fcgi4.gnezdo.ru Open in urlscan Pro
93.95.102.105 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://fcgi4.gnezdo.ru/
Submission: On February 01 via manual (February 1st 2022, 11:17:58 am UTC) from RU — Scanned from DE

Summary HTTP 166 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 44 IPs in 8 countries across 34 domains to perform 166 HTTP transactions. The main IP is 93.95.102.105, located in Russian Federation and belongs to MTW-AS, RU. The main domain is fcgi4.gnezdo.ru. The Cisco Umbrella rank of the primary domain is 76831.

This is the only time fcgi4.gnezdo.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	93.95.102.105 93.95.102.105	48347 (MTW-AS) (MTW-AS)
50	185.148.37.26 185.148.37.26	48347 (MTW-AS) (MTW-AS)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	93.95.100.117 93.95.100.117	48347 (MTW-AS) (MTW-AS)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
3	93.184.221.133 93.184.221.133	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
2 3	91.216.195.7 91.216.195.7	12516 (WEBORAMA ...) (WEBORAMA Weborama provides Internet Services)
2 4	35.201.80.102 35.201.80.102	15169 (GOOGLE) (GOOGLE)
1 1	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1	185.148.37.79 185.148.37.79	48347 (MTW-AS) (MTW-AS)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
3 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
2	34.117.231.160 34.117.231.160	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	35.227.225.140 35.227.225.140	15169 (GOOGLE) (GOOGLE)
5 22	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
4	35.201.81.244 35.201.81.244	15169 (GOOGLE) (GOOGLE)
2 2	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 2	52.94.223.37 52.94.223.37	16509 (AMAZON-02) (AMAZON-02)
3 3	192.82.242.209 192.82.242.209	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	2a02:6b8:20::215 2a02:6b8:20::215	208722 (YNDX) (YNDX)
3	51.38.250.94 51.38.250.94	16276 (OVH) (OVH)
1 2	154.47.36.52 154.47.36.52	174 (COGENT-174) (COGENT-174)
2 3	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	185.86.139.115 185.86.139.115	201081 (SMARTADSE...) (SMARTADSERVER)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	34.250.206.93 34.250.206.93	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:3175:5196:e3fd:8c1d	16509 (AMAZON-02) (AMAZON-02)
1 1	52.210.63.97 52.210.63.97	16509 (AMAZON-02) (AMAZON-02)
1 1	18.196.159.27 18.196.159.27	16509 (AMAZON-02) (AMAZON-02)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 1	8.39.36.142 8.39.36.142	26667 (RUBICONPR...) (RUBICONPROJECT)
2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	2600:9000:224... 2600:9000:224a:e600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
9	44.231.243.74 44.231.243.74	16509 (AMAZON-02) (AMAZON-02)
166	44

1 93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

fcgi4.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 185.148.37.26 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

zn3.gnezdo.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zn3.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 93.95.100.117 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

news.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 93.184.221.133 (London, United Kingdom)

ASN15133 (EDGECAST, US)

cstatic.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.216.195.7 (France) 2 redirects

ASN12516 (WEBORAMA Weborama provides Internet Services, FR)
PTR: std-collect-lb-c03-02-vip.weborama.fr

gnezdoruanalytics.solution.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wam-google.solution.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.201.80.102 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 102.80.201.35.bc.googleusercontent.com

dx.frontend.weborama.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.16.14 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

rd.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.148.37.79 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

fcgi5.2xclick.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.231.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.231.117.34.bc.googleusercontent.com

ds.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.225.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.225.227.35.bc.googleusercontent.com

bsd.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.186.130 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.241 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.223.37 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.82.242.209 (United States) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.38.250.94 (France)

ASN16276 (OVH, FR)
PTR: ip94.ip-51-38-250.eu

p.crm4d.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.47.36.52 (United States) 1 redirects

ASN174 (COGENT-174, US)

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.52 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.115 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.250.206.93 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-206-93.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:3175:5196:e3fd:8c1d (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.63.97 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-63-97.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.159.27 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-159-27.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.142 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:224a:e600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 44.231.243.74 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-231-243-74.us-west-2.compute.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	gnezdo.ru fcgi4.gnezdo.ru — Cisco Umbrella Rank: 76831 news.gnezdo.ru — Cisco Umbrella Rank: 134155 zn3.gnezdo.ru — Cisco Umbrella Rank: 229038	567 KB
20	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 stats.g.doubleclick.net — Cisco Umbrella Rank: 96 cm.g.doubleclick.net — Cisco Umbrella Rank: 197 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274	51 KB
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124	245 KB
14	weborama.fr 3 redirects cstatic.weborama.fr — Cisco Umbrella Rank: 21343 gnezdoruanalytics.solution.weborama.fr rd.frontend.weborama.fr — Cisco Umbrella Rank: 16767 ds.frontend.weborama.fr — Cisco Umbrella Rank: 57893 bsd.frontend.weborama.fr — Cisco Umbrella Rank: 50537 wam-google.solution.weborama.fr — Cisco Umbrella Rank: 65414 idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27256	15 KB
13	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 711 static.adsafeprotected.com — Cisco Umbrella Rank: 533 dt.adsafeprotected.com — Cisco Umbrella Rank: 484	101 KB
12	yandex.ru 3 redirects an.yandex.ru — Cisco Umbrella Rank: 3286 mc.yandex.ru — Cisco Umbrella Rank: 2853	81 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 255	95 KB
10	gnezdo.news zn3.gnezdo.news	103 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590	4 KB
5	adnxs.com 4 redirects secure.adnxs.com — Cisco Umbrella Rank: 404 ib.adnxs.com — Cisco Umbrella Rank: 241	5 KB
4	yastatic.net yastatic.net — Cisco Umbrella Rank: 6518	152 KB
4	google.com www.google.com — Cisco Umbrella Rank: 13 adservice.google.com — Cisco Umbrella Rank: 80	2 KB
4	weborama.com 2 redirects dx.frontend.weborama.com — Cisco Umbrella Rank: 31895	514 B
3	crm4d.com p.crm4d.com — Cisco Umbrella Rank: 81087	3 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 595	905 B
2	smartadserver.com 1 redirects sync.smartadserver.com — Cisco Umbrella Rank: 3337	382 B
2	webvisor.org 1 redirects mc.webvisor.org — Cisco Umbrella Rank: 16026	738 B
2	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1565	2 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 419	870 B
2	rlcdn.com 1 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 316 id.rlcdn.com — Cisco Umbrella Rank: 738	775 B
2	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 369	747 B
2	google.de www.google.de — Cisco Umbrella Rank: 5557 adservice.google.de — Cisco Umbrella Rank: 8028	1 KB
2	gstatic.com fonts.gstatic.com	26 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 312	463 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1548	351 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 529	765 B
1	everesttech.net 1 redirects pixel.everesttech.net — Cisco Umbrella Rank: 3397	378 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1255	463 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	38 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 777	642 B
1	2xclick.ru fcgi5.2xclick.ru — Cisco Umbrella Rank: 230381	4 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 440	57 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
166	34

	Domain	Requested by
40	zn3.gnezdo.ru	fcgi4.gnezdo.ru zn3.gnezdo.news
13	pagead2.googlesyndication.com	fcgi4.gnezdo.ru pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
12	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
11	s0.2mdn.net	fcgi4.gnezdo.ru s0.2mdn.net googleads.g.doubleclick.net
10	mc.yandex.ru	3 redirects fcgi4.gnezdo.ru cdn.jsdelivr.net
10	zn3.gnezdo.news	fcgi4.gnezdo.ru zn3.gnezdo.news
9	dt.adsafeprotected.com	googleads.g.doubleclick.net
6	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net fcgi4.gnezdo.ru
4	yastatic.net	an.yandex.ru
4	idsync.frontend.weborama.fr	cstatic.weborama.fr
4	dx.frontend.weborama.com	2 redirects fcgi4.gnezdo.ru cstatic.weborama.fr
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	p.crm4d.com	ds.frontend.weborama.fr cstatic.weborama.fr
3	image6.pubmatic.com	3 redirects
3	www.google.com	fcgi4.gnezdo.ru tpc.googlesyndication.com googleads.g.doubleclick.net
3	cstatic.weborama.fr	fcgi4.gnezdo.ru cstatic.weborama.fr
3	news.gnezdo.ru	fcgi4.gnezdo.ru
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	fcgi4.gnezdo.ru
2	fw.adsafeprotected.com	1 redirects fcgi4.gnezdo.ru
2	sync.smartadserver.com	1 redirects cstatic.weborama.fr
2	mc.webvisor.org	1 redirects fcgi4.gnezdo.ru
2	aax-eu.amazon-adsystem.com	1 redirects cstatic.weborama.fr
2	pixel.tapad.com	1 redirects cstatic.weborama.fr
2	gum.criteo.com	2 redirects
2	secure.adnxs.com	2 redirects
2	ds.frontend.weborama.fr	cstatic.weborama.fr
2	gnezdoruanalytics.solution.weborama.fr	1 redirects fcgi4.gnezdo.ru
2	an.yandex.ru	fcgi4.gnezdo.ru an.yandex.ru
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	fcgi4.gnezdo.ru www.google-analytics.com
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	id.rlcdn.com	1 redirects
1	d.agkn.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	idsync.rlcdn.com	cstatic.weborama.fr
1	wam-google.solution.weborama.fr	1 redirects
1	bsd.frontend.weborama.fr	cstatic.weborama.fr
1	www.google.de	fcgi4.gnezdo.ru
1	stats.g.doubleclick.net	www.google-analytics.com
1	fcgi5.2xclick.ru	zn3.gnezdo.news
1	rd.frontend.weborama.fr	1 redirects
1	cdn.jsdelivr.net	fcgi4.gnezdo.ru
1	fonts.googleapis.com	zn3.gnezdo.news
1	fcgi4.gnezdo.ru
166	53

This site contains links to these domains. Also see Links.

