vitz.ru Open in urlscan Pro
89.108.118.65 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://vitz.ru/
Submission Tags: falconsandbox
Submission: On February 24 via api (February 24th 2021, 12:43:47 am UTC) from US

Summary HTTP 117 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 46 IPs in 4 countries across 44 domains to perform 117 HTTP transactions. The main IP is 89.108.118.65, located in Russian Federation and belongs to AS-REG, RU. The main domain is vitz.ru.

This is the only time vitz.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	89.108.118.65 89.108.118.65	197695 (AS-REG) (AS-REG)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	193.232.121.79 193.232.121.79	50214 (QWARTA) (QWARTA)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1 5	217.69.133.145 217.69.133.145	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
4 5	89.208.236.251 89.208.236.251	12695 (DINET-AS) (DINET-AS)
2 4	185.15.175.146 185.15.175.146	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 7	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
5 19	195.201.243.72 195.201.243.72	24940 (HETZNER-AS) (HETZNER-AS)
1	2a02:6ea0:c70... 2a02:6ea0:c700::2	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1 2	168.119.145.118 168.119.145.118	24940 (HETZNER-AS) (HETZNER-AS)
1	95.213.133.116 95.213.133.116	49505 (SELECTEL) (SELECTEL)
2 3	23.111.200.118 23.111.200.118	7979 (SERVERS-COM) (SERVERS-COM)
2 2	193.232.148.159 193.232.148.159	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2 2	195.209.108.38 195.209.108.38	52007 (ADRIVER-AS) (ADRIVER-AS)
2	81.222.128.213 81.222.128.213	20597 (ELTEL-AS) (ELTEL-AS)
2 2	194.190.117.93 194.190.117.93	204600 (REPUBLER-AS) (REPUBLER-AS)
2 3	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	37.18.16.22 37.18.16.22	205675 (HYBRID-AS) (HYBRID-AS)
2	185.15.175.134 185.15.175.134	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	116.202.236.228 116.202.236.228	24940 (HETZNER-AS) (HETZNER-AS)
1 1	109.248.237.37 109.248.237.37	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
1	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	95.163.37.253 95.163.37.253	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
3 3	188.34.131.134 188.34.131.134	24940 (HETZNER-AS) (HETZNER-AS)
2 5	88.99.149.88 88.99.149.88	24940 (HETZNER-AS) (HETZNER-AS)
3 3	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
3 5	89.108.119.28 89.108.119.28	197695 (AS-REG) (AS-REG)
1 1	80.64.106.148 80.64.106.148	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1	37.9.245.57 37.9.245.57	16345 (BEE-AS Ru...) (BEE-AS Russia)
5 7	89.108.97.2 89.108.97.2	197695 (AS-REG) (AS-REG)
6 6	217.66.147.170 217.66.147.170	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
3 3	213.87.44.207 213.87.44.207	13174 (MTSNET Mo...) (MTSNET Moscow)
3	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
2 3	168.119.9.59 168.119.9.59	24940 (HETZNER-AS) (HETZNER-AS)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	217.65.2.150 217.65.2.150	3175 (CITYTELEC...) (CITYTELECOM-MSK)
1	93.95.102.105 93.95.102.105	48347 (MTW-AS) (MTW-AS)
1 1	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
2	2606:4700:10:... 2606:4700:10::6816:557	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
2 2	88.212.233.36 88.212.233.36	7979 (SERVERS-COM) (SERVERS-COM)
1	194.176.118.216 194.176.118.216	49352 (LOGOL-AS) (LOGOL-AS)
1	82.202.224.34 82.202.224.34	49505 (SELECTEL) (SELECTEL)
117	46

15 89.108.118.65 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: u11529.col.agava.net

vitz.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.232.121.79 (Russian Federation)

ASN50214 (QWARTA, RU)

cdn-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 217.69.133.145 (Russian Federation) 1 redirects

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 89.208.236.251 (Reutov, Russian Federation) 4 redirects

ASN12695 (DINET-AS, RU)

hit10.hotlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.15.175.146 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 195.201.243.72 (Germany) 5 redirects

ASN24940 (HETZNER-AS, DE)
PTR: regensburg.aucourant.info

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

p1.dircont3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 168.119.145.118 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1359803.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.213.133.116 (Russian Federation)

ASN49505 (SELECTEL, RU)

ps.ntvk1.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.111.200.118 (Russian Federation) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.159 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.38 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.213 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad13.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.117.93 (Russian Federation) 2 redirects

ASN204600 (REPUBLER-AS, RU)
PTR: carp.bspb1.kavanga.ru

sync.republer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.172 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.160 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.22 (Netherlands)

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.134 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.236.228 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.228.236.202.116.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.37 (Moscow, Russian Federation) 1 redirects

ASN201009 (SUPPORTIT-AS, RU)

stat.adlabs.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.66.35 (Wjelsryp, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

adlmerge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.163.37.253 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: relap.io

relap.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.34.131.134 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.134.131.34.188.clients.your-server.de

adx.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 88.99.149.88 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.16.14 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 89.108.119.28 (Russian Federation) 3 redirects

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.148 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.9.245.57 (Russian Federation)

ASN16345 (BEE-AS Russia, RU)

0100007f29a135601a040f63026ee530-sp.ops.beeline.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 89.108.97.2 (Russian Federation) 5 redirects

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru

ut.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 217.66.147.170 (St Petersburg, Russian Federation) 6 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-170-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.87.44.207 (Moscow, Russian Federation) 3 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-207-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 168.119.9.59 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.59.9.119.168.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.95.102.105 (Podolsk, Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

fcgi4.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.216 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:557 (United States)

ASN13335 (CLOUDFLARENET, US)

s3.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.233.36 (Russian Federation) 2 redirects

ASN7979 (SERVERS-COM, US)

api.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.176.118.216 (Russian Federation)

ASN49352 (LOGOL-AS, RU)

ps5.ntvk1.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.202.224.34 (Russian Federation)

ASN49505 (SELECTEL, RU)

rtb.beroll.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	270 KB
19	acint.net 5 redirects www.acint.net acint.net	15 KB
15	vitz.ru vitz.ru	149 KB
13	doubleclick.net 1 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	31 KB
10	yandex.ru 1 redirects mc.yandex.ru an.yandex.ru	69 KB
9	mts.ru 9 redirects sm.rtb.mts.ru tech.rtb.mts.ru	7 KB
7	rktch.com 5 redirects ut.rktch.com	3 KB
6	digitaltarget.ru 2 redirects dmg.digitaltarget.ru tag.digitaltarget.ru	21 KB
6	mail.ru 1 redirects top-fwz1.mail.ru ad.mail.ru	14 KB
5	aidata.io 3 redirects x01.aidata.io	3 KB
5	1dmp.io 2 redirects sync.1dmp.io	2 KB
5	hotlog.ru 4 redirects hit10.hotlog.ru	2 KB
4	advarkads.com 2 redirects s3.advarkads.com api.advarkads.com	8 KB
4	adriver.ru 2 redirects ad.adriver.ru ssp.adriver.ru	2 KB
3	buzzoola.com 2 redirects exchange.buzzoola.com	726 B
3	weborama.fr 3 redirects redirect.frontend.weborama.fr	789 B
3	com.ru 3 redirects adx.com.ru	2 KB
3	bumlam.com 2 redirects sync.bumlam.com	2 KB
3	betweendigital.com 2 redirects ads.betweendigital.com	1 KB
3	sape.ru 1 redirects cdn-rtb.sape.ru ssp-rtb.sape.ru	21 KB
2	gstatic.com www.gstatic.com	11 KB
2	adsniper.ru 2 redirects sync3.adsniper.ru	1 KB
2	republer.com 2 redirects sync.republer.com	950 B
2	adhigh.net 2 redirects px.adhigh.net	921 B
2	ntvk1.ru ps.ntvk1.ru ps5.ntvk1.ru	5 KB
2	googletagservices.com www.googletagservices.com	61 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	beroll.ru rtb.beroll.ru	86 B
1	yadro.ru 1 redirects counter.yadro.ru	287 B
1	gnezdo.ru fcgi4.gnezdo.ru	172 B
1	new-programmatic.com match.new-programmatic.com	215 B
1	uuidksinc.net 1 redirects s.uuidksinc.net	328 B
1	beeline.ru 0100007f29a135601a040f63026ee530-sp.ops.beeline.ru	627 B
1	rutarget.ru 1 redirects sape-sync.rutarget.ru	416 B
1	relap.io relap.io	1 KB
1	adlmerge.com adlmerge.com	115 B
1	adlabs.ru 1 redirects stat.adlabs.ru	108 B
1	otm-r.com sync.dmp.otm-r.com	70 B
1	hybrid.ai dm.hybrid.ai	238 B
1	dircont3.com p1.dircont3.com	10 KB
1	google.com adservice.google.com	165 B
1	google.de adservice.google.de	165 B
1	googleadservices.com partner.googleadservices.com	637 B
1	googletagmanager.com www.googletagmanager.com	38 KB
117	44

	Domain	Requested by
16	www.acint.net	5 redirects vitz.ru www.acint.net
15	vitz.ru	vitz.ru
14	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	ut.rktch.com	5 redirects vitz.ru
7	mc.yandex.ru	1 redirects vitz.ru mc.yandex.ru
6	sm.rtb.mts.ru	6 redirects
6	pagead2.googlesyndication.com	vitz.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
5	x01.aidata.io	3 redirects www.acint.net
5	sync.1dmp.io	2 redirects www.acint.net s3.advarkads.com vitz.ru
5	hit10.hotlog.ru	4 redirects vitz.ru
5	top-fwz1.mail.ru	1 redirects vitz.ru top-fwz1.mail.ru
4	dmg.digitaltarget.ru	2 redirects www.acint.net
3	exchange.buzzoola.com	2 redirects vitz.ru
3	an.yandex.ru	www.acint.net vitz.ru
3	tech.rtb.mts.ru	3 redirects
3	redirect.frontend.weborama.fr	3 redirects
3	adx.com.ru	3 redirects
3	sync.bumlam.com	2 redirects www.acint.net
3	acint.net	www.acint.net
3	ads.betweendigital.com	2 redirects www.acint.net
2	api.advarkads.com	2 redirects
2	www.gstatic.com	googleads.g.doubleclick.net
2	s3.advarkads.com	www.acint.net s3.advarkads.com
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	sync3.adsniper.ru	2 redirects
2	sync.republer.com	2 redirects
2	ssp.adriver.ru	www.acint.net
2	ad.adriver.ru	2 redirects
2	px.adhigh.net	2 redirects
2	ssp-rtb.sape.ru	1 redirects cdn-rtb.sape.ru
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	rtb.beroll.ru	vitz.ru
1	ps5.ntvk1.ru	vitz.ru
1	counter.yadro.ru	1 redirects
1	fcgi4.gnezdo.ru	www.acint.net
1	match.new-programmatic.com	www.acint.net
1	s.uuidksinc.net	1 redirects
1	0100007f29a135601a040f63026ee530-sp.ops.beeline.ru	www.acint.net
1	sape-sync.rutarget.ru	1 redirects
1	relap.io	www.acint.net
1	adlmerge.com	www.acint.net
1	stat.adlabs.ru	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	sync.dmp.otm-r.com	www.acint.net
1	dm.hybrid.ai	www.acint.net
1	ad.mail.ru	www.acint.net
1	ps.ntvk1.ru	p1.dircont3.com
1	p1.dircont3.com	cdn-rtb.sape.ru
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn-rtb.sape.ru	vitz.ru
1	www.googletagmanager.com	vitz.ru
117	55

This site contains links to these domains. Also see Links.

Domain
www.vitz.ru
click.hotlog.ru
www.toyota-vin.ru

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.hotlog.ru RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-09-24` - `2021-10-25`	a year	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2020-11-13` - `2021-11-17`	a year	crt.sh
*.acint.net R3	`2020-12-17` - `2021-03-17`	3 months	crt.sh
*.sape.ru R3	`2021-02-16` - `2021-05-17`	3 months	crt.sh
*.ntvk1.ru Sectigo RSA Domain Validation Secure Server CA	`2020-05-11` - `2021-08-09`	a year	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-19` - `2021-12-20`	a year	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
*.bumlam.com R3	`2021-01-06` - `2021-04-06`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
tag.digitaltarget.ru R3	`2021-01-28` - `2021-04-28`	3 months	crt.sh
sync.dmp.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-07` - `2021-08-07`	a year	crt.sh
adlmerge.com R3	`2021-01-20` - `2021-04-20`	3 months	crt.sh
relap.io GeoTrust RSA CA 2018	`2020-10-01` - `2021-10-06`	a year	crt.sh
my.aidata.me Sectigo RSA Domain Validation Secure Server CA	`2020-02-25` - `2022-02-25`	2 years	crt.sh
sync.1dmp.io R3	`2021-01-21` - `2021-04-21`	3 months	crt.sh
*.ops.beeline.ru Sectigo RSA Domain Validation Secure Server CA	`2020-06-23` - `2022-06-24`	2 years	crt.sh
an.yandex.by Yandex CA	`2020-10-01` - `2021-04-01`	6 months	crt.sh
new-programmatic.com R3	`2021-02-19` - `2021-05-20`	3 months	crt.sh
fcgi4.gnezdo.ru R3	`2020-12-09` - `2021-03-09`	3 months	crt.sh
advarkads.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
ut.rktch.com R3	`2021-01-05` - `2021-04-05`	3 months	crt.sh
*.buzzoola.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-30` - `2022-09-28`	2 years	crt.sh
*.beroll.ru AlphaSSL CA - SHA256 - G2	`2021-02-11` - `2022-03-15`	a year	crt.sh
dmg.digitaltarget.ru R3	`2021-01-18` - `2021-04-18`	3 months	crt.sh

This page contains 9 frames:

Primary Page: http://vitz.ru/
Frame ID: F623F1840B81B478E03C3E9BC4828A90
Requests: 55 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210222/r20190131/zrt_lookup.html
Frame ID: 3EE583E2B6F1ECC3C99138FEB78D8D30
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=400&slotname=5648948335&adk=3657068662&adf=313611690&pi=t.ma~as.5648948335&w=240&lmt=1614127401&psa=0&format=240x400&url=http%3A%2F%2Fvitz.ru%2F&flash=0&wgl=1&dt=1614127401414&bpp=19&bdt=193&idt=184&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7286330303057&frm=20&pv=2&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=242&ady=768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=GvOBJgfix6&p=http%3A//vitz.ru&dtd=230
Frame ID: 8B7B6ED918DAC14F6270117B26415928
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=414&slotname=6379798375&adk=2390999545&adf=2612056745&pi=t.ma~as.6379798375&w=691&cr_col=4&cr_row=2&fwrn=2&lmt=1614127401&rafmt=9&psa=0&format=691x414&url=http%3A%2F%2Fvitz.ru%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1614127401433&bpp=5&bdt=211&idt=285&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=505&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wquJjckrHY&p=http%3A//vitz.ru&dtd=292
Frame ID: 20462ADCD64AA28DAAC2E09E4CB0FE73
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&adk=1812271804&adf=3025194257&lmt=1614127401&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=http%3A%2F%2Fvitz.ru%2F&ea=0&flash=0&pra=7&wgl=1&dt=1614127401438&bpp=1&bdt=216&idt=341&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C691x414&nras=1&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&dtd=350
Frame ID: 6798C30949C159473E349DC1E3723B44
Requests: 1 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=14
Frame ID: D9198028B3123B097E115ED8FCBDAC12
Requests: 29 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F29A135601A040F63026EE530
Frame ID: F7EBC05EC0C4BA7019EC664D7C7A8BA7
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js
Frame ID: FEE099FAFC70BF3B32FBFCB7321AF41B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 29A50C3843159F9D05A553D71482BEAC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

117
Requests

84 %
HTTPS

33 %
IPv6

44
Domains

55
Subdomains

46
IPs

4
Countries

743 kB
Transfer

1598 kB
Size

42
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.vitz.ru/
Title: Сделать Закладку

Search URL Search Domain Scan URL

URL: http://click.hotlog.ru/?244217

Search URL Search Domain Scan URL

URL: http://www.toyota-vin.ru/
Title: автозапчасти тойота

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

http://hit10.hotlog.ru/cgi-bin/hotlog/count?0.5047564398865454&s=244217&im=134&r=&pg=http%3A//vitz.ru/&c=Y&j=N&wh=1600x1200&px=24&js=1.3& HTTP 302
http://hit10.hotlog.ru/cgi-bin/hotlog/count?0.5047564398865454&s=244217&im=134&r=&pg=http%3A//vitz.ru/&c=Y&j=N&wh=1600x1200&px=24&js=1.3&&hl_ignore=Y HTTP 302
http://hit10.hotlog.ru/cgi-bin/hotlog/count?0.5047564398865454&s=244217&im=134&r=&pg=http%3A//vitz.ru/&c=Y&j=N&wh=1600x1200&px=24&js=1.3&&hl_ignore=Y&hl_ignore=Y HTTP 302
https://dmg.digitaltarget.ru/1/19/i/i?a=19&e=c0cdd0d8b8eb354e49d2b1a6e91caf&i=1882390224&r=https://hit10.hotlog.ru/cgi-bin/hotlog/count?s%3D244217%26im%3D134%26hl_hitback%3DY HTTP 307
https://dmg.digitaltarget.ru/awg/custom/19/i/i?call_source=awg&a=19&e=c0cdd0d8b8eb354e49d2b1a6e91caf&i=1882390224&r=https://hit10.hotlog.ru/cgi-bin/hotlog/count?s%3D244217%26im%3D134%26hl_hitback%3DY HTTP 307
https://hit10.hotlog.ru/cgi-bin/hotlog/count?s=244217&im=134&hl_hitback=Y HTTP 302
https://hit10.hotlog.ru/cgi-bin/hotlog/count?s=244217&im=134&hl_hitback=Y&hl_ignore=Y

