sgo.edu-71.ru Open in urlscan Pro
193.176.78.25 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.sgo.edu-71.ru/
Effective URL:
https://sgo.edu-71.ru/
Submission: On March 15 via automatic, source certstream-suspicious (March 15th 2023, 1:28:33 am UTC) — Scanned from DE

Summary HTTP 119 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 29 IPs in 10 countries across 45 domains to perform 119 HTTP transactions. The main IP is 193.176.78.25, located in Russian Federation and belongs to BEGET-AS, RU. The main domain is sgo.edu-71.ru.
TLS certificate: Issued by R3 on March 15th 2023. Valid for: 3 months.

This is the only time sgo.edu-71.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	193.176.78.25 193.176.78.25	198610 (BEGET-AS) (BEGET-AS)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
8 21	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
8	95.216.65.102 95.216.65.102	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
4 16	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
10	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
1 28	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a02:6b8::184 2a02:6b8::184	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8::36 2a02:6b8::36	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8::5:114 2a02:6b8::5:114	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	35.177.4.157 35.177.4.157	16509 (AMAZON-02) (AMAZON-02)
3 3	193.3.184.135 193.3.184.135	50214 (QWARTA) (QWARTA)
1 1	193.3.184.200 193.3.184.200	50214 (QWARTA) (QWARTA)
2 3	188.42.34.65 188.42.34.65	7979 (SERVERS-COM) (SERVERS-COM)
1 2	54.154.169.168 54.154.169.168	16509 (AMAZON-02) (AMAZON-02)
1 3	54.76.11.91 54.76.11.91	16509 (AMAZON-02) (AMAZON-02)
1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
3	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
1 1	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
2	37.18.16.22 37.18.16.22	205675 (HYBRID-AS) (HYBRID-AS)
2 2	185.15.175.130 185.15.175.130	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2 2	54.228.83.115 54.228.83.115	16509 (AMAZON-02) (AMAZON-02)
1 1	176.9.79.218 176.9.79.218	24940 (HETZNER-AS) (HETZNER-AS)
2 2	89.108.127.68 89.108.127.68	197695 (AS-REG) (AS-REG)
5 5	217.66.147.42 217.66.147.42	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
2 2	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1 1	130.193.58.13 130.193.58.13	200350 (YANDEXCLOUD) (YANDEXCLOUD)
1 1	217.65.2.150 217.65.2.150	3175 (CITYTELEC...) (CITYTELECOM-MSK)
1 1	23.88.12.14 23.88.12.14	24940 (HETZNER-AS) (HETZNER-AS)
1 1	91.192.149.14 91.192.149.14	42481 (BEGUN-AS) (BEGUN-AS)
2 2	193.232.148.141 193.232.148.141	48061 (UMA-TECH-AS) (UMA-TECH-AS)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:e45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	31.220.27.135 31.220.27.135	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 2	95.217.109.66 95.217.109.66	24940 (HETZNER-AS) (HETZNER-AS)
1 1	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
2	81.222.128.216 81.222.128.216	20597 (ELTEL-AS) (ELTEL-AS)
1	87.242.89.90 87.242.89.90	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	194.55.244.179 194.55.244.179	34959 (PROCLOUD ...) (PROCLOUD PROCLOUD MSK)
2 2	188.42.105.236 188.42.105.236	7979 (SERVERS-COM) (SERVERS-COM)
2 2	148.251.129.43 148.251.129.43	24940 (HETZNER-AS) (HETZNER-AS)
2 2	89.108.119.43 89.108.119.43	197695 (AS-REG) (AS-REG)
1 1	45.9.27.120 45.9.27.120	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 1	46.243.142.239 46.243.142.239	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
2 3	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
119	29

9 193.176.78.25 (Russian Federation) 1 redirects

ASN198610 (BEGET-AS, RU)

www.sgo.edu-71.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sgo.edu-71.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:6b8:a::a (Moscow, Russian Federation) 8 redirects

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 95.216.65.102 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: frodo.min.org.ua

rotarb.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::36 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

favicon.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.4.157 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-4-157.eu-west-2.compute.amazonaws.com

px.arcspire.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.3.184.135 (Russian Federation) 3 redirects

ASN50214 (QWARTA, RU)
PTR: asrv319.qwarta.ru

acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.3.184.200 (Russian Federation) 1 redirects

ASN50214 (QWARTA, RU)

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.34.65 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.169.168 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-169-168.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.76.11.91 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-11-91.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

cm.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.18.16.22 (Russian Federation)

ASN205675 (HYBRID-AS, DE)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.130 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.228.83.115 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-83-115.eu-west-1.compute.amazonaws.com

euw-ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.79.218 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.218.79.9.176.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.127.68 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: srv4.kimberlite.io

kimberlite.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 217.66.147.42 (St Petersburg, Russian Federation) 5 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-42-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.87.44.187 (Russian Federation) 2 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.193.58.13 (Russian Federation) 1 redirects

ASN200350 (YANDEXCLOUD, RU)

pixel.konnektu.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation) 1 redirects

ASN3175 (CITYTELECOM-MSK, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.12.14 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.14.12.88.23.clients.your-server.de

nr.bidderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.149.14 (Russian Federation) 1 redirects

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru

profile.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.141 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp2.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:e45 (United States)

ASN13335 (CLOUDFLARENET, US)

rtb-eu-warsaw.intent.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.135 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.217.109.66 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de

sonar.semantiqo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.216 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad16.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.242.89.90 (Russian Federation)

ASN208677 (SBERCLOUD-AS, RU)

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.172 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.55.244.179 (Russian Federation)

ASN34959 (PROCLOUD PROCLOUD MSK, RU)

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.105.236 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

sync.gonet-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.129.43 (Falkenstein, Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-23.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.119.43 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.9.27.120 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr19.segmento.ru

yandex-dmp-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.243.142.239 (Ukraine) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr07.segmento.ru

yandex-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	yandex.ru 10 redirects yandex.ru — Cisco Umbrella Rank: 1730 mc.yandex.ru — Cisco Umbrella Rank: 3749 an.yandex.ru — Cisco Umbrella Rank: 3601 ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 30327	275 KB
13	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9360	5 KB
10	yastatic.net yastatic.net — Cisco Umbrella Rank: 7398	253 KB
9	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 210 googleads.g.doubleclick.net — Cisco Umbrella Rank: 32	8 KB
9	edu-71.ru 1 redirects www.sgo.edu-71.ru sgo.edu-71.ru	325 KB
8	rotarb.bid rotarb.bid — Cisco Umbrella Rank: 226542	22 KB
7	mts.ru 7 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 40204 tech.rtb.mts.ru — Cisco Umbrella Rank: 47864	4 KB
6	google.de www.google.de — Cisco Umbrella Rank: 6069	995 B
6	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
5	360yield.com 3 redirects match.360yield.com — Cisco Umbrella Rank: 2213 euw-ice.360yield.com — Cisco Umbrella Rank: 12945	1 KB
3	googleadservices.com 2 redirects www.googleadservices.com — Cisco Umbrella Rank: 171	16 KB
3	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1603	2 KB
3	acint.net 3 redirects acint.net — Cisco Umbrella Rank: 26782	1 KB
3	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 9126 favicon.yandex.net — Cisco Umbrella Rank: 12045	39 KB
2	rutarget.ru 2 redirects yandex-dmp-sync.rutarget.ru — Cisco Umbrella Rank: 76783 yandex-sync.rutarget.ru — Cisco Umbrella Rank: 77026	837 B
2	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 18282	1 KB
2	upravel.com 2 redirects sync.upravel.com — Cisco Umbrella Rank: 40249	1 KB
2	gonet-ads.com 2 redirects sync.gonet-ads.com — Cisco Umbrella Rank: 24502	578 B
2	adriver.ru ssp.adriver.ru — Cisco Umbrella Rank: 29012	402 B
2	semantiqo.com 1 redirects sonar.semantiqo.com — Cisco Umbrella Rank: 75258	977 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 11767	593 B
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 18781	811 B
2	kimberlite.io 2 redirects kimberlite.io — Cisco Umbrella Rank: 39227	1013 B
2	digitaltarget.ru 2 redirects dmg.digitaltarget.ru — Cisco Umbrella Rank: 24619	1 KB
2	hybrid.ai dm.hybrid.ai — Cisco Umbrella Rank: 34294	516 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 201	2 KB
2	gstatic.com fonts.gstatic.com	27 KB
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 20496	69 B
1	bumlam.com sync.bumlam.com — Cisco Umbrella Rank: 3808	390 B
1	1dmp.io sync.1dmp.io — Cisco Umbrella Rank: 15405	155 B
1	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 10464	332 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 10851	204 B
1	intent.ai rtb-eu-warsaw.intent.ai — Cisco Umbrella Rank: 75027	843 B
1	rambler.ru 1 redirects profile.ssp.rambler.ru — Cisco Umbrella Rank: 49627	244 B
1	bidderstack.com 1 redirects nr.bidderstack.com — Cisco Umbrella Rank: 5192	403 B
1	new-programmatic.com 1 redirects match.new-programmatic.com — Cisco Umbrella Rank: 39145	262 B
1	konnektu.ru 1 redirects pixel.konnektu.ru — Cisco Umbrella Rank: 89058	214 B
1	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 23927	178 B
1	tns-counter.ru 1 redirects cm.tns-counter.ru — Cisco Umbrella Rank: 76248	386 B
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 1842	467 B
1	bluevoox.com im.bluevoox.com — Cisco Umbrella Rank: 12904	241 B
1	sape.ru 1 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 31755	698 B
1	arcspire.io 1 redirects px.arcspire.io — Cisco Umbrella Rank: 71920	317 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	1 KB
0	whiteboxdigital.ru Failed mitdmp.whiteboxdigital.ru Failed
119	45

	Domain	Requested by
28	an.yandex.ru	1 redirects yandex.ru sgo.edu-71.ru
21	yandex.ru	8 redirects sgo.edu-71.ru yandex.ru yastatic.net
13	mc.yandex.com	3 redirects sgo.edu-71.ru mc.yandex.ru
10	yastatic.net	yandex.ru sgo.edu-71.ru yastatic.net
8	rotarb.bid	sgo.edu-71.ru rotarb.bid
8	sgo.edu-71.ru	sgo.edu-71.ru
6	www.google.de
6	www.google.com	2 redirects
6	googleads.g.doubleclick.net	2 redirects www.googleadservices.com
5	sm.rtb.mts.ru	5 redirects
3	www.googleadservices.com	2 redirects yastatic.net
3	cm.g.doubleclick.net	sgo.edu-71.ru
3	match.360yield.com	1 redirects
3	ads.betweendigital.com	2 redirects sgo.edu-71.ru
3	acint.net	3 redirects
3	mc.yandex.ru	1 redirects sgo.edu-71.ru yastatic.net
2	x01.aidata.io	2 redirects
2	sync.upravel.com	2 redirects
2	sync.gonet-ads.com	2 redirects
2	ssp.adriver.ru	sgo.edu-71.ru
2	sonar.semantiqo.com	1 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	px.adhigh.net	2 redirects
2	tech.rtb.mts.ru	2 redirects
2	kimberlite.io	2 redirects
2	euw-ice.360yield.com	2 redirects
2	dmg.digitaltarget.ru	2 redirects
2	dm.hybrid.ai	sgo.edu-71.ru
2	dpm.demdex.net	1 redirects
2	avatars.mds.yandex.net	sgo.edu-71.ru
2	fonts.gstatic.com	fonts.googleapis.com
1	yandex-sync.rutarget.ru	1 redirects
1	yandex-dmp-sync.rutarget.ru	1 redirects
1	sync.dmp.otm-r.com	sgo.edu-71.ru
1	sync.bumlam.com	sgo.edu-71.ru
1	sync.1dmp.io	sgo.edu-71.ru
1	counter.yadro.ru	1 redirects
1	s.uuidksinc.net	1 redirects
1	rtb-eu-warsaw.intent.ai	sgo.edu-71.ru
1	profile.ssp.rambler.ru	1 redirects
1	nr.bidderstack.com	1 redirects
1	match.new-programmatic.com	1 redirects
1	pixel.konnektu.ru	1 redirects
1	exchange.buzzoola.com	1 redirects
1	cm.tns-counter.ru	1 redirects
1	t.adx.opera.com	sgo.edu-71.ru
1	im.bluevoox.com	sgo.edu-71.ru
1	ssp-rtb.sape.ru	1 redirects
1	px.arcspire.io	1 redirects
1	ysa-static.passport.yandex.ru	sgo.edu-71.ru
1	favicon.yandex.net	sgo.edu-71.ru
1	fonts.googleapis.com	sgo.edu-71.ru
1	www.sgo.edu-71.ru	1 redirects
0	mitdmp.whiteboxdigital.ru Failed	sgo.edu-71.ru
119	54

This site contains links to these domains. Also see Links.

Domain
sgo1.edu71.ru
esia.gosuslugi.ru
sgo.edu71.ru
www.sberbank.ru
www.tinkoff.ru
www.pochtabank.ru
yadi.sk
it.tularegion.ru
education.tularegion.ru
cit71.ru
www.ir-tech.ru
samara.rt.ru

Subject Issuer	Validity	Valid
sgo.edu-71.ru R3	`2023-03-15` - `2023-06-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2023-02-01` - `2023-08-01`	6 months	crt.sh
rotarb.bid R3	`2023-02-12` - `2023-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-02-01` - `2023-08-01`	6 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-21` - `2023-04-21`	6 months	crt.sh
*.avatars.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
favicon.yandex.net GlobalSign ECC OV SSL CA 2018	`2023-01-14` - `2023-06-15`	5 months	crt.sh
ysa-static.passport.yandex.net GlobalSign ECC OV SSL CA 2018	`2023-03-06` - `2023-10-06`	7 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-26` - `2023-09-26`	a year	crt.sh
*.intent.ai GTS CA 1P5	`2023-02-10` - `2023-05-11`	3 months	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
sync.1dmp.io R3	`2023-01-31` - `2023-05-01`	3 months	crt.sh
*.bumlam.com R3	`2023-02-09` - `2023-05-10`	3 months	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G2	`2022-05-27` - `2023-06-28`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://sgo.edu-71.ru/
Frame ID: E122F2361CB491C0274661DA10250A7B
Requests: 51 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: DE0E25DFEC67FD6ED5DACE8CF13F5D99
Requests: 64 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

sgo edu 71 ru | Электронный дневник в Туле и Тульской области

Page URL History Show full URLs

https://www.sgo.edu-71.ru/ HTTP 301
https://sgo.edu-71.ru/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

119
Requests

71 %
HTTPS

27 %
IPv6

45
Domains

54
Subdomains

29
IPs

10
Countries

971 kB
Transfer

2378 kB
Size

56
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://sgo1.edu71.ru/asp/sso/esia/crosslogin

Search URL Search Domain Scan URL

URL: https://sgo1.edu71.ru/StaffSupport.html
Title: "Добавить учетную запись"

Search URL Search Domain Scan URL

URL: https://esia.gosuslugi.ru/registration/
Title: https://esia.gosuslugi.ru/registration/

Search URL Search Domain Scan URL

URL: https://sgo.edu71.ru/
Title: АИС «Сетевой Город. Образование»

Search URL Search Domain Scan URL

URL: http://www.sberbank.ru/ru/person/dist_services/inner_sbol/gosuslugi
Title: Сбербанк Онлайн

Search URL Search Domain Scan URL

URL: https://www.tinkoff.ru/payments/categories/state-services/esia/
Title: Тинькофф

Search URL Search Domain Scan URL

URL: https://www.pochtabank.ru/service/gosuslugi
Title: Почта Банк Онлайн

Search URL Search Domain Scan URL

URL: https://esia.gosuslugi.ru/public/ra/
Title: Центров обслуживания

Search URL Search Domain Scan URL

URL: https://yadi.sk/i/EnmgOx3Z3Ui3VR
Title: Что такое ЕСИА

Search URL Search Domain Scan URL

URL: https://sgo1.edu71.ru/extras/file/regisrracia.pdf
Title: Инструкция по регистрации в ЕСИА

Search URL Search Domain Scan URL

URL: https://sgo1.edu71.ru/extras/file/avtorizacia.pdf
Title: Инструкция по авторизации в системе Электронное образование