Domain
gnezdo.online
lk-gnezdo.com
news.ru
instyle.ru
news.gnezdo.ru

Subject Issuer	Validity	Valid
news.gnezdo.ru R3	`2022-01-23` - `2022-04-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-21` - `2022-10-22`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.frontend.weborama.fr Go Daddy Secure Certificate Authority - G2	`2021-02-20` - `2022-03-24`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.frontend.weborama.com Go Daddy Secure Certificate Authority - G2	`2021-08-28` - `2022-09-29`	a year	crt.sh
*.yastatic.net Yandex CA	`2022-01-22` - `2022-07-23`	6 months	crt.sh
bs.yandex.ru Yandex CA	`2021-11-17` - `2022-05-18`	6 months	crt.sh
crm4d.com R3	`2021-12-25` - `2022-03-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh

This page contains 13 frames:

Primary Page: http://fcgi4.gnezdo.ru/
Frame ID: 1A5E85834F041FAC5D52BAD00C344807
Requests: 89 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html
Frame ID: C5F68074C179E8222F3B7B658C159EAB
Requests: 1 HTTP requests in this frame

Frame: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=fcgi4.gnezdo.ru&site=485736
Frame ID: BAF46B8E013C34E6A90623EEA6071555
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5828883634660773&output=html&h=280&slotname=7606796442&adk=1514590946&adf=896644619&pi=t.ma~as.7606796442&w=500&fwrn=4&fwrnh=100&lmt=1643714273&rafmt=1&psa=0&format=500x280&url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1643714273393&bpp=6&bdt=1194&idt=74&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=4219661926728&frm=20&pv=2&ga_vid=750922036.1643714272&ga_sid=1643714273&ga_hid=859503021&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1050&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31063221&oid=2&pvsid=3939480840175519&pem=164&tmod=1173121754&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=CHXCMUGY9K&p=http%3A//fcgi4.gnezdo.ru&dtd=87
Frame ID: 80BA0C4EF8175C324E9E0C143B4325AD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5828883634660773&output=html&adk=1812271804&adf=3025194257&lmt=1643714273&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&ea=0&flash=0&pra=7&wgl=1&dt=1643714273399&bpp=1&bdt=1200&idt=89&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=500x280&nras=1&correlator=4219661926728&frm=20&pv=1&ga_vid=750922036.1643714272&ga_sid=1643714273&ga_hid=859503021&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31063221&oid=2&pvsid=3939480840175519&pem=164&tmod=1173121754&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=94
Frame ID: DDAC8D488CC7DED543F0519882E66DA7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6D11AB0E6DD095EF2E82413BF667C859
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2B678C08C163C687D898CAF209B07E50
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYnaKFvgEwAQ&v=APEucNW_ZFyXIxMtHqmJRMaviwdt5F6Vgg2MhRssbPadX2wkZoZDsNT9sKzgtGER6jUYjzw-01jQ4PboyJKX0B8sajfdOfLu52_oafIh3Hh6bDViZ1PRy5lvRkn-4EQsvTUpNJ3ds9X6rryRCm3gC4yyQPXcz6qe8F0n5f8tdW7Me9P2SvPrrXY
Frame ID: 994027463B65C0D5755DBD9FA11001CB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ck4Fz0zbQPFvBOwPJtMU82-k4njvak2PrrsOEZcjvY9YgyzGGi3AmjhsE2a6Y7YhfwqrZuRG2a7jOQF4KPArYKTf3L1cPegGl6YaTVKLJKS780pjYmraNlpwUZEqD_U3iuw-c2P7e9gcgAK3LnxFr08dwQLw&dbm_d=AKAmf-Dma8v-LWyUUeuSWLOG7YYY97zxHczHrCXZwriQejR2WjaTBMr1J-lcdP4vfRlrY-s3nNOjtK48hpkI9Ae00vyFEv5CoV5KDGcF1eshJb9QZ4eKHY50Ktw_AR5xNt5bGAkoJyNfURAk2UJTWKC-64J6CLgujZJWnO-nkOxYh9eiz175WEl1zAwNx7KCq6OJl4lPPB8KdeZotaSVcRSdtG0n5KPdxupsds5NVRyG5ZqO8hGWeEM1zfUh-CGl7pUZQnSaOQhfzbk6zcbTbgmb0howoVq2MWwqLrz6UJEZi7d_HJY1VCgHkCxjd4XibFiFvnFdAWd7FvWuTDzSbqcmgyoAqtZ_ugOL9AjnwU8H0-o9b5Jw7AJ7ijwEqBaBNhzFQnO9X2qSykvKTi1ONtcf630Y_MhkqxqTpHMoZxwZKkpN2fbAdwgPHDW-6aEqN6fAw0B5KRMIY8iMaCM52qnxwGMr5HHiRANmzl-4LDwAUS2uT4JdBKA0eCa02VWxFCViVnw0QTQoFerZPtlHS1VILLu8uqul1YJ3x0zIHdFI_9-TG1IYPqi0JtwdrLub8MdlPZwetWxeArgL-_FsPcA5c8zN6r1d5BMR1_3mDbvwXlM2SzLfOQXR4tgYIJR2l-h6Qa4Cctv2rE46hTkOaP8LhjSrXoZOG_b4yvmu5AUwr5LwfR9Z0eM0_defAW91GQPImE1vmoYT6NMqFLi_OxVBpOvMn3zU3fDkf1EUAAyyeIN6WTkHXXym2xFWmhUR-3txJiDOIvxtSx3F003hVHT6DxnEc6vTA7UXnWXvwqmLGvKGdvnbvUuCKY4N7RZpzuzI2WxNXZugXEiguGFoVo545vvKYyQ23JS2FHXfbNwMZmSlIWyz4uffktVcIDcNjdvrW2GxTpxe0N5pYatZMCvNehygP6iWwbM7yxwN3Ye8IVCgIN_06m8NJKBfk7tlymtlhChnEWoXsjZCmV94zAFhzRPGrmxN8EGX5-99J13x13sfz47f40f0KYOSqzKy7j9F_-BcSnRMlh4wUQdPKu15m3OnFJw-QcJJA2swdo3lMVYuAlQEvdunYJmQ3Ej-Eo_63ay9vVbITNQO_dXivS_XnU5mF_BnVnZ-_lSGSjY1RFljh1R5OZTPLwgKytODjuiSVko_FeEJQYJcVaYZvWyrxcWBmBosb5xT0aElfQBKtpQwERVbx6XHsUYq5kDAEwK0nJHgm4eRUYSxg1LNE1v_G0Xu8o5FGVLFY0QYWN7-55_3STpP89IZ4Moo7eIARN2pBjaGneiJwyHOuHek3C4UQBSPJqit8QcYeRvCora5mNfOVR0AIKo9yGCVo6_DmFwtetRovCNFo2G50IV4ZTEGNHSZZbMx4GGFF3npHLtGcIh_dKCQu68VESJ5Wwzb2LYO6oW_b8xvFJytlQ0O7q-IA81JKIeFuQBg7NrSc1nGRTxjMmcBs4_Bkv4SSAbWT6IKX5KDOckZxbEU4l45FubBzGcL9FtHJ3jr7sIehuX1F65vd7RLYGQTIzeb_FlOMsZs5XSS7QTqQcaEsOtjmNkbmvXPrZcsQ_WBzLLEkbyj0Dnc5Nop542VeY7knR-Nz23QMMo064_5u1dqLA5R1WM-Oy-DA7X5BJxW8Dil-Qjy6grkXqlIhcIc7tazfZHrZGUEV27d_sxuWuQcUbWLLqEJJ89i9uhKNdI_CnaM69v3H8BEN3JbYmeCKgaoSntCIOav2MuL4MOHSxcvgnEXrSxfN6zIpYdh0S9w_7UrR6TpBu3LXVqemo2TXLEYyQjtCYiJ55NBsf-gGQWDq6le03FYoerRY8MD804jcurYceOxn4OvTAdPQhRSZAg2QwrnRf2lgLtjvt3BGO1y3th982U-XH_oPIXgcXBj66cHM5gfH98tgqnX9HF_ZG4VJgG4rUMnLn-8LA6HIic2AwZpRWK4Y7ckVKR-3CnKqu0Yd_dVZbKORybqNas-AljMImW8iUZ6YfGI9avIu5Sd6wwvGfz-t5lcwKvIjVd9xsnQWDtYDTdrjamTTJVMg_l-PncqNA2xRdfDkup05WOauUdCNZmx86JtAD7D6z39nTK_zCBNereyTI25pZ3KqBE7Yv0DynxCQvCTa1upNdcWQpADvphrw9Fe3JJmaDA8g_rLFNP9_nkq8itin_4kSnJRLwp4KUY9-NJXdGVaRJ6r6BphbXw4kFMY7rWQ3Wshf6jJEQW7OHpGIO9INbHUEvPToFS4ypSZpAqpcjSu1aTF23jgPBY-7Oc2B5zlGgLzCAp1qnwIyhOrPNj39EACW2iUsTqxXob7BnutHgwgPqRoce-MCCCDVOHu3M1xDxxaVnIfU1Xa_aa1mK2IutEMI4UXBtc_4RkAkOD0UQJM-YYIt6Cd5TJg5rbM5xQZrGOtcGrJroujbbTwZ96d_fvtdSGYICbCQ9_Djibha1ma8lMKy5jLY32LEzoowsqPhcVmBRm29-TaEA1muhwotEQq_LVwlGwDNmGp4sZbSESNrBd0tLcj9l7epa91EyEICkeaJICys_xco5xHyFaVT050nNC88Dql0cK72hw0yG1X_mM-eItc0ry_5h2ol7i4WEPlPPpYyA-G3ooKBP_SuJyL0n3Fkm85-Jka721wKzdTA3_2-QNSBuH6Mfvf-2FQAFV4kZ3_WKTIlcDuP2th5KYlMsRQ_7HBCjqjzVO6veMHMUa4oz8PeKVgFCJn0NTLAHGyGutgbllubGXEphkOQTMlYuS0m9bqkcKYn0_nKtVotGCKxBnE1Wl-o6av8XWefgrupbVTbDSGplTiz0GDasAU8D_wIg3d7sxCOBZMP-O3nvREItWxPFnzKcAJ7A87uQtoJmIob4il65-HBxJUFMlVqI8FAGdkIO_AYXpw6G2M1C0Mg7MAOaH2kxXsXcaeyg7rl5MBhAuYoVboxbyZCRCBhwLtoIalslt7SGYi6EiWTBh_0wPcsR2DNtlbQkXTLJGar39ZT2w5UsnukIIyC5-P5Qfi9EIAY0Fsj5gtG6Y3G49xbNpbq1aQiYeDdhoOIWMROv6ynsaefBDfk67yFVIc0nty8cTIVJ32eDEIht0TxopJ00nbhkpTq8vKOCamU-fgf7J_6FRGdUDIuJcooxAQEsqnM913UaZ37C3w-NTKd5vxT6-BxCCK18TrWszb5-ejKvCuuI1pw-PgJACwkR0T4t9sjwxJPFYgM8BOnB5_dn10DqLpWZjxb-q6kTrBVgkoQNTEJni06037bPQ9pwvGuJB0XkbKlXclLA5vof0vLp6507M6j19EsWg4_WXoUWiE9YeSkj654WDoQI1uwEJ_kLPkarexm8ukYaXT-y5xiV52ppm-02ZTrKrYyb5ZAkGwtR7iM1E12FlUVC2F03NUUuxH0-7QUJRajT95P5wQ&cid=CAASEuRopRhdVToLHfkeIZh7_D8lqA&rfl=2%2Chttp%253A%252F%252Ffcgi4.gnezdo.ru%252F%240
Frame ID: 11A9EBE0B445BBF38168B3AF081ACE2D
Requests: 25 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6C01902DF459C9F837B95299D7170831
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0B32FA1ACA493C57763BA4AC8596DAAB
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13730119597208835797/index.html
Frame ID: 32D5665216F5AAB2247743344EAEE6DF
Requests: 10 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: AC8164D4CAF6177975CF25B81A02CE54
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gnezdo.ru

