-session-id=3737091628542709454&lts=fhbtewc&ytt=217703303350293&ybv=0.42380&ylv=0.42380&dl=https%3A%2F%2Fwww.liveinternet.ru%2F&pr=dewlkqy&p1=consc&rqs=9V5AG5fNcQr2lhFhaXhNIdMBSipSuZYz&rtb-si=b&p2=ganf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:34 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 20:58:34 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/254948/ 0
18 B 87ms
87ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/254948/event?duid=1628542710808524821&hash=3df372742a6adc91&pm=bmn&pxo=swYm-kI-iho_Qv_CouQIdV_lRtnXFr6MKM7EZUpYtAaYFLnRLqIcADCGZExhJhexJ9LElzVgA2XmeMmxx7FnvtZrUtRt4iniHhCcMZCLpc59rlzMpY749Od2mS2J1KKBDtxvE_KGt_iiEli4m-Y_UHmW9xEe5_qEgkd6aZ8HF7asn64HnD8z&p5=fwfya&rand=kmisoh&sj=760g_Opc_TgdZl-vHvFzOB3wJ3ehMsGIjDFtfaYqsCqjR09vKXqUME3gjUqz&ad-session-id=3737091628542709454&lts=fhbtewc&ytt=217703303350293&ybv=0.42380&ylv=0.42380&dl=https%3A%2F%2Fwww.liveinternet.ru%2F&pr=dewlkqy&p1=consc&rqs=9V5AG5fNcQr2lhFhPbRky-OWudXH0bJT&rtb-si=b&p2=ganf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:34 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 20:58:34 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H/1.1 200
OK bsevent.gif
tps620.doubleverify.com/ Frame 0674 807 B
1 KB 94ms
93ms Ping
image/gif 204.154.111.112
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps620.doubleverify.com/bsevent.gif?impid=c04eeb7c3e21446b966dfc81f034626c&pltfrm=Linux%20x86_64&cbust=1628542714604673
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.111.112 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb09.doubleverify.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 09 Aug 2021 20:58:33 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 8/8/2021 8:58:34 PM

POST
H/1.1 200
OK event.png
tps10212.doubleverify.com/ Frame 6F92 67 B
463 B 94ms
93ms Ping
image/png 204.154.111.116
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps10212.doubleverify.com/event.png?impid=72a884617b3941ffba39463f94c1f48e&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=157&vdur=308&eoid=7&msrjs=1685&pltfrm=Linux%20x86_64&vit=2&isvelg=1&tltms=9&tetms=13&msltms=21&vltms=308&sei=289&vetms=187&engms=1&engisel=1&ttfurm=2545&cbust=1628542715552696
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1685.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.111.116 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb13.doubleverify.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 09 Aug 2021 20:58:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 8/8/2021 8:58:35 PM

POST
H/1.1 200
OK event.png
tps10281.doubleverify.com/ Frame 1FC9 67 B
491 B 95ms
95ms Ping
image/png 204.154.110.156
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps10281.doubleverify.com/event.png?impid=ce31859dc06841f8a0ffe1ca704be33d&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=141&vdur=109&eoid=7&msrjs=1685&pltfrm=Linux%20x86_64&vit=2&isvelg=1&tltms=9&tetms=8&msltms=18&vltms=109&sei=290&vetms=144&engms=1&engisel=1&ttfurm=2263&cbust=1628542715687881
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1685.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.110.156 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb38.doubleverify.com
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 09 Aug 2021 20:58:35 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 8/8/2021 8:58:35 PM