Search URL Search Domain Scan URL

URL: http://it.tularegion.ru/

Search URL Search Domain Scan URL

URL: http://education.tularegion.ru/

Search URL Search Domain Scan URL

URL: http://cit71.ru/

Search URL Search Domain Scan URL

URL: http://www.ir-tech.ru/

Search URL Search Domain Scan URL

URL: https://samara.rt.ru/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.sgo.edu-71.ru/ HTTP 301
https://sgo.edu-71.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9942.PwMVsa6CbrQrvZx313xnMcUCvKvG9c4bn2npxN0Ct8VnibB2nVoOtWEQ0kOmapyV.Foj31ujX1kMhtTOXEvmgshDIDbc%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9942.6h-9OHykDLTobYtRgMslG6jLTJ_wRRoYDge07Zw-_9Sqnfr3cjkyxNn01tnV_3kcpPAw01BZvaY8TrKznkQe_gHCqM5QFH-Wu2SsYNy95GVghdQGxRNYwstfjcMcvG62vBFJPs60BpZiaEcY-0mn9AgbbN9b-PzOQJ2g27QFMuR5KDal4N2K5fs7J02slamoid4yxU75T1MFC2kDFSEQ69nM42Mke12CttTgP5lskk8%2C.G36OwC-ZB0YZxOF_9BRnWcjXojY%2C

Request Chain 27

https://mc.yandex.com/watch/89641448?wmode=7&page-url=https%3A%2F%2Fsgo.edu-71.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A674%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A431656204662%3Ahid%3A454470377%3Az%3A0%3Ai%3A20230315012828%3Aet%3A1678843708%3Ac%3A1%3Arn%3A589208785%3Arqn%3A1%3Au%3A1678843708770219517%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A108%2C118%2C59%2C0%2C233%2C0%2C%2C315%2C1%2C%2C%2C%2C833%3Aco%3A0%3Acpf%3A1%3Ans%3A1678843706924%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678843708%3At%3Asgo%20edu%2071%20ru%20%7C%20%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%20%D0%B2%20%D0%A2%D1%83%D0%BB%D0%B5%20%D0%B8%20%D0%A2%D1%83%D0%BB%D1%8C%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/89641448/1?wmode=7&page-url=https%3A%2F%2Fsgo.edu-71.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A674%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A431656204662%3Ahid%3A454470377%3Az%3A0%3Ai%3A20230315012828%3Aet%3A1678843708%3Ac%3A1%3Arn%3A589208785%3Arqn%3A1%3Au%3A1678843708770219517%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A108%2C118%2C59%2C0%2C233%2C0%2C%2C315%2C1%2C%2C%2C%2C833%3Aco%3A0%3Acpf%3A1%3Ans%3A1678843706924%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678843708%3At%3Asgo%20edu%2071%20ru%20%7C%20%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%20%D0%B2%20%D0%A2%D1%83%D0%BB%D0%B5%20%D0%B8%20%D0%A2%D1%83%D0%BB%D1%8C%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 30

https://mc.yandex.com/watch/2009953?wmode=7&page-url=https%3A%2F%2Fsgo.edu-71.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A1%3Als%3A1260189865259%3Ahid%3A454470377%3Az%3A0%3Ai%3A20230315012828%3Aet%3A1678843708%3Ac%3A1%3Arn%3A307891742%3Au%3A1678843708770219517%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1678843706924%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678843708%3At%3Asgo%20edu%2071%20ru%20%7C%20%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%20%D0%B2%20%D0%A2%D1%83%D0%BB%D0%B5%20%D0%B8%20%D0%A2%D1%83%D0%BB%D1%8C%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8&t=gdpr(14)mc(p-1)clc(0-0-0)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/2009953/1?wmode=7&page-url=https%3A%2F%2Fsgo.edu-71.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A1%3Als%3A1260189865259%3Ahid%3A454470377%3Az%3A0%3Ai%3A20230315012828%3Aet%3A1678843708%3Ac%3A1%3Arn%3A307891742%3Au%3A1678843708770219517%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1678843706924%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678843708%3At%3Asgo%20edu%2071%20ru%20%7C%20%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%20%D0%B2%20%D0%A2%D1%83%D0%BB%D0%B5%20%D0%B8%20%D0%A2%D1%83%D0%BB%D1%8C%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29aw%281%29ti%282%29

Request Chain 48

https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389 HTTP 307
https://an.yandex.ru/mapuid/arcspireis/c19a0e5db2bd216f69cf3e

Request Chain 49

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D HTTP 302
https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D&dp=151&tc=1 HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F$%257BUSER_ID%257D&dp=14 HTTP 302
https://acint.net/rmatch?dp=14&euid=2003420A3C1F1164CB00F47D026C3C9A&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/sapeis/0100007F3C1F1164C20E416B02B39111

Request Chain 50

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/f66ec9df-f424-524a-ac96-e054c887ff68

Request Chain 51

https://yandex.ru/an/mapuid/adobedmp/ HTTP 302
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=3F6628FF9E51A4D7 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=3F6628FF9E51A4D7

Request Chain 52

https://yandex.ru/an/mapuid/azerionis/ HTTP 302
https://match.360yield.com/match?external_user_id=9563626630CB59D1&publisher_dsp_id=429&publisher_call_type=redirect HTTP 302
https://match.360yield.com/ul_cb/match?external_user_id=9563626630CB59D1&publisher_dsp_id=429&publisher_call_type=redirect

Request Chain 54

https://yandex.ru/an/mapuid/betweenx/ HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=A044278B5ADC12D2

Request Chain 55

https://yandex.ru/an/mapuid/blueseaxcom/ HTTP 302
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=DEB062130289C588

Request Chain 57

https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=753F2558F327FBDD&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 58

https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=753F2558F327FBDD&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 59

https://yandex.ru/an/mapuid/google/?partner-tag=yandexru HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=753F2558F327FBDD&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 60

https://yandex.ru/an/mapuid/operacom/ HTTP 302
https://t.adx.opera.com/sync?vendor=60143&uid=AB6E20B40116D7AC

Request Chain 62

https://cm.tns-counter.ru/yacm HTTP 302
https://an.yandex.ru/mapuid/mediascope/80f2e3a494c50899050ec2045b7a610e34f3c1e696742af160dd07424299c5a1

Request Chain 65

https://dmg.digitaltarget.ru/1/119/i/i?i=1678843707 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1678843708648&i=1678843707 HTTP 307
https://an.yandex.ru/mapuid/dmpamberdata/mhughY.Nk3VK1Yp7gnMh

Request Chain 66

https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID} HTTP 302
https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/azerionis/65800883-478e-43b1-b0c1-becd3a0cdbfb HTTP 302
https://match.360yield.com/match?external_user_id=65800883-478e-43b1-b0c1-becd3a0cdbfb&publisher_dsp_id=429&publisher_call_type=redirect

Request Chain 67

https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D HTTP 301
https://an.yandex.ru/mapuid/buzzooladspis/88f0789f-7e20-43e2-6b48-0187fc537bd0

Request Chain 68

https://kimberlite.io/rtb/sync/yandex HTTP 307
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZBEfPD_cZhA HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=59&exu=ZBEfPD_cZhA HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=771b68ee-982a-4d4c-8979-fc290d87a19e&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D59%2526em%253D1%2526ssp%253Dkonnektu%2526id%253D%257BUSER_ID%257D HTTP 302
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D HTTP 302
https://sm.rtb.mts.ru/em?next=59&em=1&ssp=konnektu&id= HTTP 301
https://kimberlite.io/rtb/sync/mts?u=5c70642e-98b5-48d8-b404-99db741a1c0a HTTP 307
https://an.yandex.ru/mapuid/soltadspis/ZBEfPD_cZhA

Request Chain 69

https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
https://an.yandex.ru/mapuid/targetrtbis/

Request Chain 71

https://nr.bidderstack.com/yandex/cm?r=https://an.yandex.ru/mapuid/hyperdspis/ HTTP 302
https://an.yandex.ru/mapuid/hyperdspis/cb0570ca-d424-4bb9-909d-573e2aa43b9d

Request Chain 72

https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
https://an.yandex.ru/mapuid/ramblerssp/

Request Chain 73

https://px.adhigh.net/p/cm/yandexssp HTTP 302
https://px.adhigh.net/p/cm/yandexssp?bounced=1 HTTP 302
https://an.yandex.ru/mapuid/getintentis/u7h5cslAVhbd.AikABlGG4uIF1Q

Request Chain 74

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=2093571235 HTTP 302
https://an.yandex.ru/mapuid/dmpweborama/TwZYh/iKfTM4aM94IPDDbO

Request Chain 76

https://s.uuidksinc.net/match/501 HTTP 302
https://an.yandex.ru/mapuid/kadamis/YhaSgLUv8jrCj3o3t6DE

Request Chain 77

https://sm.rtb.mts.ru/p?ssp=yandex&id=map HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=5c70642e-98b5-48d8-b404-99db741a1c0a&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F5c70642e-98b5-48d8-b404-99db741a1c0a HTTP 302
https://an.yandex.ru/mapuid/mtsdspis/5c70642e-98b5-48d8-b404-99db741a1c0a

Request Chain 78

https://sonar.semantiqo.com/dmp/scr.php HTTP 302
https://counter.yadro.ru/id127/reff-id.gif?sid=6b93a844bf1d4e6b87d58b9aeb6ff0be HTTP 302
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=6b93a844bf1d4e6b87d58b9aeb6ff0be

Request Chain 84

https://sync.gonet-ads.com/match/yandex?id=[buyerUid] HTTP 302
https://sync.gonet-ads.com/match/yandex?id=%5BbuyerUid%5D&chk=1 HTTP 302
https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ

Request Chain 85

https://sync.upravel.com/yandex/sync HTTP 302
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
https://an.yandex.ru/mapuid/upravelis/810ef6a2-24ed-4fd7-a4b4-153ae87df788

Request Chain 86

https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 HTTP 302
https://an.yandex.ru/mapuid/dmpaidatame/gG79KgNIRdN%2FiHi6skP60w?sign=2198999622

Request Chain 87

https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/dmpsegmento/RHJ9sw17515q?sign=1808041768

Request Chain 88

https://yandex-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/rutargetis/GFTMdqcQHupJ

Request Chain 97

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Ph8RZOnlH8atzAai3obYAw&random=1088146001&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1088146001&crd=&is_vtc=1&random=1140749285 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1088146001&crd=&is_vtc=1&random=1140749285&ipr=y

Request Chain 98

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Ph8RZKnnH4CJ2fcPlZqXGA&random=941164556&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=941164556&crd=&is_vtc=1&random=1071327439 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=941164556&crd=&is_vtc=1&random=1071327439&ipr=y

119 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
sgo.edu-71.ru/
Redirect Chain

https://www.sgo.edu-71.ru/
https://sgo.edu-71.ru/

17 KB
5 KB

284ms
59ms

Document
text/html

193.176.78.25
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sgo.edu-71.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.176.78.25 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 881b63983486e9ad772a60a2996c22f87ef0f191cb1c941f69f52f53ff83dcc2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 4545
Content-Type: text/html
Date: Wed, 15 Mar 2023 01:28:27 GMT
ETag: "4414-5ed1cbee56c52-gzip"
Last-Modified: Thu, 10 Nov 2022 12:16:41 GMT
Server: nginx
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 230
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 15 Mar 2023 01:28:27 GMT
Location: https://sgo.edu-71.ru/
Server: nginx

GET
H/1.1 200
OK style.css
sgo.edu-71.ru/files/ 12 KB
4 KB 57ms
57ms Stylesheet
text/css 193.176.78.25
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sgo.edu-71.ru/files/style.css
Requested by: Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.176.78.25 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 606887aa1b14f35a7c5e7a1da72da5f544a0cc800f0a65488f881554b0df143f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sgo.edu-71.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 01:28:27 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Jul 2022 05:36:55 GMT
Server: nginx
ETag: W/"62da3777-31ea"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 132ms
47ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700

Requested by

Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2371736975be245bd56385816b25ee7daa9a3cd826911c4fe5f2202ca74e9ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sgo.edu-71.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Mar 2023 01:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 01:17:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Mar 2023 01:28:27 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 283 KB
84 KB 170ms
59ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

07bbfa4b649fa954ff747b7f6cd43d6e25e480f84a3b3bcc6a30dcddc88931f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sgo.edu-71.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1678843707717517-14258630059404312615-vla1-5291-vla-l7-balancer-8080-BAL-5104
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 15 Mar 2023 02:28:27 GMT

GET
H/1.1 200
OK 2.png
sgo.edu-71.ru/files/ 620 B
925 B 171ms
58ms Image
image/png 193.176.78.25
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sgo.edu-71.ru/files/2.png
Requested by: Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.176.78.25 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 83d93c68a07128dbcfa58c659fb1056f5c2ec90c787f60c84587944bbcf4442f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sgo.edu-71.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 01:28:27 GMT
Last-Modified: Fri, 22 Jul 2022 05:36:55 GMT
Server: nginx
ETag: "62da3777-26c"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 620
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.min.js Show response
sgo.edu-71.ru/files/ 85 KB
30 KB 117ms
116ms Script
application/javascript 193.176.78.25
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sgo.edu-71.ru/files/jquery.min.js
Requested by: Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.176.78.25 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sgo.edu-71.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 01:28:27 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Jul 2022 05:36:55 GMT
Server: nginx
ETag: W/"62da3777-1538f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK main.js Show response
sgo.edu-71.ru/files/ 2 KB
1 KB 174ms
56ms Script
application/javascript 193.176.78.25
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sgo.edu-71.ru/files/main.js
Requested by: Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.176.78.25 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0b23e62748c21c1cd19fc63b8b9480c1a48596d7321be607ef48896558ebe399

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sgo.edu-71.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 01:28:27 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Jul 2022 05:36:55 GMT
Server: nginx
ETag: W/"62da3777-7c1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 23433.min.js Show response
rotarb.bid/ 67 KB
19 KB 141ms
64ms Script
text/javascript 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rotarb.bid/23433.min.js?1df2314

Requested by

Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

360a50055d32be58c5b0f78c54c096feeac74c8abc995d8d796494263f0d7ba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sgo.edu-71.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 01:28:27 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
duration: 1042355
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=300
access-control-allow-headers: *
expires: Wed, 15-Mar-2023 03:33:27 EET

GET
H/1.1 200
OK sprite.png
sgo.edu-71.ru/files/ 64 KB
64 KB 227ms
113ms Image
image/png 193.176.78.25
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sgo.edu-71.ru/files/sprite.png
Requested by: Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/files/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.176.78.25 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: c4e574a0ce9a2704dbe2f7273ec39163ca9c2932e2d07a68f564e66db5443053

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sgo.edu-71.ru/files/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 01:28:27 GMT
Last-Modified: Fri, 22 Jul 2022 05:36:55 GMT
Server: nginx
ETag: "62da3777-feca"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 65226
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ProximaNovaLight.otf
sgo.edu-71.ru/files/ 92 KB
92 KB 94ms
57ms Font
application/octet-stream 193.176.78.25
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sgo.edu-71.ru/files/ProximaNovaLight.otf
Requested by: Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/files/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.176.78.25 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: a7ec928e7a2b2cc60363c91ea2fbcfa4ef155a02ad611d5b26dff2d233cede8c

Request headers

Referer: https://sgo.edu-71.ru/files/style.css
Origin: https://sgo.edu-71.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 01:28:27 GMT
Last-Modified: Fri, 22 Jul 2022 05:36:55 GMT
Server: nginx
ETag: "62da3777-1706c"
Content-Type: application/octet-stream
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 94316
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4kaVIGxA.woff2
fonts.gstatic.com/s/opensans/v34/ 10 KB
11 KB 114ms
35ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4kaVIGxA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2c33e326f3022a6d197286b76f07e5b9c9969487a7d25941dfcbe7397afe854

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sgo.edu-71.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 18:07:15 GMT
x-content-type-options: nosniff
age: 26472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10440
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:11:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Mar 2024 18:07:15 GMT

GET
H/1.1 200
OK ubuntu.woff
sgo.edu-71.ru/files/ 127 KB
127 KB 219ms
113ms Font
font/woff 193.176.78.25
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sgo.edu-71.ru/files/ubuntu.woff
Requested by: Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/files/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.176.78.25 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7b087b9320f14e57f90a7f502fee791cc2fbf7e0afd90a21cec9094eaaf71026

Request headers

Referer: https://sgo.edu-71.ru/files/style.css
Origin: https://sgo.edu-71.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 01:28:27 GMT
Last-Modified: Fri, 22 Jul 2022 05:36:55 GMT
Server: nginx
ETag: "62da3777-1fc70"
Content-Type: font/woff
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 130160
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 16 KB
16 KB 114ms
41ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sgo.edu-71.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 01:32:36 GMT
x-content-type-options: nosniff
age: 604551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16372
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 01:32:36 GMT

POST
H2 200 23433.json Show response
rotarb.bid/ 59 B
269 B 97ms
32ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rotarb.bid/23433.json

Requested by

Host: rotarb.bid
URL: https://rotarb.bid/23433.min.js?1df2314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

8378e67c1d60d20ed7233a9df277ed53dbe0a66b32c9a989dbbe29a06dfd201e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://sgo.edu-71.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 15 Mar 2023 01:28:27 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