Request Chain 24

https://mc.yandex.ru/watch/49409341?wmode=7&page-url=http%3A%2F%2Fvitz.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afp%3A364%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A433%3Acn%3A1%3Adp%3A0%3Als%3A88965741415%3Ahid%3A995100116%3Az%3A60%3Ai%3A20210224014321%3Aet%3A1614127402%3Ac%3A1%3Arn%3A604922426%3Au%3A1614127402742633446%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614127400996%3Anp%3ATGludXggeDg2XzY0%3Awv%3A2%3Ads%3A59%2C20%2C140%2C1%2C0%2C0%2C%2C135%2C0%2C%2C%2C%2C361%3Adsn%3A59%2C21%2C140%2C1%2C0%2C0%2C%2C137%2C0%2C%2C%2C%2C362%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614127402%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9B%D1%8E%D0%B1%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20Toyota%20Vitz(%D0%92%D0%B8%D1%82%D1%86)%2C%20Yaris(%D0%AF%D1%80%D0%B8%D1%81)%2C%20Echo(%D1%8D%D1%85%D0%BE)%2C%20Platz(%D0%9F%D0%BB%D0%B0%D1%82%D1%86)%2C%20Funcargo HTTP 302
https://mc.yandex.ru/watch/49409341/1?wmode=7&page-url=http%3A%2F%2Fvitz.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afp%3A364%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A433%3Acn%3A1%3Adp%3A0%3Als%3A88965741415%3Ahid%3A995100116%3Az%3A60%3Ai%3A20210224014321%3Aet%3A1614127402%3Ac%3A1%3Arn%3A604922426%3Au%3A1614127402742633446%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614127400996%3Anp%3ATGludXggeDg2XzY0%3Awv%3A2%3Ads%3A59%2C20%2C140%2C1%2C0%2C0%2C%2C135%2C0%2C%2C%2C%2C361%3Adsn%3A59%2C21%2C140%2C1%2C0%2C0%2C%2C137%2C0%2C%2C%2C%2C362%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614127402%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9B%D1%8E%D0%B1%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20Toyota%20Vitz%28%D0%92%D0%B8%D1%82%D1%86%29%2C%20Yaris%28%D0%AF%D1%80%D0%B8%D1%81%29%2C%20Echo%28%D1%8D%D1%85%D0%BE%29%2C%20Platz%28%D0%9F%D0%BB%D0%B0%D1%82%D1%86%29%2C%20Funcargo

Request Chain 31

https://top-fwz1.mail.ru/counter?js=13;id=861224;u=http%3A//vitz.ru/;st=1614127401357;title=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9B%D1%8E%D0%B1%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20Toyota%20Vitz(%D0%92%D0%B8%D1%82%D1%86)%2C%20Yaris(%D0%AF%D1%80%D0%B8%D1%81)%2C%20Echo(%D1%8D%D1%85%D0%BE)%2C%20Platz(%D0%9F%D0%BB%D0%B0%D1%82%D1%86)%2C%20Funcargo;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=915b1c5ee89fdc4d;ver=60.3.0;tz=-60%2FEurope%2FBerlin;ni=10//4g/0/0/;lvid=1614127401671%3A1614127401702%3A1%3A599b245c6e36bfaee74cca96b48e6759;opts=dl;_=0.949377177327406 HTTP 302
https://top-fwz1.mail.ru/counter2?js=13;id=861224;u=http%3A//vitz.ru/;st=1614127401357;title=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9B%D1%8E%D0%B1%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20Toyota%20Vitz(%D0%92%D0%B8%D1%82%D1%86)%2C%20Yaris(%D0%AF%D1%80%D0%B8%D1%81)%2C%20Echo(%D1%8D%D1%85%D0%BE)%2C%20Platz(%D0%9F%D0%BB%D0%B0%D1%82%D1%86)%2C%20Funcargo;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=915b1c5ee89fdc4d;ver=60.3.0;tz=-60%2FEurope%2FBerlin;ni=10//4g/0/0/;lvid=1614127401671%3A1614127401702%3A1%3A599b245c6e36bfaee74cca96b48e6759;opts=dl;_=0.949377177327406

Request Chain 32

http://www.acint.net/aci.js HTTP 302
https://www.acint.net/aci.js

Request Chain 41

http://www.acint.net/mc/?dp=14 HTTP 302
https://www.acint.net/mc/?dp=14

Request Chain 42

http://www.acint.net/hit/?v=0.3.0&uid=38afc8a7-baab-4f6b-ab07-74b053ce2ccf&dp=14&tz=%2B01%3A00&nc=70589532&u=http%3A%2F%2Fvitz.ru%2F&r=&rs=1600x1200&t=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9B%D1%8E%D0%B1%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20Toyota%20Vitz(%D0%92%D0%B8%D1%82%D1%86)%2C%20Yaris(%D0%AF%D1%80%D0%B8%D1%81)%2C%20Echo(%D1%8D%D1%85%D0%BE)%2C%20Platz(%D0%9F%D0%BB%D0%B0%D1%82%D1%86)%2C%20Funcargo&oE=1&oP=1&dT=2021-02-24T01%3A43%3A22.022&fu=ca9ef9e6-d172-494c-a1a4-084b0b1bc5d4 HTTP 302
https://www.acint.net/hit/?v=0.3.0&uid=38afc8a7-baab-4f6b-ab07-74b053ce2ccf&dp=14&tz=%2B01%3A00&nc=70589532&u=http%3A%2F%2Fvitz.ru%2F&r=&rs=1600x1200&t=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9B%D1%8E%D0%B1%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20Toyota%20Vitz(%D0%92%D0%B8%D1%82%D1%86)%2C%20Yaris(%D0%AF%D1%80%D0%B8%D1%81)%2C%20Echo(%D1%8D%D1%85%D0%BE)%2C%20Platz(%D0%9F%D0%BB%D0%B0%D1%82%D1%86)%2C%20Funcargo&oE=1&oP=1&dT=2021-02-24T01%3A43%3A22.022&fu=ca9ef9e6-d172-494c-a1a4-084b0b1bc5d4

Request Chain 43

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F29A135601A040F63026EE530 HTTP 302
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F29A135601A040F63026EE530&crf=1

Request Chain 44

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=0100007F29A1356013002789028BAF1C

Request Chain 45

https://px.adhigh.net/p/cm/sape?u=0100007F29A135601A040F63026EE530 HTTP 302
https://px.adhigh.net/p/cm/sape?u=0100007F29A135601A040F63026EE530&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=LC0nsiW7QAq.AikABlF30X0niw

Request Chain 47

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5287733138 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=AE7aqUFkMKnGiMui65ed4Uw&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F29A135601A040F63026EE530

Request Chain 48

https://sync.republer.com/match?dsp=sape HTTP 307
https://sync.republer.com/match?dsp=sape&qset=1 HTTP 307
https://sync.bumlam.com/?src=rp1&uid=711b94ce-a1c5-4cde-9c09-b65871da9b9f HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiqwtaBBlIEioaQK2IkNzExYjk0Y2UtYTFjNS00Y2RlLTljMDktYjY1ODcxZGE5Yjlm HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiqwtaBBlIEioaQK2IkNzExYjk0Y2UtYTFjNS00Y2RlLTljMDktYjY1ODcxZGE5YjlmogEQTD5U_HY5EeuG4AAlkMBkfA** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQABiqwtaBBmIkNzExYjk0Y2UtYTFjNS00Y2RlLTljMDktYjY1ODcxZGE5YjlmogEQTD5U_HY5EeuG4AAlkMBkfA** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQARiqwtaBBmIkNzExYjk0Y2UtYTFjNS00Y2RlLTljMDktYjY1ODcxZGE5YjlmogEQTD5U_HY5EeuG4AAlkMBkfA**

Request Chain 52

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfymhNWAaBA9jAm7lMA HTTP 302
https://www.acint.net/match?dp=77&euid=

Request Chain 53

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F29A135601A040F63026EE530 HTTP 302
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F29A135601A040F63026EE530

Request Chain 56

https://adx.com.ru/sape-sync?uid=0100007F29A135601A040F63026EE530 HTTP 302
https://adx.com.ru/sync?sspKey=25&sspUserID=0100007F29A135601A040F63026EE530 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=6035a12af0e015e9d62b068e&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru%252Fweborama-sync%253Furl%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253DYABBI%252526id%25253D6035a12af0e015e9d62b068e%252526dest%25253D%2526webouid%253D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253DYABBI%2526id%253D6035a12af0e015e9d62b068e%2526dest%253D%26webouid%3D{WEBO_CID} HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253DYABBI%2526id%253D6035a12af0e015e9d62b068e%2526dest%253D%26webouid%3D%7BWEBO_CID%7D&bounce=1&random=960507139 HTTP 302
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3DYABBI%26id%3D6035a12af0e015e9d62b068e%26dest%3D&webouid=ZKRRn4clnesEknWpe6oItu HTTP 302
https://x01.aidata.io/0.gif?pid=YABBI&id=6035a12af0e015e9d62b068e&dest= HTTP 302
https://x01.aidata.io/0.gif?pid=YABBI&id=6035a12af0e015e9d62b068e&dest=&bounce=1

Request Chain 57

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F29A135601A040F63026EE530 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F29A135601A040F63026EE530&cs=1

Request Chain 58

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=A7tA3b2mMJf7

Request Chain 59

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=107&euid=11c55fbb-f9de-5137-9dc6-09fdfdf3a8d7

Request Chain 61

https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F29A135601A040F63026EE530 HTTP 302
https://sm.rtb.mts.ru/p?ssp=natimatica&id=8121e028e33e32c957c5ce823316ec6534dc HTTP 301
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Dc893df05-0aa0-4413-8520-15505112b880&ssp=natimatica&exu=8121e028e33e32c957c5ce823316ec6534dc HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=c893df05-0aa0-4413-8520-15505112b880&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FyJPfBQqgRBOFIBVQURK4gA%3Flocation%3Dhttps%253A%252F%252Fut.rktch.com%252Fmatchsbm%253Fbi%253D29%2526bui%253Dc893df05-0aa0-4413-8520-15505112b880%26sign%3D3077685290 HTTP 302
https://an.yandex.ru/setud/mts_banner/yJPfBQqgRBOFIBVQURK4gA?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Dc893df05-0aa0-4413-8520-15505112b880&sign=3077685290

Request Chain 62

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F29A135601A040F63026EE530 HTTP 301
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D1f35d299-7f6a-42a2-8c6f-2526d925a9bb&ssp=sape&exu=0100007F29A135601A040F63026EE530 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=1f35d299-7f6a-42a2-8c6f-2526d925a9bb&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FHzXSmX9qQqKMbyUm2SWpuw%3Flocation%3Dhttps%253A%252F%252Fwww.acint.net%252Fmatch%253Fdp%253D125%2526euid%253D1f35d299-7f6a-42a2-8c6f-2526d925a9bb%26sign%3D493502020 HTTP 302
https://an.yandex.ru/setud/mts_banner/HzXSmX9qQqKMbyUm2SWpuw?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D1f35d299-7f6a-42a2-8c6f-2526d925a9bb&sign=493502020

Request Chain 63

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=7e98b3f4-b06b-4c96-6f46-29d2578d9ec9

Request Chain 64

https://s.uuidksinc.net/match/396/0100007F29A135601A040F63026EE530 HTTP 302
https://www.acint.net/match?dp=127&euid=wEX9M0zF4ZgR7qZHVxnZ

Request Chain 67

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F29A135601A040F63026EE530 HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F29A135601A040F63026EE530&bounce=1 HTTP 302
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

Request Chain 94

https://api.advarkads.com/api/statistic/match?id=8113-1-1&uid=0100007F29A135601A040F63026EE530 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d77001-a23c-4022-84ea-73495d9b57cc

Request Chain 97

https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID} HTTP 302
https://ut.rktch.com/matchspm?pi=1000006&pui=ZKRRn4clnesEknWpe6oItu

Request Chain 99

https://ut.rktch.com/matchbt?bi=29 HTTP 302
https://sm.rtb.mts.ru/p?ssp=natimatica&id=8121e028e33e32c957c5ce823316ec6534dc HTTP 301
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Dc893df05-0aa0-4413-8520-15505112b880&ssp=natimatica&exu=8121e028e33e32c957c5ce823316ec6534dc HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=c893df05-0aa0-4413-8520-15505112b880&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FyJPfBQqgRBOFIBVQURK4gA%3Flocation%3Dhttps%253A%252F%252Fut.rktch.com%252Fmatchsbm%253Fbi%253D29%2526bui%253Dc893df05-0aa0-4413-8520-15505112b880%26sign%3D3061968367 HTTP 302
https://an.yandex.ru/setud/mts_banner/yJPfBQqgRBOFIBVQURK4gA?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Dc893df05-0aa0-4413-8520-15505112b880&sign=3061968367

Request Chain 100

https://ut.rktch.com/matchbt?bi=27 HTTP 302
https://exchange.buzzoola.com/cookiesync/ssp/natimatica?uid=8121e028e33e32c957c5ce823316ec6534dc HTTP 307
https://exchange.buzzoola.com/cookiesync/ssp/natimatica?set_buzzoola_cookie=t&uid=8121e028e33e32c957c5ce823316ec6534dc

Request Chain 101

https://ut.rktch.com/matchbt?bi=50 HTTP 302
https://api.advarkads.com/api/statistic/match?id=8067-1-1&uid=8121e028e33e32c957c5ce823316ec6534dc HTTP 302
https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d77001-a23c-4022-84ea-73495d9b57cc

Request Chain 102

https://ut.rktch.com/matchbt?bi=39 HTTP 302
https://rtb.beroll.ru/uuid?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D39%26bui%3D

Request Chain 114

http://www.acint.net/ping/?v=0.3.0&uid=38afc8a7-baab-4f6b-ab07-74b053ce2ccf&dp=14&tz=%2B01%3A00&nc=85997758&dT=2021-02-24T01%3A43%3A25.027 HTTP 302
https://www.acint.net/ping/?v=0.3.0&uid=38afc8a7-baab-4f6b-ab07-74b053ce2ccf&dp=14&tz=%2B01%3A00&nc=85997758&dT=2021-02-24T01%3A43%3A25.027

117 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
vitz.ru/ 26 KB
7 KB 221ms
141ms Document
text/html 89.108.118.65
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: http://vitz.ru/
Protocol: HTTP/1.1
Server: 89.108.118.65 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: u11529.col.agava.net
Software: nginx / PHP/5.6.30
Resource Hash: 92fa138960be68230964fd7aa454205d904b8824981f9003d72b1df8bd5e2d78

Request headers

Host: vitz.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Wed, 24 Feb 2021 00:40:54 GMT
Content-Type: text/html; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.30
Content-Encoding: gzip

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-15285766-4

Requested by

Host: vitz.ru
URL: http://vitz.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a71c0af767a3a445114fe13518214ea36e28208fbb087f7c69ee166ce65339e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39252
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Feb 2021 00:43:21 GMT

GET
H/1.1 200
OK style.css
vitz.ru/cars/vitz/ 763 B
525 B 79ms
78ms Stylesheet
text/css 89.108.118.65
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: http://vitz.ru/cars/vitz/style.css
Requested by: Host: vitz.ru
URL: http://vitz.ru/
Protocol: HTTP/1.1
Server: 89.108.118.65 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: u11529.col.agava.net
Software: nginx /
Resource Hash: 30310b99781e15873a072ecad2ec7f8126af463271ed95cc66a31817763b68f3

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:40:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 31 Oct 2014 21:26:31 GMT
Server: nginx
ETag: W/"5453fe87-2fb"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 26 Mar 2021 00:40:54 GMT

GET
H/1.1 200
OK logo_left.jpg
vitz.ru/images/ 5 KB
5 KB 178ms
156ms Image
image/jpeg 89.108.118.65
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vitz.ru/images/logo_left.jpg
Requested by: Host: vitz.ru
URL: http://vitz.ru/
Protocol: HTTP/1.1
Server: 89.108.118.65 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: u11529.col.agava.net
Software: nginx /
Resource Hash: c5abffd0d9386548c9a86ad18cd64155f256861b38aa5e68e1122cf3534d5366

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:40:54 GMT
Last-Modified: Fri, 31 Oct 2014 21:48:10 GMT
Server: nginx
ETag: "5454039a-131c"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4892
Expires: Fri, 26 Mar 2021 00:40:54 GMT

GET
H/1.1 200
OK club.jpg
vitz.ru/cars/vitz/ 406 B
710 B 79ms
79ms Image
image/jpeg 89.108.118.65
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vitz.ru/cars/vitz/club.jpg
Requested by: Host: vitz.ru
URL: http://vitz.ru/
Protocol: HTTP/1.1
Server: 89.108.118.65 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: u11529.col.agava.net
Software: nginx /
Resource Hash: 31f7463e0c17bd62e0e9bcbbc8d747e5a2301d1b554cf3aae911b1222cfc346d