GET
H2 204 event
ads.adfox.ru/254948/ 0
66 B 86ms
86ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/254948/event?duid=1628542710808524821&hash=94d3b66f83f65c5b&pm=bmq&pxo=r8aYv-W-j6jISvkAEiIwYKCO9JA1T2XuS27yQTDBQYcsprDM6moU9v3nFqhNhz1_g5guC8SJAonymAQ_Yrdkw_V0iP_N3fJi7qVfCRj68ghj7UvparLkXi_b73daVFre0XFMSrU4lfNVLsRiyDcRKR8sVmRD3clbh44ItK_eIyZbaIF82Y8P&p5=fwfya&rand=nwafgzf&sj=lb02M1_Dgr3UsamgIuFPPA2d2gyjlRpahH-CXvlLg-3zx-o85rEbNcpongob&ad-session-id=3737091628542709454&lts=fhbtewc&ytt=217703303350293&ybv=0.42380&ylv=0.42380&dl=https%3A%2F%2Fwww.liveinternet.ru%2F&pr=dewlkqy&p1=consc&rqs=9V5AG5fNcQr2lhFhaXhNIdMBSipSuZYz&rtb-si=b&p2=ganf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:36 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 20:58:36 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/254948/ 0
18 B 83ms
82ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/254948/event?duid=1628542710808524821&hash=6d3cfeabb62f0615&pm=bmq&pxo=swYm-kI-iho_Qv_CouQIdV_lRtnXFr6MKM7EZUpYtAaYFLnRLqIcADCGZExhJhexJ9LElzVgA2XmeMmxx7FnvtZrUtRt4iniHhCcMZCLpc59rlzMpY749Od2mS2J1KKBDtxvE_KGt_iiEli4m-Y_UHmW9xEe5_qEgkd6aZ8HF7asn64HnD8z&p5=fwfya&rand=gcgkajr&sj=760g_Opc_TgdZl-vHvFzOB3wJ3ehMsGIjDFtfaYqsCqjR09vKXqUME3gjUqz&ad-session-id=3737091628542709454&lts=fhbtewc&ytt=217703303350293&ybv=0.42380&ylv=0.42380&dl=https%3A%2F%2Fwww.liveinternet.ru%2F&pr=dewlkqy&p1=consc&rqs=9V5AG5fNcQr2lhFhPbRky-OWudXH0bJT&rtb-si=b&p2=ganf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:36 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 20:58:36 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H/1.1 200
OK event.png
tps10212.doubleverify.com/ Frame 6F92 67 B
463 B 94ms
94ms Ping
image/png 204.154.111.116
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps10212.doubleverify.com/event.png?impid=72a884617b3941ffba39463f94c1f48e&gdpr=&gdpr_consent=&msrcanlm=904&msrcannum=3&eoid=9&ismms=66&isumms=65&isvelg=1&nvr=6&elmtp=1&isbxdms=2566&b0=100&b11=2577&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&vsos=3&dvp_vsosnmr=16&lftb=2677&sftb=2677&msrdp=3&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1066&isuiabvms=1066&ispmxpms=1066&engalms=64&dvp_dpr=1&cbust=1628542716551947
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1685.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.111.116 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb13.doubleverify.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 09 Aug 2021 20:58:36 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 8/8/2021 8:58:36 PM

POST
H/1.1 200
OK event.png
tps10281.doubleverify.com/ Frame 1FC9 67 B
491 B 93ms
93ms Ping
image/png 204.154.110.156
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps10281.doubleverify.com/event.png?impid=ce31859dc06841f8a0ffe1ca704be33d&gdpr=&gdpr_consent=&msrcanlm=906&msrcannum=3&eoid=9&ismms=16&isumms=15&isvelg=1&nvr=6&elmtp=1&isbxdms=2315&b0=100&b11=2383&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&vsos=3&dvp_vsosnmr=16&lftb=2483&sftb=2483&msrdp=2&naral=642&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1015&isuiabvms=1015&ispmxpms=1015&engalms=15&dvp_dpr=1&cbust=1628542716686909
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1685.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.110.156 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb38.doubleverify.com
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 09 Aug 2021 20:58:36 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 8/8/2021 8:58:36 PM

POST
H/1.1 200
OK bsevent.gif
tps620.doubleverify.com/ Frame 0674 807 B
1 KB 96ms
96ms Ping
image/gif 204.154.111.112
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps620.doubleverify.com/bsevent.gif?impid=c04eeb7c3e21446b966dfc81f034626c&mascid=ks54a70fka7dl6ssid7wl3iltgqueaei&dvp_masver=6&dvp_tisf=2&dvp_t1stMsgB=823&cbust=1628542717319692
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.111.112 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb09.doubleverify.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 09 Aug 2021 20:58:35 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 8/8/2021 8:58:36 PM