POST
H2 200 23433.json Show response
rotarb.bid/ 6 KB
2 KB 99ms
35ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rotarb.bid/23433.json

Requested by

Host: rotarb.bid
URL: https://rotarb.bid/23433.min.js?1df2314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

88194f2b41170fdfad04d28ab0e9e1360c2d00442f51d04e8829b29e9215b343

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://sgo.edu-71.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 15 Mar 2023 01:28:27 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 211 KB
73 KB 223ms
89ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

025131d9c15ae8bc85f70a51c95aece581630b3dc3caa26cfeb1f79532c224d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sgo.edu-71.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 01:28:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Mar 2023 10:05:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6406e24d-11fef"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73711
expires: Wed, 15 Mar 2023 02:28:27 GMT

POST
H2 200 23433.json Show response
rotarb.bid/ 59 B
268 B 40ms
39ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rotarb.bid/23433.json

Requested by

Host: rotarb.bid
URL: https://rotarb.bid/23433.min.js?1df2314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

ff7f732a00592fb810db1e70e08cd380d5f9ad3cab53fa5cc526eeb9d8da11d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://sgo.edu-71.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 15 Mar 2023 01:28:27 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

POST
H2 200 23433.json Show response
rotarb.bid/ 59 B
268 B 33ms
33ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rotarb.bid/23433.json

Requested by

Host: rotarb.bid
URL: https://rotarb.bid/23433.min.js?1df2314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

e5cb0ff70013115e4205ebf7514eaa998e609aea09b2b060b94086b7b47dd384

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://sgo.edu-71.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 15 Mar 2023 01:28:27 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 1c0942547d39e10f5f56.js Show response
yastatic.net/partner-code-bundles/735377/ 14 KB
5 KB 209ms
109ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/735377/1c0942547d39e10f5f56.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

eacbe704285fa7ae46440fe32312c9692f253c4828cbb3491aa0ece491f66e50

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://sgo.edu-71.ru/
Origin: https://sgo.edu-71.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4801
last-modified: Fri, 10 Mar 2023 11:12:15 GMT
server: nginx/1.17.9
etag: "b98c0f2dde401ab25661149f8f5b0ddd"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 14 Mar 2053 08:02:58 GMT

GET
H2 200 22918b4e0da9d9171b67.js Show response
yastatic.net/partner-code-bundles/735377/ 112 KB
24 KB 238ms
140ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/735377/22918b4e0da9d9171b67.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

dd216518f8b9c7f13d6791564471c9fab3a5f80ba44e5233d82aaa201956163a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://sgo.edu-71.ru/
Origin: https://sgo.edu-71.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24258
last-modified: Fri, 10 Mar 2023 11:12:15 GMT
server: nginx/1.17.9
etag: "8f5ad9fe23a8708c0a7196b6830d57f5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 14 Mar 2053 08:02:58 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 252ms
154ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://sgo.edu-71.ru/
Origin: https://sgo.edu-71.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 14 Mar 2053 08:02:58 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 184ms
88ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://sgo.edu-71.ru/
Origin: https://sgo.edu-71.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 01:28:28 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 320e0112fd106c85
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Mar 2024 07:16:48 GMT

GET
H2 200 2009953 Show response
yandex.ru/ads/meta/ 78 KB
25 KB 199ms
198ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/2009953?target-ref=https%3A%2F%2Fsgo.edu-71.ru%2F&charset=utf-8&pcode-test-ids=657518%2C0%2C58%3B733957%2C0%2C30%3B736807%2C0%2C51%3B735207%2C0%2C76%3B729111%2C0%2C54%3B729106%2C0%2C37%3B734893%2C0%2C20%3B737281%2C0%2C42&pcode-flags-map=eJydWNty2zYQ%2FZWO%2BppJeQVJv4EkKGFEEiwAWlEyGYwSK7Y6ltxx7MR1Jv%2FeBUnZhGRDaZ9MUzoHi92zN%2F2YnGOhxIwtFM5ViVNSqoJxRWuV4romfHL24cfk2%2Br6fj05m0jeksmbyd366x29gP8R8v0gmvz8%2BOaZpuEsbzMpFKtVg1tBrAyRmwR%2Bz0BqnJZEkYxVzyQlFVIbc05zwvQDfJoyhXll0K4f%2Fj5gDf2wY82p6Ggz1tZScZJTTjJNiZvGbpnnBIH3dDe4iKraUlLOyhLYaqkfCFcLLLMZyZWkFVGsKASRdl7fc6KRz2Rn3jnhgrLaQEa%2BGzmhiQ0d59mmtJWSaZeUzIzT7370xcShJEQdrslYTgxkF2%2FTv79K1ta0ZDgnPQeuDI%2Fe3d6vR7DAi%2F3E6WHgSyE6kR1gDgM5AoE8BSG1Yqkg%2FPxAmOvd6tP12kD6yEt6Nxf0nargrBmh05lUtbQfGYR%2B4nbAJa5z8k7xVuWswrS2wUIn8nz0dF7K2RyMhbPUlNPcinSjMEYvHqhAvZLT1Ar3XAcFHfw9qT1VtKDPBc3lTNEKT4kVG7hB7Dxj98mSMq6DynFOW%2FHbLzIssba7N1jhcoGXwo70o8HPedFAZoqG1SAMnUesNXPIcxzHxAaOH4z0nGloLe3nhUAzSKlg4GWitbs%2FT5F3VlnAkVHkHcNpoQvnQmcyqPP%2FMOwNOMdla0TLd15GlwTzWlWMQ9nAnOKDe3vGoVAwBi83nDJO5VKlS0h3smgYtzsMRWjIvb0uhuKZCW4FJm4UjxRJhcow50wqnGUQJWGpEmHih65rYDsVC5C0nGk3NTjPaT21kwRh0FvelX2Qslw2RPl2q4M4CkfhqXgGfhI0pSV4zX5cEqFXkboRZiXN5idO33N0XaZvvgoKbEGhuVB9iQJn9mxOYm%2FoLL0dA0lf2yXTQm1KvExxNh91MBslcrzA94xwzEhX8KGTEkGnVsUjN%2FRQH4eaLABSQJbPVMmmNLPjYn8oaWBmQXmlNctJve80DSepvagiqIqea4gXug4HJcEUAP0aPKALpci47ilCWHMfuYkbBAbZjMrOkhEJ%2BGMumZ3IjzzPH087B3NNTgoM4YcXBa2pJKD2bA5jlTVRURA6CBnmiQpzqf5sSUs0%2Ban7hQih8GmskDMOc9yBZQQSmGsp0xoKFYVmXJ6wKnKjQToZhpbE6iGAuNAJSQuOYWDqxgd7JKM4QcnT3FBwCjTlUvV4PUI09suZ%2BHSuBH1vzSOEEn8I9wghTs1JR%2BcmgRM9sUDRzjWDdW5FKA6Qe3iyqmBqxfazPG%2BYC0eC1IPHL6kyRoHr79MN%2BjdM3nBVEI2CWbUfKLoC1s8Gx2vBEV8U%2B8e3kFP7HSBMsTvODV0z%2BiLzguu7fnBqD0CJh4bppM8IMaeNkrwrgKdKMkpgNenBB0cXJdPjbq56Q0%2BQxEMWvEbSicvg%2BLJ5UNvVg7paby6v7l6h6zYYNScpThVMnNZ1yIHWZqRin82LGahkJJgaWnRXcKctlHe9JEDRzQg9t2do5DrB0Dk5V32lly2MKH2md47uiko7nZ1YBoGpT9USv192xUF1A94Y9mPyZX33%2Bapa3V5udpMzN4QxaXvzaXO9Fp9X15vd5eTM%2B2mwhtAXRyLoyyLMeyottRL0jjk%2B4MNku9pcv729B9v%2BWe0u1g%2Fw%2FMdmu7pcfzVeXa623ZuLx%2FWu%2F%2Frq2%2Bbupn%2Fcvh39c7HbDG818xMDvLhdPV7fPF4NHz%2Fe9n%2Fvb1dvd%2BvvX4%2B%2B8NfqZrvpoB9fvuI4455Daw8f2uvcAGt94hOBB6R7WHZwC6NGVrKDzR9WY3O9hg2tF02NJUgMqhyfDrVOSTy1Lg%2FQWbxRoSwIyJUTnEnYoU8AQ9%2FxjmckWjcwG%2Bgh6T9OSLAN%2Byh%2BlXBUyqD22OPwzPT0Y4qkEtCwFcJKli%2B7AQ7rvqfzapgVDMoCl%2BLg1wY%2FCfczocjnh4szHBpDlzLNiIe%2BJaDPk84OqFoNE%2FKUK2DDio76SMaE9ikU7DJPofBQYo%2BQl7jDBvASyxIrSOI5sc4emsPpJyLdxfofDJQkFVBIU5af767NOwRxonvhz38BnkKd3w%3D%3D&pcode-icookie=wgUeA06DhYA8QRmXnfGEAVH%2BiNBjoUiu%2BlhAgpCCz6nYpp4MJK9yS9tQhPodk8hJXMHhOmpF9VqfqeekIL3%2FUIvm0so%3D&imp-id=5&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=79714593013762&ad-session-id=4317211678843707917&target-id=59292905&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fsgo.edu-71.ru&top-ancestor-undetermined=0&pcode-version=735377&pcodever=735377&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A1300%2C%22top%22%3A1180%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=2156&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxMzN9CkKnopDlqO-CMFBHIli7_dzdqJbUs4F1SnlSfPNT-hSrbgX_WXFkHWXXlttUraRa0IZX1Z7zmTJYa6CPEMAVY2ZEh-h8HDeq7XY_ESLEmDFjxozIvoIoqKEOv8I2VSV-Ba4WgAqn8As342V5YRZWYWVJQa1FsKD4RbhgXuHWIqwFkCw9rVq8BCJjZ1nhLrxLg1kwFpkoyzJe8eCbbK4tNQOFeNfktUAo_CX_qIco9MIcCgKbO1EW291l7ArfCNNXawxGmGGkMxh9ra8JDaDdKqO5nRrVoR9VVaQOSWNdqNArtQS-NlDFVR-o_FDlk8YFcsZtq726Dvhrozcf5EsotAUhHi9QCmaBUMEBTLM6JHf1nRawgnFYC2-BCBeg_-CD4yxiQIcYwVL6RdEiujmDYB2tPcAOyez2dguZdVxzszRDXYBQ64KWFcb4ES0YOxHqHTnOwgh1Xhyd2Lp3xqPrHZlmFmzp0I5TRLM9JTpo61W-wEQfhtJf8thsX4IwhA58oNQpnGPY629FZPWsox5kAy0ceEiVb-nLKDfot8zdMuJAB91g1GlhVL0mUihIY2WoV5DAUJMQ4avipbqIuzqh0pBUkcWzwzrkXHlvNYgVHhnIsOHArXDILCAt4NokLMzGId8FR8q3yQBaJGuvmQxGAkMB_IqS7UqoJxhxYra3YJvIlfj7_zAMQnZ93wvaO3ziXvGTzZ-op9LiI79kY0yRpnK8g3My1qIccxfmpe21safIG8qLgrm3WN2HW8i7aUsC90LLaApL3P4VtPUD603NMvIC8SJsu5Os8ebpfMCZD5JtLM5u_NJJhhREmHj0GZgWLORWsVpa5VMS1h9zk35X4eSrpdF129y_-Ae21xMhdTJd_k7Udf2oW3Vcmxn32mc2pZ0QddUKeS9s2YULTHDT7o81TpLkJIEEepbjuDNZrwPm3e73Rfm5J3EE60Za0Pc-FvW4zFjWG8z8jqd3uoylgDFSfCLH5h5YRH-wdhjNBFMz2pCaZoyF0xjqYTpoZB0ao3pRjSnJd_wzt3ee7wSJU9899yn4OQTNggvqA6pO-dnb-XtvVitYCmKUwPEy7iNnFvau_PHamzS5VzztVbbzauHH1eXl64Qx5aa-kZg6R29feJ0iySAK3NvZ6Ob71joM8DS8yXtWc9pLMmtzcJqbOs8eVSZROH2BS2GKmViU0K7yLK3jYh4NOuE3HPGdMRmf4lG1e3a1dn5Resds8hnrRz5HsMYgzpj0gaVd5M6rBlNHWpU9hPSBZsMocoER4_t-MNET2WlGGj9UxoYC5OioCNtgNxgv3Y3em3aODq6y7l_K2FuCXROHue45F-r0k8aphTjY22qHNwmyfGRM8Al3TV5nI7_DkzkZk1TivmbS43BUltLuo9kk1ibOFxPWhBkbJd7P4BeQZC9vJ6sxMsR77Cz7WGXPzb_kpsXCuX08CzkUbVP3Yu41Fj8gWMVrIuJwsXEKgkhlKOATV5X8-iuTQiRLQDWah7bRnOCPlL5WrwnpY-ktmkhJFDqUEhCEKhJ1oIu2_gX8RbsOlvaBNJnFH2nxWhC6UY5AeQcnAR_n1UT2Fq5BsGoBYq1aTBXf7dej_CU5JxW4LBviigNmgQJrRqfyNRHMm3o4MFteYu_zq6VaSCcO-Te6WqQTrOPiX2w_0RKurjWKtArB-EX3izt3GWDpORXjL5m2HKeG1b5uKePwKjxKWQAXSdOpVp39Ea0oFf8GZyuP_8Xrf5CZyhuu82y3DIPEmNCs1KcQgXVpMHznPNkDtDPGMALux13ZauazT3l0SPLxIG8cK4JaTsOLEmaSf0Y_uNtju5-Ww3vPkRrfLqZHNN67MFxU2K4SJOekILQsRfjYg6XkIHJ312AUSEAKGJSRvCUe7bmO58DHu4GDDDe4P0Xu22eIKGN9ciZFfHGH4N2hp46gHFnfwpZ9QXqH2tOaU-Q5-KJ_1piSahYdqC1uw-CaQo-qiDJcmHt39Ly14Lo4b4ZrGi20y98JAXAyKCsSYdnuOJyYbOPoQQgC_9CQ9G8arYrQFNPeODoyquhASejMLsEOpqCzEGsCPSEdQtDcUF_mAfBsAP8%3D&uniformat=true&callback=Ya%5B7219400553377%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

904d9c049dc1d0f13dc7865e814f09ba70e359489c6d1c7f0c3070127e524862

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sgo.edu-71.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1678843707954679-5978490978455449818-vla1-5291-vla-l7-balancer-8080-BAL-7651
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
uniformat: true
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: https://sgo.edu-71.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 15 Mar 2023 01:28:28 GMT

GET
H2 200 07cea2bf8567304efc16.js Show response
yastatic.net/partner-code-bundles/735377/ 23 KB
8 KB 184ms
120ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/735377/07cea2bf8567304efc16.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

93ffbbcb23cfd8706529779532fa14aef7b1b127080cb749b915421262fdad87

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://sgo.edu-71.ru/
Origin: https://sgo.edu-71.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7926
last-modified: Fri, 10 Mar 2023 11:12:15 GMT
server: nginx/1.17.9
etag: "73c64e5c6e1b88c72ac17d2d11fe684d"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 14 Mar 2053 07:59:32 GMT

GET
H2 200 2ec9a88e40a26b53acde.js Show response
yastatic.net/partner-code-bundles/735377/ 7 KB
3 KB 175ms
112ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/735377/2ec9a88e40a26b53acde.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

329cf6ccf2e229ffe4f9800ca07ae57c3c007e27b59f2874a6d5840ea2ec4568

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://sgo.edu-71.ru/
Origin: https://sgo.edu-71.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 2064
last-modified: Fri, 10 Mar 2023 11:12:15 GMT
server: nginx/1.17.9
etag: "cd82a777febeca738ec1b28ab2abec1c"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 14 Mar 2053 07:59:28 GMT

GET
H2 200 c3b0f8b88b2cd6ebcc27.js Show response
yastatic.net/partner-code-bundles/735377/ 577 KB
110 KB 124ms
124ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/735377/c3b0f8b88b2cd6ebcc27.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

1e18ccc7a6402a4ecc0c6f14a00ccb77c8896aafc60eea9a2cd40b0ce8b98df3

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://sgo.edu-71.ru/
Origin: https://sgo.edu-71.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 111828
last-modified: Fri, 10 Mar 2023 11:12:15 GMT
server: nginx/1.17.9
etag: "0c51138359bb2eb2647a80126c68289a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 14 Mar 2053 08:02:58 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9942.PwMVsa6CbrQrvZx313xnMcUCvKvG9c4bn2npxN0Ct8VnibB2nVoOtWEQ0kOmapyV.Foj31ujX1kMhtTOXEvmgshDIDbc%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9942.6h-9OHykDLTobYtRgMslG6jLTJ_wRRoYDge07Zw-_9Sqnfr3cjkyxNn01tnV_3kcpPAw01BZvaY8TrKznkQe_gHCqM5QFH-Wu2SsYNy95GVghdQGxRNYwstfjcMcvG62vBFJPs60BpZ...