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:40:54 GMT
Last-Modified: Fri, 31 Oct 2014 21:26:31 GMT
Server: nginx
ETag: "5453fe87-196"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 406
Expires: Fri, 26 Mar 2021 00:40:54 GMT

GET
H/1.1 200
OK spacer.gif
vitz.ru/images/ 49 B
350 B 159ms
135ms Image
image/gif 89.108.118.65
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vitz.ru/images/spacer.gif
Requested by: Host: vitz.ru
URL: http://vitz.ru/
Protocol: HTTP/1.1
Server: 89.108.118.65 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: u11529.col.agava.net
Software: nginx /
Resource Hash: d39e40190c3844c57228ae1647354c1d25ae76f641d10706c2e1a36121589f75

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:40:55 GMT
Last-Modified: Fri, 31 Oct 2014 21:48:10 GMT
Server: nginx
ETag: "5454039a-31"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49
Expires: Fri, 26 Mar 2021 00:40:55 GMT

GET
H/1.1 200
OK m_name.jpg
vitz.ru/cars/ 701 B
1005 B 178ms
154ms Image
image/jpeg 89.108.118.65
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vitz.ru/cars/m_name.jpg
Requested by: Host: vitz.ru
URL: http://vitz.ru/
Protocol: HTTP/1.1
Server: 89.108.118.65 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: u11529.col.agava.net
Software: nginx /
Resource Hash: eb0cf071801001a5152f9f7db555831c192734875c9108fe0641067eaef324e2

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:40:55 GMT
Last-Modified: Fri, 31 Oct 2014 21:26:31 GMT
Server: nginx
ETag: "5453fe87-2bd"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 701
Expires: Fri, 26 Mar 2021 00:40:55 GMT

GET
H/1.1 200
OK car.jpg
vitz.ru/cars/vitz/ 100 KB
100 KB 169ms
145ms Image
image/jpeg 89.108.118.65
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vitz.ru/cars/vitz/car.jpg
Requested by: Host: vitz.ru
URL: http://vitz.ru/
Protocol: HTTP/1.1
Server: 89.108.118.65 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: u11529.col.agava.net
Software: nginx /
Resource Hash: 83cfd27089c5b29baa42d17315055f0985e47c1d6158e63fceb834d1968935d6

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:40:55 GMT
Last-Modified: Fri, 31 Oct 2014 21:26:31 GMT
Server: nginx
ETag: "5453fe87-1908e"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102542
Expires: Fri, 26 Mar 2021 00:40:55 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 37ms
24ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: vitz.ru
URL: http://vitz.ru/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eeec769c5ce874a4f0f37d7b3790ad205a78dc635701ecc968b0eb82d429aaf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Wed, 24 Feb 2021 00:43:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 3942574966862058441
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 49781
X-XSS-Protection: 0
Expires: Wed, 24 Feb 2021 00:43:21 GMT

GET
H/1.1 200
OK vitz_msm.gif
vitz.ru/sys_images/ 4 KB
4 KB 178ms
155ms Image
image/gif 89.108.118.65
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vitz.ru/sys_images/vitz_msm.gif
Requested by: Host: vitz.ru
URL: http://vitz.ru/
Protocol: HTTP/1.1
Server: 89.108.118.65 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: u11529.col.agava.net
Software: nginx /
Resource Hash: 5395929f3597b0ae57db4fcc7abaa463563c402cb499c4f182611176b2d7a5a9

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:40:55 GMT
Last-Modified: Fri, 31 Oct 2014 21:48:15 GMT
Server: nginx
ETag: "5454039f-108f"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4239
Expires: Fri, 26 Mar 2021 00:40:55 GMT

GET
H/1.1 200
OK platz_msm.gif
vitz.ru/sys_images/ 6 KB
6 KB 206ms
86ms Image
image/gif 89.108.118.65
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vitz.ru/sys_images/platz_msm.gif
Requested by: Host: vitz.ru
URL: http://vitz.ru/
Protocol: HTTP/1.1
Server: 89.108.118.65 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: u11529.col.agava.net
Software: nginx /
Resource Hash: a7b94a9731eb162c05625cfa9e1160bc8f89eedc06e6be138e0c036bfb080ad0

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:40:55 GMT
Last-Modified: Fri, 31 Oct 2014 21:48:15 GMT
Server: nginx
ETag: "5454039f-16d0"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5840
Expires: Fri, 26 Mar 2021 00:40:55 GMT

GET
H/1.1 200
OK funcargo_msm.gif
vitz.ru/sys_images/ 6 KB
7 KB 179ms
81ms Image
image/gif 89.108.118.65
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vitz.ru/sys_images/funcargo_msm.gif
Requested by: Host: vitz.ru
URL: http://vitz.ru/
Protocol: HTTP/1.1
Server: 89.108.118.65 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: u11529.col.agava.net
Software: nginx /
Resource Hash: 5b04f15f60f83ff0bc7ca92ee5f3dab0025e5670b406f9b06e8377dff9731916

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:40:55 GMT
Last-Modified: Fri, 31 Oct 2014 21:48:14 GMT
Server: nginx
ETag: "5454039e-1975"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6517
Expires: Fri, 26 Mar 2021 00:40:55 GMT

GET
H/1.1 200
OK bb_msm.gif
vitz.ru/sys_images/ 5 KB
6 KB 248ms
89ms Image
image/gif 89.108.118.65
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vitz.ru/sys_images/bb_msm.gif
Requested by: Host: vitz.ru
URL: http://vitz.ru/
Protocol: HTTP/1.1
Server: 89.108.118.65 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: u11529.col.agava.net
Software: nginx /
Resource Hash: 64942bfaaa4ca68773279a0aa1a1f3f9110a34dd0a81dda22bdb62bd8a0af6f2

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:40:55 GMT
Last-Modified: Fri, 31 Oct 2014 21:48:14 GMT
Server: nginx
ETag: "5454039e-15a1"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5537
Expires: Fri, 26 Mar 2021 00:40:55 GMT

GET
H/1.1 200
OK ist_msm.gif
vitz.ru/sys_images/ 5 KB
6 KB 208ms
88ms Image
image/gif 89.108.118.65
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vitz.ru/sys_images/ist_msm.gif
Requested by: Host: vitz.ru
URL: http://vitz.ru/
Protocol: HTTP/1.1
Server: 89.108.118.65 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: u11529.col.agava.net
Software: nginx /
Resource Hash: 7070978bce841cae0b74c2a595fce7452ec1f8cce84c4e054db060492916523b

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:40:55 GMT
Last-Modified: Fri, 31 Oct 2014 21:48:14 GMT
Server: nginx
ETag: "5454039e-1585"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5509
Expires: Fri, 26 Mar 2021 00:40:55 GMT

GET
H/1.1 200
OK will_msm.gif
vitz.ru/sys_images/ 5 KB
5 KB 179ms
81ms Image
image/gif 89.108.118.65
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vitz.ru/sys_images/will_msm.gif
Requested by: Host: vitz.ru
URL: http://vitz.ru/
Protocol: HTTP/1.1
Server: 89.108.118.65 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: u11529.col.agava.net
Software: nginx /
Resource Hash: b5d8e241c751d083c9a394231414f43358cab2e3d5e9d8b0fc8ed25c179d5bb1

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:40:55 GMT
Last-Modified: Fri, 31 Oct 2014 21:48:15 GMT
Server: nginx
ETag: "5454039f-13c4"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5060
Expires: Fri, 26 Mar 2021 00:40:55 GMT

GET
H/1.1 200
OK 18263.js Show response
cdn-rtb.sape.ru/teasers/js/263/2/ 59 KB
20 KB 179ms
152ms Script
application/javascript 193.232.121.79
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL

http://cdn-rtb.sape.ru/teasers/js/263/2/18263.js

Requested by

Host: vitz.ru
URL: http://vitz.ru/

Protocol

HTTP/1.1

Server

193.232.121.79 , Russian Federation, ASN50214 (QWARTA, RU),

Reverse DNS

Software

nginx /

Resource Hash

2107c71363a9380ca9077935ce8027c0eb431bb8b10c6c80f0fce1e543036b40

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:43:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Nov 2020 12:52:33 GMT
Server: nginx
X-Amz-Request-Id: 1666332AA49A02DA
ETag: W/"85bddd98ed8622d701c0f39669d5ce2a"
X-Cache-Status: HIT
Vary: Origin
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Content-Security-Policy: block-all-mixed-content
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Expires: Wed, 24 Feb 2021 01:43:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-15285766-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 2445
date: Wed, 24 Feb 2021 00:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Wed, 24 Feb 2021 02:02:36 GMT

GET
H/1.1 200
OK code.js Show response
top-fwz1.mail.ru/js/ 21 KB
9 KB 165ms
133ms Script
application/javascript 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

http://top-fwz1.mail.ru/js/code.js

Requested by

Host: vitz.ru
URL: http://vitz.ru/

Protocol

HTTP/1.1

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

94cf658d2c7345f5472d9d4514ade118d9f9bed0d50a5fc4a02fb9dcd2c8d8c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:43:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: *
Last-Modified: Wed, 09 Dec 2020 16:09:03 GMT
Server: nginx
ETag: W/"5fd0f69f-5361"
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: max-age=3600, private
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: *
Keep-Alive: timeout=60
Expires: Wed, 24 Feb 2021 01:43:21 GMT

GET
H/1.1 200
OK logo_center.gif
vitz.ru/images/ 64 B
365 B 186ms
89ms Image
image/gif 89.108.118.65
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vitz.ru/images/logo_center.gif
Requested by: Host: vitz.ru
URL: http://vitz.ru/
Protocol: HTTP/1.1
Server: 89.108.118.65 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: u11529.col.agava.net
Software: nginx /
Resource Hash: 42970544dad7a904c4319fb18571a018096c768f6c4b46befef43011116da138

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:40:55 GMT
Last-Modified: Fri, 31 Oct 2014 21:48:10 GMT
Server: nginx
ETag: "5454039a-40"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64
Expires: Fri, 26 Mar 2021 00:40:55 GMT

GET
H/1.1 200
OK button.gif
vitz.ru/images/ 259 B
562 B 127ms
79ms Image
image/gif 89.108.118.65
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vitz.ru/images/button.gif
Requested by: Host: vitz.ru
URL: http://vitz.ru/
Protocol: HTTP/1.1
Server: 89.108.118.65 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: u11529.col.agava.net
Software: nginx /
Resource Hash: d6236bd0d084d8de7f8b80d4636f644379001201ee48734e9bca38495a18992e

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:40:55 GMT
Last-Modified: Fri, 31 Oct 2014 21:48:10 GMT
Server: nginx
ETag: "5454039a-103"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 259
Expires: Fri, 26 Mar 2021 00:40:55 GMT

GET
H2

200

count
hit10.hotlog.ru/cgi-bin/hotlog/
Redirect Chain

http://hit10.hotlog.ru/cgi-bin/hotlog/count?0.5047564398865454&s=244217&im=134&r=&pg=http%3A//vitz.ru/&c=Y&j=N&wh=1600x1200&px=24&js=1.3&
http://hit10.hotlog.ru/cgi-bin/hotlog/count?0.5047564398865454&s=244217&im=134&r=&pg=http%3A//vitz.ru/&c=Y&j=N&wh=1600x1200&px=24&js=1.3&&hl_ignore=Y
http://hit10.hotlog.ru/cgi-bin/hotlog/count?0.5047564398865454&s=244217&im=134&r=&pg=http%3A//vitz.ru/&c=Y&j=N&wh=1600x1200&px=24&js=1.3&&hl_ignore=Y&hl_ignore=Y
https://dmg.digitaltarget.ru/1/19/i/i?a=19&e=c0cdd0d8b8eb354e49d2b1a6e91caf&i=1882390224&r=https://hit10.hotlog.ru/cgi-bin/hotlog/count?s%3D244217%26im%3D134%26hl_hitback%3DY
https://dmg.digitaltarget.ru/awg/custom/19/i/i?call_source=awg&a=19&e=c0cdd0d8b8eb354e49d2b1a6e91caf&i=1882390224&r=https://hit10.hotlog.ru/cgi-bin/hotlog/count?s%3D244217%26im%3D134%26hl_hitback%3DY
https://hit10.hotlog.ru/cgi-bin/hotlog/count?s=244217&im=134&hl_hitback=Y
https://hit10.hotlog.ru/cgi-bin/hotlog/count?s=244217&im=134&hl_hitback=Y&hl_ignore=Y

416 B
451 B

85ms
85ms

Image
image/gif

89.208.236.251
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hit10.hotlog.ru/cgi-bin/hotlog/count?s=244217&im=134&hl_hitback=Y&hl_ignore=Y
Requested by: Host: vitz.ru
URL: http://vitz.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 89.208.236.251 Reutov, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: HotLog/1.2 /
Resource Hash: 7099e8ff07f5f24d1d0798d3e17a433f3cdef18eee32d85ee999aea234462585

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:22 GMT
server: HotLog/1.2
content-length: 416
content-type: image/gif

Redirect headers

location: /cgi-bin/hotlog/count?s=244217&im=134&hl_hitback=Y&hl_ignore=Y
date: Wed, 24 Feb 2021 00:43:22 GMT
server: HotLog/1.2
p3p: policyref="/p3p.xml", CP="NON ADM DEV TAI PSA PSD IVA OUR IND UNI COM NAV INT"
content-length: 0
content-type: text/plain

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 209 KB
66 KB 30ms
29ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: vitz.ru
URL: http://vitz.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ea298c43d616acadef7f98793c8eab993b8d7e02dbcee7413716eb119385a89c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:21 GMT
content-encoding: br
last-modified: Mon, 15 Feb 2021 13:31:56 GMT
etag: "60310dc3-105d4"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 67028
expires: Wed, 24 Feb 2021 01:43:21 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
61 B 14ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=556695190&t=pageview&_s=1&dl=http%3A%2F%2Fvitz.ru%2F&ul=en-us&de=windows-1251&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9B%D1%8E%D0%B1%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20Toyota%20Vitz(%D0%92%D0%B8%D1%82%D1%86)%2C%20Yaris(%D0%AF%D1%80%D0%B8%D1%81)%2C%20Echo(%D1%8D%D1%85%D0%BE)%2C%20Platz(%D0%9F%D0%BB%D0%B0%D1%82%D1%86)%2C%20Funcargo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1322942500&gjid=1249662794&cid=389560097.1614127401&tid=UA-15285766-4&_gid=2101418973.1614127401&_r=1&gtm=2ou2a1&z=1826632308

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 00:43:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://vitz.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210222/r20190131/ 227 KB
85 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210222/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1715677104091765&plah=vitz.ru&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

917881e53bf39dde7006129469be1e83fd77b11f7ad65d519b085fab019fc40f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87209
x-xss-protection: 0
server: cafe
etag: 2800222557707562905
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 24 Feb 2021 00:43:21 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210222/r20190131/ Frame 3EE5 10 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210222/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210222/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://vitz.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://vitz.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 23 Feb 2021 23:08:46 GMT
expires: Tue, 09 Mar 2021 23:08:46 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 5675
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2

200

1 Show response
mc.yandex.ru/watch/49409341/
Redirect Chain

https://mc.yandex.ru/watch/49409341?wmode=7&page-url=http%3A%2F%2Fvitz.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afp%3A364%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-U...
https://mc.yandex.ru/watch/49409341/1?wmode=7&page-url=http%3A%2F%2Fvitz.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afp%3A364%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen...