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.jsdelivr\.net/npm/yandex\-metrica\-watch/watch\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

166
Requests

49 %
HTTPS

40 %
IPv6

34
Domains

53
Subdomains

44
IPs

8
Countries

1566 kB
Transfer

3440 kB
Size

55
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://gnezdo.online/

Search URL Search Domain Scan URL

URL: https://lk-gnezdo.com/cgi-bin/admin/login.cgi
Title: Вход

Search URL Search Domain Scan URL

URL: http://gnezdo.online/vakansii/
Title: Заработай с нами

Search URL Search Domain Scan URL

URL: http://gnezdo.online/pokupka-trafika/
Title: Рекламодателям

Search URL Search Domain Scan URL

URL: http://gnezdo.online/monetizatsiya-trafika/
Title: Вебмастерам

Search URL Search Domain Scan URL

URL: https://news.ru/society/vstroennyj-avtoinspektor-najden-sposob-kontrolya-skorostnogo-rezhima/?utm_source=newsgnezdo&utm_medium=cpc&utm_campaign=teaser&utm_term=0&utm_content=1260409
Title: Нет этой системы в авто? Какой будет штраф

Search URL Search Domain Scan URL

URL: https://instyle.ru/krasota/trends/stilnye-idei-manikyura-na-osen/?utm_source=gnezdo&utm_medium=partners&utm_term=0&utm_content=1197626&utm_campaign=instyleexchage
Title: Топ-12 ярких идей маникюра осени 2021

Search URL Search Domain Scan URL

URL: https://news.gnezdo.ru/tests/health/
Title: ТЕСТ Наносит ли выпивка ущерб вашему здоровью?

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1643714272&ta=1600x1200&co=24&ref= HTTP 302
https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1643714272&ta=1600x1200&co=24&ref=&BOUNCE=OK

Request Chain 32

https://dx.frontend.weborama.com/collect?touchpoint=0&url=http%3A//fcgi4.gnezdo.ru/ HTTP 302
https://dx.frontend.weborama.com/collect?touchpoint=0&url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&bounce=1&random=2689518189 HTTP 302
https://rd.frontend.weborama.fr/rd?key=wamsync&url=https%3A%2F%2Fdx.frontend.weborama.com%2Fcollect%3Fdsp_id%3D0%26eid%3D%7BWEBO_ID%7D HTTP 302
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=LqX8k8vdY4su

Request Chain 43

https://mc.yandex.ru/watch/3?wmode=7&page-url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7eipge77xa7z%3Afp%3A413%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A2%3Adp%3A0%3Als%3A740800702112%3Ahid%3A831632843%3Az%3A0%3Ai%3A20220201111752%3Aet%3A1643714273%3Ac%3A1%3Arn%3A852268318%3Arqn%3A1%3Au%3A1643714273163410743%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1643714272009%3Ads%3A54%2C56%2C76%2C1%2C0%2C0%2C%2C277%2C4%2C%2C%2C%2C466%3Aco%3A0%3Ast%3A1643714273&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7eipge77xa7z%3Afp%3A413%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A2%3Adp%3A0%3Als%3A740800702112%3Ahid%3A831632843%3Az%3A0%3Ai%3A20220201111752%3Aet%3A1643714273%3Ac%3A1%3Arn%3A852268318%3Arqn%3A1%3Au%3A1643714273163410743%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1643714272009%3Ads%3A54%2C56%2C76%2C1%2C0%2C0%2C%2C277%2C4%2C%2C%2C%2C466%3Aco%3A0%3Ast%3A1643714273&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 44

https://mc.yandex.ru/watch/11859022?wmode=7&page-url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22gnezdoGroupId%22%3A%220%22%2C%22gnezdoSubId%22%3A0%2C%22gnezdoADGender%22%3A%22%22%2C%22gnezdoADAge%22%3A%22%22%2C%22gnezdoAIDGender%22%3A%22%22%2C%22gnezdoAIDAge%22%3A%22%22%2C%22gnezdoWBGender%22%3A%22%22%2C%22gnezdoWBAge%22%3A%22%22%2C%22gnezdoLentaId%22%3A%22def%22%7D&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7eipge77xa7z%3Afp%3A413%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A723878806500%3Ahid%3A831632843%3Az%3A0%3Ai%3A20220201111752%3Aet%3A1643714273%3Ac%3A1%3Arn%3A589145373%3Arqn%3A1%3Au%3A1643714273163410743%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1643714272009%3Ads%3A54%2C56%2C76%2C1%2C0%2C0%2C%2C277%2C4%2C%2C%2C%2C466%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643714273%3At%3AGnezdo.ru&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/11859022/1?wmode=7&page-url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22gnezdoGroupId%22%3A%220%22%2C%22gnezdoSubId%22%3A0%2C%22gnezdoADGender%22%3A%22%22%2C%22gnezdoADAge%22%3A%22%22%2C%22gnezdoAIDGender%22%3A%22%22%2C%22gnezdoAIDAge%22%3A%22%22%2C%22gnezdoWBGender%22%3A%22%22%2C%22gnezdoWBAge%22%3A%22%22%2C%22gnezdoLentaId%22%3A%22def%22%7D&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7eipge77xa7z%3Afp%3A413%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A723878806500%3Ahid%3A831632843%3Az%3A0%3Ai%3A20220201111752%3Aet%3A1643714273%3Ac%3A1%3Arn%3A589145373%3Arqn%3A1%3Au%3A1643714273163410743%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1643714272009%3Ads%3A54%2C56%2C76%2C1%2C0%2C0%2C%2C277%2C4%2C%2C%2C%2C466%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643714273%3At%3AGnezdo.ru&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 51

https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm=&google_tc= HTTP 302
https://wam-google.solution.weborama.fr/pixel?google_gid=CAESEJxZvi56I7e5T37whUjGj1c&google_cver=1 HTTP 301
https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEJxZvi56I7e5T37whUjGj1c&google_gid=CAESEJxZvi56I7e5T37whUjGj1c&google_cver=1

Request Chain 52

https://secure.adnxs.com/getuid?https://idsync.frontend.weborama.fr/ids?key=appnexus&value=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dappnexus%26value%3D%24UID HTTP 302
https://idsync.frontend.weborama.fr/ids?key=appnexus&value=7650361545882356358

Request Chain 53

https://gum.criteo.com/sync?c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40 HTTP 302
https://gum.criteo.com/sync?s=1&c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=criteov2&value=RkwPDuOEZT-Bs72UKiBYscQJ7VINZ1bV

Request Chain 56

https://pixel.tapad.com/idsync/ex/receive?partner_id=2964&partner_device_id=LqX8k8vdY4su HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=LqX8k8vdY4su

Request Chain 57

https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=UzRIY3E5dEpYQUlralBJbEFKeDBJTw HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=UzRIY3E5dEpYQUlralBJbEFKeDBJTw&dcc=t

Request Chain 58

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&rdf=1 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=CDA6815F-E7D8-4480-97ED-E00E369C7889