43 B
477 B

47ms
47ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9942.6h-9OHykDLTobYtRgMslG6jLTJ_wRRoYDge07Zw-_9Sqnfr3cjkyxNn01tnV_3kcpPAw01BZvaY8TrKznkQe_gHCqM5QFH-Wu2SsYNy95GVghdQGxRNYwstfjcMcvG62vBFJPs60BpZiaEcY-0mn9AgbbN9b-PzOQJ2g27QFMuR5KDal4N2K5fs7J02slamoid4yxU75T1MFC2kDFSEQ69nM42Mke12CttTgP5lskk8%2C.G36OwC-ZB0YZxOF_9BRnWcjXojY%2C

Requested by

Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sgo.edu-71.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 01:28:28 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9942.6h-9OHykDLTobYtRgMslG6jLTJ_wRRoYDge07Zw-_9Sqnfr3cjkyxNn01tnV_3kcpPAw01BZvaY8TrKznkQe_gHCqM5QFH-Wu2SsYNy95GVghdQGxRNYwstfjcMcvG62vBFJPs60BpZiaEcY-0mn9AgbbN9b-PzOQJ2g27QFMuR5KDal4N2K5fs7J02slamoid4yxU75T1MFC2kDFSEQ69nM42Mke12CttTgP5lskk8%2C.G36OwC-ZB0YZxOF_9BRnWcjXojY%2C
date: Wed, 15 Mar 2023 01:28:28 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
137 B 46ms
45ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sgo.edu-71.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 01:28:28 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Mar 2023 10:05:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6406e24d-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 15 Mar 2023 02:28:28 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/89641448/
Redirect Chain

https://mc.yandex.com/watch/89641448?wmode=7&page-url=https%3A%2F%2Fsgo.edu-71.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A674%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av...
https://mc.yandex.com/watch/89641448/1?wmode=7&page-url=https%3A%2F%2Fsgo.edu-71.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A674%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3...

427 B
519 B

46ms
46ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/89641448/1?wmode=7&page-url=https%3A%2F%2Fsgo.edu-71.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A674%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A431656204662%3Ahid%3A454470377%3Az%3A0%3Ai%3A20230315012828%3Aet%3A1678843708%3Ac%3A1%3Arn%3A589208785%3Arqn%3A1%3Au%3A1678843708770219517%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A108%2C118%2C59%2C0%2C233%2C0%2C%2C315%2C1%2C%2C%2C%2C833%3Aco%3A0%3Acpf%3A1%3Ans%3A1678843706924%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678843708%3At%3Asgo%20edu%2071%20ru%20%7C%20%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%20%D0%B2%20%D0%A2%D1%83%D0%BB%D0%B5%20%D0%B8%20%D0%A2%D1%83%D0%BB%D1%8C%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

840de63eaa7ca70ec64514072d5cb7673fff32f53b2daee287bc70716366f927

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sgo.edu-71.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 15-Mar-2023 01:28:28 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sgo.edu-71.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 427
x-xss-protection: 1; mode=block
expires: Wed, 15-Mar-2023 01:28:28 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 15-Mar-2023 01:28:28 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/89641448/1?wmode=7&page-url=https%3A%2F%2Fsgo.edu-71.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A674%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A431656204662%3Ahid%3A454470377%3Az%3A0%3Ai%3A20230315012828%3Aet%3A1678843708%3Ac%3A1%3Arn%3A589208785%3Arqn%3A1%3Au%3A1678843708770219517%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A108%2C118%2C59%2C0%2C233%2C0%2C%2C315%2C1%2C%2C%2C%2C833%3Aco%3A0%3Acpf%3A1%3Ans%3A1678843706924%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678843708%3At%3Asgo%20edu%2071%20ru%20%7C%20%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%20%D0%B2%20%D0%A2%D1%83%D0%BB%D0%B5%20%D0%B8%20%D0%A2%D1%83%D0%BB%D1%8C%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://sgo.edu-71.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 15-Mar-2023 01:28:28 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 163ms
57ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sgo.edu-71.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://sgo.edu-71.ru
access-control-max-age: 1728000
content-encoding: gzip
date: Wed, 15 Mar 2023 01:28:28 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 164ms
59ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sgo.edu-71.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://sgo.edu-71.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:28 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/2009953/
Redirect Chain

https://mc.yandex.com/watch/2009953?wmode=7&page-url=https%3A%2F%2Fsgo.edu-71.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...
https://mc.yandex.com/watch/2009953/1?wmode=7&page-url=https%3A%2F%2Fsgo.edu-71.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A0%3Aen%3Autf-8%3Ala%3...

256 B
292 B

51ms
51ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/2009953/1?wmode=7&page-url=https%3A%2F%2Fsgo.edu-71.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A1%3Als%3A1260189865259%3Ahid%3A454470377%3Az%3A0%3Ai%3A20230315012828%3Aet%3A1678843708%3Ac%3A1%3Arn%3A307891742%3Au%3A1678843708770219517%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1678843706924%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678843708%3At%3Asgo%20edu%2071%20ru%20%7C%20%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%20%D0%B2%20%D0%A2%D1%83%D0%BB%D0%B5%20%D0%B8%20%D0%A2%D1%83%D0%BB%D1%8C%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29aw%281%29ti%282%29

Requested by

Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

7b038f0f8eb43bbaf15a28ae5ac51648052f53db40880af47a9e4fd2900a94e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sgo.edu-71.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 15-Mar-2023 01:28:28 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://sgo.edu-71.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 256
x-xss-protection: 1; mode=block
expires: Wed, 15-Mar-2023 01:28:28 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 15-Mar-2023 01:28:28 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/2009953/1?wmode=7&page-url=https%3A%2F%2Fsgo.edu-71.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A1%3Als%3A1260189865259%3Ahid%3A454470377%3Az%3A0%3Ai%3A20230315012828%3Aet%3A1678843708%3Ac%3A1%3Arn%3A307891742%3Au%3A1678843708770219517%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1678843706924%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678843708%3At%3Asgo%20edu%2071%20ru%20%7C%20%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%20%D0%B2%20%D0%A2%D1%83%D0%BB%D0%B5%20%D0%B8%20%D0%A2%D1%83%D0%BB%D1%8C%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29aw%281%29ti%282%29
access-control-allow-origin: https://sgo.edu-71.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 15-Mar-2023 01:28:28 GMT

GET
H2 200 2009953 Show response
yandex.ru/ads/meta/ 100 KB
28 KB 164ms
163ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/2009953?target-ref=https%3A%2F%2Fsgo.edu-71.ru%2F&charset=utf-8&pcode-test-ids=657518%2C0%2C58%3B733957%2C0%2C30%3B736807%2C0%2C51%3B735207%2C0%2C76%3B729111%2C0%2C54%3B729106%2C0%2C37%3B734893%2C0%2C20%3B737281%2C0%2C42&pcode-flags-map=eJydWNty2zYQ%2FZWO%2BppJeQVJv4EkKGFEEiwAWlEyGYwSK7Y6ltxx7MR1Jv%2FeBUnZhGRDaZ9MUzoHi92zN%2F2YnGOhxIwtFM5ViVNSqoJxRWuV4romfHL24cfk2%2Br6fj05m0jeksmbyd366x29gP8R8v0gmvz8%2BOaZpuEsbzMpFKtVg1tBrAyRmwR%2Bz0BqnJZEkYxVzyQlFVIbc05zwvQDfJoyhXll0K4f%2Fj5gDf2wY82p6Ggz1tZScZJTTjJNiZvGbpnnBIH3dDe4iKraUlLOyhLYaqkfCFcLLLMZyZWkFVGsKASRdl7fc6KRz2Rn3jnhgrLaQEa%2BGzmhiQ0d59mmtJWSaZeUzIzT7370xcShJEQdrslYTgxkF2%2FTv79K1ta0ZDgnPQeuDI%2Fe3d6vR7DAi%2F3E6WHgSyE6kR1gDgM5AoE8BSG1Yqkg%2FPxAmOvd6tP12kD6yEt6Nxf0nargrBmh05lUtbQfGYR%2B4nbAJa5z8k7xVuWswrS2wUIn8nz0dF7K2RyMhbPUlNPcinSjMEYvHqhAvZLT1Ar3XAcFHfw9qT1VtKDPBc3lTNEKT4kVG7hB7Dxj98mSMq6DynFOW%2FHbLzIssba7N1jhcoGXwo70o8HPedFAZoqG1SAMnUesNXPIcxzHxAaOH4z0nGloLe3nhUAzSKlg4GWitbs%2FT5F3VlnAkVHkHcNpoQvnQmcyqPP%2FMOwNOMdla0TLd15GlwTzWlWMQ9nAnOKDe3vGoVAwBi83nDJO5VKlS0h3smgYtzsMRWjIvb0uhuKZCW4FJm4UjxRJhcow50wqnGUQJWGpEmHih65rYDsVC5C0nGk3NTjPaT21kwRh0FvelX2Qslw2RPl2q4M4CkfhqXgGfhI0pSV4zX5cEqFXkboRZiXN5idO33N0XaZvvgoKbEGhuVB9iQJn9mxOYm%2FoLL0dA0lf2yXTQm1KvExxNh91MBslcrzA94xwzEhX8KGTEkGnVsUjN%2FRQH4eaLABSQJbPVMmmNLPjYn8oaWBmQXmlNctJve80DSepvagiqIqea4gXug4HJcEUAP0aPKALpci47ilCWHMfuYkbBAbZjMrOkhEJ%2BGMumZ3IjzzPH087B3NNTgoM4YcXBa2pJKD2bA5jlTVRURA6CBnmiQpzqf5sSUs0%2Ban7hQih8GmskDMOc9yBZQQSmGsp0xoKFYVmXJ6wKnKjQToZhpbE6iGAuNAJSQuOYWDqxgd7JKM4QcnT3FBwCjTlUvV4PUI09suZ%2BHSuBH1vzSOEEn8I9wghTs1JR%2BcmgRM9sUDRzjWDdW5FKA6Qe3iyqmBqxfazPG%2BYC0eC1IPHL6kyRoHr79MN%2BjdM3nBVEI2CWbUfKLoC1s8Gx2vBEV8U%2B8e3kFP7HSBMsTvODV0z%2BiLzguu7fnBqD0CJh4bppM8IMaeNkrwrgKdKMkpgNenBB0cXJdPjbq56Q0%2BQxEMWvEbSicvg%2BLJ5UNvVg7paby6v7l6h6zYYNScpThVMnNZ1yIHWZqRin82LGahkJJgaWnRXcKctlHe9JEDRzQg9t2do5DrB0Dk5V32lly2MKH2md47uiko7nZ1YBoGpT9USv192xUF1A94Y9mPyZX33%2Bapa3V5udpMzN4QxaXvzaXO9Fp9X15vd5eTM%2B2mwhtAXRyLoyyLMeyottRL0jjk%2B4MNku9pcv729B9v%2BWe0u1g%2Fw%2FMdmu7pcfzVeXa623ZuLx%2FWu%2F%2Frq2%2Bbupn%2Fcvh39c7HbDG818xMDvLhdPV7fPF4NHz%2Fe9n%2Fvb1dvd%2BvvX4%2B%2B8NfqZrvpoB9fvuI4455Daw8f2uvcAGt94hOBB6R7WHZwC6NGVrKDzR9WY3O9hg2tF02NJUgMqhyfDrVOSTy1Lg%2FQWbxRoSwIyJUTnEnYoU8AQ9%2FxjmckWjcwG%2Bgh6T9OSLAN%2Byh%2BlXBUyqD22OPwzPT0Y4qkEtCwFcJKli%2B7AQ7rvqfzapgVDMoCl%2BLg1wY%2FCfczocjnh4szHBpDlzLNiIe%2BJaDPk84OqFoNE%2FKUK2DDio76SMaE9ikU7DJPofBQYo%2BQl7jDBvASyxIrSOI5sc4emsPpJyLdxfofDJQkFVBIU5af767NOwRxonvhz38BnkKd3w%3D%3D&pcode-icookie=wgUeA06DhYA8QRmXnfGEAVH%2BiNBjoUiu%2BlhAgpCCz6nYpp4MJK9yS9tQhPodk8hJXMHhOmpF9VqfqeekIL3%2FUIvm0so%3D&duid=MTY3ODg0MzcwODc3MDIxOTUxNw%3D%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=79714593013762&ad-session-id=4317211678843707917&target-id=18811553&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fsgo.edu-71.ru&top-ancestor-undetermined=0&pcode-version=735377&pcodever=735377&flash-ver=0&skip-token=yabs.NzIwNTc2MDc1MDEyMTc4MDU%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A960%2C%22h%22%3A0%2C%22width%22%3A960%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A320%2C%22top%22%3A64%2C%22ad_no%22%3A1%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A1%7D&grab-orig-len=2156&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxMzN9CkKnopDlqO-CMFBHIli7_dzdqJbUs4F1SnlSfPNT-hSrbgX_WXFkHWXXlttUraRa0IZX1Z7zmTJYa6CPEMAVY2ZEh-h8HDeq7XY_ESLEmDFjxozIvoIoqKEOv8I2VSV-Ba4WgAqn8As342V5YRZWYWVJQa1FsKD4RbhgXuHWIqwFkCw9rVq8BCJjZ1nhLrxLg1kwFpkoyzJe8eCbbK4tNQOFeNfktUAo_CX_qIco9MIcCgKbO1EW291l7ArfCNNXawxGmGGkMxh9ra8JDaDdKqO5nRrVoR9VVaQOSWNdqNArtQS-NlDFVR-o_FDlk8YFcsZtq726Dvhrozcf5EsotAUhHi9QCmaBUMEBTLM6JHf1nRawgnFYC2-BCBeg_-CD4yxiQIcYwVL6RdEiujmDYB2tPcAOyez2dguZdVxzszRDXYBQ64KWFcb4ES0YOxHqHTnOwgh1Xhyd2Lp3xqPrHZlmFmzp0I5TRLM9JTpo61W-wEQfhtJf8thsX4IwhA58oNQpnGPY629FZPWsox5kAy0ceEiVb-nLKDfot8zdMuJAB91g1GlhVL0mUihIY2WoV5DAUJMQ4avipbqIuzqh0pBUkcWzwzrkXHlvNYgVHhnIsOHArXDILCAt4NokLMzGId8FR8q3yQBaJGuvmQxGAkMB_IqS7UqoJxhxYra3YJvIlfj7_zAMQnZ93wvaO3ziXvGTzZ-op9LiI79kY0yRpnK8g3My1qIccxfmpe21safIG8qLgrm3WN2HW8i7aUsC90LLaApL3P4VtPUD603NMvIC8SJsu5Os8ebpfMCZD5JtLM5u_NJJhhREmHj0GZgWLORWsVpa5VMS1h9zk35X4eSrpdF129y_-Ae21xMhdTJd_k7Udf2oW3Vcmxn32mc2pZ0QddUKeS9s2YULTHDT7o81TpLkJIEEepbjuDNZrwPm3e73Rfm5J3EE60Za0Pc-FvW4zFjWG8z8jqd3uoylgDFSfCLH5h5YRH-wdhjNBFMz2pCaZoyF0xjqYTpoZB0ao3pRjSnJd_wzt3ee7wSJU9899yn4OQTNggvqA6pO-dnb-XtvVitYCmKUwPEy7iNnFvau_PHamzS5VzztVbbzauHH1eXl64Qx5aa-kZg6R29feJ0iySAK3NvZ6Ob71joM8DS8yXtWc9pLMmtzcJqbOs8eVSZROH2BS2GKmViU0K7yLK3jYh4NOuE3HPGdMRmf4lG1e3a1dn5Resds8hnrRz5HsMYgzpj0gaVd5M6rBlNHWpU9hPSBZsMocoER4_t-MNET2WlGGj9UxoYC5OioCNtgNxgv3Y3em3aODq6y7l_K2FuCXROHue45F-r0k8aphTjY22qHNwmyfGRM8Al3TV5nI7_DkzkZk1TivmbS43BUltLuo9kk1ibOFxPWhBkbJd7P4BeQZC9vJ6sxMsR77Cz7WGXPzb_kpsXCuX08CzkUbVP3Yu41Fj8gWMVrIuJwsXEKgkhlKOATV5X8-iuTQiRLQDWah7bRnOCPlL5WrwnpY-ktmkhJFDqUEhCEKhJ1oIu2_gX8RbsOlvaBNJnFH2nxWhC6UY5AeQcnAR_n1UT2Fq5BsGoBYq1aTBXf7dej_CU5JxW4LBviigNmgQJrRqfyNRHMm3o4MFteYu_zq6VaSCcO-Te6WqQTrOPiX2w_0RKurjWKtArB-EX3izt3GWDpORXjL5m2HKeG1b5uKePwKjxKWQAXSdOpVp39Ea0oFf8GZyuP_8Xrf5CZyhuu82y3DIPEmNCs1KcQgXVpMHznPNkDtDPGMALux13ZauazT3l0SPLxIG8cK4JaTsOLEmaSf0Y_uNtju5-Ww3vPkRrfLqZHNN67MFxU2K4SJOekILQsRfjYg6XkIHJ312AUSEAKGJSRvCUe7bmO58DHu4GDDDe4P0Xu22eIKGN9ciZFfHGH4N2hp46gHFnfwpZ9QXqH2tOaU-Q5-KJ_1piSahYdqC1uw-CaQo-qiDJcmHt39Ly14Lo4b4ZrGi20y98JAXAyKCsSYdnuOJyYbOPoQQgC_9CQ9G8arYrQFNPeODoyquhASejMLsEOpqCzEGsCPSEdQtDcUF_mAfBsAP8%3D&uniformat=true&callback=Ya%5B3454502917515%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