186 B
268 B

31ms
29ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49409341/1?wmode=7&page-url=http%3A%2F%2Fvitz.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afp%3A364%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A433%3Acn%3A1%3Adp%3A0%3Als%3A88965741415%3Ahid%3A995100116%3Az%3A60%3Ai%3A20210224014321%3Aet%3A1614127402%3Ac%3A1%3Arn%3A604922426%3Au%3A1614127402742633446%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614127400996%3Anp%3ATGludXggeDg2XzY0%3Awv%3A2%3Ads%3A59%2C20%2C140%2C1%2C0%2C0%2C%2C135%2C0%2C%2C%2C%2C361%3Adsn%3A59%2C21%2C140%2C1%2C0%2C0%2C%2C137%2C0%2C%2C%2C%2C362%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614127402%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9B%D1%8E%D0%B1%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20Toyota%20Vitz%28%D0%92%D0%B8%D1%82%D1%86%29%2C%20Yaris%28%D0%AF%D1%80%D0%B8%D1%81%29%2C%20Echo%28%D1%8D%D1%85%D0%BE%29%2C%20Platz%28%D0%9F%D0%BB%D0%B0%D1%82%D1%86%29%2C%20Funcargo

Requested by

Host: vitz.ru
URL: http://vitz.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

a817ebbe86d87fe75647c1401ea45b849c352d98264ff47ddd5244079af7192d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 00:43:21 GMT
x-content-type-options: nosniff
last-modified: Wed, 24-Feb-2021 00:43:21 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://vitz.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 186
x-xss-protection: 1; mode=block
expires: Wed, 24-Feb-2021 00:43:21 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Feb 2021 00:43:21 GMT
last-modified: Wed, 24-Feb-2021 00:43:21 GMT
location: /watch/49409341/1?wmode=7&page-url=http%3A%2F%2Fvitz.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afp%3A364%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A433%3Acn%3A1%3Adp%3A0%3Als%3A88965741415%3Ahid%3A995100116%3Az%3A60%3Ai%3A20210224014321%3Aet%3A1614127402%3Ac%3A1%3Arn%3A604922426%3Au%3A1614127402742633446%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614127400996%3Anp%3ATGludXggeDg2XzY0%3Awv%3A2%3Ads%3A59%2C20%2C140%2C1%2C0%2C0%2C%2C135%2C0%2C%2C%2C%2C361%3Adsn%3A59%2C21%2C140%2C1%2C0%2C0%2C%2C137%2C0%2C%2C%2C%2C362%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614127402%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9B%D1%8E%D0%B1%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20Toyota%20Vitz%28%D0%92%D0%B8%D1%82%D1%86%29%2C%20Yaris%28%D0%AF%D1%80%D0%B8%D1%81%29%2C%20Echo%28%D1%8D%D1%85%D0%BE%29%2C%20Platz%28%D0%9F%D0%BB%D0%B0%D1%82%D1%86%29%2C%20Funcargo
strict-transport-security: max-age=31536000
access-control-allow-origin: http://vitz.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 24-Feb-2021 00:43:21 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 30ms
30ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: vitz.ru
URL: http://vitz.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:21 GMT
last-modified: Mon, 15 Feb 2021 13:31:56 GMT
etag: "60310dc3-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 24 Feb 2021 01:43:21 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 197 B
637 B 181ms
81ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=vitz.ru&callback=_gfp_s_&client=ca-pub-1715677104091765

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210222/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1715677104091765&plah=vitz.ru&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

26c43ed8781595b69b1ad1318da32f1364132f4ae5a8ec838c2373f429e79e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 188
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 22ms
20ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vitz.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Feb 2021 00:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 20ms
19ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vitz.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Feb 2021 00:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8B7B 399 B
330 B 249ms
228ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=400&slotname=5648948335&adk=3657068662&adf=313611690&pi=t.ma~as.5648948335&w=240&lmt=1614127401&psa=0&format=240x400&url=http%3A%2F%2Fvitz.ru%2F&flash=0&wgl=1&dt=1614127401414&bpp=19&bdt=193&idt=184&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7286330303057&frm=20&pv=2&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=242&ady=768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=GvOBJgfix6&p=http%3A//vitz.ru&dtd=230

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a737f4714f9b23cd08e88fc0a9f9db83bf928619c6bef7e76096e9ec7ae05b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=400&slotname=5648948335&adk=3657068662&adf=313611690&pi=t.ma~as.5648948335&w=240&lmt=1614127401&psa=0&format=240x400&url=http%3A%2F%2Fvitz.ru%2F&flash=0&wgl=1&dt=1614127401414&bpp=19&bdt=193&idt=184&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7286330303057&frm=20&pv=2&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=242&ady=768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=GvOBJgfix6&p=http%3A//vitz.ru&dtd=230
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://vitz.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://vitz.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 24 Feb 2021 00:43:21 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 24-Feb-2021 00:58:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 24 Feb 2021 00:43:21 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 26ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f7fd5989c12c6559d04ebec24d035a6781b0732ad49ab642a33b8b26cfe0a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613997197137185"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28345
x-xss-protection: 0
expires: Wed, 24 Feb 2021 00:43:21 GMT

GET
H/1.1

200
OK

counter2
top-fwz1.mail.ru/
Redirect Chain

https://top-fwz1.mail.ru/counter?js=13;id=861224;u=http%3A//vitz.ru/;st=1614127401357;title=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9B%D1%8E%D0%B1%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20Toyota%20Vitz(%D0%92%...
https://top-fwz1.mail.ru/counter2?js=13;id=861224;u=http%3A//vitz.ru/;st=1614127401357;title=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9B%D1%8E%D0%B1%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20Toyota%20Vitz(%D0%92...

43 B
1 KB

83ms
79ms

Other
image/gif

217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter2?js=13;id=861224;u=http%3A//vitz.ru/;st=1614127401357;title=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9B%D1%8E%D0%B1%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20Toyota%20Vitz(%D0%92%D0%B8%D1%82%D1%86)%2C%20Yaris(%D0%AF%D1%80%D0%B8%D1%81)%2C%20Echo(%D1%8D%D1%85%D0%BE)%2C%20Platz(%D0%9F%D0%BB%D0%B0%D1%82%D1%86)%2C%20Funcargo;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=915b1c5ee89fdc4d;ver=60.3.0;tz=-60%2FEurope%2FBerlin;ni=10//4g/0/0/;lvid=1614127401671%3A1614127401702%3A1%3A599b245c6e36bfaee74cca96b48e6759;opts=dl;_=0.949377177327406

Requested by

Host: vitz.ru
URL: http://vitz.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:43:22 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: *
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: *
Keep-Alive: timeout=60

Redirect headers

Date: Wed, 24 Feb 2021 00:43:21 GMT
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: http://vitz.ru
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: http://vitz.ru
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Location: https://top-fwz1.mail.ru/counter2?js=13;id=861224;u=http%3A//vitz.ru/;st=1614127401357;title=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9B%D1%8E%D0%B1%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20Toyota%20Vitz(%D0%92%D0%B8%D1%82%D1%86)%2C%20Yaris(%D0%AF%D1%80%D0%B8%D1%81)%2C%20Echo(%D1%8D%D1%85%D0%BE)%2C%20Platz(%D0%9F%D0%BB%D0%B0%D1%82%D1%86)%2C%20Funcargo;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=915b1c5ee89fdc4d;ver=60.3.0;tz=-60%2FEurope%2FBerlin;ni=10//4g/0/0/;lvid=1614127401671%3A1614127401702%3A1%3A599b245c6e36bfaee74cca96b48e6759;opts=dl;_=0.949377177327406
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: http://vitz.ru
Keep-Alive: timeout=60

GET
H2

200

aci.js Show response
www.acint.net/
Redirect Chain

http://www.acint.net/aci.js
https://www.acint.net/aci.js

21 KB
7 KB

44ms
43ms

Script
application/x-javascript

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: vitz.ru
URL: http://vitz.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: 8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:21 GMT
content-encoding: gzip
last-modified: Sat, 02 Jan 2021 18:29:13 GMT
server: openresty
etag: "5ff0bb79-1baf"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 7087
expires: Wed, 24 Feb 2021 12:43:21 GMT

Redirect headers

Location: https://www.acint.net/aci.js
Date: Wed, 24 Feb 2021 00:43:21 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2046 107 KB
25 KB 439ms
438ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=414&slotname=6379798375&adk=2390999545&adf=2612056745&pi=t.ma~as.6379798375&w=691&cr_col=4&cr_row=2&fwrn=2&lmt=1614127401&rafmt=9&psa=0&format=691x414&url=http%3A%2F%2Fvitz.ru%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1614127401433&bpp=5&bdt=211&idt=285&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=505&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wquJjckrHY&p=http%3A//vitz.ru&dtd=292

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3604ab2d16008c12308608dfe1d8217f487987cb0a84ca98d69092b94e43235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=414&slotname=6379798375&adk=2390999545&adf=2612056745&pi=t.ma~as.6379798375&w=691&cr_col=4&cr_row=2&fwrn=2&lmt=1614127401&rafmt=9&psa=0&format=691x414&url=http%3A%2F%2Fvitz.ru%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1614127401433&bpp=5&bdt=211&idt=285&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=505&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wquJjckrHY&p=http%3A//vitz.ru&dtd=292
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://vitz.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://vitz.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 24 Feb 2021 00:43:22 GMT
server: cafe
content-length: 25457
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 24-Feb-2021 00:58:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 24 Feb 2021 00:43:22 GMT
cache-control: private

GET
H/1.1 200
OK nv.js Show response
p1.dircont3.com/ 52 KB
10 KB 65ms
31ms Script
application/javascript 2a02:6ea0:c700::2
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

http://p1.dircont3.com/nv.js

Requested by

Host: cdn-rtb.sape.ru
URL: http://cdn-rtb.sape.ru/teasers/js/263/2/18263.js

Protocol

HTTP/1.1

Server

2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

9ec05017936d90237bde8b9877d4ee8b426d8c6b50bd7bee47d837a83c22f70b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-77-POP: frankfurtDE
Date: Wed, 24 Feb 2021 00:43:21 GMT
Content-Encoding: gzip
X-77-NZT-Ray: nN8utr6m+4E=
Transfer-Encoding: chunked
X-77-Cache: HIT
X-Cache: HIT
Connection: keep-alive
X-77-NZT: AcO1ry8kW9rvXAkAAA==
Last-Modified: Sat, 20 Feb 2021 07:29:53 GMT
Server: CDN77-Turbo
ETag: W/"6030ba71-ce9d"
Strict-Transport-Security: max-age=604800
Content-Type: application/javascript
X-Age: 2396
Expires: Mon, 08 Mar 2021 00:03:25 GMT

GET
H/1.1 200
OK / Show response
ssp-rtb.sape.ru/data/ 30 B
528 B 183ms
64ms Script
application/javascript 168.119.145.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/data/?callback=sapeRTB_6035a129c_46528075&srtbid=95403&scids=93390459&sx=1600&sy=1200&ref=&allimps=0&fl=0&v=2&tz=%2B01%3A00&u=http%3A%2F%2Fvitz.ru%2F
Requested by: Host: cdn-rtb.sape.ru
URL: http://cdn-rtb.sape.ru/teasers/js/263/2/18263.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.145.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1359803.sapientru.net
Software: openresty /
Resource Hash: 088fbe3e84e45d5249b48da4861d41b07eb53a9462baf7e3a81f0ee8f37946d9

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:43:21 GMT
Server: openresty
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 30
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
341 B 137ms
43ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A18263%2C%22sc%22%3A0%2C%22pl%22%3A0%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A481%7D&sid=6035a129-b581-08lz-4nc1-gj6ciamjv7dp&ref=http%3A%2F%2Fvitz.ru%2F&r=1614127402
Requested by: Host: vitz.ru
URL: http://vitz.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:21 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
340 B 136ms
44ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=16&id=95403.446640.93390459&sid=6035a129-b581-08lz-4nc1-gj6ciamjv7dp&r=ifmqr0z6ofhb
Requested by: Host: vitz.ru
URL: http://vitz.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:21 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6798 0
549 B 19ms
19ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&adk=1812271804&adf=3025194257&lmt=1614127401&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=http%3A%2F%2Fvitz.ru%2F&ea=0&flash=0&pra=7&wgl=1&dt=1614127401438&bpp=1&bdt=216&idt=341&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C691x414&nras=1&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&dtd=350

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&adk=1812271804&adf=3025194257&lmt=1614127401&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=http%3A%2F%2Fvitz.ru%2F&ea=0&flash=0&pra=7&wgl=1&dt=1614127401438&bpp=1&bdt=216&idt=341&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400%2C691x414&nras=1&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&dtd=350
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://vitz.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://vitz.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 24 Feb 2021 00:43:21 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 24-Feb-2021 00:58:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 24 Feb 2021 00:43:21 GMT
cache-control: private

POST
H/1.1 200
OK / Show response
ps.ntvk1.ru/nv/ 4 KB
4 KB 296ms
101ms XHR
text/plain 95.213.133.116
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://ps.ntvk1.ru/nv/?top_href=http%3A%2F%2Fvitz.ru%2F

Requested by

Host: p1.dircont3.com
URL: http://p1.dircont3.com/nv.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.213.133.116 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx/1.15.7 /

Resource Hash

3ba3442366862256cffcae8fae16fc9c4fdead2b71592b377bf6e83b3a459ad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 24 Feb 2021 00:43:22 GMT
Access-Control-Request-Method: POST
Server: nginx/1.15.7
Accept-Language: en-US,en;q=0.8
Strict-Transport-Security: max-age=604800
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: http://vitz.ru
Accept: */*
Connection: keep-alive
Access-Control-Allow-Credentials: true
X-Nativka-Host: ps3.ntvk1.ru
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Key, Cookie, Referer, User-Agent, Host, Connection
Content-Length: 3772
Access-Control-Request-Headers: origin, content-type

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 48ms
48ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=16&id=95403.446640.93390459&sid=6035a129-b581-08lz-4nc1-gj6ciamjv7dp&r=zgafslh2of50
Requested by: Host: vitz.ru
URL: http://vitz.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

/ Show response
www.acint.net/mc/ Frame D919
Redirect Chain

http://www.acint.net/mc/?dp=14
https://www.acint.net/mc/?dp=14

3 KB
4 KB

46ms
44ms

Document
text/html

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=14
Requested by: Host: www.acint.net
URL: http://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: 482f8b8c439e4d7138461db1825c1144e631c347c2a312d1a6b5b222ef615c86

Request headers

:method: GET
:authority: www.acint.net
:scheme: https
:path: /mc/?dp=14
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://vitz.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: aid=fwAAAWA1oSljDwQaMOVuAp6qtQqv65Y6QtfYDn2foWhmkjCO
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://vitz.ru/

Response headers

server: openresty
date: Wed, 24 Feb 2021 00:43:22 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1614127402; expires=Fri, 26-Mar-21 00:43:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp14v3=1614127402; expires=Fri, 26-Mar-21 00:43:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp17=1614127402; expires=Fri, 26-Mar-21 00:43:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp32=1614127402; expires=Fri, 26-Mar-21 00:43:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp45v3=1614127402; expires=Thu, 25-Feb-21 00:43:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp54v2=1614127402; expires=Fri, 26-Mar-21 00:43:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp62=1614127402; expires=Fri, 26-Mar-21 00:43:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp67v2=1614127402; expires=Fri, 26-Mar-21 00:43:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp68=1614127402; expires=Fri, 26-Mar-21 00:43:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp77=1614127402; expires=Wed, 10-Mar-21 00:43:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp84=1614127402; expires=Fri, 26-Mar-21 00:43:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp85=1614127402; expires=Fri, 26-Mar-21 00:43:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp88=1614127402; expires=Fri, 26-Mar-21 00:43:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp95v2=1614127402; expires=Fri, 26-Mar-21 00:43:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp101=1614127402; expires=Fri, 26-Mar-21 00:43:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp104v2=1614127402; expires=Wed, 10-Mar-21 00:43:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp107=1614127402; expires=Fri, 26-Mar-21 00:43:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp111v2=1614127402; expires=Wed, 10-Mar-21 00:43:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp112v2=1614127402; expires=Fri, 26-Mar-21 00:43:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp125=1614127402; expires=Fri, 26-Mar-21 00:43:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp126=1614127402; expires=Fri, 26-Mar-21 00:43:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp127=1614127402; expires=Fri, 26-Mar-21 00:43:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp136=1614127402; expires=Fri, 26-Mar-21 00:43:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp138=1614127402; expires=Fri, 26-Mar-21 00:43:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp144=1614127402; expires=Fri, 26-Mar-21 00:43:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp146=1614127402; expires=Fri, 26-Mar-21 00:43:22 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip

Redirect headers

Server: openresty
Date: Wed, 24 Feb 2021 00:43:22 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/mc/?dp=14

GET
H2

200

/
www.acint.net/hit/
Redirect Chain

http://www.acint.net/hit/?v=0.3.0&uid=38afc8a7-baab-4f6b-ab07-74b053ce2ccf&dp=14&tz=%2B01%3A00&nc=70589532&u=http%3A%2F%2Fvitz.ru%2F&r=&rs=1600x1200&t=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9B%D1%8E%D0%B1%...
https://www.acint.net/hit/?v=0.3.0&uid=38afc8a7-baab-4f6b-ab07-74b053ce2ccf&dp=14&tz=%2B01%3A00&nc=70589532&u=http%3A%2F%2Fvitz.ru%2F&r=&rs=1600x1200&t=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9B%D1%8E%D0%B1...