POST
H/1.1 200
OK event.png
tps10212.doubleverify.com/ Frame 6F92 67 B
463 B 97ms
96ms Ping
image/png 204.154.111.116
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps10212.doubleverify.com/event.png?impid=72a884617b3941ffba39463f94c1f48e&gdpr=&gdpr_consent=&mascid=ks54a70fka7dl6ssid7wl3iltgqueaei&dvp_masver=1685&eoid=10&cbust=1628542718657774
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1685.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.111.116 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb13.doubleverify.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 09 Aug 2021 20:58:38 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 8/8/2021 8:58:38 PM

POST
H/1.1 200
OK event.png
tps10281.doubleverify.com/ Frame 1FC9 67 B
491 B 94ms
94ms Ping
image/png 204.154.110.156
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps10281.doubleverify.com/event.png?impid=ce31859dc06841f8a0ffe1ca704be33d&gdpr=&gdpr_consent=&mascid=ks54a7v9ezm9h6pq0b3hko1oxn6fkg3t&dvp_masver=1685&eoid=10&cbust=1628542718788538
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1685.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.110.156 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb38.doubleverify.com
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 09 Aug 2021 20:58:38 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 8/8/2021 8:58:38 PM

GET
H2 204 event
ads.adfox.ru/254948/ 0
66 B 85ms
82ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/254948/event?duid=1628542710808524821&hash=4e938ab3ee5e176c&pm=bmr&pxo=r8aYv-W-j6jISvkAEiIwYKCO9JA1T2XuS27yQTDBQYcsprDM6moU9v3nFqhNhz1_g5guC8SJAonymAQ_Yrdkw_V0iP_N3fJi7qVfCRj68ghj7UvparLkXi_b73daVFre0XFMSrU4lfNVLsRiyDcRKR8sVmRD3clbh44ItK_eIyZbaIF82Y8P&p5=fwfya&rand=lijdhvv&sj=lb02M1_Dgr3UsamgIuFPPA2d2gyjlRpahH-CXvlLg-3zx-o85rEbNcpongob&ad-session-id=3737091628542709454&lts=fhbtewc&ytt=217703303350293&ybv=0.42380&ylv=0.42380&dl=https%3A%2F%2Fwww.liveinternet.ru%2F&pr=dewlkqy&p1=consc&rqs=9V5AG5fNcQr2lhFhaXhNIdMBSipSuZYz&rtb-si=b&p2=ganf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 20:58:41 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/254948/ 0
18 B 102ms
102ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/254948/event?duid=1628542710808524821&hash=a1812fc697fa375f&pm=bmr&pxo=swYm-kI-iho_Qv_CouQIdV_lRtnXFr6MKM7EZUpYtAaYFLnRLqIcADCGZExhJhexJ9LElzVgA2XmeMmxx7FnvtZrUtRt4iniHhCcMZCLpc59rlzMpY749Od2mS2J1KKBDtxvE_KGt_iiEli4m-Y_UHmW9xEe5_qEgkd6aZ8HF7asn64HnD8z&p5=fwfya&rand=bfpgrjo&sj=760g_Opc_TgdZl-vHvFzOB3wJ3ehMsGIjDFtfaYqsCqjR09vKXqUME3gjUqz&ad-session-id=3737091628542709454&lts=fhbtewc&ytt=217703303350293&ybv=0.42380&ylv=0.42380&dl=https%3A%2F%2Fwww.liveinternet.ru%2F&pr=dewlkqy&p1=consc&rqs=9V5AG5fNcQr2lhFhPbRky-OWudXH0bJT&rtb-si=b&p2=ganf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.liveinternet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 20:58:41 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E14 0
121 B 27ms
27ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=html5-mon&a0=layout&f0=layout&s0=0&d0=342.0000&a1=https&f1=layout_html&s1=0&d1=9.0000&i=496755197178&t=419&c=p&lp=%2Fsadbundle%2F%24csp%253Der3%24%2F4377121263432410708%2Findex.html&qqi=COSIxq7qpPICFaPluwgdTW8F4g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 20:58:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 20:22:23	Name: test_cookie Value: CheckForPermission
www.liveinternet.ru/	1970-01-19 21:43:08	Name: chbx Value: guest
.liveinternet.ru/	1970-01-19 20:23:34	Name: _ym_isad Value: 2
.liveinternet.ru/	1970-01-20 05:07:58	Name: _ym_d Value: 1628542710
.criteo.com/	1970-01-20 05:43:58	Name: uid Value: 8bb7160c-b050-46e4-a34b-306ba8e42903
.liveinternet.ru/	1970-01-20 05:07:58	Name: _ym_uid Value: 1628542710808524821
.liveinternet.ru/	1970-01-20 05:43:58	Name: __gads Value: ID=615e073783449a38-22f269989cc900f4:T=1628542709:RT=1628542709:S=ALNI_MamP-NJyYvxY5xCQZ8q2mkHTRqL_Q