Request Chain 91

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9536.dwLDHnr2WO90sDKgtGNgj2xn_uUQZFcP2FZcnLiMBd8CjmI6RBccB_YfbTsXKWeV.YJBS7PHfDFNl6Moyz3rVXbbFVmk%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=9536.H9h4yo7r2wI-jygC7Vtb0VeaE2HnSn2qNb8IkWmrSarm1pvq3pE-qwEw6ewL_Q1KQU_D7hVJBLviBtfLyZbn92x3vhyJYydOWSPC_Zp-diI%2C.AGAZNaWJu1TgubIO24vY0adfJb8%2C

Request Chain 94

https://ib.adnxs.com/getuid?https%3A%2F%2Fp.crm4d.com%2Fsync%2Fappnexus%2Fs.gif%3Fbounce%3D1%26uid%3D%24UID HTTP 302
https://p.crm4d.com/sync/appnexus/s.gif?bounce=1&uid=7650361545882356358

Request Chain 95

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?url=https://p.crm4d.com/sync/sas/s.gif?bounce=1&uid=[sas_uid]&cklb=1

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENoyGDpRSUBrWLKSIwM71SI&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENoyGDpRSUBrWLKSIwM71SI&google_cver=1&C=1

Request Chain 121

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfkW4pe0nYggmmAmxH6qBQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENoyGDpRSUBrWLKSIwM71SI&google_cver=1

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIzBz0UNZiaf0iwioHKautc&google_cver=1

Request Chain 123

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY1MDM2MTU0NTg4MjM1NjM1OA%3D%3D

Request Chain 132

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIhgWjQj-hxt9MQND8W_3fXHw9Z8P2P4MhTOVxeBS-x11tlPm95nNyIqEvvkl3sV2_qFsNdExcFWMroDszkYlEvg-w_YrgP-w&google_gid=CAESEHewkA711UhBMMkSpTv-QmE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWZrVzRnQUFBUXNRd1ZMRQ&google_push=AYg5qPIhgWjQj-hxt9MQND8W_3fXHw9Z8P2P4MhTOVxeBS-x11tlPm95nNyIqEvvkl3sV2_qFsNdExcFWMroDszkYlEvg-w_YrgP-w

Request Chain 133

https://d.agkn.com/pixel/2175/?google_gid=CAESEAPVoXN0UbG3GxXL5xmO6Qs&google_cver=1&google_push=AYg5qPI38HSKAhlj8B5NOChgk1TMg1YvXswjM9RgPvySSgVdogJKP_hLyZdxmZ1OAHF284cwYXjQugSqj26wSQKXddvUQkMJpi3Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPI38HSKAhlj8B5NOChgk1TMg1YvXswjM9RgPvySSgVdogJKP_hLyZdxmZ1OAHF284cwYXjQugSqj26wSQKXddvUQkMJpi3Y&google_hm=Q0FFU0VBUFZvWE4wVWJHM0d4WEw1eG1PNlFz

Request Chain 134

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLRpv6sVNHEpLn5Uut5O3c_QImxs45JjhuZlugBAnunj9rLVJyYyxM-d9wDPmckuLBREL8QsRyiqo2ZWtacMhgJumzdZrq-Gg&google_gid=CAESEJ1SVKz5sQ4skM5LD-ZE1s4&google_cver=1 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwaFI2SHhKZUZKSU90VmJKMkR3Y0xPMWlZQjJDOFJNUU01bEFMQTJuLWREaw==&google_push

Request Chain 136

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEG8B_Ky1P3YAiGN1EmatDxY&google_cver=1&google_push=AYg5qPLeRQLT-Tt6C9gEDzvx6yySjIVuvstWERusszBAdx6UHw2xpInnauQaFTMDhvQ4O29h4m3LuVMm435Xjb0oOJP0sk4Y6zYH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zaaBX-fYRICX7eAONpx4iQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLeRQLT-Tt6C9gEDzvx6yySjIVuvstWERusszBAdx6UHw2xpInnauQaFTMDhvQ4O29h4m3LuVMm435Xjb0oOJP0sk4Y6zYH

Request Chain 137

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELHg6OSCMHPGRMLjBuPx9Rc&google_cver=1&google_push=AYg5qPKXOjihJTM7a3Go2ARvSAB1K2ExucSmNChlELOc21lsrjHn1hlAL89EwzVlwJ79J_3QImzjURKi6thrO8Vc-utwS92XvMGvNg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o0MTFGS0wtMTgtNVM0Qw==&google_push=AYg5qPKXOjihJTM7a3Go2ARvSAB1K2ExucSmNChlELOc21lsrjHn1hlAL89EwzVlwJ79J_3QImzjURKi6thrO8Vc-utwS92XvMGvNg

Request Chain 153

https://fw.adsafeprotected.com/rfw/st/912962/59461380/4.js?ias_dspID=3&ias_campId=26029340&ias_pubId=pub-5828883634660773&ias_chanId=1&ias_placementId=15845895118&bidurl=http://fcgi4.gnezdo.ru/&ias_dealId=&adContainerId=brand_safety_4hb5Yfi8C4SylQeEsa3gCA&cbFunctionName=goog_wrapCb_4hb5Yfi8C4SylQeEsa3gCA&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=http%3A%2F%2Ffcgi4.gnezdo.ru&adsafe_type=g&adsafe_url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5828883634660773%26output%3Dhtml%26h%3D280%26slotname%3D7606796442%26adk%3D1514590946%26adf%3D896644619%26pi%3Dt.ma~as.7606796442%26w%3D500%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1643714273%26rafmt%3D1%26psa%3D0%26format%3D500x280%26url%3Dhttp%253A%252F%252Ffcgi4.gnezdo.ru%252F%26flash%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26dt%3D1643714273393%26bpp%3D6%26bdt%3D1194%26idt%3D74%26shv%3Dr20220126%26mjsv%3Dm202201200501%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D4219661926728%26frm%3D20%26pv%3D2%26ga_vid%3D750922036.1643714272%26ga_sid%3D1643714273%26ga_hid%3D859503021%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D1050%26ady%3D263%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D42531397%252C44750774%252C31063221%26oid%3D2%26pvsid%3D3939480840175519%26pem%3D164%26tmod%3D1173121754%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D23%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26xpc%3DCHXCMUGY9K%26p%3Dhttp%253A%2F%2Ffcgi4.gnezdo.ru%26dtd%3D87&adsafe_type=bd&adsafe_jsinfo=,id:bf568979-99bb-c315-7587-9045b8adcc4a,c:2Y0Xtj,sl:outOfView,em:true,fr:false,thd:1,mn:app05ie,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:grpm1,nbld:0,mtim:2,fm:sWbDAfc+11%7C12%7C131*.912962-59461380%7C1311%7C1312%7C13131%7C1314%7C14%7C15,idMap:131*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:15,oid:99d7c622-8350-11ec-ae02-02bf2b86cc68,v:19.8.284,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

166 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
fcgi4.gnezdo.ru/ 17 KB
7 KB 186ms
76ms Document
text/html 93.95.102.105
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: d236cb469df8bc6b81611b44a6af1e440879de6752c00f36e7d46d07c037ece0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
Expires: Tue, 01 Feb 2022 11:17:53 GMT
Date: Tue, 01 Feb 2022 11:17:52 GMT
Cache-control: no-cache, no-store, must-revalidate
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Content-Encoding: gzip

GET
H/1.1 200
OK style15.css
zn3.gnezdo.news/new-lenta/ 8 KB
3 KB 145ms
46ms Stylesheet
text/css 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://zn3.gnezdo.news/new-lenta/style15.css?1234
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: 95f9f7d5fc896cddb14ac87de2c177488da4249aa25c977a620cf99463d615d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Content-Encoding: gzip
Last-Modified: Sun, 28 Nov 2021 20:54:53 GMT
Server: nginx
ETag: W/"61a3ec9d-1e61"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK health.css
zn3.gnezdo.news/new-lenta/ 2 KB
1 KB 147ms
48ms Stylesheet
text/css 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://zn3.gnezdo.news/new-lenta/health.css?1
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: 01266b002c3a5fd944f5d5a6c9a7bcedf1274ea6c9baef3d2f14457d364014da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Content-Encoding: gzip
Last-Modified: Sun, 28 Nov 2021 20:54:53 GMT
Server: nginx
ETag: W/"61a3ec9d-8f1"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK white-logo.png
zn3.gnezdo.news/new-lenta/img/ 4 KB
5 KB 147ms
48ms Image
image/png 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.news/new-lenta/img/white-logo.png
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: f3d3d5e79c6c3971916ebb40d8f16c3d584efe53669023273eeca33928178bfe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Sun, 28 Nov 2021 20:54:53 GMT
Server: nginx
ETag: "61a3ec9d-1100"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 4352
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 404
Not Found enter_ad.png
zn3.gnezdo.news/src/ 0
0 57ms
56ms Image
text/html 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.news/src/enter_ad.png
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
52 KB 47ms
37ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73ed8ffacf61ee887fff9b9a19498c48458f1a3c895ef3d56112301b3f300e2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 01 Feb 2022 11:17:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 12515948140367698506
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 52452
X-XSS-Protection: 0
Expires: Tue, 01 Feb 2022 11:17:52 GMT

GET
H/1.1 200
OK health.jpg
news.gnezdo.ru/tests/health/ 4 KB
5 KB 396ms
51ms Image
image/jpeg 93.95.100.117
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news.gnezdo.ru/tests/health/health.jpg
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx/1.10.3 /
Resource Hash: 1c38153acac347bda02a24b09e16db230167f0a51d6d1974ff1e505c1282bdd6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Thu, 08 Nov 2018 10:09:56 GMT
Server: nginx/1.10.3
ETag: "5be40b74-110b"
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 4363
Expires: Wed, 01 Feb 2023 11:17:52 GMT