63733bfa81187e9ab9bd31d3e0a3ee9ba466d8792c3be2c6f2e333707a586463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sgo.edu-71.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1678843708254718-15033747531577262980-vla1-5291-vla-l7-balancer-8080-BAL-1035
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
uniformat: true
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: https://sgo.edu-71.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 15 Mar 2023 01:28:28 GMT

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/5235951/XJNG9OBllV0WJjiGY43oNw/ 21 KB
21 KB 231ms
110ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5235951/XJNG9OBllV0WJjiGY43oNw/y300
Requested by: Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: aaab017e71b05285b327295f16d57b7b5a09c127050a45aa84dab30b533fa864

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sgo.edu-71.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 01:28:28 GMT
last-modified: Thu, 17 Feb 2022 11:14:40 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=SAS"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
content-length: 21596
x-request-id: 5fde2a39fc2a080

GET
H2 200 icon-192.png
yastatic.net/s3/games-static/favicons/ 24 KB
24 KB 190ms
98ms Image
image/png 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yastatic.net/s3/games-static/favicons/icon-192.png

Requested by

Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sgo.edu-71.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 01:28:28 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24134
last-modified: Thu, 14 Apr 2022 12:22:42 GMT
server: nginx/1.17.9
etag: "7819c957eaa80af5bf14f760d49b64a7"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=216013
x-nginx-request-id: beb4fc6dcd88e9d3
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Mar 2023 13:25:27 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame DE0E 24 KB
7 KB 119ms
45ms Document
text/html 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://sgo.edu-71.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-type: text/html
date: Wed, 15 Mar 2023 01:28:28 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Fri, 14 Mar 2053 08:00:19 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

POST
H2 200 23433.json Show response
rotarb.bid/ 59 B
268 B 33ms
33ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rotarb.bid/23433.json

Requested by

Host: rotarb.bid
URL: https://rotarb.bid/23433.min.js?1df2314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

fc201eb30b515980337f688c7b6e8336815f94c43b8cf49c677f59b06bf4b9c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://sgo.edu-71.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 15 Mar 2023 01:28:28 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

POST
H2 200 1 Show response
mc.yandex.com/watch/89641448/ 43 B
86 B 49ms
49ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/89641448/1?page-url=https%3A%2F%2Fsgo.edu-71.ru%2F&charset=utf-8&hittoken=1678843708_98786600e2d08d388e2595ca88249327a97da1bc53fe3d55867ddf456cf063a8&browser-info=pa%3A1%3Aar%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A1%3Als%3A431656204662%3Ahid%3A454470377%3Az%3A0%3Ai%3A20230315012828%3Aet%3A1678843708%3Ac%3A1%3Arn%3A697965227%3Arqn%3A2%3Au%3A1678843708770219517%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1678843706924%3Aadb%3A2%3Ast%3A1678843708&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(2)lt(5100)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sgo.edu-71.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 15-Mar-2023 01:28:28 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://sgo.edu-71.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 15-Mar-2023 01:28:28 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/2009953/ 43 B
74 B 46ms
45ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/2009953/1?page-url=https%3A%2F%2Fsgo.edu-71.ru%2F&charset=utf-8&cnt-class=1&hittoken=1678843708_a6a147c7509cdadffcb1429babf1056fed1ddcb1ab8e6668d24ff96b4cdb26b7&browser-info=pa%3A1%3Aar%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A674%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A1%3Als%3A1260189865259%3Ahid%3A454470377%3Az%3A0%3Ai%3A20230315012828%3Aet%3A1678843708%3Ac%3A1%3Arn%3A44448082%3Arqn%3A1%3Au%3A1678843708770219517%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A108%2C118%2C59%2C0%2C233%2C0%2C%2C315%2C1%2C%2C%2C%2C833%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1678843706924%3Aadb%3A2%3Ast%3A1678843708&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(1)lt(5100)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sgo.edu-71.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 15-Mar-2023 01:28:28 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://sgo.edu-71.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 15-Mar-2023 01:28:28 GMT

GET
H2 200 2009953 Show response
mc.yandex.com/watch/ 43 B
74 B 52ms
51ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/2009953?page-url=https%3A%2F%2Fsgo.edu-71.ru%2F&charset=utf-8&cnt-class=1&hittoken=1678843708_a6a147c7509cdadffcb1429babf1056fed1ddcb1ab8e6668d24ff96b4cdb26b7&browser-info=pv%3A1%3Aar%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A1%3Als%3A1260189865259%3Ahid%3A454470377%3Az%3A0%3Ai%3A20230315012828%3Aet%3A1678843708%3Ac%3A1%3Arn%3A922409494%3Arqn%3A2%3Au%3A1678843708770219517%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1678843706924%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678843708%3At%3Asgo%20edu%2071%20ru%20%7C%20%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%20%D0%B2%20%D0%A2%D1%83%D0%BB%D0%B5%20%D0%B8%20%D0%A2%D1%83%D0%BB%D1%8C%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(2)lt(5100)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sgo.edu-71.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 15-Mar-2023 01:28:28 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://sgo.edu-71.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 15-Mar-2023 01:28:28 GMT

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 108ms
61ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sgo.edu-71.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://sgo.edu-71.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:28 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 53ms
52ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sgo.edu-71.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://sgo.edu-71.ru
access-control-max-age: 1728000
content-encoding: gzip
date: Wed, 15 Mar 2023 01:28:28 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 1NwWsacf0Vi100000000U9nJjBxTCbScsbhBKF_pbK9R-Ny2bjRoWYaCGE094mdLivqj4fkuMeuXbH4edgd_UKCgIBoK5SYh1QbjPGIHdI1P861YcCcOR0LXBsJauO2mLZ9-PuAmzZ9c_UDcE0hcdsLa1efSPGHflSl88CF0y9Tn5b1yBXD8v2pJVo1unIJGeo7Re... Show response
yandex.ru/an/rtbcount/ 43 B
390 B 54ms
53ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1NwWsacf0Vi100000000U9nJjBxTCbScsbhBKF_pbK9R-Ny2bjRoWYaCGE094mdLivqj4fkuMeuXbH4edgd_UKCgIBoK5SYh1QbjPGIHdI1P861YcCcOR0LXBsJauO2mLZ9-PuAmzZ9c_UDcE0hcdsLa1efSPGHflSl88CF0y9Tn5b1yBXD8v2pJVo1unIJGeo7ReF-PWM7xzXjEpxwnClnbOW5PomnoGI-p8f2SoWpIC9SPPCTA8Aa0iebb8pFlegK_LI--j3x93FFfLR3Aks3o9xE34p_4eIn1xnZ07jZ0yXy667UmC1z0ujvaWVZWW_r3bW_FTZoLcdxT_YqBo1yBM3bFihQ-u09BNs1jQ6XWkSbgpJ_TfsAYk-DNLf3k3hO6bWbikxTDVdFoyRMvMZFOhXmENi3sQ777jSUhPYvVmxYI3MRa0JQF4spCZzXuovAShOnzCynDgZBJpL-omIp_2MTDP5-Ze3x_OSrR-rdiRER6fiRcvYlO6JUmC-rWvpd1Blw0VUMrttC-BkizRlI3dMS1n-EI5Hmz0XiulhFku6040EBLg5K0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sgo.edu-71.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1678843708406948-6549724956697980718-vla1-5291-vla-l7-balancer-8080-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: https://sgo.edu-71.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 15 Mar 2023 01:28:28 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 57ms
57ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sgo.edu-71.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://sgo.edu-71.ru
access-control-max-age: 1728000
content-encoding: gzip
date: Wed, 15 Mar 2023 01:28:28 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
393 B 62ms
58ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sgo.edu-71.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://sgo.edu-71.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:28 GMT

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/5277984/ZRXc9r9ISXso7B-6aWQt4Q/ 15 KB
15 KB 81ms
80ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5277984/ZRXc9r9ISXso7B-6aWQt4Q/y300
Requested by: Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 1dbda8791d27b0ecbfd4cb6ea785609df4784df94c8612daa382a1dd8f59776d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sgo.edu-71.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 01:28:28 GMT
last-modified: Thu, 24 Nov 2022 12:55:26 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=SAS"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
content-length: 14848
x-request-id: a5b2a76ab97aa684

GET
H/1.1 200
Ok octobrowser.net
favicon.yandex.net/favicon/ 3 KB
3 KB 160ms
53ms Image
image/png 2a02:6b8::36
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/octobrowser.net?size=32&stub=2

Requested by

Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e440e5b3c59bc9a01b748f14dbe46dc5721b95a0e0bfc2673e511eec15c2615e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sgo.edu-71.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

POST
H2 200 23433.json Show response
rotarb.bid/ 59 B
268 B 32ms
32ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rotarb.bid/23433.json

Requested by

Host: rotarb.bid
URL: https://rotarb.bid/23433.min.js?1df2314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

dfa65d72689b2fc441edef859c7f870a20e90409fc084ef9150316de86402c8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://sgo.edu-71.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 15 Mar 2023 01:28:28 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame DE0E 95 B
400 B 198ms
52ms Image
image/png 2a02:6b8::5:114
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Requested by

Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 01:28:28 GMT
Strict-Transport-Security: max-age=315360000; includeSubDomains
Server: nginx/1.14.2
X-RT-IH: 0.0002
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0002
Content-Length: 95
Expires: Thu, 16 Mar 2023 01:28:28 GMT

GET
H2

200

c19a0e5db2bd216f69cf3e
an.yandex.ru/mapuid/arcspireis/ Frame DE0E
Redirect Chain

https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389
https://an.yandex.ru/mapuid/arcspireis/c19a0e5db2bd216f69cf3e

43 B
82 B

58ms
58ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/arcspireis/c19a0e5db2bd216f69cf3e

Requested by

Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:28 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/arcspireis/c19a0e5db2bd216f69cf3e
date: Wed, 15 Mar 2023 01:28:28 GMT
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2

200

0100007F3C1F1164C20E416B02B39111
an.yandex.ru/mapuid/sapeis/ Frame DE0E
Redirect Chain

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D
https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D&dp=151&tc=1
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F$%257BUSER_ID%257D&dp=14
https://acint.net/rmatch?dp=14&euid=2003420A3C1F1164CB00F47D026C3C9A&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D
https://an.yandex.ru/mapuid/sapeis/0100007F3C1F1164C20E416B02B39111

43 B
80 B

61ms
60ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0100007F3C1F1164C20E416B02B39111

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:28 GMT

Redirect headers

date: Wed, 15 Mar 2023 01:28:28 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://an.yandex.ru/mapuid/sapeis/0100007F3C1F1164C20E416B02B39111
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

f66ec9df-f424-524a-ac96-e054c887ff68
an.yandex.ru/mapuid/betweendigitalis/ Frame DE0E
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1
https://an.yandex.ru/mapuid/betweendigitalis/f66ec9df-f424-524a-ac96-e054c887ff68

43 B
292 B

58ms
57ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/f66ec9df-f424-524a-ac96-e054c887ff68

Requested by

Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:28 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/betweendigitalis/f66ec9df-f424-524a-ac96-e054c887ff68
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame DE0E
Redirect Chain

https://yandex.ru/an/mapuid/adobedmp/
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=3F6628FF9E51A4D7
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=3F6628FF9E51A4D7

42 B
942 B

32ms
31ms

Image
image/gif

54.154.169.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=3F6628FF9E51A4D7

Protocol

HTTP/1.1

Server

54.154.169.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-169-168.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v046-074cac5f7.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: VLQIARhGRSk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v046-09b92f112.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: UeTt/fVwTOE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=3F6628FF9E51A4D7
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

match
match.360yield.com/ul_cb/ Frame DE0E
Redirect Chain

https://yandex.ru/an/mapuid/azerionis/
https://match.360yield.com/match?external_user_id=9563626630CB59D1&publisher_dsp_id=429&publisher_call_type=redirect
https://match.360yield.com/ul_cb/match?external_user_id=9563626630CB59D1&publisher_dsp_id=429&publisher_call_type=redirect

43 B
198 B

30ms
30ms

Image
image/gif

54.76.11.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/ul_cb/match?external_user_id=9563626630CB59D1&publisher_dsp_id=429&publisher_call_type=redirect
Protocol: H2
Server: 54.76.11.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-11-91.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 15 Mar 2023 01:28:28 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://match.360yield.com/ul_cb/match?external_user_id=9563626630CB59D1&publisher_dsp_id=429&publisher_call_type=redirect
date: Wed, 15 Mar 2023 01:28:28 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 /
yandex.ru/an/mapuid/behaviorx/ Frame DE0E 0
0 64ms
56ms Image
text/html 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yandex.ru/an/mapuid/behaviorx/
Requested by: Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2

200

match
ads.betweendigital.com/ Frame DE0E
Redirect Chain

https://yandex.ru/an/mapuid/betweenx/
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=A044278B5ADC12D2

68 B
607 B

13ms
12ms

Image
image/png

188.42.34.65
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=A044278B5ADC12D2
Requested by: Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/
Protocol: H2
Server: 188.42.34.65 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1678843708497107-9415448636978725534-vla1-5291-vla-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=A044278B5ADC12D2
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:28 GMT

GET
H/1.1

204
No Content

pixel
im.bluevoox.com/ Frame DE0E
Redirect Chain

https://yandex.ru/an/mapuid/blueseaxcom/
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=DEB062130289C588

0
241 B

343ms
107ms

Image
text/plain

52.45.175.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=DEB062130289C588
Requested by: Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/
Protocol: HTTP/1.1
Server: 52.45.175.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-175-185.compute-1.amazonaws.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Connection: close
Date: Wed, 15 Mar 2023 01:28:28 GMT
Server: openresty

Redirect headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1678843708497371-1184509552709363447-vla1-5291-vla-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=DEB062130289C588
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:28 GMT

GET
H2 200 /
yandex.ru/an/mapuid/eplanningrtb/ Frame DE0E 0
0 66ms
58ms Image
text/html 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yandex.ru/an/mapuid/eplanningrtb/
Requested by: Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DE0E
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=753F2558F327FBDD&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
232 B

171ms
54ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=753F2558F327FBDD&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Requested by

Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1678843708497899-6106460863904883440-vla1-5291-vla-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=753F2558F327FBDD&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:28 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DE0E
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=753F2558F327FBDD&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
409 B

167ms
47ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=753F2558F327FBDD&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Requested by

Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1678843708498134-18214824308727759440-vla1-5291-vla-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=753F2558F327FBDD&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:28 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DE0E
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandexru
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=753F2558F327FBDD&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
232 B

172ms
55ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=753F2558F327FBDD&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Requested by

Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1678843708498455-8531191663353567692-vla1-5291-vla-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=753F2558F327FBDD&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:28 GMT

GET
H2

200

sync
t.adx.opera.com/ Frame DE0E
Redirect Chain

https://yandex.ru/an/mapuid/operacom/
https://t.adx.opera.com/sync?vendor=60143&uid=AB6E20B40116D7AC

35 B
467 B

166ms
86ms

Image
image/gif

82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60143&uid=AB6E20B40116D7AC
Requested by: Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/
Protocol: H2
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
server: nginx
access-control-allow-methods: POST, GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1678843708498686-17898405797272387184-vla1-5291-vla-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://t.adx.opera.com/sync?vendor=60143&uid=AB6E20B40116D7AC
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:28 GMT

GET
H2 200 /
yandex.ru/an/mapuid/xapadsssp/ Frame DE0E 43 B
157 B 109ms
103ms Image
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yandex.ru/an/mapuid/xapadsssp/