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107240354000 https://www.liveinternet.ru/
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 176) Message: [ 0.000s] [studio.sdk]
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 176) Message: [ 1.004s] [studio.sdk] Using default ad parameters in test environment. Simulating local events.
console-api	log	URL: https://s0.2mdn.net/2276943/1620164414784/adc_PIV_Ben_728x90_html5/js/animation_728x90.js(Line 72) Message: 7.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

156ad40baf6030f7ce3134c80defa10a.safeframe.googlesyndication.com
53475b18d52e8aa1e55a9cbb917d2e64.safeframe.googlesyndication.com
ad.doubleclick.net
ad.mail.ru
adfox-c2s-ams.creativecdn.com
adfox-hb-bidder.rutarget.ru
ads.adfox.ru
ads.betweendigital.com
ads.travelaudience.com
adservice.google.be
adservice.google.com
adservice.google.de
an.yandex.ru
avatars.mds.yandex.net
bidder.criteo.com
c9de437ec8a041e680e417db7e8751ec.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.doubleverify.com
cdn3.doubleverify.com
cm.g.doubleclick.net
counter.yadro.ru
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
exchange.buzzoola.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
i.li.ru
ib.adnxs.com
image6.pubmatic.com
matchid.adfox.yandex.ru
mc.yandex.com
mc.yandex.ru
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.adriver.ru
px.adhigh.net
r.mradx.net
rtb0.doubleverify.com
s.ad.smaato.net
s0.2mdn.net
secure-ds.serving-sys.com
securepubads.g.doubleclick.net
static-mon.yandex.net
static.criteo.net
sync.1rx.io
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
tps.doubleverify.com
tps10212.doubleverify.com
tps10281.doubleverify.com
tps620.doubleverify.com
www.google.com
www.googletagservices.com
www.liveinternet.ru
yandex.ru
yastatic.net
yhb.p.otm-r.com
104.111.247.190
142.250.185.162
142.250.185.230
142.250.185.98
142.250.186.34
178.250.0.157
178.250.0.165
185.184.8.65
185.33.221.88
185.64.189.115
188.42.29.196
193.232.148.145
195.201.152.105
195.201.87.224
195.209.111.15
2.18.234.21
204.154.110.156
204.154.111.112
204.154.111.116
204.154.111.150
213.155.156.168
213.19.147.44
213.19.147.45
2a00:1148:db00::17
2a00:1148:db00::28
2a00:1450:4001:800::2002
2a00:1450:4001:800::2004
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2006
2a00:1450:4001:831::2001
2a02:2638:1::13
2a02:2638::3
2a02:26f0:6c00:286::4469
2a02:26f0:6c00:2b2::4469
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::402
2a02:6b8::90
2a02:6b8:a::a
2a02:fa8:8806:20::2040
35.190.0.66
52.84.45.40
77.88.21.179
80.64.106.150
85.114.159.93
88.212.201.198
88.212.202.50
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
05e2608f3ec505238671a006689f7d38114a785b3c8d9c70d19daf5ba1db406a
07000140ab52c28ef2a522fae638638b2783786e8e2ae8cb883cc1f0a0c00df0
0854ba4aeda95830ad5cf264c39b0effcc23cd187e621b791e0982f6d58bfaf4