43 B
224 B

44ms
43ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.3.0&uid=38afc8a7-baab-4f6b-ab07-74b053ce2ccf&dp=14&tz=%2B01%3A00&nc=70589532&u=http%3A%2F%2Fvitz.ru%2F&r=&rs=1600x1200&t=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9B%D1%8E%D0%B1%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20Toyota%20Vitz(%D0%92%D0%B8%D1%82%D1%86)%2C%20Yaris(%D0%AF%D1%80%D0%B8%D1%81)%2C%20Echo(%D1%8D%D1%85%D0%BE)%2C%20Platz(%D0%9F%D0%BB%D0%B0%D1%82%D1%86)%2C%20Funcargo&oE=1&oP=1&dT=2021-02-24T01%3A43%3A22.022&fu=ca9ef9e6-d172-494c-a1a4-084b0b1bc5d4
Requested by: Host: vitz.ru
URL: http://vitz.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/hit/?v=0.3.0&uid=38afc8a7-baab-4f6b-ab07-74b053ce2ccf&dp=14&tz=%2B01%3A00&nc=70589532&u=http%3A%2F%2Fvitz.ru%2F&r=&rs=1600x1200&t=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9B%D1%8E%D0%B1%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20Toyota%20Vitz(%D0%92%D0%B8%D1%82%D1%86)%2C%20Yaris(%D0%AF%D1%80%D0%B8%D1%81)%2C%20Echo(%D1%8D%D1%85%D0%BE)%2C%20Platz(%D0%9F%D0%BB%D0%B0%D1%82%D1%86)%2C%20Funcargo&oE=1&oP=1&dT=2021-02-24T01%3A43%3A22.022&fu=ca9ef9e6-d172-494c-a1a4-084b0b1bc5d4
Date: Wed, 24 Feb 2021 00:43:22 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H2

200

match
ads.betweendigital.com/ Frame D919
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F29A135601A040F63026EE530
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F29A135601A040F63026EE530&crf=1

68 B
150 B

89ms
89ms

Image
image/png

23.111.200.118
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F29A135601A040F63026EE530&crf=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.200.118 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=73&external_user_id=0100007F29A135601A040F63026EE530&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame D919
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=0100007F29A1356013002789028BAF1C

43 B
269 B

61ms
35ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=0100007F29A1356013002789028BAF1C
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:22 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Wed, 24 Feb 2021 00:43:22 GMT
Server: openresty
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Location: https://acint.net/match?dp=14&euid=0100007F29A1356013002789028BAF1C
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: text/html
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame D919
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=0100007F29A135601A040F63026EE530
https://px.adhigh.net/p/cm/sape?u=0100007F29A135601A040F63026EE530&bounced=1
https://acint.net/match?dp=17&euid=LC0nsiW7QAq.AikABlF30X0niw

43 B
269 B

42ms
42ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=LC0nsiW7QAq.AikABlF30X0niw
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:22 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Feb 2021 00:42:56 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f20-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://acint.net/match?dp=17&euid=LC0nsiW7QAq.AikABlF30X0niw
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame D919 43 B
323 B 165ms
50ms Image
image/gif 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=0100007F29A135601A040F63026EE530
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:43:22 GMT
Last-Modified: Wed, 24 Feb 2021 00:43:22 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=21600
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Wed, 24 Feb 2021 06:43:22 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame D919
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5287733138
https://www.acint.net/rmatch?dp=45&euid=AE7aqUFkMKnGiMui65ed4Uw&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F29A135601A040F63026EE530

42 B
201 B

124ms
84ms

Image
image/gif

81.222.128.213
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F29A135601A040F63026EE530
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.213 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad13.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:43:22 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Wed, 24 Feb 2021 00:43:22 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F29A135601A040F63026EE530
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame D919
Redirect Chain

https://sync.republer.com/match?dsp=sape
https://sync.republer.com/match?dsp=sape&qset=1
https://sync.bumlam.com/?src=rp1&uid=711b94ce-a1c5-4cde-9c09-b65871da9b9f
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiqwtaBBlIEioaQK2IkNzExYjk0Y2UtYTFjNS00Y2RlLTljMDktYjY1ODcxZGE5Yjlm
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiqwtaBBlIEioaQK2IkNzExYjk0Y2UtYTFjNS00Y2RlLTljMDktYjY1ODcxZGE5YjlmogEQTD5U_HY5EeuG4AAlkMBkfA**
https://sync.bumlam.com/?src=rp1&s_data=CAIQABiqwtaBBmIkNzExYjk0Y2UtYTFjNS00Y2RlLTljMDktYjY1ODcxZGE5YjlmogEQTD5U_HY5EeuG4AAlkMBkfA**
https://sync.bumlam.com/?src=rp1&s_data=CAIQARiqwtaBBmIkNzExYjk0Y2UtYTFjNS00Y2RlLTljMDktYjY1ODcxZGE5YjlmogEQTD5U_HY5EeuG4AAlkMBkfA**

43 B
552 B

59ms
58ms

Image
image/gif

31.172.81.172
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=rp1&s_data=CAIQARiqwtaBBmIkNzExYjk0Y2UtYTFjNS00Y2RlLTljMDktYjY1ODcxZGE5YjlmogEQTD5U_HY5EeuG4AAlkMBkfA**
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.172 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:43:23 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Wed, 24 Feb 2021 00:43:23 GMT
Server: nginx
ETag: 4c3e54fc-7639-11eb-86e0-002590c0647c
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=rp1&s_data=CAIQARiqwtaBBmIkNzExYjk0Y2UtYTFjNS00Y2RlLTljMDktYjY1ODcxZGE5YjlmogEQTD5U_HY5EeuG4AAlkMBkfA**
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2 204 match
dm.hybrid.ai/ Frame D919 0
238 B 258ms
80ms Image
text/plain 37.18.16.22
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=106&vid=0100007F29A135601A040F63026EE530

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.22 , Netherlands, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 00:43:22 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 109
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame D919 3 KB
3 KB 276ms
86ms Script
application/javascript 185.15.175.134
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.134 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7c078e5032ba5da0fdf4e333ac30ad283aaa9de5d935e716c6fd7e1b5d4e9d2e

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:43:22 GMT
Last-Modified: Thu, 28 Jan 2021 10:50:38 GMT
Server: nginx
ETag: "601296fe-c11"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3089

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame D919 0
70 B 162ms
46ms Image
text/plain 116.202.236.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=0100007F29A135601A040F63026EE530
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.202.236.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.228.236.202.116.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 24 Feb 2021 00:43:22 GMT
server: nginx/1.17.10

GET
H2

200

match
www.acint.net/ Frame D919
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfymhNWAaBA9jAm7lMA
https://www.acint.net/match?dp=77&euid=

43 B
269 B

43ms
42ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=77&euid=
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:22 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Feb 2021 00:43:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.acint.net/match?dp=77&euid=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
adlmerge.com/merge_gpsid/ Frame D919
Redirect Chain

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F29A135601A040F63026EE530
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F29A135601A040F63026EE530

43 B
115 B

164ms
53ms

Image
image/gif

95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F29A135601A040F63026EE530
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 Wjelsryp, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

iseu: eu
server: nginx/1.16.0
date: Wed, 24 Feb 2021 00:43:22 GMT
content-type: image/gif

Redirect headers

location: //adlmerge.com/merge_gpsid/?sid=50&id=0100007F29A135601A040F63026EE530
date: Wed, 24 Feb 2021 00:43:22 GMT
server: nginx
content-length: 0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame D919 42 B
201 B 351ms
87ms Image
image/gif 81.222.128.213
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F29A135601A040F63026EE530
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.213 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad13.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:43:22 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK sprcs
relap.io/partners/ Frame D919 43 B
1 KB 262ms
89ms Image
image/gif 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/partners/sprcs?uid=0100007F29A135601A040F63026EE530

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Feb 2021 00:43:22 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=5184000; includeSubdomains;
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H/1.1

204
No Content

0.gif
x01.aidata.io/ Frame D919
Redirect Chain

https://adx.com.ru/sape-sync?uid=0100007F29A135601A040F63026EE530
https://adx.com.ru/sync?sspKey=25&sspUserID=0100007F29A135601A040F63026EE530
https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=6035a12af0e015e9d62b068e&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru...
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253DYABBI%2526id%253D6035a12af0e015e9d62b068e%2526d...
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253DYABBI%2526id%253D6035a12af0e015e9d62b068e%2526d...
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3DYABBI%26id%3D6035a12af0e015e9d62b068e%26dest%3D&webouid=ZKRRn4clnesEknWpe6oItu
https://x01.aidata.io/0.gif?pid=YABBI&id=6035a12af0e015e9d62b068e&dest=
https://x01.aidata.io/0.gif?pid=YABBI&id=6035a12af0e015e9d62b068e&dest=&bounce=1

0
584 B

153ms
82ms

Image
text/plain

89.108.119.28
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=YABBI&id=6035a12af0e015e9d62b068e&dest=&bounce=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51802.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Feb 2021 00:43:23 GMT
Last-Modified: Wed, 24 Feb 2021 00:43:22 GMT
Server: nginx
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Wed, 24 Feb 2021 00:43:22 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 24 Feb 2021 00:43:23 GMT
Last-Modified: Wed, 24 Feb 2021 00:43:22 GMT
Server: nginx
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Location: https://x01.aidata.io/0.gif?pid=YABBI&id=6035a12af0e015e9d62b068e&dest=&bounce=1
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 0
Expires: Wed, 24 Feb 2021 00:43:22 GMT

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame D919
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F29A135601A040F63026EE530
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F29A135601A040F63026EE530&cs=1

35 B
376 B

51ms
51ms

Image
image/gif

88.99.149.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F29A135601A040F63026EE530&cs=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.99.149.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:22 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F29A135601A040F63026EE530&cs=1
date: Wed, 24 Feb 2021 00:43:22 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2

200

match
www.acint.net/ Frame D919
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=A7tA3b2mMJf7

43 B
269 B

42ms
42ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=A7tA3b2mMJf7
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:22 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=A7tA3b2mMJf7
Date: Wed, 24 Feb 2021 00:43:22 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame D919
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=107&euid=11c55fbb-f9de-5137-9dc6-09fdfdf3a8d7

43 B
269 B

43ms
42ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=11c55fbb-f9de-5137-9dc6-09fdfdf3a8d7
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:22 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=11c55fbb-f9de-5137-9dc6-09fdfdf3a8d7
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 p
0100007f29a135601a040f63026ee530-sp.ops.beeline.ru/ Frame D919 35 B
627 B 333ms
81ms Image
image/gif 37.9.245.57
BEE-AS Russia

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0100007f29a135601a040f63026ee530-sp.ops.beeline.ru/p?ssp=sp&id=0100007F29A135601A040F63026EE530
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.9.245.57 , Russian Federation, ASN16345 (BEE-AS Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:22 GMT
x-route: http://upstream_cookiesync
server: nginx
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true, true
x-host: 192.168.152.38
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

404

yJPfBQqgRBOFIBVQURK4gA
an.yandex.ru/setud/mts_banner/ Frame D919
Redirect Chain

https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F29A135601A040F63026EE530
https://sm.rtb.mts.ru/p?ssp=natimatica&id=8121e028e33e32c957c5ce823316ec6534dc
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Dc893df05-0aa0-4413-8520-15505112b880&ssp=natimatica&exu=8121e028e33e32c957c5ce823316ec6534dc
https://tech.rtb.mts.ru/?dsp_uid=c893df05-0aa0-4413-8520-15505112b880&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FyJPfBQqgRBOFIBVQURK4gA%3Flocation%3Dhttps%253A%252F%252Fut.rktch.c...
https://an.yandex.ru/setud/mts_banner/yJPfBQqgRBOFIBVQURK4gA?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Dc893df05-0aa0-4413-8520-15505112b880&sign=3077685290

43 B
290 B

49ms
49ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://an.yandex.ru/setud/mts_banner/yJPfBQqgRBOFIBVQURK4gA?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Dc893df05-0aa0-4413-8520-15505112b880&sign=3077685290
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 00:43:23 GMT
last-modified: Wed, 24 Feb 2021 00:43:23 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=windows-1251
content-length: 43
expires: Wed, 24 Feb 2021 00:43:23 GMT

Redirect headers

Date: Wed, 24 Feb 2021 00:43:23 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/yJPfBQqgRBOFIBVQURK4gA?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Dc893df05-0aa0-4413-8520-15505112b880&sign=3077685290
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

404

HzXSmX9qQqKMbyUm2SWpuw
an.yandex.ru/setud/mts_banner/ Frame D919
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F29A135601A040F63026EE530
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D1f35d299-7f6a-42a2-8c6f-2526d925a9bb&ssp=sape&exu=0100007F29A135601A040F63026EE530
https://tech.rtb.mts.ru/?dsp_uid=1f35d299-7f6a-42a2-8c6f-2526d925a9bb&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FHzXSmX9qQqKMbyUm2SWpuw%3Flocation%3Dhttps%253A%252F%252Fwww.acint....
https://an.yandex.ru/setud/mts_banner/HzXSmX9qQqKMbyUm2SWpuw?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D1f35d299-7f6a-42a2-8c6f-2526d925a9bb&sign=493502020

43 B
290 B

117ms
57ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://an.yandex.ru/setud/mts_banner/HzXSmX9qQqKMbyUm2SWpuw?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D1f35d299-7f6a-42a2-8c6f-2526d925a9bb&sign=493502020
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 00:43:23 GMT
last-modified: Wed, 24 Feb 2021 00:43:23 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=windows-1251
content-length: 43
expires: Wed, 24 Feb 2021 00:43:23 GMT

Redirect headers

Date: Wed, 24 Feb 2021 00:43:23 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/HzXSmX9qQqKMbyUm2SWpuw?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D1f35d299-7f6a-42a2-8c6f-2526d925a9bb&sign=493502020
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

match
www.acint.net/ Frame D919
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=7e98b3f4-b06b-4c96-6f46-29d2578d9ec9

43 B
269 B

42ms
42ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=7e98b3f4-b06b-4c96-6f46-29d2578d9ec9
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:22 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=7e98b3f4-b06b-4c96-6f46-29d2578d9ec9
date: Wed, 24 Feb 2021 00:43:22 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame D919
Redirect Chain

https://s.uuidksinc.net/match/396/0100007F29A135601A040F63026EE530
https://www.acint.net/match?dp=127&euid=wEX9M0zF4ZgR7qZHVxnZ

43 B
269 B

43ms
42ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=wEX9M0zF4ZgR7qZHVxnZ
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:22 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Wed, 24 Feb 2021 00:43:22 GMT
server: nginx/1.19.0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
location: https://www.acint.net/match?dp=127&euid=wEX9M0zF4ZgR7qZHVxnZ
access-control-allow-headers: Content-Type
content-length: 0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame D919 0
215 B 266ms
88ms Image
text/plain 217.65.2.150
CITYTELECOM-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=0100007F29A135601A040F63026EE530
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 24 Feb 2021 00:42:48 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 204 0100007F29A135601A040F63026EE530
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame D919 0
172 B 281ms
94ms Image
text/plain 93.95.102.105
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F29A135601A040F63026EE530
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.95.102.105 Podolsk, Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:23 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

204
No Content

0.gif
x01.aidata.io/ Frame D919
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F29A135601A040F63026EE530
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F29A135601A040F63026EE530&bounce=1
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

0
584 B

83ms
83ms

Image
text/plain

89.108.119.28
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51802.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Feb 2021 00:43:23 GMT
Last-Modified: Wed, 24 Feb 2021 00:43:22 GMT
Server: nginx
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Wed, 24 Feb 2021 00:43:22 GMT

Redirect headers

Location: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Date: Wed, 24 Feb 2021 00:43:23 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 324
Strict-Transport-Security: max-age=86400
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 frame.html Show response
s3.advarkads.com/modules/match/ Frame F7EB 187 B
547 B 105ms
87ms Document
text/html 2606:4700:10::6816:557
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F29A135601A040F63026EE530
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:557 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106

Request headers

:method: GET
:authority: s3.advarkads.com
:scheme: https
:path: /modules/match/frame.html?id=8113-1-1&uid=0100007F29A135601A040F63026EE530
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.acint.net/mc/?dp=14
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.acint.net/mc/?dp=14

Response headers

date: Wed, 24 Feb 2021 00:43:22 GMT
content-type: text/html
set-cookie: __cfduid=d70668c8038e654650bfa1b4ee4076a871614127402; expires=Fri, 26-Mar-21 00:43:22 GMT; path=/; domain=.advarkads.com; HttpOnly; SameSite=Lax
cache-control: max-age=60
last-modified: Sat, 25 Apr 2020 07:44:34 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-request-id: 087316a4d90000d6ed7d9ae000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 626526e7c89fd6ed-FRA
content-encoding: gzip

GET
H2 200 036ed6d195d183f62bf6dc091e1ce5d0.js Show response
www.gstatic.com/mysidia/ Frame 2046 7 KB
3 KB 10ms
5ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/036ed6d195d183f62bf6dc091e1ce5d0.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=414&slotname=6379798375&adk=2390999545&adf=2612056745&pi=t.ma~as.6379798375&w=691&cr_col=4&cr_row=2&fwrn=2&lmt=1614127401&rafmt=9&psa=0&format=691x414&url=http%3A%2F%2Fvitz.ru%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1614127401433&bpp=5&bdt=211&idt=285&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=505&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wquJjckrHY&p=http%3A//vitz.ru&dtd=292

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0c093ce0e0daa2c82abc8eb385a89539ed30b8dd65f5c15255d342eea8b54ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=414&slotname=6379798375&adk=2390999545&adf=2612056745&pi=t.ma~as.6379798375&w=691&cr_col=4&cr_row=2&fwrn=2&lmt=1614127401&rafmt=9&psa=0&format=691x414&url=http%3A%2F%2Fvitz.ru%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1614127401433&bpp=5&bdt=211&idt=285&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=505&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wquJjckrHY&p=http%3A//vitz.ru&dtd=292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Feb 2021 02:18:00 GMT
server: sffe
age: 450116
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3002
x-xss-protection: 0
expires: Wed, 19 May 2021 19:41:26 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210222/r20110914/client/ Frame 2046 2 KB
961 B 12ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210222/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=414&slotname=6379798375&adk=2390999545&adf=2612056745&pi=t.ma~as.6379798375&w=691&cr_col=4&cr_row=2&fwrn=2&lmt=1614127401&rafmt=9&psa=0&format=691x414&url=http%3A%2F%2Fvitz.ru%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1614127401433&bpp=5&bdt=211&idt=285&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=505&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wquJjckrHY&p=http%3A//vitz.ru&dtd=292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:01:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Mar 2021 00:01:50 GMT

GET
H3-Q050 200 0e24be92f84fdd781809bff6c25e35f6.js Show response
www.gstatic.com/mysidia/ Frame 2046 18 KB
8 KB 40ms
20ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0e24be92f84fdd781809bff6c25e35f6.js?tag=exit_2019