Requested by

Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1678843708546323-15335449718119381951-vla1-5291-vla-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:28 GMT

GET
H2

200

80f2e3a494c50899050ec2045b7a610e34f3c1e696742af160dd07424299c5a1
an.yandex.ru/mapuid/mediascope/ Frame DE0E
Redirect Chain

https://cm.tns-counter.ru/yacm
https://an.yandex.ru/mapuid/mediascope/80f2e3a494c50899050ec2045b7a610e34f3c1e696742af160dd07424299c5a1

43 B
80 B

57ms
57ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mediascope/80f2e3a494c50899050ec2045b7a610e34f3c1e696742af160dd07424299c5a1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:28 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
server: ms-counter-4.0.4/1.22.1
content-type: text/html
location: https://an.yandex.ru/mapuid/mediascope/80f2e3a494c50899050ec2045b7a610e34f3c1e696742af160dd07424299c5a1
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 204 match
dm.hybrid.ai/ Frame DE0E 0
279 B 166ms
48ms Image
text/plain 37.18.16.22
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=182

Requested by

Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: https://yastatic.net
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-mode: 116
x-xss-protection: 1; mode=block
expires: -1

GET
H2 204 yandexdmp-match
dm.hybrid.ai/ Frame DE0E 0
237 B 167ms
48ms Image
text/plain 37.18.16.22
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/yandexdmp-match

Requested by

Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 103
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

mhughY.Nk3VK1Yp7gnMh
an.yandex.ru/mapuid/dmpamberdata/ Frame DE0E
Redirect Chain

https://dmg.digitaltarget.ru/1/119/i/i?i=1678843707
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1678843708648&i=1678843707
https://an.yandex.ru/mapuid/dmpamberdata/mhughY.Nk3VK1Yp7gnMh

43 B
80 B

57ms
57ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpamberdata/mhughY.Nk3VK1Yp7gnMh

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:28 GMT

Redirect headers

Date: Wed, 15 Mar 2023 01:28:28 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 4
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://an.yandex.ru/mapuid/dmpamberdata/mhughY.Nk3VK1Yp7gnMh
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

200

match
match.360yield.com/ Frame DE0E
Redirect Chain

https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID}
https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D
https://an.yandex.ru/mapuid/azerionis/65800883-478e-43b1-b0c1-becd3a0cdbfb
https://match.360yield.com/match?external_user_id=65800883-478e-43b1-b0c1-becd3a0cdbfb&publisher_dsp_id=429&publisher_call_type=redirect

43 B
198 B

30ms
30ms

Image
image/gif

54.76.11.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?external_user_id=65800883-478e-43b1-b0c1-becd3a0cdbfb&publisher_dsp_id=429&publisher_call_type=redirect
Protocol: H2
Server: 54.76.11.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-11-91.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 15 Mar 2023 01:28:28 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://match.360yield.com/match?external_user_id=65800883-478e-43b1-b0c1-becd3a0cdbfb&publisher_dsp_id=429&publisher_call_type=redirect
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:28 GMT

GET
H2

200

88f0789f-7e20-43e2-6b48-0187fc537bd0
an.yandex.ru/mapuid/buzzooladspis/ Frame DE0E
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D
https://an.yandex.ru/mapuid/buzzooladspis/88f0789f-7e20-43e2-6b48-0187fc537bd0

43 B
82 B

58ms
58ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/buzzooladspis/88f0789f-7e20-43e2-6b48-0187fc537bd0

Requested by

Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:28 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/buzzooladspis/88f0789f-7e20-43e2-6b48-0187fc537bd0
date: Wed, 15 Mar 2023 01:28:28 GMT
server: nginx
content-length: 113
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

ZBEfPD_cZhA
an.yandex.ru/mapuid/soltadspis/ Frame DE0E
Redirect Chain

https://kimberlite.io/rtb/sync/yandex
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZBEfPD_cZhA
https://sm.rtb.mts.ru/match/second?ssp=59&exu=ZBEfPD_cZhA
https://tech.rtb.mts.ru/?dsp_uid=771b68ee-982a-4d4c-8979-fc290d87a19e&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%...
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D
https://sm.rtb.mts.ru/em?next=59&em=1&ssp=konnektu&id=
https://kimberlite.io/rtb/sync/mts?u=5c70642e-98b5-48d8-b404-99db741a1c0a
https://an.yandex.ru/mapuid/soltadspis/ZBEfPD_cZhA

43 B
80 B

57ms
57ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/soltadspis/ZBEfPD_cZhA

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 15 Mar 2023 01:28:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:29 GMT

Redirect headers

Date: Wed, 15 Mar 2023 01:28:29 GMT
referrer-policy: no-referrer
Server: nginx
access-control-allow-origin: *
location: https://an.yandex.ru/mapuid/soltadspis/ZBEfPD_cZhA
cache-control: no-store
access-control-allow-credentials: true
Connection: keep-alive
server-timing: app;srv=1;dur=0.0003
Content-Length: 0

GET
H2

200

/
an.yandex.ru/mapuid/targetrtbis/ Frame DE0E
Redirect Chain

https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1
https://an.yandex.ru/mapuid/targetrtbis/

43 B
80 B

58ms
57ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/targetrtbis/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:28 GMT

Redirect headers

Date: Wed, 15 Mar 2023 01:28:28 GMT
Server: nginx/1.22.1
Vary: Origin
Access-Control-Allow-Origin: *
Location: https://an.yandex.ru/mapuid/targetrtbis/
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET pixel
mitdmp.whiteboxdigital.ru/ Frame DE0E 0
0

GET
H2

200

cb0570ca-d424-4bb9-909d-573e2aa43b9d
an.yandex.ru/mapuid/hyperdspis/ Frame DE0E
Redirect Chain

https://nr.bidderstack.com/yandex/cm?r=https://an.yandex.ru/mapuid/hyperdspis/
https://an.yandex.ru/mapuid/hyperdspis/cb0570ca-d424-4bb9-909d-573e2aa43b9d

43 B
80 B

58ms
58ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/hyperdspis/cb0570ca-d424-4bb9-909d-573e2aa43b9d

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:28 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/hyperdspis/cb0570ca-d424-4bb9-909d-573e2aa43b9d
Access-Control-Allow-Origin: *
Date: Wed, 15 Mar 2023 01:28:28 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

/
an.yandex.ru/mapuid/ramblerssp/ Frame DE0E
Redirect Chain

https://profile.ssp.rambler.ru/sync3.302?pid=188
https://an.yandex.ru/mapuid/ramblerssp/

43 B
80 B

56ms
56ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/ramblerssp/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:28 GMT

Redirect headers

date: Wed, 15 Mar 2023 01:28:28 GMT
strict-transport-security: max-age=0
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location: //an.yandex.ru/mapuid/ramblerssp/
content-type: application/x-javascript; charset=Windows-1251
x-passed: 1bal1
content-length: 0

GET
H2

200

u7h5cslAVhbd.AikABlGG4uIF1Q
an.yandex.ru/mapuid/getintentis/ Frame DE0E
Redirect Chain

https://px.adhigh.net/p/cm/yandexssp
https://px.adhigh.net/p/cm/yandexssp?bounced=1
https://an.yandex.ru/mapuid/getintentis/u7h5cslAVhbd.AikABlGG4uIF1Q

43 B
80 B

57ms
57ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/getintentis/u7h5cslAVhbd.AikABlGG4uIF1Q

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:28 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
server: nginx
x-backend-id: f2-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://an.yandex.ru/mapuid/getintentis/u7h5cslAVhbd.AikABlGG4uIF1Q
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

iKfTM4aM94IPDDbO
an.yandex.ru/mapuid/dmpweborama/TwZYh/ Frame DE0E
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID}
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=2093571235
https://an.yandex.ru/mapuid/dmpweborama/TwZYh/iKfTM4aM94IPDDbO

43 B
80 B

58ms
57ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpweborama/TwZYh/iKfTM4aM94IPDDbO

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:28 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
via: 1.1 google
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://an.yandex.ru/mapuid/dmpweborama/TwZYh/iKfTM4aM94IPDDbO
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 y
rtb-eu-warsaw.intent.ai/um/ Frame DE0E 68 B
843 B 70ms
42ms Image
image/png 2606:4700:20::681a:e45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb-eu-warsaw.intent.ai/um/y

Requested by

Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 01:28:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 68
pragma: no-cache
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yG%2FVhRdssnlH5%2Bbi5zNjUTNj0s%2B7HJPyqUWDLn8epx0oeS5zZrTLU%2B82mOOo3cHpVIuDzNm%2BmmTo%2Frl9VTG%2BKMPPM8Csidx6lFJblCuXk1ryIVkXdGIYjyLIdjIFTUmG5BNtVuU7BpfQuXhrLgXTYZlp7Wp"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
cf-ray: 7a80fadb99c49193-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2

200

YhaSgLUv8jrCj3o3t6DE
an.yandex.ru/mapuid/kadamis/ Frame DE0E
Redirect Chain

https://s.uuidksinc.net/match/501
https://an.yandex.ru/mapuid/kadamis/YhaSgLUv8jrCj3o3t6DE

43 B
80 B

58ms
57ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/kadamis/YhaSgLUv8jrCj3o3t6DE

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:28 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/kadamis/YhaSgLUv8jrCj3o3t6DE
date: Wed, 15 Mar 2023 01:28:28 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

5c70642e-98b5-48d8-b404-99db741a1c0a
an.yandex.ru/mapuid/mtsdspis/ Frame DE0E
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=yandex&id=map
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map
https://tech.rtb.mts.ru/?dsp_uid=5c70642e-98b5-48d8-b404-99db741a1c0a&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F5c70642e-98b5-48d8-b404-99db741a1c0a
https://an.yandex.ru/mapuid/mtsdspis/5c70642e-98b5-48d8-b404-99db741a1c0a

43 B
80 B

57ms
57ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mtsdspis/5c70642e-98b5-48d8-b404-99db741a1c0a

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 15 Mar 2023 01:28:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:29 GMT

Redirect headers

Date: Wed, 15 Mar 2023 01:28:29 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/mapuid/mtsdspis/5c70642e-98b5-48d8-b404-99db741a1c0a
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

data_sess_sync.php
sonar.semantiqo.com/fbfli/ Frame DE0E
Redirect Chain

https://sonar.semantiqo.com/dmp/scr.php
https://counter.yadro.ru/id127/reff-id.gif?sid=6b93a844bf1d4e6b87d58b9aeb6ff0be
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=6b93a844bf1d4e6b87d58b9aeb6ff0be

0
355 B

33ms
33ms

Image
text/html

95.217.109.66
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=6b93a844bf1d4e6b87d58b9aeb6ff0be
Protocol: H2
Server: 95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.66.109.217.95.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 01:28:29 GMT
content-encoding: gzip
mode: no-cors
server: nginx/1.20.1
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

Location: https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=6b93a844bf1d4e6b87d58b9aeb6ff0be
Date: Wed, 15 Mar 2023 01:28:29 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 364
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame DE0E 42 B
201 B 369ms
74ms Image
image/gif 81.222.128.216
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109
Requested by: Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad16.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 01:28:29 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame DE0E 42 B
201 B 356ms
78ms Image
image/gif 81.222.128.216
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19
Requested by: Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad16.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 01:28:29 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2 200 pixel.gif
sync.1dmp.io/ Frame DE0E 12 B
155 B 143ms
42ms Image
text/html 87.242.89.90
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au
Requested by: Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 87.242.89.90 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: elb /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 01:28:28 GMT
last-modified: Mon, 30 Jan 2023 18:57:34 GMT
server: elb
accept-ranges: bytes
etag: "63d8131e-c"
content-length: 12
content-type: text/html

GET
H/1.1 200
OK /
sync.bumlam.com/ Frame DE0E 43 B
390 B 40ms
7ms Image
image/gif 31.172.81.172
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=yandex
Requested by: Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.172 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 15 Mar 2023 01:28:28 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 204 yandexortb
sync.dmp.otm-r.com/match/ Frame DE0E 0
69 B 165ms
47ms Image
text/plain 194.55.244.179
PROCLOUD PROCLOUD...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/yandexortb
Requested by: Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.55.244.179 , Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 15 Mar 2023 01:28:29 GMT
server: nginx/1.23.2

GET
H2

200

NjcyMmEwMWYyN2UyNDU2ZQ
an.yandex.ru/mapuid/gonetisnew/ Frame DE0E
Redirect Chain

https://sync.gonet-ads.com/match/yandex?id=[buyerUid]
https://sync.gonet-ads.com/match/yandex?id=%5BbuyerUid%5D&chk=1
https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ

43 B
152 B

57ms
57ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 15 Mar 2023 01:28:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:29 GMT

Redirect headers

date: Wed, 15 Mar 2023 01:28:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
location: https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

200

810ef6a2-24ed-4fd7-a4b4-153ae87df788
an.yandex.ru/mapuid/upravelis/ Frame DE0E
Redirect Chain

https://sync.upravel.com/yandex/sync
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
https://an.yandex.ru/mapuid/upravelis/810ef6a2-24ed-4fd7-a4b4-153ae87df788

43 B
80 B

57ms
57ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/upravelis/810ef6a2-24ed-4fd7-a4b4-153ae87df788

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 15 Mar 2023 01:28:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:29 GMT

Redirect headers

date: Wed, 15 Mar 2023 01:28:29 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://an.yandex.ru/mapuid/upravelis/810ef6a2-24ed-4fd7-a4b4-153ae87df788
access-control-allow-origin: *
content-type: image/png
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

200

gG79KgNIRdN%2FiHi6skP60w
an.yandex.ru/mapuid/dmpaidatame/ Frame DE0E
Redirect Chain

https://x01.aidata.io/0.gif?pid=YANDEX
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1
https://an.yandex.ru/mapuid/dmpaidatame/gG79KgNIRdN%2FiHi6skP60w?sign=2198999622

43 B
80 B

57ms
56ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpaidatame/gG79KgNIRdN%2FiHi6skP60w?sign=2198999622

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 15 Mar 2023 01:28:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:29 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:29 GMT
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://an.yandex.ru/mapuid/dmpaidatame/gG79KgNIRdN%2FiHi6skP60w?sign=2198999622
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Wed, 15 Mar 2023 01:28:28 GMT

GET
H2

200

RHJ9sw17515q
an.yandex.ru/mapuid/dmpsegmento/ Frame DE0E
Redirect Chain

https://yandex-dmp-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/dmpsegmento/RHJ9sw17515q?sign=1808041768

43 B
80 B

59ms
59ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpsegmento/RHJ9sw17515q?sign=1808041768

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 15 Mar 2023 01:28:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:29 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/dmpsegmento/RHJ9sw17515q?sign=1808041768
Date: Wed, 15 Mar 2023 01:28:29 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

GFTMdqcQHupJ
an.yandex.ru/mapuid/rutargetis/ Frame DE0E
Redirect Chain

https://yandex-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/rutargetis/GFTMdqcQHupJ

43 B
80 B

58ms
57ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/rutargetis/GFTMdqcQHupJ

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 15 Mar 2023 01:28:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:29 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/rutargetis/GFTMdqcQHupJ
Date: Wed, 15 Mar 2023 01:28:29 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 55ms
55ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sgo.edu-71.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://sgo.edu-71.ru
access-control-max-age: 1728000
content-encoding: gzip
date: Wed, 15 Mar 2023 01:28:28 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 1N6m5zUs0GW200000000U9nJjBxTCbScsbhBKFypIuM__3y1InjvmHG68F24YOHst5zN5PkuMeuXbH4edgd_UKOsIBmKnAi5gMrb196T83uGC37CP3pB3c4lPBp7366jPCo5okzbdB-Rb-4ec7-M4IHzbH4aTPUHGOQ1uI_ZB2O6XhbC896pJF-1u1MJmBiIjJZzp... Show response
yandex.ru/an/rtbcount/ 43 B
397 B 55ms
54ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1N6m5zUs0GW200000000U9nJjBxTCbScsbhBKFypIuM__3y1InjvmHG68F24YOHst5zN5PkuMeuXbH4edgd_UKOsIBmKnAi5gMrb196T83uGC37CP3pB3c4lPBp7366jPCo5okzbdB-Rb-4ec7-M4IHzbH4aTPUHGOQ1uI_ZB2O6XhbC896pJF-1u1MJmBiIjJZzpmmCtotlEZtxnihmbua5P2qpAv3iPLO4abEPGHhcCZE1h0AI2Y2RM3OoyovQ-bFrualhaymmdru5gxmB9dyoEpZnGnpAelgM0Up05Ind-JUmCEvW-Gy3Z0UGs1TO_hwU_lNAkpdBn6-oG3pqmVuXouTdEvvAJRzk_vO5vAq5h9mdMLjVS86bBx0sD3IqiDnajUQVxbCnqTtnAol8f0ws1fO9RBktJNvpyl6rkLepsAuS3bx0zcXnnxN7gsOkNyEuaWrcvW4sZnDip8_OUCkIdAro7SijJAeoqyrVii5i_mbdJMHVew0-_s7DM_jPx6pcngR6vkORs9bsiFESO1T_mBxoskyv7vVr7ZVwmSwpWECi_mgEU-mREDuoxU1W102qph2Q