0a8e98935863e61b63e0a8afdab74932b50426dc861e900ce5958003c68e4ca0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f26f764a2c8868540a8917c1cc983acde3991141512a3eb9f94a345447cb8cc
0fbbd55fab5105a5d7da65913990a11919601d4fc8f4b2327b9382ef05067582
10c861bc88c25be1f3ee98f7652bc7fbb35857f42f923e00c6037b757c77685e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0
1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a7f45bb245236d0d8877edbfbda5fb7151a48d56be6af72978c18b37902bdc3
1cbb86917356ee5dd8bef81f65f7d154577e7298abca0a615d9a3238cd8030a0
29d4f8f39378b5f34256e23a6e0c123aaab984079d77a427ba7e51d7324695a7
2b12dde062253510003fb9fe9f4405bf1983f053bb9c7709a239ceee4c261af6
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31edf058b58a1c31f6041090f0b9c2f4ea708ed47175075de4c3533de62ec239
326d4e93c2728f679c36400861f65890a803ed6d1440804a97eca43cba62b721
32df97266d54ad6f94a79ecd83e10a0b6664078f243fe6fef3e9b5de153e6ea4
34410c69a5bbd49a30886cf5067ccf735b1926c49a9759a3d5778ad65a3c6fa3
3491837f5d05f3c95088e0e64f70dc3f3105fc07658160a240a0c98f0551d8e3
371f0ceab6655c8448f64525b1d11186cb67ca91398655ddf145c93d77964f91
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
37bfceb04cc7a18df0c1da8269c382b3b088e870ab39a0987ae17a54589b2dba
3a134a4f4968b6d1236867542326458915854a8f1c52d4235b8e952ead82dffd
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
3c4509da00ea790b9cd80646ad5bd0d2600c77888268abeeab96f89149018aa3
3ed67178ebfd49fa50bdb5c16594ea20cba8bd39ba5d828d5044d6ebdcd85a3e
4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
49765a99f6626bcac7b0b506f69db9718a6400307c5e2b8655a0e2e7d522838d
4a4553fd134d8a30751ea9530a99fd4ef7204cbcb0d95fef112e15134bd5edd2
4aa9210ddc672e43bb409243fc14424e411a2a76fa7b7250c0c99da0e19d329e
4ac3537cdc9bc4b6dcd500b0161c2a585f0fc9b634f7b1db6f7873702858df88
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5796e19a9db28a1b8bcf230adaae3e818a1b991cb2e61a9c3dce3ac7fe8caaf1
5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4
65dba7d734eddb7d848b3837326697b4d5c40b3240968904bb6adabeb28f0cf2
6667977aca34056c108da346f1585b2c94cb490be963669bf99aa2374f67d004
66b45568fef2ad5b4bf571ad8abf7c30ae5145db9cb2c6d077d8bbf514f0734c
68b2c70e99bb0d7bd47832928b432d996022b9e3643aabc1139c82543c968a18
6c70694344a860e4c7b3f289b091832746381bf2e45b4b4e8b165e492713b11e
6d8079941f0e42c7239813d26a58ae23976d25b69f7b2147eb84dbfe3018b9d3
6e4a8f70f34d043d8d66e64e0bbcba12d4ed1025391bc2ab92783a780dc284e1
6f7a85903d607f138b972e18e4386c00c3d1f46c214222e06b055be52d091d85
74e018b7e6c3b5cc0e0cc790f256033b97b3783c5853529bc6101b6a7ed23159
784df16a14e5dc3820fc1995f07b61712d8d2531e387d16eeecb7af8672ecc30
78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
7b749fd0020427504906b7de4ffb3e298a6f2f6d059260d02a30e93957798b18
7d90c80a363443ad358235ee7314bc289c5ffbe54c741e08cfdc5bcec721d213