GET
H/1.1 200
OK jquery-2.2.4.min.js Show response
zn3.gnezdo.news/js/ 84 KB
84 KB 145ms
47ms Script
application/javascript 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://zn3.gnezdo.news/js/jquery-2.2.4.min.js
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Sun, 28 Nov 2021 20:48:56 GMT
Server: nginx
ETag: "61a3eb38-14e4a"
Content-Type: application/javascript; charset=windows-1251
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 85578
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK modernizr.js Show response
zn3.gnezdo.news/new-lenta/ 3 KB
3 KB 147ms
48ms Script
application/javascript 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://zn3.gnezdo.news/new-lenta/modernizr.js
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: 840f575220d6b42197251483e8b3b486bce6f7c4c4bddfff022580d3bb39ce4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Sun, 28 Nov 2021 20:54:53 GMT
Server: nginx
ETag: "61a3ec9d-aa9"
Content-Type: application/javascript; charset=windows-1251
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 2729
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK new_lenta_colors13.js Show response
zn3.gnezdo.news/js/ 5 KB
5 KB 147ms
48ms Script
application/javascript 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://zn3.gnezdo.news/js/new_lenta_colors13.js
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: cf65ca9324ee6c4b4e24d2a1a92673a6580918ccf11cf6185af44a7797d2eb82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Sun, 28 Nov 2021 20:48:57 GMT
Server: nginx
ETag: "61a3eb39-122c"
Content-Type: application/javascript; charset=windows-1251
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 4652
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 2 KB
1 KB 25ms
17ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Roboto+Condensed

Requested by

Host: zn3.gnezdo.news
URL: http://zn3.gnezdo.news/new-lenta/style15.css?1234

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ab7a0be2299e70dae873007443bb9faaf90ba9d96d40c54eb96d3ba8498f556

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://zn3.gnezdo.news/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Tue, 01 Feb 2022 11:17:52 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 01 Feb 2022 11:17:52 GMT

GET
H2 200 watch.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 137 KB
57 KB 102ms
50ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Requested by

Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d1e13a4eec0756cefd892bee8e8e4eef1b10793f42c42c221b46569e3f3d10f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:17:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 33956
x-jsd-version: 1.219.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19143-FRA, cache-mxp6934-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"2253b-E7NRxMD3rS4GHe+KMUgxWSjF0XA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6d6ac69adef059ad-MXP

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4380
date: Tue, 01 Feb 2022 10:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 01 Feb 2022 12:04:52 GMT

GET
H/1.1 200
OK products.js Show response
cstatic.weborama.fr/js/ 24 KB
7 KB 39ms
7ms Script
text/javascript 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://cstatic.weborama.fr/js/products.js
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F65) /
Resource Hash: a599e9cd40ca22eb73a9a32e4e99571b5b30cb28775192c7579ab3432c68462f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Sep 2021 09:44:54 GMT
Server: ECAcc (frc/8F65)
Age: 91286
Etag: "2231453100"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 7201
Expires: Tue, 08 Feb 2022 11:17:52 GMT

GET
H/1.1 200
OK pink-top.png
zn3.gnezdo.news/new-lenta/img/ 143 B
526 B 45ms
45ms Image
image/png 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.news/new-lenta/img/pink-top.png
Requested by: Host: zn3.gnezdo.news
URL: http://zn3.gnezdo.news/new-lenta/style15.css?1234
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: 91a23159638a846a426eb990ec53821e49518e78924d10f45ee5178ba44de83b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://zn3.gnezdo.news/new-lenta/style15.css?1234
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Sun, 28 Nov 2021 20:54:53 GMT
Server: nginx
ETag: "61a3ec9d-8f"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 143
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK u21476_favicon_347a590a53.png
news.gnezdo.ru/img/original/ 2 KB
2 KB 112ms
56ms Image
image/png 93.95.100.117
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://news.gnezdo.ru/img/original/u21476_favicon_347a590a53.png
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx/1.10.3 /
Resource Hash: 1111cb13044e3b2c0285c76295838befa1a5d8886d05e445b787d18ade5f1555

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Thu, 11 Mar 2021 15:35:12 GMT
Server: nginx/1.10.3
ETag: "604a38b0-791"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1937
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK u13683_favicon_92ef0533a0.png
news.gnezdo.ru/img/original/ 2 KB
2 KB 167ms
55ms Image
image/png 93.95.100.117
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://news.gnezdo.ru/img/original/u13683_favicon_92ef0533a0.png
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx/1.10.3 /
Resource Hash: 4ef17c125b27ad5467de4544755c36c1e90b78b5e0b06df16b7e299af0c247a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Tue, 25 Dec 2018 10:54:25 GMT
Server: nginx/1.10.3
ETag: "5c220c61-63c"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1596
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1258571_9148c3ae26.jpg
zn3.gnezdo.ru/img/300x300/571/ 13 KB
13 KB 168ms
61ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/300x300/571/1258571_9148c3ae26.jpg
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: a0839fc7fbf5cde0c50106c2fa7377d4027fd6acfc87bc092dc6525b0b6bae3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Sun, 23 Jan 2022 06:31:27 GMT
Server: nginx
ETag: "61ecf63f-320c"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 12812
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK like.png
zn3.gnezdo.news/new-lenta/img/ 684 B
1 KB 50ms
49ms Image
image/png 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.news/new-lenta/img/like.png
Requested by: Host: zn3.gnezdo.news
URL: http://zn3.gnezdo.news/new-lenta/style15.css?1234
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: b59d5d931ece7fab4c2378e6e3979c793f6e52e8a1bc6e7c1fa569e03d96f49f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://zn3.gnezdo.news/new-lenta/style15.css?1234
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Sun, 28 Nov 2021 20:54:53 GMT
Server: nginx
ETag: "61a3ec9d-2ac"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 684
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK close.png
zn3.gnezdo.news/new-lenta/img/ 276 B
660 B 49ms
48ms Image
image/png 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.news/new-lenta/img/close.png
Requested by: Host: zn3.gnezdo.news
URL: http://zn3.gnezdo.news/new-lenta/style15.css?1234
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: 9b6b5e0c551bac6ccde502c3bf5c75d1efe6b1da975c0d251a4a17b8adcc74a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://zn3.gnezdo.news/new-lenta/style15.css?1234
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Sun, 28 Nov 2021 20:54:53 GMT
Server: nginx
ETag: "61a3ec9d-114"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 276
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1261676_8a65d89707.jpg
zn3.gnezdo.ru/img/280x217/676/ 14 KB
14 KB 89ms
47ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/280x217/676/1261676_8a65d89707.jpg
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: c4ef2cb2d61a18fcca1482ea8ae1f594e205b4519a67cd2b785e9ca9e96119c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Mon, 31 Jan 2022 16:07:34 GMT
Server: nginx
ETag: "61f80946-364a"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 13898
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1260833_04cdf0a8b0.jpg
zn3.gnezdo.ru/img/280x217/833/ 12 KB
12 KB 89ms
46ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/280x217/833/1260833_04cdf0a8b0.jpg
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: c16afed35ac4a95d169faf4ccb81da55881c502468851f3167affd597442a9cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Fri, 28 Jan 2022 13:23:19 GMT
Server: nginx
ETag: "61f3ee47-2ea8"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 11944
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1176077_bd9ca1c03a.jpg
zn3.gnezdo.ru/img/300x300/077/ 16 KB
17 KB 94ms
51ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/300x300/077/1176077_bd9ca1c03a.jpg
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: cf248f8ca5d3dd1153442c4386c2255ca3b1450b34cf9af811be28a919cf4101

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Mon, 09 Aug 2021 20:19:36 GMT
Server: nginx
ETag: "61118dd8-40d4"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 16596
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1145094_5da200a50e.jpg
zn3.gnezdo.ru/img/280x217/094/ 12 KB
12 KB 91ms
48ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/280x217/094/1145094_5da200a50e.jpg
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: ec7f4f1a331faf9a8fc76540e49f0a0241d4fec69c1b1fd0f4621c0746422452

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Fri, 18 Jun 2021 08:41:37 GMT
Server: nginx
ETag: "60cc5c41-2ee5"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 12005
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1261849_7b926af3d5.jpg
zn3.gnezdo.ru/img/280x217/849/ 16 KB
17 KB 74ms
42ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/280x217/849/1261849_7b926af3d5.jpg
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: f661f7f09892c08c77dbfb81de5def5e9c1db313472f2f79c715955a193a0115

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Mon, 31 Jan 2022 21:18:58 GMT
Server: nginx
ETag: "61f85242-4134"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 16692
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1260651_fa4b49c957.jpg
zn3.gnezdo.ru/img/280x217/651/ 11 KB
11 KB 92ms
49ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/280x217/651/1260651_fa4b49c957.jpg
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: 9eea995b6d3ddb2eaa870035369180477ad2d7504161280fe04a74cd01372215

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Fri, 28 Jan 2022 09:53:04 GMT
Server: nginx
ETag: "61f3bd00-2b96"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 11158
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v24/ 9 KB
10 KB 12ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/robotocondensed/v24/ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto+Condensed

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bddd7c9debeee9bccc8d6a0f0990743d3db200fe23fc08dbad9e60a007e52919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://fcgi4.gnezdo.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 00:14:27 GMT
X-Content-Type-Options: nosniff
Age: 471805
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 9692
X-XSS-Protection: 0
Last-Modified: Wed, 26 Jan 2022 19:13:53 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Fri, 27 Jan 2023 00:14:27 GMT