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sgo.edu-71.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1678843708584246-10422396783718533757-vla1-5291-vla-l7-balancer-8080-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: https://sgo.edu-71.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 15 Mar 2023 01:28:28 GMT

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 57ms
56ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sgo.edu-71.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 15 Mar 2023 01:28:28 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://sgo.edu-71.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Mar 2023 01:28:28 GMT

POST
H2 200 23433.json Show response
rotarb.bid/ 59 B
268 B 32ms
32ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rotarb.bid/23433.json

Requested by

Host: rotarb.bid
URL: https://rotarb.bid/23433.min.js?1df2314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

bbff14a3fef4531c28f357f0a366577179d2549e31a9007bf242d941f7dff2a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://sgo.edu-71.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 15 Mar 2023 01:28:28 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame DE0E 105 KB
37 KB 59ms
59ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: sgo.edu-71.ru
URL: https://sgo.edu-71.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 01:28:30 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 0e5cc4d139c69f61
timing-allow-origin: *
expires: Fri, 17 Mar 2023 13:24:30 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame DE0E 162 KB
57 KB 90ms
90ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

cf0e934daa92ef101fcdf4f64d318324f197533bc3a8ad60630a947cef5d7073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 01:28:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Mar 2023 10:05:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6406e24d-e3bd"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 58301
expires: Wed, 15 Mar 2023 02:28:30 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame DE0E 403 B
703 B 77ms
77ms Fetch
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fsgo.edu-71.ru%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

13f63af51d5dd97c060bd7b7a67516cd7eca5d4c9c5235890fc0b0e12e995280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 01:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1678843710349176-7683046589365799848-vla1-5291-vla-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame DE0E 43 KB
16 KB 162ms
58ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

eabbdf222a6fdefc15823ad881245c5b3d19f3cd9e76537cf6eac726d47f3005

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 01:28:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15853
x-xss-protection: 0
server: cafe
etag: 14394192626789988969
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 01:28:30 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame DE0E
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Ph8RZOnlH8atzAai3obYAw...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1088146001&crd=&is_vtc=1&random=1140749285
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1088146001&crd=&is_vtc=1&random=1140749285&ipr=y

42 B
108 B

49ms
49ms

Image
image/gif

2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1088146001&crd=&is_vtc=1&random=1140749285&ipr=y

Protocol

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1088146001&crd=&is_vtc=1&random=1140749285&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame DE0E
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Ph8RZKnnH4CJ2fcPlZqXGA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=941164556&crd=&is_vtc=1&random=1071327439
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=941164556&crd=&is_vtc=1&random=1071327439&ipr=y

42 B
108 B

50ms
50ms

Image
image/gif

2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=941164556&crd=&is_vtc=1&random=1071327439&ipr=y

Protocol

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=941164556&crd=&is_vtc=1&random=1071327439&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.com/watch/ Frame DE0E 256 B
352 B 52ms
52ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fsgo.edu-71.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A388239452811%3Ahid%3A1069397303%3Az%3A0%3Ai%3A20230315012830%3Aet%3A1678843710%3Ac%3A1%3Arn%3A293172770%3Arqn%3A1%3Au%3A1678843710769081174%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C73%2C45%2C3%2C0%2C0%2C%2C57%2C1%2C181%2C181%2C0%2C180%3Aco%3A0%3Acpf%3A1%3Ans%3A1678843708277%3Ast%3A1678843710&t=clc(0-0-0)rqnt(1)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e70918475141ca8ca6f1a6fc3e2a8a60c02c9502e801ce471adbe8d78ba2f8bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 15-Mar-2023 01:28:30 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 256
x-xss-protection: 1; mode=block
expires: Wed, 15-Mar-2023 01:28:30 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame DE0E 43 B
101 B 46ms
45ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 01:28:30 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Mar 2023 10:05:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6406e24d-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 15 Mar 2023 02:28:30 GMT

GET
H2 200 1JQNguIc0Vi100000000U9nJjBxTCbScsbhBKF_pbK9R-Ny2bjRoWYaCGE094mdLivqj4fkuMeuXbH4edgd_UKCgIBoK5SYh1QbjPGIHdI1P861YcCcOR0LXBsJauO2mLZ9-PuAmzZ9c_UDcE0hcdsK4QReA9kyoCiWmCFnbd0KKdyi44ZdBz1y8NZ49z6Z8DkX_P... Show response
yandex.ru/an/rtbcount/ 43 B
681 B 54ms
54ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1JQNguIc0Vi100000000U9nJjBxTCbScsbhBKF_pbK9R-Ny2bjRoWYaCGE094mdLivqj4fkuMeuXbH4edgd_UKCgIBoK5SYh1QbjPGIHdI1P861YcCcOR0LXBsJauO2mLZ9-PuAmzZ9c_UDcE0hcdsK4QReA9kyoCiWmCFnbd0KKdyi44ZdBz1y8NZ49z6Z8DkX_Pc3Olls6qxDlh0n_cLX0rZA3ND3Bh0WafpA3DCnb1jcn4aWgW6nYsSZCksZfJzMBBwrFCiDyUXMiyYwO_CdiuCGFSIXBq3i6i0SsiFo70SOTBCm7aBWtMI0--63_aEN3inrFfQPVjt_B0lB70bREawojBxZ0qXTO6neQM6woMlDFzwcOwExubHMakuEjWMK2s-vjaz-SV7njhjOCjYk7WnUmFLhSSUtngfdBrp2kP8CPUO3DumGRyoCsth8aPojZtmnpawhCTFENR33BVy9P4zdNAAZFVrZprduMEvkviQcnkVaATiODx4mxs7bEi8i_O5zvxVUSZyjwZnlzOETPmF6uP0L7Zy06Zk-iEpWO0T_Zg5C0?confirmTime=2107000&confirmRatio=1000000&test-tag=79714593013762&format-type=118&actual-format=13&rnd=6598876598552&banner-sizes=eyI3MjA1NzYwNzUwMTIxNzgwNSI6IjMwMHgzMDAifQ%3D%3D&width=300&height=300

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sgo.edu-71.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Mar 2023 01:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1678843710515319-8618032323130907334-vla1-5291-vla-l7-balancer-8080-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 15 Mar 2023 01:28:30 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: https://sgo.edu-71.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 15 Mar 2023 01:28:30 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame DE0E 3 KB
2 KB 112ms
52ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1678843710581&cv=9&fst=1678843710581&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fsgo.edu-71.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7be7b8c48f0b0821ed9b931dc3d2ded93aa94a9dacdea6cff7f04ab39de83051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame DE0E 3 KB
2 KB 109ms
50ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1678843710584&cv=9&fst=1678843710584&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fsgo.edu-71.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48a5869e2ed2f572e529242be973eb565db7511c03171e3a49d3157047017abd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame DE0E 3 KB
2 KB 110ms
55ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1678843710587&cv=9&fst=1678843710587&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fsgo.edu-71.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9e8d89306c40e7cce9e7fcb19ff9567a58befb96140278f7ad5240e800f41e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1374
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame DE0E 3 KB
2 KB 107ms
53ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1678843710589&cv=9&fst=1678843710589&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fsgo.edu-71.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73f9a9c254a0b13c63cc5f78996f0cb217cbbea9b40e682f835a4b31f1c51c03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1376
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1OHOUfwq0GW200000000U9nJjBxTCbScsbhBKFypIuM__3y1InjvmHG68F24YOHst5zN5PkuMeuXbH4edgd_UKOsIBmKnAi5gMrb196T83uGC37CP3pB3c4lPBp7366jPCo5okzbdB-Rb-4ec7-M4IHu5KpUPMIGOM3uopYBYO5XBXD8v2pJVo1unIJmhaGjJlyp0... Show response
yandex.ru/an/rtbcount/ 43 B
140 B 54ms
54ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1OHOUfwq0GW200000000U9nJjBxTCbScsbhBKFypIuM__3y1InjvmHG68F24YOHst5zN5PkuMeuXbH4edgd_UKOsIBmKnAi5gMrb196T83uGC37CP3pB3c4lPBp7366jPCo5okzbdB-Rb-4ec7-M4IHu5KpUPMIGOM3uopYBYO5XBXD8v2pJVo1unIJmhaGjJlyp0yDtoxjEpxwnClnbOW5PoymA97kP5O7aL6QGXhdCJ22hWAG2o2QMZSoyYvR-LBtuqleaCyodLy4gxuB9dymEJlmGXxAelcK0Et05ord-3IoCErZ-mm3Z0IJs1PQ_hwT_lV9kpZBncomG3tsmVyZouTcEfrBJhzk_PG5vQm4hvqdMrXTSOEaBh0qD3IqiDrcj-QVxL4nqT_pA2ZAfWws1PGBRxcsJtvnyV6skrWosAuU35x0zMjnnxV6gcSlNCAvaWvbvWCtZ11lp8pRUiYHdgrp7SWkJginqyvTiCDj_mbaJsTSegCz_MFFMVXOxcxcngR6v-GPsfXtiF2VOnH-mhxpsUyx7PRt7ZNwmyopWECk_WkCU-mQEjqmxE1W1iSAmc000?confirmTime=2100000&confirmRatio=1000000&test-tag=79714593013762&format-type=118&actual-format=8&rnd=4324319118796&banner-sizes=eyI3MjA1NzYwNzE2MTQwMzQ1NyI6Ijk2MHgzMDAifQ%3D%3D&width=960&height=300

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sgo.edu-71.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Mar 2023 01:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1678843710686542-4802032484087969651-vla1-5291-vla-l7-balancer-8080-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 15 Mar 2023 01:28:30 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: https://sgo.edu-71.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 15 Mar 2023 01:28:30 GMT

GET
H2 200 WOyejI_zOE40BGm0X1GKcpqkyOfh40K0uG4GW8200J4x7n5a000003Z2hVK1Y085kGA2Kzy7HPpsLl02xy6daP0Iy0K1e0R80Sa6Ezk4dHnREogf1o_pi6Kz7_uG-0S1q0Y2W8200Wgg2n2CA1s0B_C00BUts4Bczl0B1k0DWe20WO20W8W4c0wxjfFioUFMdIge3... Show response
yandex.ru/an/count/ 43 B
139 B 58ms
58ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/count/WOyejI_zOE40BGm0X1GKcpqkyOfh40K0uG4GW8200J4x7n5a000003Z2hVK1Y085kGA2Kzy7HPpsLl02xy6daP0Iy0K1e0R80Sa6Ezk4dHnREogf1o_pi6Kz7_uG-0S1q0Y2W8200Wgg2n2CA1s0B_C00BUts4Bczl0B1k0DWe20WO20W8W4c0wxjfFioUFMdIge3w_cquxNvuV_490G_BEkkiojoF-B0VWG0v3wcV1Au1G1y1N1YlRieu-y_6EW5f2TeQ06oHRmFzWMWHUe5mdG627u68BBjlpFcEx4P80PYHc5wB0Pk1d___y1m1cxdjpaXA_aeq7I6H9vOM9pNtDbSdPbSYzoDpatBJBe6Qm2y1c0mWEO6jJ3Kx0RIBWR0u8S3NPYGpepJMWtD7ffPpVf780T_t_u7m6080A880pG8V___m7L8l__V_-18m0000000F0_4W0rus-OKN4yEUax6inAQzkH6w647D8ylFDNOcXHym7fLjfe-gWSfeGMq8ET4vn4DUcjEqTneamI30e0~1=WP8ejI_zOBC0HGm0D1RbYL7Zim7wcFYcwuJWhOe1W079r_dwi8M7edM80SoQZ8YX0P01ce3Cf-I0W802c06QWCodPBW1p9wpcoRO0R32nwu1u06MbQ-P0UW1NA02Zlg50R03vGY81O2R3v05eRPTi0MUu1Uu1PxW5y05X8cz0SW5vuWmq0NFu0Ye1iW1gGSlyx1bFH_-4BW7W0NG2Bg8W872W806u0Y7_KBe2GU02W7u2e2r6EWCamAO3PQcCC2ma881eH6ScPcPcPdPY181a181W1I0W804q1JavBnxw1IC0g0Ma9sXe0R95W3mFz0MlA3UlW6O5vUrj2ou5m705xNM0Q0Pm06u6V___m616l__ysm-sZx9g1u1i1y1o1-OuQDNgI0wGeTmScpSFxWWtjqfa2BNfIoG8jYbB90YmgWia2A3vIoG8eJbB90YYUKirIB__t__WIE98vgG8xgYpuNp_uVk49WZd-_4pfJufiiN2W0qo_FiGKp6QpBWaZfRgAak-L3cx62gb7PyUD-7Ey5W0GS0~1?stat-id=5&test-tag=2331514406754833&banner-sizes=eyI3MjA1NzYwNzUwMTIxNzgwNSI6IjMwMHgzMDAifQ%3D%3D&format-type=118&actual-format=13&pcodever=735377&banner-test-tags=eyI3MjA1NzYwNzUwMTIxNzgwNSI6IjQyOTUwMjQ2ODkifQ%3D%3D&constructor-rendered-assets=eyI3MjA1NzYwNzUwMTIxNzgwNSI6MTI5fQ&width=300&height=300&subDesignId=340&confirmTime=2100000&confirmRatio=1000000&wmode=0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sgo.edu-71.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Mar 2023 01:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1678843710705947-12069728349529646855-vla1-5291-vla-l7-balancer-8080-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 15 Mar 2023 01:28:30 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: https://sgo.edu-71.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 15 Mar 2023 01:28:30 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame DE0E 42 B
108 B 135ms
52ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1678843710584&cv=9&fst=1678842000000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fsgo.edu-71.ru%2F&async=1&fmt=3&is_vtc=1&random=338214152&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame DE0E 42 B
455 B 133ms
49ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1678843710584&cv=9&fst=1678842000000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fsgo.edu-71.ru%2F&async=1&fmt=3&is_vtc=1&random=338214152&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame DE0E 42 B
455 B 130ms
49ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1678843710581&cv=9&fst=1678842000000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fsgo.edu-71.ru%2F&async=1&fmt=3&is_vtc=1&random=3023621716&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame DE0E 42 B
108 B 133ms
52ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1678843710581&cv=9&fst=1678842000000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fsgo.edu-71.ru%2F&async=1&fmt=3&is_vtc=1&random=3023621716&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame DE0E 42 B
108 B 131ms
51ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1678843710589&cv=9&fst=1678842000000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fsgo.edu-71.ru%2F&async=1&fmt=3&is_vtc=1&random=606618076&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame DE0E 42 B
108 B 132ms
52ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1678843710589&cv=9&fst=1678842000000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fsgo.edu-71.ru%2F&async=1&fmt=3&is_vtc=1&random=606618076&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame DE0E 42 B
108 B 114ms
52ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1678843710587&cv=9&fst=1678842000000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fsgo.edu-71.ru%2F&async=1&fmt=3&is_vtc=1&random=741941108&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame DE0E 42 B
108 B 55ms
51ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1678843710587&cv=9&fst=1678842000000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fsgo.edu-71.ru%2F&async=1&fmt=3&is_vtc=1&random=741941108&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame DE0E 439 B
475 B 47ms
47ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fsgo.edu-71.ru%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A1%3Als%3A813338099426%3Ahid%3A1069397303%3Aphid%3A454470377%3Az%3A0%3Ai%3A20230315012830%3Aet%3A1678843711%3Ac%3A1%3Arn%3A216027284%3Arqn%3A1%3Au%3A1678843710769081174%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C73%2C45%2C3%2C0%2C0%2C%2C57%2C1%2C181%2C181%2C0%2C180%3Aco%3A0%3Acpf%3A1%3Ans%3A1678843708277%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678843711%3At%3A&t=gdpr(6)clc(0-0-0)rqnt(1)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

bd990bbad91134dfef62060a86079a130396806564cb14ab329e525dc9185c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 01:28:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 15-Mar-2023 01:28:30 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Wed, 15-Mar-2023 01:28:30 GMT