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
7e6dbb0edae85e0f5e06f9a8024cd8ab08ee46844247f3a67a363c1c3484539f
7e9ea3086a0fdff681e0255f6ed807081a5bd68e43562d851eda0a361d7eaf7a
8031b8ff098bbe6d5c755fcb6365feebbf2e79d90dd4e5506b96acb353185bcd
80d95328167947c0003a2c066f849c12427e849751483e62f0d6fd55b6278fb5
81cc8c992ec942a7e5b34980acf4ce4354e335c5db4fb40b7f97609c17a7a1ae
827ab8e7f80cf8375ef32fd16860bd539980852afb97aaa04d7e723b75825103
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
846549b16dc7c66bc6f4fdfa556c81d7a0f393a825fb79a0f1b7a49c8604c718
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558
87e9cb4cbda54b2611883c0963d41adcd7c9d4eda558e452c76991b875eeffad
89189c55b69e3dd2e2f7499687f8b7aa68df60f7a943d879dc0b33eb3343188e
8994af594d5b44a2244155d9e567be672557846242b3c65ce86eaaeb652c3744
8a21b7710d4ed040db83cefa915374b851d59f7267cb5c6d60f4ecae323195ef
8b02ba8596b3e520cd06fc86d605cf133cd0ba2bf47a0ab48e25ab62b17abdc1
8ceef67bb9bbe56cf1f624718113f0eb693bc7a747e6a8a8ed4f4ae93315da4e
8d12a5f777553d5f620c9060b7335d45f053afbfdea43d647c04ed985fda4b39
8d5231d189ab0209f459587ae47f89ce0e743ae5701b15c315c3103d52fa453e
8df480865ef8a7c05d4c027f411316b42d88d8b2bfca6b98ef69d526b9933a11
95c023c80dfe0d30304c58244878995061f87801a66daa5d6bf4f2512be0e6f9
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9672da15667ed18594b1d485a90b0472248eee49d2f5fe6c2ec123d798442d2d
97a68287e425328b59b4f4107ba31bb2da1ad8d1fdf56ceccf000967caf7b810
98168f6fbc3b5b2a5261a44eb1a53faa6b05812b816a0ed26d0fb9f486902c64
989c8c3c29332b6df258222e25567d3e7258e7b1417cc7f7230bdf29f88e6294
999dd215435801026f51fb5847df0b1127bd49541ef7d9aeb8b799a9669d8c56
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d08e4d911d49db2fda2fddbd32f1518b39f257716d4d157a368cd652fad201d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a2c5356a9c8c24c28c3667502e33829d74dbac33025199c756518557bccba903
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7882adcf2283b6569a752b22abb4e2aaf1eb2a67c569afc29d956117f3f3357
aa69b868b297f7955ba120696f2b7a493fddf40aa31670dcc11486e362fc62c1
aa82f7c38653571ca6ee8a85138bc97a0bac10e2be1875e31f50a93c3694db7d
ab151ec0f154b42d3dad22c39e15ff4487b29f4e1c2844bf4fa39cad6cec706c
b01ba49da97481feb0aaee0d5721feb01def9ca22fca11ba5d920797f11c03dd
b095daa45c5aedc085f2017153d1aa6507ba6475cc0b7c7918d1eaa557671efd
b0b70b687832425e4bf71b8efa81bd6e21e6a1bef3a897698dcc56adffe4427a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b0b35a72deb6d7c8abddc64d177588f6060c7a37f1f6b93fa5d2bdf6c90fea
b2b34f5a0134f1307848ad4dc4ef16ef7f86f3d2a5fa1843f513d80173b660ae
b336b8326ef39a7b6d9d227dbe0832ebd7d145f518cc29db39ef7bc00d9af4f8
b650768f2426d107f7d36df05c09a7220941cec1ea265d2a82bcb6fcea341f2c
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c
b96f80b87ef9acefbf075414b169ce2d52a699d59279e7150c98a8251e57b54a
baa0df7ee8309c20f467892490221a36a38e414218fdcb72b7efe6ef6a0caa5d