GET
H/1.1 200
OK ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v24/ 15 KB
16 KB 13ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/robotocondensed/v24/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Roboto+Condensed

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://fcgi4.gnezdo.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 26 Jan 2022 20:19:53 GMT
X-Content-Type-Options: nosniff
Age: 485879
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 15700
X-XSS-Protection: 0
Last-Modified: Wed, 26 Jan 2022 19:13:59 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Thu, 26 Jan 2023 20:19:53 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/ Frame C5F6 10 KB
5 KB 30ms
8ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Mon, 31 Jan 2022 15:32:23 GMT
expires: Mon, 14 Feb 2022 15:32:23 GMT
cache-control: public, max-age=1209600
age: 71129
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
Ok context.js Show response
an.yandex.ru/system/ 272 KB
77 KB 116ms
73ms Script
text/javascript 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

http://an.yandex.ru/system/context.js

Requested by

Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/

Protocol

HTTP/1.1

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e510c56f460ca07e55523ceaecf37639a5e9e2e66940bddce9cfafc1db6cc44c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Yandex-Req-Id: 1643714272505182-1104696882442672907500256-production-app-host-vla-pcode-213
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
X-Robots-Tag: noindex, noarchive, nofollow
Keep-Alive: timeout=600
Expires: Tue, 01 Feb 2022 12:17:52 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 15ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=859503021&t=pageview&_s=1&dl=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&ul=en-us&de=UTF-8&dt=Gnezdo.ru&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1723811628&gjid=1218687802&cid=750922036.1643714272&tid=UA-5044672-6&_gid=1230858319.1643714272&_r=1&_slc=1&z=1480272144

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fcgi4.gnezdo.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://fcgi4.gnezdo.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync.html Show response
cstatic.weborama.fr/iframe/ Frame BAF4 336 B
451 B 27ms
7ms Document
text/html 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=fcgi4.gnezdo.ru&site=485736
Requested by: Host: cstatic.weborama.fr
URL: http://cstatic.weborama.fr/js/products.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F8F) /
Resource Hash: 3e1dac2792ab6c6adeef95c5e0d28ad832c837d58922fa4ceafa0ed3bd0f96a7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/

Response headers

content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 91542
cache-control: max-age=604800
content-type: text/html
date: Tue, 01 Feb 2022 11:17:52 GMT
etag: "282943589+gzip"
expires: Tue, 08 Feb 2022 11:17:52 GMT
last-modified: Mon, 20 Sep 2021 08:52:49 GMT
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
server: ECAcc (frc/8F8F)
vary: Accept-Encoding
x-cache: HIT
content-length: 207

GET
H/1.1

200
OK

comptage_wreport.fcgi
gnezdoruanalytics.solution.weborama.fr/fcgi-bin/
Redirect Chain

https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1643714272&ta=1600x1200&co=24&ref=
https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1643714272&ta=1600x1200&co=24&ref=&BOUNCE=OK

67 B
721 B

20ms
20ms

Image
image/gif

91.216.195.7
WEBORAMA Weborama...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1643714272&ta=1600x1200&co=24&ref=&BOUNCE=OK
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 91.216.195.7 , France, ASN12516 (WEBORAMA Weborama provides Internet Services, FR),
Reverse DNS: std-collect-lb-c03-02-vip.weborama.fr
Software: Apache /
Resource Hash: 09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:52 GMT
cache-control: no-cache
server: Apache
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
transfer-encoding: chunked
content-type: image/gif

Redirect headers

location: https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1643714272&ta=1600x1200&co=24&ref=&BOUNCE=OK
date: Tue, 01 Feb 2022 11:17:52 GMT
server: Apache
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
content-length: 399
content-type: text/html; charset=iso-8859-1

GET
H3

204

collect
dx.frontend.weborama.com/
Redirect Chain

https://dx.frontend.weborama.com/collect?touchpoint=0&url=http%3A//fcgi4.gnezdo.ru/
https://dx.frontend.weborama.com/collect?touchpoint=0&url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&bounce=1&random=2689518189
https://rd.frontend.weborama.fr/rd?key=wamsync&url=https%3A%2F%2Fdx.frontend.weborama.com%2Fcollect%3Fdsp_id%3D0%26eid%3D%7BWEBO_ID%7D
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=LqX8k8vdY4su

0
17 B

15ms
15ms

Image
text/plain

35.201.80.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx.frontend.weborama.com/collect?dsp_id=0&eid=LqX8k8vdY4su
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: H3
Server: 35.201.80.102 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 102.80.201.35.bc.googleusercontent.com
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:52 GMT
via: 1.1 google
last-modified: Tue, 01 Feb 2022 11:17:52 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:52 GMT
via: 1.1 google
last-modified: Tue, 01 Feb 2022 11:17:52 GMT
server: nginx/1.12.0
location: https://dx.frontend.weborama.com/collect?dsp_id=0&eid=LqX8k8vdY4su
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1 200
OK 1258571_9148c3ae26.jpg
zn3.gnezdo.ru/img/300x300/571/ 13 KB
13 KB 97ms
54ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/300x300/571/1258571_9148c3ae26.jpg
Requested by: Host: zn3.gnezdo.news
URL: http://zn3.gnezdo.news/js/new_lenta_colors13.js
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: a0839fc7fbf5cde0c50106c2fa7377d4027fd6acfc87bc092dc6525b0b6bae3c

Request headers

Referer: http://fcgi4.gnezdo.ru/
Origin: http://fcgi4.gnezdo.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Sun, 23 Jan 2022 06:31:27 GMT
Server: nginx
ETag: "61ecf63f-320c"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 12812
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1261676_8a65d89707.jpg
zn3.gnezdo.ru/img/280x217/676/ 14 KB
14 KB 93ms
51ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/280x217/676/1261676_8a65d89707.jpg
Requested by: Host: zn3.gnezdo.news
URL: http://zn3.gnezdo.news/js/new_lenta_colors13.js
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: c4ef2cb2d61a18fcca1482ea8ae1f594e205b4519a67cd2b785e9ca9e96119c7

Request headers

Referer: http://fcgi4.gnezdo.ru/
Origin: http://fcgi4.gnezdo.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Mon, 31 Jan 2022 16:07:34 GMT
Server: nginx
ETag: "61f80946-364a"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 13898
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1260833_04cdf0a8b0.jpg
zn3.gnezdo.ru/img/280x217/833/ 12 KB
12 KB 87ms
44ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/280x217/833/1260833_04cdf0a8b0.jpg
Requested by: Host: zn3.gnezdo.news
URL: http://zn3.gnezdo.news/js/new_lenta_colors13.js
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: c16afed35ac4a95d169faf4ccb81da55881c502468851f3167affd597442a9cc

Request headers

Referer: http://fcgi4.gnezdo.ru/
Origin: http://fcgi4.gnezdo.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Fri, 28 Jan 2022 13:23:19 GMT
Server: nginx
ETag: "61f3ee47-2ea8"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 11944
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1176077_bd9ca1c03a.jpg
zn3.gnezdo.ru/img/300x300/077/ 16 KB
17 KB 94ms
44ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/300x300/077/1176077_bd9ca1c03a.jpg
Requested by: Host: zn3.gnezdo.news
URL: http://zn3.gnezdo.news/js/new_lenta_colors13.js
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: cf248f8ca5d3dd1153442c4386c2255ca3b1450b34cf9af811be28a919cf4101

Request headers

Referer: http://fcgi4.gnezdo.ru/
Origin: http://fcgi4.gnezdo.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Mon, 09 Aug 2021 20:19:36 GMT
Server: nginx
ETag: "61118dd8-40d4"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 16596
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1145094_5da200a50e.jpg
zn3.gnezdo.ru/img/280x217/094/ 12 KB
12 KB 100ms
50ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/280x217/094/1145094_5da200a50e.jpg
Requested by: Host: zn3.gnezdo.news
URL: http://zn3.gnezdo.news/js/new_lenta_colors13.js
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: ec7f4f1a331faf9a8fc76540e49f0a0241d4fec69c1b1fd0f4621c0746422452

Request headers

Referer: http://fcgi4.gnezdo.ru/
Origin: http://fcgi4.gnezdo.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Fri, 18 Jun 2021 08:41:37 GMT
Server: nginx
ETag: "60cc5c41-2ee5"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 12005
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1261849_7b926af3d5.jpg
zn3.gnezdo.ru/img/280x217/849/ 16 KB
17 KB 87ms
52ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/280x217/849/1261849_7b926af3d5.jpg
Requested by: Host: zn3.gnezdo.news
URL: http://zn3.gnezdo.news/js/new_lenta_colors13.js
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: f661f7f09892c08c77dbfb81de5def5e9c1db313472f2f79c715955a193a0115

Request headers

Referer: http://fcgi4.gnezdo.ru/
Origin: http://fcgi4.gnezdo.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Mon, 31 Jan 2022 21:18:58 GMT
Server: nginx
ETag: "61f85242-4134"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 16692
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1260651_fa4b49c957.jpg
zn3.gnezdo.ru/img/280x217/651/ 11 KB
11 KB 51ms
44ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/280x217/651/1260651_fa4b49c957.jpg
Requested by: Host: zn3.gnezdo.news
URL: http://zn3.gnezdo.news/js/new_lenta_colors13.js
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: 9eea995b6d3ddb2eaa870035369180477ad2d7504161280fe04a74cd01372215