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10137f4ee9d49a1cff0832bc15faa9a752754455f05ea4051369114cede70259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=414&slotname=6379798375&adk=2390999545&adf=2612056745&pi=t.ma~as.6379798375&w=691&cr_col=4&cr_row=2&fwrn=2&lmt=1614127401&rafmt=9&psa=0&format=691x414&url=http%3A%2F%2Fvitz.ru%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1614127401433&bpp=5&bdt=211&idt=285&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=505&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wquJjckrHY&p=http%3A//vitz.ru&dtd=292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 05:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 19:50:48 GMT
server: sffe
age: 415889
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7867
x-xss-protection: 0
expires: Thu, 20 May 2021 05:11:53 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210222/r20110914/ Frame 2046 18 KB
7 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210222/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

326b9524fd6295565871de3f0cbd08993794c17160f1b41183cd329e5a90f021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=414&slotname=6379798375&adk=2390999545&adf=2612056745&pi=t.ma~as.6379798375&w=691&cr_col=4&cr_row=2&fwrn=2&lmt=1614127401&rafmt=9&psa=0&format=691x414&url=http%3A%2F%2Fvitz.ru%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1614127401433&bpp=5&bdt=211&idt=285&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=505&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wquJjckrHY&p=http%3A//vitz.ru&dtd=292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 23:49:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 17098042556881059079
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 Mar 2021 23:49:25 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210222/r20110914/client/ Frame 2046 3 KB
2 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210222/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=414&slotname=6379798375&adk=2390999545&adf=2612056745&pi=t.ma~as.6379798375&w=691&cr_col=4&cr_row=2&fwrn=2&lmt=1614127401&rafmt=9&psa=0&format=691x414&url=http%3A%2F%2Fvitz.ru%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1614127401433&bpp=5&bdt=211&idt=285&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=505&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wquJjckrHY&p=http%3A//vitz.ru&dtd=292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 23:59:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2644
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 Mar 2021 23:59:18 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2046 107 KB
33 KB 52ms
33ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1e707397659a327ca2c365daccf19d3673c313bc9db68c2eb9a10790c5f75dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=414&slotname=6379798375&adk=2390999545&adf=2612056745&pi=t.ma~as.6379798375&w=691&cr_col=4&cr_row=2&fwrn=2&lmt=1614127401&rafmt=9&psa=0&format=691x414&url=http%3A%2F%2Fvitz.ru%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1614127401433&bpp=5&bdt=211&idt=285&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=505&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wquJjckrHY&p=http%3A//vitz.ru&dtd=292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613997191106504"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33369
x-xss-protection: 0
expires: Wed, 24 Feb 2021 00:43:22 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210222/r20110914/client/ Frame 2046 14 KB
6 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210222/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=414&slotname=6379798375&adk=2390999545&adf=2612056745&pi=t.ma~as.6379798375&w=691&cr_col=4&cr_row=2&fwrn=2&lmt=1614127401&rafmt=9&psa=0&format=691x414&url=http%3A%2F%2Fvitz.ru%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1614127401433&bpp=5&bdt=211&idt=285&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=505&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wquJjckrHY&p=http%3A//vitz.ru&dtd=292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1693
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Mar 2021 00:15:09 GMT

GET
H3-Q050 200 1371304903938339450
tpc.googlesyndication.com/icore_images/ Frame 2046 12 KB
12 KB 55ms
15ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/1371304903938339450

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3af2f91a6a5b295eaf465d4882e67dc72c7b658bd4c38cd895912a45d433c73f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=414&slotname=6379798375&adk=2390999545&adf=2612056745&pi=t.ma~as.6379798375&w=691&cr_col=4&cr_row=2&fwrn=2&lmt=1614127401&rafmt=9&psa=0&format=691x414&url=http%3A%2F%2Fvitz.ru%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1614127401433&bpp=5&bdt=211&idt=285&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=505&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wquJjckrHY&p=http%3A//vitz.ru&dtd=292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:16:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Jul 2017 19:20:39 GMT
server: sffe
age: 1620
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11792
x-xss-protection: 0
expires: Thu, 24 Feb 2022 00:16:22 GMT

GET
H3-Q050 200 8439589046104217692
tpc.googlesyndication.com/icore_images/ Frame 2046 12 KB
12 KB 56ms
18ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/8439589046104217692

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

799ac33468849d7b42d6b0addb0630ae3ff480d42698b6bc46c11ac2170eba89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=414&slotname=6379798375&adk=2390999545&adf=2612056745&pi=t.ma~as.6379798375&w=691&cr_col=4&cr_row=2&fwrn=2&lmt=1614127401&rafmt=9&psa=0&format=691x414&url=http%3A%2F%2Fvitz.ru%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1614127401433&bpp=5&bdt=211&idt=285&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=505&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wquJjckrHY&p=http%3A//vitz.ru&dtd=292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:16:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 Sep 2018 04:09:42 GMT
server: sffe
age: 1620
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11991
x-xss-protection: 0
expires: Thu, 24 Feb 2022 00:16:22 GMT

GET
H3-Q050 200 15309135695664275086
tpc.googlesyndication.com/icore_images/ Frame 2046 12 KB
12 KB 59ms
20ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/15309135695664275086

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0a4849ab6f16e7ea8c2685788b56b5646cbb4204b26d64f17b66e236b641fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=414&slotname=6379798375&adk=2390999545&adf=2612056745&pi=t.ma~as.6379798375&w=691&cr_col=4&cr_row=2&fwrn=2&lmt=1614127401&rafmt=9&psa=0&format=691x414&url=http%3A%2F%2Fvitz.ru%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1614127401433&bpp=5&bdt=211&idt=285&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=505&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wquJjckrHY&p=http%3A//vitz.ru&dtd=292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:16:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 31 Jul 2017 17:46:52 GMT
server: sffe
age: 1620
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12005
x-xss-protection: 0
expires: Thu, 24 Feb 2022 00:16:22 GMT

GET
H3-Q050 200 8107068088473521694
tpc.googlesyndication.com/icore_images/ Frame 2046 9 KB
9 KB 56ms
18ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/8107068088473521694

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b520af498f4bf4ec66a36f03254ba0ec6c8bda07d4dcf6efd87f80fa41246035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=414&slotname=6379798375&adk=2390999545&adf=2612056745&pi=t.ma~as.6379798375&w=691&cr_col=4&cr_row=2&fwrn=2&lmt=1614127401&rafmt=9&psa=0&format=691x414&url=http%3A%2F%2Fvitz.ru%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1614127401433&bpp=5&bdt=211&idt=285&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=505&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wquJjckrHY&p=http%3A//vitz.ru&dtd=292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:16:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 31 Jul 2017 18:24:54 GMT
server: sffe
age: 1620
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9417
x-xss-protection: 0
expires: Thu, 24 Feb 2022 00:16:22 GMT

GET
H3-Q050 200 3864522239916177520
tpc.googlesyndication.com/icore_images/ Frame 2046 18 KB
18 KB 52ms
15ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/3864522239916177520

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c68856bc4b7c28da80bd3aa4e5cb0f0d519ac5e9ceccb2837dfb7e5b96882b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=414&slotname=6379798375&adk=2390999545&adf=2612056745&pi=t.ma~as.6379798375&w=691&cr_col=4&cr_row=2&fwrn=2&lmt=1614127401&rafmt=9&psa=0&format=691x414&url=http%3A%2F%2Fvitz.ru%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1614127401433&bpp=5&bdt=211&idt=285&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=505&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wquJjckrHY&p=http%3A//vitz.ru&dtd=292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:18:04 GMT
x-content-type-options: nosniff
last-modified: Wed, 19 Feb 2020 04:55:38 GMT
server: sffe
age: 1518
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18125
x-xss-protection: 0
expires: Thu, 24 Feb 2022 00:18:04 GMT

GET
H3-Q050 200 16429891963004378225
tpc.googlesyndication.com/icore_images/ Frame 2046 16 KB
16 KB 59ms
22ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/16429891963004378225

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

856958e4fc575cd8a9517e895f3956e16347dd0be3cee93eca70af63456f2ebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=414&slotname=6379798375&adk=2390999545&adf=2612056745&pi=t.ma~as.6379798375&w=691&cr_col=4&cr_row=2&fwrn=2&lmt=1614127401&rafmt=9&psa=0&format=691x414&url=http%3A%2F%2Fvitz.ru%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1614127401433&bpp=5&bdt=211&idt=285&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=505&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wquJjckrHY&p=http%3A//vitz.ru&dtd=292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:16:22 GMT
x-content-type-options: nosniff
last-modified: Sat, 19 Sep 2020 22:45:06 GMT
server: sffe
age: 1620
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16371
x-xss-protection: 0
expires: Thu, 24 Feb 2022 00:16:22 GMT

GET
H3-Q050 404 11608442716609212338
tpc.googlesyndication.com/icore_images/ Frame 2046 43 B
136 B 821ms
784ms Image
image/gif 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/11608442716609212338

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=414&slotname=6379798375&adk=2390999545&adf=2612056745&pi=t.ma~as.6379798375&w=691&cr_col=4&cr_row=2&fwrn=2&lmt=1614127401&rafmt=9&psa=0&format=691x414&url=http%3A%2F%2Fvitz.ru%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1614127401433&bpp=5&bdt=211&idt=285&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=505&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wquJjckrHY&p=http%3A//vitz.ru&dtd=292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:23 GMT
x-content-type-options: nosniff
server: sffe
content-type: image/gif
cache-control: public, max-age=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Wed, 24 Feb 2021 01:43:23 GMT

GET
H3-Q050 200 9276602887791194340
tpc.googlesyndication.com/icore_images/ Frame 2046 10 KB
10 KB 119ms
85ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/9276602887791194340

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2b67f83f36aff08e26362640fd79088757e05e40faaa1bbbd09ab9894a02a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=414&slotname=6379798375&adk=2390999545&adf=2612056745&pi=t.ma~as.6379798375&w=691&cr_col=4&cr_row=2&fwrn=2&lmt=1614127401&rafmt=9&psa=0&format=691x414&url=http%3A%2F%2Fvitz.ru%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1614127401433&bpp=5&bdt=211&idt=285&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=505&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wquJjckrHY&p=http%3A//vitz.ru&dtd=292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 31 Jul 2017 18:18:33 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10418
x-xss-protection: 0
expires: Thu, 24 Feb 2022 00:43:22 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2046 0
0 57ms
48ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUSnhKaE1YJi2LYKf-wbspZ_YCKXVnbEFjdzCup8Cpp6tjWsQASDUxNkeKAhglQLIAQGoAwHIA8EEqgR_T9AfJV489RpxJB8tRZ8t69pO-k_3zLXIsyczwLqnzkPxbea5boYjTXs2tm2Pn0Fx4ZCF-QOu9BaOV8jBMC-3vY8pfFbLXkHSeIgy_Zkt7KeaekWQjZFscIGSp84Lg8oLRazny_5S5lOK93f0mrAA9RE9fRzZGhZDRBV97Kw8lsAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTE3MTU2NzcxMDQwOTE3NjU&sigh=FDExd_NBkzw&tpd=AGWhJmt-8thIqMrsYeHGqYAE2hMEru6GJjoAFGHmjQgZaFDNDg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=414&slotname=6379798375&adk=2390999545&adf=2612056745&pi=t.ma~as.6379798375&w=691&cr_col=4&cr_row=2&fwrn=2&lmt=1614127401&rafmt=9&psa=0&format=691x414&url=http%3A%2F%2Fvitz.ru%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1614127401433&bpp=5&bdt=211&idt=285&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=505&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wquJjckrHY&p=http%3A//vitz.ru&dtd=292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 24 Feb 2021 00:43:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 24 Feb 2021 00:43:22 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2046 0
0 59ms
52ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDJyRKaE1YJi2LYKf-wbspZ_YCKXVnbEFjdzCup8Cpp6tjWsQAiDUxNkeKAhglQLIAQGoAwHIA8EEqgR_T9AfJV089RpxJB8tRZ8t69pO-k_3zLXIsyczwLqnzkPxbea5boYjTXs2tm2Pn0Fx4ZCF-QOu9BaOV8jBMC-3vY8pfFbLXkHSeIgy_Zkt7KeaekWQjZFscIGSp84Lg8oLRazny_5S5lOK93f0mrAA9RE9fRzZGhZDRBV97Kw8lsAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTE3MTU2NzcxMDQwOTE3NjU&sigh=PYn02fiKtos&tpd=AGWhJmvywzUKiuW_rr0OdJIFuho5S7d9hZI0m3fMMhyJZo4hXw

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=414&slotname=6379798375&adk=2390999545&adf=2612056745&pi=t.ma~as.6379798375&w=691&cr_col=4&cr_row=2&fwrn=2&lmt=1614127401&rafmt=9&psa=0&format=691x414&url=http%3A%2F%2Fvitz.ru%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1614127401433&bpp=5&bdt=211&idt=285&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=505&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wquJjckrHY&p=http%3A//vitz.ru&dtd=292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 24 Feb 2021 00:43:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 24 Feb 2021 00:43:22 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2046 0
0 57ms
49ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cu0QgKaE1YJi2LYKf-wbspZ_YCKXVnbEFjdzCup8Cpp6tjWsQAyDUxNkeKAhglQLIAQGoAwHIA8EEqgR_T9AfJVw89RpxJB8tRZ8t69pO-k_3zLXIsyczwLqnzkPxbea5boYjTXs2tm2Pn0Fx4ZCF-QOu9BaOV8jBMC-3vY8pfFbLXkHSeIgy_Zkt7KeaekWQjZFscIGSp84Lg8oLRazny_5S5lOK93f0mrAA9RE9fRzZGhZDRBV97Kw8lsAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTE3MTU2NzcxMDQwOTE3NjU&sigh=t7GeZJq51b8&tpd=AGWhJmvzXwIcOF8sK10RJgdcP72rFYogumIT2IMcagpHYiyX4A

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=414&slotname=6379798375&adk=2390999545&adf=2612056745&pi=t.ma~as.6379798375&w=691&cr_col=4&cr_row=2&fwrn=2&lmt=1614127401&rafmt=9&psa=0&format=691x414&url=http%3A%2F%2Fvitz.ru%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1614127401433&bpp=5&bdt=211&idt=285&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=505&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wquJjckrHY&p=http%3A//vitz.ru&dtd=292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 24 Feb 2021 00:43:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 24 Feb 2021 00:43:22 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2046 0
0 55ms
49ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CByxbKaE1YJi2LYKf-wbspZ_YCKXVnbEFjdzCup8Cpp6tjWsQBCDUxNkeKAhglQLIAQGoAwHIA8EEqgR_T9AfJVs89RpxJB8tRZ8t69pO-k_3zLXIsyczwLqnzkPxbea5boYjTXs2tm2Pn0Fx4ZCF-QOu9BaOV8jBMC-3vY8pfFbLXkHSeIgy_Zkt7KeaekWQjZFscIGSp84Lg8oLRazny_5S5lOK93f0mrAA9RE9fRzZGhZDRBV97Kw8lsAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTE3MTU2NzcxMDQwOTE3NjU&sigh=xGumQ_0jxiE&tpd=AGWhJmshSE9c6oTzoarPf1Li1Fe9btRzUcPOpS2DFxI3lgAScQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=414&slotname=6379798375&adk=2390999545&adf=2612056745&pi=t.ma~as.6379798375&w=691&cr_col=4&cr_row=2&fwrn=2&lmt=1614127401&rafmt=9&psa=0&format=691x414&url=http%3A%2F%2Fvitz.ru%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1614127401433&bpp=5&bdt=211&idt=285&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=505&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wquJjckrHY&p=http%3A//vitz.ru&dtd=292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 24 Feb 2021 00:43:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 24 Feb 2021 00:43:22 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2046 0
0 57ms
51ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpTnUKaE1YJi2LYKf-wbspZ_YCKXVnbEFjdzCup8Cpp6tjWsQBSDUxNkeKAhglQLIAQGoAwHIA8EEqgR_T9AfJVo89RpxJB8tRZ8t69pO-k_3zLXIsyczwLqnzkPxbea5boYjTXs2tm2Pn0Fx4ZCF-QOu9BaOV8jBMC-3vY8pfFbLXkHSeIgy_Zkt7KeaekWQjZFscIGSp84Lg8oLRazny_5S5lOK93f0mrAA9RE9fRzZGhZDRBV97Kw8lsAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTE3MTU2NzcxMDQwOTE3NjU&sigh=g7X7J6MMDHw&tpd=AGWhJmt81SBcYh41SrIf3o05ToBpd8lR8Cbh7J75SoQIlvYEUg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=414&slotname=6379798375&adk=2390999545&adf=2612056745&pi=t.ma~as.6379798375&w=691&cr_col=4&cr_row=2&fwrn=2&lmt=1614127401&rafmt=9&psa=0&format=691x414&url=http%3A%2F%2Fvitz.ru%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1614127401433&bpp=5&bdt=211&idt=285&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=505&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wquJjckrHY&p=http%3A//vitz.ru&dtd=292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 24 Feb 2021 00:43:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 24 Feb 2021 00:43:22 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2046 0
0 56ms
52ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBn1sKaE1YJi2LYKf-wbspZ_YCKXVnbEFjdzCup8Cpp6tjWsQBiDUxNkeKAhglQLIAQGoAwHIA8EEqgR_T9AfJVk89RpxJB8tRZ8t69pO-k_3zLXIsyczwLqnzkPxbea5boYjTXs2tm2Pn0Fx4ZCF-QOu9BaOV8jBMC-3vY8pfFbLXkHSeIgy_Zkt7KeaekWQjZFscIGSp84Lg8oLRazny_5S5lOK93f0mrAA9RE9fRzZGhZDRBV97Kw8lsAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTE3MTU2NzcxMDQwOTE3NjU&sigh=rMQIbRlE3vQ&tpd=AGWhJmsiRjxoAyLwikrl2IGXAvJRrQe0pU16tDj-V4obcW_Q4w