bda381b27983a0d79c60ded7fa29f66a85bea4019b7acdb906b8108e936324c5
c03779f4a581852ded7eecb7347953265fe679ab4714f34d7734301d6ba9df5c
c59bd599dc9d1d8c82517689425700a1793831953f8ca6126a004dfcae20f293
c5d1423ea9bdd4526b1580df22afd434d86cf2498c3aed3697b8d83147d7ad8f
c9e5b678bdb57741e199fc18063101931a9fd47a720d71e79c6f44206d3deae1
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
cf11d4552cb0f966fa38fcc595b0c4f47c2f489d90867df1b06940d4404b482c
cfd4f6f605faa77725b9c82edf7a79ab5b0c4380c269b7e0cae847cf7f4fc58b
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5
d3020a543dc52d4be9964f5af747cd55329527fb82b55401ff20a6228791f4a9
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d750ae04b4c904e791a66ff98e62d97247225292be3dd41adbe6ec1962710049
db5e1175a250a03480e43d86e46b762a44d4d6b2cfaf01e337f231c96266b7a6
dd92dda870f3b98724c166fc91f1fb991e80cdc2ff010c0e1176e785339ee705
dfd0864c8bf0c8995056369eb10337582a6c7beb170b970e737c7c84ca4ed1f3
e1c33e3661729a49a22529bbe65b5185fa290d70d416f92373957f55477286b1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7151998d9ec7b1ea04c337b93a833232bc575e2da263025acd5d8aa2d031a87
ea31a1469bb4a282a0a25e9bd20d6667128a79be1fa4961e399ee41c0aa3fa87
eb0f8aa7ef87acb57267c9235ad86ad40d00c57b3486cb98cf833dd0f2b37f60
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
edb368f223ea12165d297c526d4eb3877b659c1b6dfc17aeed260eb52c3cc744
eecda7280d7a8779cb5ff8bf7459b430bf970052106a1c4b186ff2eddd8c82d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef19fd6d124a7091476c07301c0c01396bced9533342fa95fb4becb21158c960
f0c8f65eea90c6283fccfa9efca810f1194dbd98095a847c359f83d816ccca11
f4ee1c82e4f44c50e77f518006f874a6d85c0821773c004747b01bb957f2f1e0
f573042ba188e19d4ea50f38f16fd5f755629fbe2b9aae33fca9ac6c26ce2f86
f65be7642dee2b876a8d171e194d56e8bdecb2d3dda928907d8a8233e3a10979
f8e75cfee116c03faa91b6a117e8a638cca62eb82dc132e82cc1dc6d6ed0e5ab
f9da31cabd7ad9f32c9a2c18ce1838a6eaeeca9fbf55995a3e5a2abb2aface6b
fb92ed767b019d2f70db2183625e2d49cdf405c775127c8815b86acc15982194
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
ff28b7bafd0d63947fa6ecaf304efc6f15fd297c4fe352efca937a0e6daeffcb
ff95237b3ce4ecb3458a74b63182e31a2e963b1ee147095210b7f2c0cf3ac898

www.liveinternet.ru Open in urlscan Pro 88.212.202.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

261 Requests

100 %HTTPS

45 %IPv6

40 Domains

61 Subdomains

49 IPs

8 Countries

3313 kBTransfer

10485 kBSize

7 Cookies

29 Outgoing links

Page URL History

Redirected requests

261 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.liveinternet.ru Open in urlscan Pro
88.212.202.50 Public Scan

Screenshot
Live screenshot

Full Image

261
Requests

100 %
HTTPS

45 %
IPv6

40
Domains

61
Subdomains

49
IPs

8
Countries

3313 kB
Transfer

10485 kB
Size

7
Cookies

261 HTTP transactions
4 data transactions