Request headers

Referer: http://fcgi4.gnezdo.ru/
Origin: http://fcgi4.gnezdo.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Fri, 28 Jan 2022 09:53:04 GMT
Server: nginx
ETag: "61f3bd00-2b96"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 11158
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jx_lenta.fcgi Show response
fcgi5.2xclick.ru/cgi-bin/ 14 KB
4 KB 158ms
60ms XHR
text/html 185.148.37.79
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://fcgi5.2xclick.ru/cgi-bin/jx_lenta.fcgi?ssp_id=0&ti=0&lp=6&k=lenta_rub_556_14_estet&impid=0&main_id=0&ids=1258571,1261676,1260833,1176077,1145094,1261849,1260651,1260409,1197626&token=&tui=0&alg=default
Requested by: Host: zn3.gnezdo.news
URL: http://zn3.gnezdo.news/js/jquery-2.2.4.min.js
Protocol: HTTP/1.1
Server: 185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: 2000088bd3f7c3f2e79a03f37aa25962e438f3398b7f325de3adba601c0c8612

Request headers

Accept: */*
Referer: http://fcgi4.gnezdo.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 11:17:52 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Keep-Alive: timeout=30
Expires: Tue, 01 Feb 2022 11:17:53 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 64ms
22ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-5044672-6&cid=750922036.1643714272&jid=1723811628&gjid=1218687802&_gid=1230858319.1643714272&_u=IEBAAEAAAAAAAC~&z=1774470031

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://fcgi4.gnezdo.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 01 Feb 2022 11:17:52 GMT
content-type: text/plain
access-control-allow-origin: http://fcgi4.gnezdo.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 external_libs.v2.js Show response
cstatic.weborama.fr/iframe/ Frame BAF4 8 KB
3 KB 8ms
8ms Script
text/javascript 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cstatic.weborama.fr/iframe/external_libs.v2.js
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=fcgi4.gnezdo.ru&site=485736
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F5E) /
Resource Hash: 0b6cc2293aed13859bd06a4b20b671fcc33542ca66d0be2366b16f2c2a27f6a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=fcgi4.gnezdo.ru&site=485736
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:17:52 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 08:52:49 GMT
server: ECAcc (frc/8F5E)
age: 94708
etag: "3142978827"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: text/javascript
content-length: 3062
expires: Tue, 08 Feb 2022 11:17:52 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7eipge77xa7z%3Afp%3A413%3Afu%3A0%3Aen%3Autf-8%3Ala...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7eipge77xa7z%3Afp%3A413%3Afu%3A0%3Aen%3Autf-8%3Al...

167 B
249 B

40ms
40ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7eipge77xa7z%3Afp%3A413%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A2%3Adp%3A0%3Als%3A740800702112%3Ahid%3A831632843%3Az%3A0%3Ai%3A20220201111752%3Aet%3A1643714273%3Ac%3A1%3Arn%3A852268318%3Arqn%3A1%3Au%3A1643714273163410743%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1643714272009%3Ads%3A54%2C56%2C76%2C1%2C0%2C0%2C%2C277%2C4%2C%2C%2C%2C466%3Aco%3A0%3Ast%3A1643714273&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

2cf8641392056053e3215d7a4e2db96a09b436e20a41240940e488129e30c175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 01-Feb-2022 11:17:52 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://fcgi4.gnezdo.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Tue, 01-Feb-2022 11:17:52 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:52 GMT
last-modified: Tue, 01-Feb-2022 11:17:52 GMT
location: /watch/3/1?wmode=7&page-url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7eipge77xa7z%3Afp%3A413%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A2%3Adp%3A0%3Als%3A740800702112%3Ahid%3A831632843%3Az%3A0%3Ai%3A20220201111752%3Aet%3A1643714273%3Ac%3A1%3Arn%3A852268318%3Arqn%3A1%3Au%3A1643714273163410743%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1643714272009%3Ads%3A54%2C56%2C76%2C1%2C0%2C0%2C%2C277%2C4%2C%2C%2C%2C466%3Aco%3A0%3Ast%3A1643714273&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://fcgi4.gnezdo.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 01-Feb-2022 11:17:52 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/11859022/
Redirect Chain

https://mc.yandex.ru/watch/11859022?wmode=7&page-url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22gnez...
https://mc.yandex.ru/watch/11859022/1?wmode=7&page-url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22gn...

331 B
366 B

40ms
40ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/11859022/1?wmode=7&page-url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22gnezdoGroupId%22%3A%220%22%2C%22gnezdoSubId%22%3A0%2C%22gnezdoADGender%22%3A%22%22%2C%22gnezdoADAge%22%3A%22%22%2C%22gnezdoAIDGender%22%3A%22%22%2C%22gnezdoAIDAge%22%3A%22%22%2C%22gnezdoWBGender%22%3A%22%22%2C%22gnezdoWBAge%22%3A%22%22%2C%22gnezdoLentaId%22%3A%22def%22%7D&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7eipge77xa7z%3Afp%3A413%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A723878806500%3Ahid%3A831632843%3Az%3A0%3Ai%3A20220201111752%3Aet%3A1643714273%3Ac%3A1%3Arn%3A589145373%3Arqn%3A1%3Au%3A1643714273163410743%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1643714272009%3Ads%3A54%2C56%2C76%2C1%2C0%2C0%2C%2C277%2C4%2C%2C%2C%2C466%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643714273%3At%3AGnezdo.ru&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

9f7aaf7e2713e5a2cf7323ecfc1b88ea245e3defe5c039b52ae7f1862cbab3ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 01-Feb-2022 11:17:52 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://fcgi4.gnezdo.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Tue, 01-Feb-2022 11:17:52 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:52 GMT
last-modified: Tue, 01-Feb-2022 11:17:52 GMT
location: /watch/11859022/1?wmode=7&page-url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22gnezdoGroupId%22%3A%220%22%2C%22gnezdoSubId%22%3A0%2C%22gnezdoADGender%22%3A%22%22%2C%22gnezdoADAge%22%3A%22%22%2C%22gnezdoAIDGender%22%3A%22%22%2C%22gnezdoAIDAge%22%3A%22%22%2C%22gnezdoWBGender%22%3A%22%22%2C%22gnezdoWBAge%22%3A%22%22%2C%22gnezdoLentaId%22%3A%22def%22%7D&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7eipge77xa7z%3Afp%3A413%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A723878806500%3Ahid%3A831632843%3Az%3A0%3Ai%3A20220201111752%3Aet%3A1643714273%3Ac%3A1%3Arn%3A589145373%3Arqn%3A1%3Au%3A1643714273163410743%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1643714272009%3Ads%3A54%2C56%2C76%2C1%2C0%2C0%2C%2C277%2C4%2C%2C%2C%2C466%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643714273%3At%3AGnezdo.ru&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://fcgi4.gnezdo.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 01-Feb-2022 11:17:52 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
186 B 129ms
46ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:17:52 GMT
last-modified: Wed, 26 Jan 2022 15:48:14 GMT
etag: "61f1430e-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 01 Feb 2022 12:17:52 GMT

GET
H2 200 sync Show response
ds.frontend.weborama.fr/ Frame BAF4 1 KB
1 KB 65ms
16ms Script
application/javascript 34.117.231.160
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ds.frontend.weborama.fr/sync?key=all&src=products.js&wamid=485736&v=2021091401&callback=Utils.handleDataSync&ref=fcgi4.gnezdo.ru
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.231.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.231.117.34.bc.googleusercontent.com
Software: nginx/1.12.0 /
Resource Hash: 36c8c7dd5f7044c81da19a118ae75a5a06ec143a67484848a4fde29d12e70093

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:52 GMT
via: 1.1 google
last-modified: Tue, 01 Feb 2022 11:17:52 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1045
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 60ms
31ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-5044672-6&cid=750922036.1643714272&jid=1723811628&_u=IEBAAEAAAAAAAC~&z=1791207574

Requested by

Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 59ms
32ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-5044672-6&cid=750922036.1643714272&jid=1723811628&_u=IEBAAEAAAAAAAC~&z=1791207574

Requested by

Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prx Show response
bsd.frontend.weborama.fr/ Frame BAF4 25 B
343 B 64ms
22ms Script
application/javascript 35.227.225.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bsd.frontend.weborama.fr/prx?callback=Utils.handleDataSync
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.225.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.225.227.35.bc.googleusercontent.com
Software: nginx/1.12.0 /
Resource Hash: d05d4d69100284cb991eb0227b0859cc2942030d0ba419eee2e4aa55293b96db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:52 GMT
via: 1.1 google
last-modified: Tue, 01 Feb 2022 11:17:52 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H3 200 cj Show response
ds.frontend.weborama.fr/ Frame BAF4 360 B
380 B 34ms
21ms Script
application/javascript 34.117.231.160
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ds.frontend.weborama.fr/cj?key=graphinium
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.231.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.231.117.34.bc.googleusercontent.com
Software: nginx/1.12.0 /
Resource Hash: cbf1544f55aa8b34556f941d2f74157aab9c3bcaa17268d2d058e3e4b883219a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:52 GMT
via: 1.1 google
last-modified: Tue, 01 Feb 2022 11:17:52 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H3

204

ids
idsync.frontend.weborama.fr/ Frame BAF4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm=&google_tc=
https://wam-google.solution.weborama.fr/pixel?google_gid=CAESEJxZvi56I7e5T37whUjGj1c&google_cver=1
https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEJxZvi56I7e5T37whUjGj1c&google_gid=CAESEJxZvi56I7e5T37whUjGj1c&google_cver=1

0
16 B

25ms
15ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEJxZvi56I7e5T37whUjGj1c&google_gid=CAESEJxZvi56I7e5T37whUjGj1c&google_cver=1
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=fcgi4.gnezdo.ru&site=485736
Protocol: H3
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 244.81.201.35.bc.googleusercontent.com
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:52 GMT
via: 1.1 google
last-modified: Tue, 01 Feb 2022 11:17:52 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEJxZvi56I7e5T37whUjGj1c&google_gid=CAESEJxZvi56I7e5T37whUjGj1c&google_cver=1
date: Tue, 01 Feb 2022 11:17:52 GMT
server: Apache
content-length: 354
content-type: text/html; charset=iso-8859-1