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=414&slotname=6379798375&adk=2390999545&adf=2612056745&pi=t.ma~as.6379798375&w=691&cr_col=4&cr_row=2&fwrn=2&lmt=1614127401&rafmt=9&psa=0&format=691x414&url=http%3A%2F%2Fvitz.ru%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1614127401433&bpp=5&bdt=211&idt=285&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=505&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wquJjckrHY&p=http%3A//vitz.ru&dtd=292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 24 Feb 2021 00:43:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 24 Feb 2021 00:43:22 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2046 0
0 56ms
52ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTiRmKaE1YJi2LYKf-wbspZ_YCKXVnbEFjdzCup8Cpp6tjWsQByDUxNkeKAhglQLIAQGoAwHIA8EEqgR_T9AfJVg89RpxJB8tRZ8t69pO-k_3zLXIsyczwLqnzkPxbea5boYjTXs2tm2Pn0Fx4ZCF-QOu9BaOV8jBMC-3vY8pfFbLXkHSeIgy_Zkt7KeaekWQjZFscIGSp84Lg8oLRazny_5S5lOK93f0mrAA9RE9fRzZGhZDRBV97Kw8lsAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTE3MTU2NzcxMDQwOTE3NjU&sigh=10gkVBrzVx4&tpd=AGWhJmv919ABia14HEG95lbp2Dk7WnUZyAABM-3Hoyv2h6QkQQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=414&slotname=6379798375&adk=2390999545&adf=2612056745&pi=t.ma~as.6379798375&w=691&cr_col=4&cr_row=2&fwrn=2&lmt=1614127401&rafmt=9&psa=0&format=691x414&url=http%3A%2F%2Fvitz.ru%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1614127401433&bpp=5&bdt=211&idt=285&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=505&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wquJjckrHY&p=http%3A//vitz.ru&dtd=292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 24 Feb 2021 00:43:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 24 Feb 2021 00:43:22 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2046 0
0 54ms
50ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzannKaE1YJi2LYKf-wbspZ_YCKXVnbEFjdzCup8Cpp6tjWsQCCDUxNkeKAhglQLIAQGoAwHIA8EEqgR_T9AfJVc89RpxJB8tRZ8t69pO-k_3zLXIsyczwLqnzkPxbea5boYjTXs2tm2Pn0Fx4ZCF-QOu9BaOV8jBMC-3vY8pfFbLXkHSeIgy_Zkt7KeaekWQjZFscIGSp84Lg8oLRazny_5S5lOK93f0mrAA9RE9fRzZGhZDRBV97Kw8lsAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTE3MTU2NzcxMDQwOTE3NjU&sigh=pXqq7nWu08s&tpd=AGWhJmv5sFsEpmM0Y8mc9rbJgYp6T89ZJemjalWOU_F02o7dPw

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=414&slotname=6379798375&adk=2390999545&adf=2612056745&pi=t.ma~as.6379798375&w=691&cr_col=4&cr_row=2&fwrn=2&lmt=1614127401&rafmt=9&psa=0&format=691x414&url=http%3A%2F%2Fvitz.ru%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1614127401433&bpp=5&bdt=211&idt=285&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=505&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wquJjckrHY&p=http%3A//vitz.ru&dtd=292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 24 Feb 2021 00:43:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 24 Feb 2021 00:43:22 GMT

GET
DATA 200
OK truncated
/ Frame 2046 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0da62733af40bb5af32f3d53373c40473f98fa0de50ce8f2b530b460668e7051

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 frame.js Show response
s3.advarkads.com/modules/match/ Frame F7EB 20 KB
7 KB 13ms
12ms Script
application/javascript 2606:4700:10::6816:557
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/match/frame.js
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F29A135601A040F63026EE530
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:557 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e0e878a41cbf1c2aa09176ad0afe985d53fa958f7b191e8bba15089f6c29c7b

Request headers

Referer: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F29A135601A040F63026EE530
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:22 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 16
content-length: 6561
cf-request-id: 087316a58a0000d6ed8083f000000001
last-modified: Tue, 19 Jan 2021 09:46:36 GMT
server: cloudflare
etag: "06618fa47eed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
cf-ray: 626526e8d911d6ed-FRA

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame F7EB
Redirect Chain

https://api.advarkads.com/api/statistic/match?id=8113-1-1&uid=0100007F29A135601A040F63026EE530
https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d77001-a23c-4022-84ea-73495d9b57cc

35 B
376 B

51ms
50ms

Image
image/gif

88.99.149.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d77001-a23c-4022-84ea-73495d9b57cc
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F29A135601A040F63026EE530
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.99.149.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F29A135601A040F63026EE530
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:22 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 24 Feb 2021 00:43:17 GMT
Server: nginx/1.14.1
X-Powered-By: ASP.NET
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Location: https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d77001-a23c-4022-84ea-73495d9b57cc
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: -1

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame D919 15 KB
16 KB 148ms
148ms Script
application/javascript 185.15.175.134
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=596681962408149
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.134 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5a49726bf861ad2dbeed14284fc73e953d2e0c8760d79741829116fada42ff75

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:43:22 GMT
Last-Modified: Thu, 28 Jan 2021 10:50:38 GMT
Server: nginx
ETag: "601296fe-3da0"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15776

GET
H/1.1 200
OK / Show response
ps5.ntvk1.ru/ 102 B
425 B 279ms
98ms XHR
application/json 194.176.118.216
LOGOL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ps5.ntvk1.ru/?r=o1cvrk44tvg
Requested by: Host: vitz.ru
URL: http://vitz.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.176.118.216 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2d06e396ae3e665587c28f5ab65944261d284a6d4597f89f741c12ed8354bd5d

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:43:23 GMT
Server: nginx/1.10.3 (Ubuntu)
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://vitz.ru
Access-Control-Expose-Headers: Content-Length,Date,Server
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 102

GET
H/1.1

204
No Content

matchspm
ut.rktch.com/
Redirect Chain

https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}
https://ut.rktch.com/matchspm?pi=1000006&pui=ZKRRn4clnesEknWpe6oItu

0
287 B

205ms
85ms

Image
text/plain

89.108.97.2
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=1000006&pui=ZKRRn4clnesEknWpe6oItu
Requested by: Host: vitz.ru
URL: http://vitz.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d50603.reg.regrucolo.ru
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:43:23 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS

Redirect headers

pragma: no-cache
date: Wed, 24 Feb 2021 00:43:22 GMT
via: 1.1 google
last-modified: Wed, 24 Feb 2021 00:43:22 GMT
server: nginx/1.12.0
location: https://ut.rktch.com/matchspm?pi=1000006&pui=ZKRRn4clnesEknWpe6oItu
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1 204
No Content matchspm
ut.rktch.com/ 0
287 B 86ms
85ms Image
text/plain 89.108.97.2
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=2&pui=6aba6e71f75d42cc8934a7ec842777c2
Requested by: Host: vitz.ru
URL: http://vitz.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d50603.reg.regrucolo.ru
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:43:22 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS

GET
H2

404

yJPfBQqgRBOFIBVQURK4gA
an.yandex.ru/setud/mts_banner/
Redirect Chain

https://ut.rktch.com/matchbt?bi=29
https://sm.rtb.mts.ru/p?ssp=natimatica&id=8121e028e33e32c957c5ce823316ec6534dc
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Dc893df05-0aa0-4413-8520-15505112b880&ssp=natimatica&exu=8121e028e33e32c957c5ce823316ec6534dc
https://tech.rtb.mts.ru/?dsp_uid=c893df05-0aa0-4413-8520-15505112b880&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FyJPfBQqgRBOFIBVQURK4gA%3Flocation%3Dhttps%253A%252F%252Fut.rktch.c...
https://an.yandex.ru/setud/mts_banner/yJPfBQqgRBOFIBVQURK4gA?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Dc893df05-0aa0-4413-8520-15505112b880&sign=3061968367

43 B
290 B

49ms
49ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://an.yandex.ru/setud/mts_banner/yJPfBQqgRBOFIBVQURK4gA?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Dc893df05-0aa0-4413-8520-15505112b880&sign=3061968367
Requested by: Host: vitz.ru
URL: http://vitz.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 00:43:23 GMT
last-modified: Wed, 24 Feb 2021 00:43:23 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=windows-1251
content-length: 43
expires: Wed, 24 Feb 2021 00:43:23 GMT

Redirect headers

Date: Wed, 24 Feb 2021 00:43:23 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/yJPfBQqgRBOFIBVQURK4gA?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Dc893df05-0aa0-4413-8520-15505112b880&sign=3061968367
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

natimatica
exchange.buzzoola.com/cookiesync/ssp/
Redirect Chain

https://ut.rktch.com/matchbt?bi=27
https://exchange.buzzoola.com/cookiesync/ssp/natimatica?uid=8121e028e33e32c957c5ce823316ec6534dc
https://exchange.buzzoola.com/cookiesync/ssp/natimatica?set_buzzoola_cookie=t&uid=8121e028e33e32c957c5ce823316ec6534dc

43 B
130 B

47ms
47ms

Image
image/gif

168.119.9.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.buzzoola.com/cookiesync/ssp/natimatica?set_buzzoola_cookie=t&uid=8121e028e33e32c957c5ce823316ec6534dc
Requested by: Host: vitz.ru
URL: http://vitz.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 168.119.9.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.59.9.119.168.clients.your-server.de
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:23 GMT
server: nginx
content-length: 43
serverid: TODO
content-type: image/gif

Redirect headers

location: /cookiesync/ssp/natimatica?set_buzzoola_cookie=t&uid=8121e028e33e32c957c5ce823316ec6534dc
date: Wed, 24 Feb 2021 00:43:23 GMT
server: nginx
etag: W/"653970bed17e374fb1cea18e2113b9529d261ad410f37d5bf11bd7a36e6550dd"
content-length: 129
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

pixel.gif
sync.1dmp.io/
Redirect Chain

https://ut.rktch.com/matchbt?bi=50
https://api.advarkads.com/api/statistic/match?id=8067-1-1&uid=8121e028e33e32c957c5ce823316ec6534dc
https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d77001-a23c-4022-84ea-73495d9b57cc

35 B
376 B

50ms
50ms

Image
image/gif

88.99.149.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d77001-a23c-4022-84ea-73495d9b57cc
Requested by: Host: vitz.ru
URL: http://vitz.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.99.149.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:23 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 24 Feb 2021 00:43:18 GMT
Server: nginx/1.14.1
X-Powered-By: ASP.NET
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Location: https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d77001-a23c-4022-84ea-73495d9b57cc
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: -1

GET
H2

200

uuid
rtb.beroll.ru/
Redirect Chain

https://ut.rktch.com/matchbt?bi=39
https://rtb.beroll.ru/uuid?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D39%26bui%3D

0
86 B

292ms
82ms

Image
text/plain

82.202.224.34
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.beroll.ru/uuid?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D39%26bui%3D
Requested by: Host: vitz.ru
URL: http://vitz.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.202.224.34 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:23 GMT
server: nginx/1.14.0
content-length: 0
content-type: application/octet-stream, text/plain

Redirect headers

Date: Wed, 24 Feb 2021 00:43:23 GMT
Server: nginx/1.18.0
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
location: https://rtb.beroll.ru/uuid?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D39%26bui%3D
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization

GET
H/1.1 200
OK i
dmg.digitaltarget.ru/1/1093/i/ Frame D919 49 B
602 B 92ms
92ms Image
image/gif 185.15.175.146
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/1/1093/i/i?i=27938657350780.808978309328279&a=77&e=0100007F29A135601A040F63026EE530&pref=http%3A%2F%2Fvitz.ru%2F&c=ss:77.up:0100007F29A135601A040F63026EE530.sync:up.xdua:du0fDqXrbnkxrvA9sPMgn3Ll.xps:xpsFKQeXnjaidD7Vj5udJY8Lq.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.15.175.146 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:43:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 5
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK i
dmg.digitaltarget.ru/1/1093/i/ Frame D919 49 B
602 B 188ms
93ms Image
image/gif 185.15.175.146
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/1/1093/i/i?i=27938657350780.91489502362967&a=77&e=0100007F29A135601A040F63026EE530&pref=http%3A%2F%2Fvitz.ru%2F&c=ss:77.up:0100007F29A135601A040F63026EE530.sync:up.xdua:du0fDqXrbnkxrvA9sPMgn3Ll.xps:xpsFKQeXnjaidD7Vj5udJY8Lq.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.15.175.146 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/mc/?dp=14
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 00:43:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 7
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

GET
H3-Q050 200 5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js Show response
pagead2.googlesyndication.com/bg/ Frame FEE0 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1715677104091765&output=html&h=414&slotname=6379798375&adk=2390999545&adf=2612056745&pi=t.ma~as.6379798375&w=691&cr_col=4&cr_row=2&fwrn=2&lmt=1614127401&rafmt=9&psa=0&format=691x414&url=http%3A%2F%2Fvitz.ru%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1614127401433&bpp=5&bdt=211&idt=285&shv=r20210222&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&correlator=7286330303057&frm=20&pv=1&ga_vid=389560097.1614127401&ga_sid=1614127402&ga_hid=556695190&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=505&ady=1481&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060287%2C21068083%2C21068769%2C21068893&oid=3&pvsid=3861045475955524&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=wquJjckrHY&p=http%3A//vitz.ru&dtd=292
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 08:19:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 59013
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
expires: Wed, 23 Feb 2022 08:19:50 GMT

POST
H2 200 49409341 Show response
mc.yandex.ru/webvisor/ 43 B
73 B 85ms
85ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49409341?wmode=0&wv-part=1&wv-hit=995100116&page-url=http%3A%2F%2Fvitz.ru%2F&rn=808023256&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1614127404%3Aw%3A1600x1200%3Av%3A433%3Az%3A60%3Ai%3A20210224014323%3Au%3A1614127402742633446%3Avf%3Acaxsklyqnpvsij3%3Ati%3A2%3Ast%3A1614127404

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 00:43:23 GMT
last-modified: Wed, 24-Feb-2021 00:43:23 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://vitz.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 24-Feb-2021 00:43:23 GMT

POST
H2 200 49409341 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 82ms
82ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49409341?wmode=0&wv-part=1&wv-hit=995100116&page-url=http%3A%2F%2Fvitz.ru%2F&rn=285435543&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1614127404%3Aw%3A1600x1200%3Av%3A433%3Az%3A60%3Ai%3A20210224014323%3Au%3A1614127402742633446%3Avf%3Acaxsklyqnpvsij3%3Ati%3A2%3Ast%3A1614127404

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 00:43:23 GMT
last-modified: Wed, 24-Feb-2021 00:43:23 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://vitz.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 24-Feb-2021 00:43:23 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 48ms
35ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210222&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2f433f1a522b1eb1b9c2090449e5e11428ab5298841943a043d1f0b8660a914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Feb 2021 00:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6394
x-xss-protection: 0

POST
H/1.1 200
OK tracker
top-fwz1.mail.ru/ 43 B
1 KB 80ms
79ms Other
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=861224;u=http%3A//vitz.ru/;st=1614127401357;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=915b1c5ee89fdc4d;ver=60.3.0;tz=-60%2FEurope%2FBerlin;nt=0/0/1614127400996/////0/3/62/62/82//83/223/224/226/361/361/361/2875/2875/;ni=10//4g/0/0/;lvid=1614127401671%3A1614127403874%3A2%3A599b245c6e36bfaee74cca96b48e6759;opts=dl;_=0.26227698081606077;e=RT/load;et=1614127403873

Requested by

Host: top-fwz1.mail.ru
URL: http://top-fwz1.mail.ru/js/code.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 24 Feb 2021 00:43:23 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: http://vitz.ru
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: http://vitz.ru
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: http://vitz.ru
Keep-Alive: timeout=60