GET
H2 200 WO8ejI_zODu0nGi0v1Dwhj-8_7A8GmK0tW4GW8200J4y7n5a000003Z2hVK1Y081kGA2Kzy7HPpsLl02nTwbsmsG4l050Q06o0791ZlRX9qSMpiggGSlyvXhJn_-4FZkT2PUB_C00FSvtKBczl0B1k0DWe20WO20W8W4c0wxjfFioUFMdIge3w_cay3twOV_490G_... Show response
yandex.ru/an/count/ 43 B
139 B 58ms
58ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/count/WO8ejI_zODu0nGi0v1Dwhj-8_7A8GmK0tW4GW8200J4y7n5a000003Z2hVK1Y081kGA2Kzy7HPpsLl02nTwbsmsG4l050Q06o0791ZlRX9qSMpiggGSlyvXhJn_-4FZkT2PUB_C00FSvtKBczl0B1k0DWe20WO20W8W4c0wxjfFioUFMdIge3w_cay3twOV_490G_BEkkiojoF-B0VWG0v3wcV1Au1G1y1N1YlRieu-y_6EW5f2TeQ06oHRmFzWMWHUe5mdG627u68BBjlpFcEx4P80PYHc5w0e000000B0Pk1d_0S0PkvxSv8IlvAD1qXaIUM5YSrzpPN9sPN8lSZSvDoqow1d01_0PWC83c1hKmrEm6qYu6mE270rsOaCwRK5tE3HwQMStwHm0y3-07Vz_W202Y20Cq27_0TKY__z__u4Z00000000y3yI080Wa8g0Tl3dOAPf8nIRGvg7T_vA32rgFY3TIXjD7vN3bD02Uh1pQB-k75RuezpMdQEuGKG6eG00~1=WQCejI_zOC40pGm0P1SCxSEtmG68wvlJuP27huy1W074eoo80QkRYhET0P01Wk72u-60W802c062uSBZORW1n9oJy2NO0TppmAm1u06kohsU0UW1s0Ju0Qgcthu1e0AKm_0Oi0EI3eW5XuK5a0NNoGYm1PBp0hW5alC2m0Mionh81Tp-2D05xcQe1iW1gGSlyvXhJn_-4BW7W0NG1mBW1v0Dq0YwYe21me201k08og6u3EW91u0A0UWCamAO3SQEBy2W4A4Hd9cPcPcPsQWJ_UkNzTJkdAONW1I0W8241D0K3UWKZ0AW5f2TeQ06oHRG5hwzthu1c1VQYyejk1S1m1UrrW6W6S01k1d___y1-1cZclehWHh__rFlH4--Qg0Qd833g9cCk-Zg0QWU0R0V0SWVxhcWLgaWoZM2o8xdr3-u8DxTAP0YrwKia2BOfIoG8iAeB90YW-Kia2A4vIoG8edbBDKY__z__u4ZYIEQa2EJc8drYSEHaYAO8xtLow2UalklBGa0JyiJDeoOXTV0cY48JHWEIs8MoNrIQI9IAUrYC5WK0G00~1?stat-id=1&test-tag=79714593069585&banner-sizes=eyI3MjA1NzYwNzE2MTQwMzQ1NyI6Ijk2MHgzMDAifQ%3D%3D&format-type=118&actual-format=8&pcodever=735377&banner-test-tags=eyI3MjA1NzYwNzE2MTQwMzQ1NyI6IjU3MzkzIn0%3D&constructor-rendered-assets=eyI3MjA1NzYwNzE2MTQwMzQ1NyI6MTcwMzd9&width=960&height=300&confirmTime=2100000&confirmRatio=1000000&wmode=0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sgo.edu-71.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Mar 2023 01:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1678843710885273-8606062832197968669-vla1-5291-vla-l7-balancer-8080-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 15 Mar 2023 01:28:30 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: https://sgo.edu-71.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 15 Mar 2023 01:28:30 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mitdmp.whiteboxdigital.ru
URL: https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

56 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 10:22:10	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 10:29:22	Name: pcssspb Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 10:22:10	Name: pcs3 Value: 1
kimberlite.io/rtb/sync	1970-01-20 10:20:43	Name: f Value: https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsoltadspis%2FZBEfPD_cZhA
kimberlite.io/rtb/sync	1970-01-20 10:20:43	Name: n Value: 1
.yandex.ru/	1970-01-20 19:56:43	Name: i Value: LgWVM2piZK5qtGogFSdAY4/psCYGt0xB9ahvkFIdLJunEQ0K2HH2soHP5sTl5nQGPKqG+kicPBimaYZX1k18uEVFXiI=
.yandex.ru/	1970-01-20 19:56:43	Name: yandexuid Value: 3043126151678843707
.edu-71.ru/	1970-01-20 19:06:19	Name: _ym_uid Value: 1678843708770219517
.edu-71.ru/	1970-01-20 19:06:19	Name: _ym_d Value: 1678843708
.mc.yandex.com/	1970-01-20 10:20:44	Name: sync_cookie_csrf Value: 1317204857fake
.edu-71.ru/	1970-01-20 10:21:55	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 10:20:44	Name: sync_cookie_csrf Value: 1427196312fake
.yandex.com/	1970-01-20 19:06:19	Name: yandexuid Value: 3043126151678843707
.yandex.com/	1970-01-20 19:06:19	Name: yuidss Value: 3043126151678843707
.yandex.com/	1970-01-20 19:56:43	Name: i Value: LgWVM2piZK5qtGogFSdAY4/psCYGt0xB9ahvkFIdLJunEQ0K2HH2soHP5sTl5nQGPKqG+kicPBimaYZX1k18uEVFXiI=
.mc.yandex.com/	1970-01-20 10:22:10	Name: sync_cookie_ok Value: synced
.yandex.com/	1970-01-20 19:06:19	Name: ymex Value: 1710379708.yrts.1678843708
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 99292881678843708
.betweendigital.com/	1970-01-20 19:06:19	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 19:06:19	Name: tuuid Value: f66ec9df-f424-524a-ac96-e054c887ff68
.betweendigital.com/	1970-01-20 19:06:19	Name: ss Value: 1
px.arcspire.io/	1970-01-20 11:03:55	Name: arcid Value: c19a0e5db2bd216f69cf3e
.betweendigital.com/	1970-01-20 19:06:19	Name: ut Value: ZBEfPAAIQUjT2tX5cPnEsiKAG3XkhMwb2fetrQ==
.360yield.com/	1970-01-20 12:30:19	Name: tuuid_lu Value: 1678843708
.yandex.ru/	1970-01-20 19:56:43	Name: yuidss Value: 3043126151678843707
.tns-counter.ru/	1970-01-20 19:06:19	Name: guid Value: 93DF6A0064111F3CX1678843708
.360yield.com/	1970-01-20 12:30:19	Name: tuuid Value: 98283038-5f98-4747-8044-ebdfceb4ccf8
.acint.net/	1970-01-20 10:20:44	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-20 19:56:43	Name: aid Value: fwAAAWQRHzxrQQ7CEZGzAv4qvwg5nkhBH6MLs276CKtBqdAH
.dmg.digitaltarget.ru/	1970-01-20 19:56:43	Name: viuserid Value: mhughY.Nk3VK1Yp7gnMh
.demdex.net/	1970-01-20 14:39:55	Name: demdex Value: 12496922030440633820748626467532489758
.acint.net/	1970-01-20 11:03:55	Name: cSyncDp14v3 Value: 1678843708
.adx.opera.com/	1970-01-20 19:06:19	Name: UID Value: OPUcf97ff7def034878909a67b16ff2d651
.dpm.demdex.net/	1970-01-20 14:39:55	Name: dpm Value: 12496922030440633820748626467532489758
.weborama.fr/	1970-01-20 19:46:38	Name: AFFICHE_W Value: TgWDBx2Ij11O66
kimberlite.io/	1970-01-20 12:30:19	Name: u Value: ZBEfPD_cZhA~V0PpvS02rf06sRMRMiIWXvK5w9A
.uuidksinc.net/	1970-01-20 19:06:19	Name: jcsuuid Value: YhaSgLUv8jrCj3o3t6DE
.mts.ru/	1970-01-20 18:53:22	Name: dspid Value: 5c70642e-98b5-48d8-b404-99db741a1c0a
.ssp-rtb.sape.ru/	1970-01-20 19:56:43	Name: sspuid Value: CkIDIGQRHzx99ADLmjxsAoKv3iw6TSBduIGMhcGqr3vTl/Sb
.sonar.semantiqo.com/	1970-01-20 19:56:43	Name: semantiqo_a Value: 6b93a844bf1d4e6b87d58b9aeb6ff0be
.sonar.semantiqo.com/	1970-01-20 19:16:24	Name: check Value: 39b450d130ed408f8b14e547f5b440b1
.adhigh.net/	1970-01-20 19:06:19	Name: gi_u Value: u7h5cslAVhbd.AikABlGG4uIF1Q
.adhigh.net/	1970-01-20 19:06:19	Name: yandexssp_sync Value: LKvo
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.upravel.com/	1970-01-20 10:20:43	Name: session_tptc Value: 1678843709063
.gonet-ads.com/	1970-01-20 19:07:46	Name: pid Value: NjcyMmEwMWYyN2UyNDU2ZQ
.upravel.com/	1970-01-20 19:56:43	Name: user_id Value: 810ef6a2-24ed-4fd7-a4b4-153ae87df788
.mts.ru/	1970-01-20 19:56:43	Name: mts_id Value: a8acf8c7-2a60-4afc-88cd-486bc574f5bd
.mts.ru/	1970-01-20 19:56:43	Name: mts_id_last_sync Value: 1678843709
.aidata.io/	1970-01-20 19:56:43	Name: __upin Value: gG79KgNIRdN/iHi6skP60w
.aidata.io/	1970-01-20 19:56:43	Name: __upints Value: 1678843709
x01.aidata.io/	1970-01-20 10:30:48	Name: yaya Value: 1
.rutarget.ru/	1970-01-20 14:39:55	Name: userId Value: GFTMdqcQHupJ
.yandex.ru/	1970-01-20 19:56:43	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 19:56:43	Name: is_gdpr_b Value: CJ6rGBD8qwEYAQ==
.doubleclick.net/	1970-01-20 10:20:44	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acint.net
ads.betweendigital.com
an.yandex.ru
avatars.mds.yandex.net
cm.g.doubleclick.net
cm.tns-counter.ru
counter.yadro.ru
dm.hybrid.ai
dmg.digitaltarget.ru
dpm.demdex.net
euw-ice.360yield.com
exchange.buzzoola.com
favicon.yandex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
im.bluevoox.com
kimberlite.io
match.360yield.com
match.new-programmatic.com
mc.yandex.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
nr.bidderstack.com
pixel.konnektu.ru
profile.ssp.rambler.ru
px.adhigh.net
px.arcspire.io
redirect.frontend.weborama.fr
rotarb.bid
rtb-eu-warsaw.intent.ai
s.uuidksinc.net
sgo.edu-71.ru
sm.rtb.mts.ru
sonar.semantiqo.com
ssp-rtb.sape.ru
ssp.adriver.ru
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.gonet-ads.com
sync.upravel.com
t.adx.opera.com
tech.rtb.mts.ru
www.google.com
www.google.de
www.googleadservices.com
www.sgo.edu-71.ru
x01.aidata.io
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
mitdmp.whiteboxdigital.ru
130.193.58.13
142.250.185.130
142.250.186.98
148.251.129.43
176.9.79.218
185.15.175.130
188.42.105.236
188.42.34.65
193.176.78.25
193.232.148.141
193.3.184.135
193.3.184.200
194.55.244.179
2001:6d0:4001::226
213.87.44.187
217.65.2.150
217.66.147.42
23.88.12.14
2606:4700:20::681a:e45
2a00:1450:4001:802::2003
2a00:1450:4001:806::2004
2a00:1450:4001:806::200a
2a00:1450:4001:809::2002
2a00:1450:4001:811::2003
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::36
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
31.172.81.172
31.220.27.135
35.177.4.157
35.190.24.218
37.18.16.22
45.9.27.120
46.243.142.239
52.45.175.185
54.154.169.168
54.228.83.115
54.76.11.91
81.222.128.216
82.145.213.8
87.242.89.90
88.212.201.198
89.108.119.43
89.108.127.68
91.192.149.14
95.216.65.102
95.217.109.66
025131d9c15ae8bc85f70a51c95aece581630b3dc3caa26cfeb1f79532c224d4
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
07bbfa4b649fa954ff747b7f6cd43d6e25e480f84a3b3bcc6a30dcddc88931f7
0b23e62748c21c1cd19fc63b8b9480c1a48596d7321be607ef48896558ebe399
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
13f63af51d5dd97c060bd7b7a67516cd7eca5d4c9c5235890fc0b0e12e995280
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1dbda8791d27b0ecbfd4cb6ea785609df4784df94c8612daa382a1dd8f59776d
1e18ccc7a6402a4ecc0c6f14a00ccb77c8896aafc60eea9a2cd40b0ce8b98df3
2371736975be245bd56385816b25ee7daa9a3cd826911c4fe5f2202ca74e9ec4
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
329cf6ccf2e229ffe4f9800ca07ae57c3c007e27b59f2874a6d5840ea2ec4568
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
360a50055d32be58c5b0f78c54c096feeac74c8abc995d8d796494263f0d7ba4
48a5869e2ed2f572e529242be973eb565db7511c03171e3a49d3157047017abd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
606887aa1b14f35a7c5e7a1da72da5f544a0cc800f0a65488f881554b0df143f
63733bfa81187e9ab9bd31d3e0a3ee9ba466d8792c3be2c6f2e333707a586463
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
73f9a9c254a0b13c63cc5f78996f0cb217cbbea9b40e682f835a4b31f1c51c03
7b038f0f8eb43bbaf15a28ae5ac51648052f53db40880af47a9e4fd2900a94e9
7b087b9320f14e57f90a7f502fee791cc2fbf7e0afd90a21cec9094eaaf71026
7be7b8c48f0b0821ed9b931dc3d2ded93aa94a9dacdea6cff7f04ab39de83051
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8378e67c1d60d20ed7233a9df277ed53dbe0a66b32c9a989dbbe29a06dfd201e
83d93c68a07128dbcfa58c659fb1056f5c2ec90c787f60c84587944bbcf4442f
840de63eaa7ca70ec64514072d5cb7673fff32f53b2daee287bc70716366f927
88194f2b41170fdfad04d28ab0e9e1360c2d00442f51d04e8829b29e9215b343
881b63983486e9ad772a60a2996c22f87ef0f191cb1c941f69f52f53ff83dcc2
904d9c049dc1d0f13dc7865e814f09ba70e359489c6d1c7f0c3070127e524862
93ffbbcb23cfd8706529779532fa14aef7b1b127080cb749b915421262fdad87
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
a7ec928e7a2b2cc60363c91ea2fbcfa4ef155a02ad611d5b26dff2d233cede8c
aaab017e71b05285b327295f16d57b7b5a09c127050a45aa84dab30b533fa864
bbff14a3fef4531c28f357f0a366577179d2549e31a9007bf242d941f7dff2a4
bd990bbad91134dfef62060a86079a130396806564cb14ab329e525dc9185c85
c2c33e326f3022a6d197286b76f07e5b9c9969487a7d25941dfcbe7397afe854
c4e574a0ce9a2704dbe2f7273ec39163ca9c2932e2d07a68f564e66db5443053
ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e
cf0e934daa92ef101fcdf4f64d318324f197533bc3a8ad60630a947cef5d7073
d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72
dd216518f8b9c7f13d6791564471c9fab3a5f80ba44e5233d82aaa201956163a
dfa65d72689b2fc441edef859c7f870a20e90409fc084ef9150316de86402c8d
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e440e5b3c59bc9a01b748f14dbe46dc5721b95a0e0bfc2673e511eec15c2615e
e5cb0ff70013115e4205ebf7514eaa998e609aea09b2b060b94086b7b47dd384
e70918475141ca8ca6f1a6fc3e2a8a60c02c9502e801ce471adbe8d78ba2f8bf
eabbdf222a6fdefc15823ad881245c5b3d19f3cd9e76537cf6eac726d47f3005
eacbe704285fa7ae46440fe32312c9692f253c4828cbb3491aa0ece491f66e50
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9e8d89306c40e7cce9e7fcb19ff9567a58befb96140278f7ad5240e800f41e9
fc201eb30b515980337f688c7b6e8336815f94c43b8cf49c677f59b06bf4b9c2
ff7f732a00592fb810db1e70e08cd380d5f9ad3cab53fa5cc526eeb9d8da11d3

sgo.edu-71.ru Open in urlscan Pro 193.176.78.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

119 Requests

71 %HTTPS

27 %IPv6

45 Domains

54 Subdomains

29 IPs

10 Countries

971 kBTransfer

2378 kBSize

56 Cookies

16 Outgoing links

Page URL History

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

sgo.edu-71.ru Open in urlscan Pro
193.176.78.25 Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

71 %
HTTPS

27 %
IPv6

45
Domains

54
Subdomains

29
IPs

10
Countries

971 kB
Transfer

2378 kB
Size

56
Cookies

119 HTTP transactions
0 data transactions