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Wed, 24 Feb 2021 00:43:23 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 29A5 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://vitz.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://vitz.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Tue, 23 Feb 2021 20:52:31 GMT
expires: Wed, 23 Feb 2022 20:52:31 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 13852
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js Show response
pagead2.googlesyndication.com/bg/ Frame 29A5 14 KB
6 KB 36ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 20:13:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 16213
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
expires: Wed, 23 Feb 2022 20:13:11 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 47ms
46ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210222&jk=3861045475955524&bg=!39yl3J_NAAXB_3NtwTsAKQB2-DxaMyWHXoBlpFv213XsOkKrCUNXTc421l0X3vL-w62jmrx6q8FuAgAAAJBSAAAADWgBBwoBV5g02UoFXjdgst_hihMV_VTq4vyHZutJf0hn5-zWvo27w04C2-9ajET8LAkM9YAKqvr2eNl_asBegNEHJ0FDHncgJhnLUiNl20vbFx5KCLG4owVOevFzIwzHpy3NdiaS56t6Z2hkeL8Gjl2KRrE9NWQWJ8ZxEb4FjqMtrM8-usktzmyLsRiqrJfSpyMa6Z3mM8WnIhrjBta-i3iUu6ILuUnP2z4UfbZJujWBpx1bNu0simk8o56aTAo2sXFeaY2Hw6MuTZkwMH_4J93S8vkIDBR1ldWaOEoRQ8yjKncxoRk88KijG3HMrU7TJqoO5YFR75WByTrPVH7Yq2K9P6cpMOOlvgsjLIqSNKKaak4wsGeqnmxaC23pndFGq9wN5yVgxUs9GQvIJwh26dLf0QkOSwT2yAXMyT9vjKg0OufzXUQ5gy5TmY-jesedqTE8FBRbqwQgmefbBjeZAeOXYWIJ19frFNXkJ9UsdV4cuzhPZtEl-lmU9YOnYRV76l-we_9nRXsx9Kbwjormx2khZ3sQNuyvwVpWkVE_66c7OkYKuMbKhtsegvzs1-eVShwCt6_LIEIofD-T0PsbRoO-eTsQmr-8oggOozV3JjNd2WXiazn0nRjn01cObWkauQTv6EgxFMUhzMY303RemXB5oZABRSBTRy8Snm2__UKRL4v-Z_Lq7KLQOS8yRlCSS_5bPbPyquaKcEvSU-SAp8CYPfs6-56hJq8wCTK_s3F7IRdWi3iqc5eqVa68WkilNuBhgrl1lHPvqboWumTBjWkR0yEMH33QboQJU0yP2UtmexfLYmXbtkFbpkC8JgUQx-aBhcHmFuuNiRB12ExkRAApswBmSKi1ppWg6tFnFcaCx2xTlrQjrqXAAxqj-DaDpFt0l5yrghqVvjOL-rBY9NXP4kws_KF5Y20gXAw4GwXsdDH-ihtyj5GuJt4aIKCGt7UbFIQu06mBehZxeJorJtJ9rKAm_0o4AxdduWrd79Ng80CLlCkdgqYcXi0u3UuR2y0xh-7LKMuKkmHD4Oylb6xpRIldltvVv2VyNhZ4dUrZAX-rORktFX7WmkxlvOmK4sPZalZJp4dnz-k8ggKkdSgExMM

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 00:43:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.acint.net/ping/
Redirect Chain

http://www.acint.net/ping/?v=0.3.0&uid=38afc8a7-baab-4f6b-ab07-74b053ce2ccf&dp=14&tz=%2B01%3A00&nc=85997758&dT=2021-02-24T01%3A43%3A25.027
https://www.acint.net/ping/?v=0.3.0&uid=38afc8a7-baab-4f6b-ab07-74b053ce2ccf&dp=14&tz=%2B01%3A00&nc=85997758&dT=2021-02-24T01%3A43%3A25.027

43 B
224 B

43ms
42ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.3.0&uid=38afc8a7-baab-4f6b-ab07-74b053ce2ccf&dp=14&tz=%2B01%3A00&nc=85997758&dT=2021-02-24T01%3A43%3A25.027
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:43:25 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/ping/?v=0.3.0&uid=38afc8a7-baab-4f6b-ab07-74b053ce2ccf&dp=14&tz=%2B01%3A00&nc=85997758&dT=2021-02-24T01%3A43%3A25.027
Date: Wed, 24 Feb 2021 00:43:25 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

POST
H2 200 49409341 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 29ms
28ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49409341?wmode=0&wv-part=2&wv-hit=995100116&page-url=http%3A%2F%2Fvitz.ru%2F&rn=1017250102&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1614127406%3Aw%3A1600x1200%3Av%3A433%3Az%3A60%3Ai%3A20210224014325%3Au%3A1614127402742633446%3Avf%3Acaxsklyqnpvsij3%3Ati%3A2%3Ast%3A1614127406

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 00:43:25 GMT
last-modified: Wed, 24-Feb-2021 00:43:25 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://vitz.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 24-Feb-2021 00:43:25 GMT

POST
H/1.1 200
OK tracker
top-fwz1.mail.ru/ 43 B
937 B 80ms
79ms Other
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=861224;u=http%3A//vitz.ru/;st=1614127401357;title=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%9B%D1%8E%D0%B1%D0%B8%D1%82%D0%B5%D0%BB%D0%B5%D0%B9%20Toyota%20Vitz(%D0%92%D0%B8%D1%82%D1%86)%2C%20Yaris(%D0%AF%D1%80%D0%B8%D1%81)%2C%20Echo(%D1%8D%D1%85%D0%BE)%2C%20Platz(%D0%9F%D0%BB%D0%B0%D1%82%D1%86)%2C%20Funcargo;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=915b1c5ee89fdc4d;ver=60.3.0;tz=-60%2FEurope%2FBerlin;ni=10//4g/0/0/;detect=0;lvid=1614127401671%3A1614127418875%3A3%3A599b245c6e36bfaee74cca96b48e6759;opts=dl;_=0.9736898950883675;e=PVT/15

Requested by

Host: top-fwz1.mail.ru
URL: http://top-fwz1.mail.ru/js/code.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://vitz.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 24 Feb 2021 00:43:38 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: http://vitz.ru
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: http://vitz.ru
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: http://vitz.ru
Keep-Alive: timeout=60

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.advarkads.com/	1970-01-20 09:53:19	Name: u Value: 86d77001-a23c-4022-84ea-73495d9b57cc
.acint.net/	1970-01-19 17:05:19	Name: cSyncDp146 Value: 1614127402
.acint.net/	1970-01-19 17:05:19	Name: cSyncDp136 Value: 1614127402
.acint.net/	1970-01-19 17:05:19	Name: cSyncDp138 Value: 1614127402
.acint.net/	1970-01-19 17:05:19	Name: cSyncDp127 Value: 1614127402
.acint.net/	1970-01-19 17:05:19	Name: cSyncDp126 Value: 1614127402
.acint.net/	1970-01-19 17:05:19	Name: cSyncDp125 Value: 1614127402
.acint.net/	1970-01-19 17:05:19	Name: cSyncDp107 Value: 1614127402
.acint.net/	1970-01-19 16:42:17	Name: cSyncDp104v2 Value: 1614127402
.acint.net/	1970-01-19 17:05:19	Name: cSyncDp95v2 Value: 1614127402
.acint.net/	1970-01-19 17:05:19	Name: cSyncDp88 Value: 1614127402
.acint.net/	1970-01-19 17:05:19	Name: cSyncDp84 Value: 1614127402
.acint.net/	1970-01-19 16:42:17	Name: cSyncDp111v2 Value: 1614127402
.acint.net/	1970-01-19 16:42:17	Name: cSyncDp77 Value: 1614127402
.acint.net/	1970-01-19 17:05:19	Name: cSyncDp101 Value: 1614127402
.acint.net/	1970-01-19 17:05:19	Name: cSyncDp68 Value: 1614127402
.acint.net/	1970-01-19 17:05:19	Name: cSyncDp67v2 Value: 1614127402
.acint.net/	1970-01-19 17:05:19	Name: cSyncDp32 Value: 1614127402
.acint.net/	1970-01-19 17:05:19	Name: cSyncDp14v3 Value: 1614127402
.acint.net/	1970-01-19 17:05:19	Name: cSyncDp17 Value: 1614127402
.acint.net/	1970-01-19 17:05:19	Name: cSyncDp7v2 Value: 1614127402
.acint.net/	1970-01-19 17:05:19	Name: cSyncDp144 Value: 1614127402
.vitz.ru/	1970-01-20 00:21:38	Name: tmr_reqNum Value: 2
.acint.net/	1970-01-19 17:05:19	Name: cSyncDp54v2 Value: 1614127402
vitz.ru/	1969-12-31 23:59:59	Name: hotlog Value: 1
.vitz.ru/	1970-01-19 16:22:09	Name: _ym_visorc Value: w
.vitz.ru/	1970-01-20 00:21:38	Name: tmr_lvidTS Value: 1614127401671
.acint.net/	1970-01-19 17:05:19	Name: cSyncDp62 Value: 1614127402
.vitz.ru/	1970-01-19 16:22:07	Name: _gat_gtag_UA_15285766_4 Value: 1
.vitz.ru/	1970-01-20 01:07:43	Name: _ym_d Value: 1614127402
.acint.net/	1970-01-19 17:05:19	Name: cSyncDp85 Value: 1614127402
.doubleclick.net/	1970-01-20 01:43:43	Name: IDE Value: AHWqTUkqQMQWhsQSnlMfJpl3addfIwIaNcKXJCE587y8Gov9oMLjW_oqjYrBqweSWw4
vitz.ru/	1978-01-11 21:31:40	Name: fid Value: ca9ef9e6-d172-494c-a1a4-084b0b1bc5d4
.vitz.ru/	1970-01-20 01:07:43	Name: _ym_uid Value: 1614127402742633446
.vitz.ru/	1970-01-20 01:43:43	Name: __gads Value: ID=87737b2533aafc76-22f6914f90ba006f:T=1614127401:RT=1614127401:S=ALNI_Mbncq0XlBI-h1DNsl_VJhHheL3iuA
.acint.net/	1970-01-19 17:05:19	Name: cSyncDp112v2 Value: 1614127402
.acint.net/	1970-01-25 20:05:16	Name: aid Value: fwAAAWA1oSljDwQaMOVuAp6qtQqv65Y6QtfYDn2foWhmkjCO
.vitz.ru/	1970-01-20 00:21:38	Name: tmr_lvid Value: 599b245c6e36bfaee74cca96b48e6759
.vitz.ru/	1970-01-19 16:23:33	Name: _gid Value: GA1.2.2101418973.1614127401
.acint.net/	1970-01-19 16:23:33	Name: cSyncDp45v3 Value: 1614127402
.vitz.ru/	1970-01-20 09:53:19	Name: _ga Value: GA1.2.389560097.1614127401
.vitz.ru/	1970-01-19 16:23:19	Name: _ym_isad Value: 2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0100007f29a135601a040f63026ee530-sp.ops.beeline.ru
acint.net
ad.adriver.ru
ad.mail.ru
adlmerge.com
ads.betweendigital.com
adservice.google.com
adservice.google.de
adx.com.ru
an.yandex.ru
api.advarkads.com
cdn-rtb.sape.ru
cm.g.doubleclick.net
counter.yadro.ru
dm.hybrid.ai
dmg.digitaltarget.ru
exchange.buzzoola.com
fcgi4.gnezdo.ru
googleads.g.doubleclick.net
hit10.hotlog.ru
match.new-programmatic.com
mc.yandex.ru
p1.dircont3.com
pagead2.googlesyndication.com
partner.googleadservices.com
ps.ntvk1.ru
ps5.ntvk1.ru
px.adhigh.net
redirect.frontend.weborama.fr
relap.io
rtb.beroll.ru
s.uuidksinc.net
s3.advarkads.com
sape-sync.rutarget.ru
sm.rtb.mts.ru
ssp-rtb.sape.ru
ssp.adriver.ru
stat.adlabs.ru
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.republer.com
sync3.adsniper.ru
tag.digitaltarget.ru
tech.rtb.mts.ru
top-fwz1.mail.ru
tpc.googlesyndication.com
ut.rktch.com
vitz.ru
www.acint.net
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x01.aidata.io
109.248.237.37
116.202.236.228
142.250.185.162
168.119.145.118
168.119.9.59
185.15.175.134
185.15.175.146
188.34.131.134
193.232.121.79
193.232.148.159
194.176.118.216
194.190.117.93
195.201.243.72
195.209.108.38
213.87.44.207
217.65.2.150
217.66.147.170
217.69.133.145
23.111.200.118
2606:4700:10::6816:557
2a00:1148:db00::17
2a00:1450:4001:801::200e
2a00:1450:4001:809::2001
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a02:6b8::1:119
2a02:6b8::90
2a02:6ea0:c700::2
31.172.81.160
31.172.81.172
31.220.27.134
35.190.16.14
37.18.16.22
37.9.245.57
80.64.106.148
81.222.128.213
82.202.224.34
88.212.201.216
88.212.233.36
88.99.149.88
89.108.118.65
89.108.119.28
89.108.97.2
89.208.236.251
93.95.102.105
95.163.37.253
95.211.66.35
95.213.133.116
088fbe3e84e45d5249b48da4861d41b07eb53a9462baf7e3a81f0ee8f37946d9
0da62733af40bb5af32f3d53373c40473f98fa0de50ce8f2b530b460668e7051
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10137f4ee9d49a1cff0832bc15faa9a752754455f05ea4051369114cede70259
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
2107c71363a9380ca9077935ce8027c0eb431bb8b10c6c80f0fce1e543036b40
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
26c43ed8781595b69b1ad1318da32f1364132f4ae5a8ec838c2373f429e79e98
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d06e396ae3e665587c28f5ab65944261d284a6d4597f89f741c12ed8354bd5d
2e0e878a41cbf1c2aa09176ad0afe985d53fa958f7b191e8bba15089f6c29c7b
30310b99781e15873a072ecad2ec7f8126af463271ed95cc66a31817763b68f3
31f7463e0c17bd62e0e9bcbbc8d747e5a2301d1b554cf3aae911b1222cfc346d
326b9524fd6295565871de3f0cbd08993794c17160f1b41183cd329e5a90f021
3af2f91a6a5b295eaf465d4882e67dc72c7b658bd4c38cd895912a45d433c73f
3ba3442366862256cffcae8fae16fc9c4fdead2b71592b377bf6e83b3a459ad4
42970544dad7a904c4319fb18571a018096c768f6c4b46befef43011116da138
482f8b8c439e4d7138461db1825c1144e631c347c2a312d1a6b5b222ef615c86
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
5395929f3597b0ae57db4fcc7abaa463563c402cb499c4f182611176b2d7a5a9
53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a49726bf861ad2dbeed14284fc73e953d2e0c8760d79741829116fada42ff75
5a737f4714f9b23cd08e88fc0a9f9db83bf928619c6bef7e76096e9ec7ae05b5
5b04f15f60f83ff0bc7ca92ee5f3dab0025e5670b406f9b06e8377dff9731916
5f7fd5989c12c6559d04ebec24d035a6781b0732ad49ab642a33b8b26cfe0a5b
64942bfaaa4ca68773279a0aa1a1f3f9110a34dd0a81dda22bdb62bd8a0af6f2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c68856bc4b7c28da80bd3aa4e5cb0f0d519ac5e9ceccb2837dfb7e5b96882b9
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
7070978bce841cae0b74c2a595fce7452ec1f8cce84c4e054db060492916523b
7099e8ff07f5f24d1d0798d3e17a433f3cdef18eee32d85ee999aea234462585
799ac33468849d7b42d6b0addb0630ae3ff480d42698b6bc46c11ac2170eba89
7c078e5032ba5da0fdf4e333ac30ad283aaa9de5d935e716c6fd7e1b5d4e9d2e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83cfd27089c5b29baa42d17315055f0985e47c1d6158e63fceb834d1968935d6
856958e4fc575cd8a9517e895f3956e16347dd0be3cee93eca70af63456f2ebe
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
917881e53bf39dde7006129469be1e83fd77b11f7ad65d519b085fab019fc40f
92fa138960be68230964fd7aa454205d904b8824981f9003d72b1df8bd5e2d78
94cf658d2c7345f5472d9d4514ade118d9f9bed0d50a5fc4a02fb9dcd2c8d8c6
9ec05017936d90237bde8b9877d4ee8b426d8c6b50bd7bee47d837a83c22f70b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71c0af767a3a445114fe13518214ea36e28208fbb087f7c69ee166ce65339e4
a7b94a9731eb162c05625cfa9e1160bc8f89eedc06e6be138e0c036bfb080ad0
a817ebbe86d87fe75647c1401ea45b849c352d98264ff47ddd5244079af7192d
ae0a4849ab6f16e7ea8c2685788b56b5646cbb4204b26d64f17b66e236b641fb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b67f83f36aff08e26362640fd79088757e05e40faaa1bbbd09ab9894a02a4f
b520af498f4bf4ec66a36f03254ba0ec6c8bda07d4dcf6efd87f80fa41246035
b5d8e241c751d083c9a394231414f43358cab2e3d5e9d8b0fc8ed25c179d5bb1
c0c093ce0e0daa2c82abc8eb385a89539ed30b8dd65f5c15255d342eea8b54ea
c5abffd0d9386548c9a86ad18cd64155f256861b38aa5e68e1122cf3534d5366
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2f433f1a522b1eb1b9c2090449e5e11428ab5298841943a043d1f0b8660a914
d39e40190c3844c57228ae1647354c1d25ae76f641d10706c2e1a36121589f75
d6236bd0d084d8de7f8b80d4636f644379001201ee48734e9bca38495a18992e
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1
ea298c43d616acadef7f98793c8eab993b8d7e02dbcee7413716eb119385a89c
eb0cf071801001a5152f9f7db555831c192734875c9108fe0641067eaef324e2
eeec769c5ce874a4f0f37d7b3790ad205a78dc635701ecc968b0eb82d429aaf6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e707397659a327ca2c365daccf19d3673c313bc9db68c2eb9a10790c5f75dd
f3604ab2d16008c12308608dfe1d8217f487987cb0a84ca98d69092b94e43235

vitz.ru Open in urlscan Pro 89.108.118.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

117 Requests

84 %HTTPS

33 %IPv6

44 Domains

55 Subdomains

46 IPs

4 Countries

743 kBTransfer

1598 kBSize

42 Cookies

3 Outgoing links

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

vitz.ru Open in urlscan Pro
89.108.118.65 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

84 %
HTTPS

33 %
IPv6

44
Domains

55
Subdomains

46
IPs

4
Countries

743 kB
Transfer

1598 kB
Size

42
Cookies

117 HTTP transactions
1 data transactions