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame BAF4
Redirect Chain

https://secure.adnxs.com/getuid?https://idsync.frontend.weborama.fr/ids?key=appnexus&value=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dappnexus%26value%3D%24UID
https://idsync.frontend.weborama.fr/ids?key=appnexus&value=7650361545882356358

0
268 B

32ms
15ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=appnexus&value=7650361545882356358
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=fcgi4.gnezdo.ru&site=485736
Protocol: H2
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 244.81.201.35.bc.googleusercontent.com
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:52 GMT
via: 1.1 google
last-modified: Tue, 01 Feb 2022 11:17:52 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 11:17:52 GMT
X-Proxy-Origin: 217.64.151.4; 217.64.151.4; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: acc7cc23-3ade-4b85-9869-b768e4bc97d8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://idsync.frontend.weborama.fr/ids?key=appnexus&value=7650361545882356358
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame BAF4
Redirect Chain

https://gum.criteo.com/sync?c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40
https://gum.criteo.com/sync?s=1&c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40
https://idsync.frontend.weborama.fr/ids?key=criteov2&value=RkwPDuOEZT-Bs72UKiBYscQJ7VINZ1bV

0
44 B

24ms
15ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=criteov2&value=RkwPDuOEZT-Bs72UKiBYscQJ7VINZ1bV
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=fcgi4.gnezdo.ru&site=485736
Protocol: H2
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 244.81.201.35.bc.googleusercontent.com
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:52 GMT
via: 1.1 google
last-modified: Tue, 01 Feb 2022 11:17:52 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=criteov2&value=RkwPDuOEZT-Bs72UKiBYscQJ7VINZ1bV
date: Tue, 01 Feb 2022 11:17:52 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3306
content-length: 212
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2 200 401736.gif
idsync.rlcdn.com/ Frame BAF4 42 B
416 B 42ms
14ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/401736.gif?partner_uid=S4Hcq9tJXAIkjPIlAJx0IO
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=fcgi4.gnezdo.ru&site=485736
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 11:17:52 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H3 204 collect
dx.frontend.weborama.com/ Frame BAF4 0
17 B 23ms
23ms Image
text/plain 35.201.80.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx.frontend.weborama.com/collect?dsp_id=0&eid=LqX8k8vdY4su
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=fcgi4.gnezdo.ru&site=485736
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.80.102 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 102.80.201.35.bc.googleusercontent.com
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:52 GMT
via: 1.1 google
last-modified: Tue, 01 Feb 2022 11:17:52 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame BAF4
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2964&partner_device_id=LqX8k8vdY4su
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=LqX8k8vdY4su

95 B
424 B

15ms
15ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=LqX8k8vdY4su

Requested by

Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=fcgi4.gnezdo.ru&site=485736

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:17:52 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=LqX8k8vdY4su
date: Tue, 01 Feb 2022 11:17:52 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame BAF4
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=UzRIY3E5dEpYQUlralBJbEFKeDBJTw
https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=UzRIY3E5dEpYQUlralBJbEFKeDBJTw&dcc=t

43 B
932 B

192ms
192ms

Image
image/gif

52.94.223.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=UzRIY3E5dEpYQUlralBJbEFKeDBJTw&dcc=t

Requested by

Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=fcgi4.gnezdo.ru&site=485736

Protocol

HTTP/1.1

Server

52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 11:17:52 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: CGS03R75X5X9WCSHKY7Y
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 11:17:52 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 467SS5DNH7E2A008KJTJ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=UzRIY3E5dEpYQUlralBJbEFKeDBJTw&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

204

ids
idsync.frontend.weborama.fr/ Frame BAF4
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&rdf=1
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=CDA6815F-E7D8-4480-97ED-E00E369C7889

0
16 B

32ms
31ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=CDA6815F-E7D8-4480-97ED-E00E369C7889
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=fcgi4.gnezdo.ru&site=485736
Protocol: H3
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 244.81.201.35.bc.googleusercontent.com
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:53 GMT
via: 1.1 google
last-modified: Tue, 01 Feb 2022 11:17:53 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=CDA6815F-E7D8-4480-97ED-E00E369C7889
date: Tue, 01 Feb 2022 11:17:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK 1258571_9148c3ae26.jpg
zn3.gnezdo.ru/img/280x217/571/ 9 KB
10 KB 50ms
49ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/280x217/571/1258571_9148c3ae26.jpg
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: 72ac1a3023bd9018cd49555ee1344e42bcce2de4424f79312e073ab828fd672e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Sun, 23 Jan 2022 06:31:28 GMT
Server: nginx
ETag: "61ecf640-25a1"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 9633
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1261677_8d5f8678fb.jpg
zn3.gnezdo.ru/img/280x217/677/ 15 KB
15 KB 60ms
59ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/280x217/677/1261677_8d5f8678fb.jpg
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: 9c4b4089331bd5f296455e9156253fb83529de8c4e1eb8a813429a2088ebe134

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Mon, 31 Jan 2022 16:08:35 GMT
Server: nginx
ETag: "61f80983-3b25"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 15141
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1261632_e02ddcb489.jpg
zn3.gnezdo.ru/img/300x300/632/ 18 KB
19 KB 42ms
42ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/300x300/632/1261632_e02ddcb489.jpg
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: 83007740c643e335124a35bdd3c1046b159bcba223fc1ca5535eb93387eefa55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Mon, 31 Jan 2022 15:31:18 GMT
Server: nginx
ETag: "61f800c6-49b3"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 18867
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1176077_bd9ca1c03a.jpg
zn3.gnezdo.ru/img/280x217/077/ 12 KB
12 KB 51ms
49ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/280x217/077/1176077_bd9ca1c03a.jpg
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: a89891e7e562f60f4b10ad28524b1fe90756f739d2d366d71780bc5b4cd240ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Mon, 09 Aug 2021 20:19:36 GMT
Server: nginx
ETag: "61118dd8-2fe0"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 12256
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1260651_fa4b49c957.jpg
zn3.gnezdo.ru/img/300x300/651/ 15 KB
15 KB 58ms
58ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/300x300/651/1260651_fa4b49c957.jpg
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: 8c4cb57bcef9234ea1979989d14eac156bad9fcc541cefce24dd82e7aaca6820

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Fri, 28 Jan 2022 09:53:04 GMT
Server: nginx
ETag: "61f3bd00-3be4"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 15332
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1260409_225e6c2d6f.jpg
zn3.gnezdo.ru/img/280x217/409/ 17 KB
17 KB 61ms
61ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/280x217/409/1260409_225e6c2d6f.jpg
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: 809ee9115973286d13457325e837937830c3e4daf9b26bf7c0c9c76aae6fb950

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Thu, 27 Jan 2022 13:46:44 GMT
Server: nginx
ETag: "61f2a244-4277"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 17015
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1197626_6cf4829feb.jpg
zn3.gnezdo.ru/img/280x217/626/ 16 KB
16 KB 61ms
60ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/280x217/626/1197626_6cf4829feb.jpg
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: e2d60a0969a075149d683449336699a403225fcf2d8ecdb705f002948553f6bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Tue, 14 Sep 2021 13:42:57 GMT
Server: nginx
ETag: "6140a6e1-3f08"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 16136
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1261794_c1b6912be6.jpg
zn3.gnezdo.ru/img/280x217/794/ 9 KB
10 KB 46ms
46ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/280x217/794/1261794_c1b6912be6.jpg
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: fbd2ebf90bc7af58ae56a34f5cda45bd20bb098d6c650517ffd3811828055577

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Mon, 31 Jan 2022 19:27:01 GMT
Server: nginx
ETag: "61f83805-247f"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 9343
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1261811_9388a28071.jpg
zn3.gnezdo.ru/img/280x217/811/ 10 KB
11 KB 61ms
61ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/280x217/811/1261811_9388a28071.jpg
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: 9e3ad624df3ca68fece29724157b45b2ca17eb45664636042e8d72346f703912

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Mon, 31 Jan 2022 19:50:08 GMT
Server: nginx
ETag: "61f83d70-29ce"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 10702
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1261791_bf2a0c9a11.jpg
zn3.gnezdo.ru/img/300x300/791/ 12 KB
13 KB 57ms
56ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/300x300/791/1261791_bf2a0c9a11.jpg
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: c7b40819e5bd52c3db3f1d6eb304a6ae939a4ef75c6e2f48c08ea769cfabb835

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Mon, 31 Jan 2022 19:24:42 GMT
Server: nginx
ETag: "61f8377a-310c"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 12556
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1261636_fc5d189007.jpg
zn3.gnezdo.ru/img/280x217/636/ 12 KB
13 KB 61ms
61ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/280x217/636/1261636_fc5d189007.jpg
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: 96a03d88ce4b7fd8ef497936921db22b109a5995cb79dff5aa2178f288922a23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Mon, 31 Jan 2022 15:33:26 GMT
Server: nginx
ETag: "61f80146-309d"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 12445
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1176076_072502e168.jpg
zn3.gnezdo.ru/img/280x217/076/ 10 KB
10 KB 51ms
50ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/280x217/076/1176076_072502e168.jpg
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: 2a40ef5ba1aa15ca49e6ec56a56b7ee872ba5a61b0e52c083eb0aadcfb51b47e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Mon, 09 Aug 2021 20:15:34 GMT
Server: nginx
ETag: "61118ce6-26a9"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 9897
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1260643_96a159e29d.jpg
zn3.gnezdo.ru/img/300x300/643/ 20 KB
20 KB 50ms
50ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/300x300/643/1260643_96a159e29d.jpg
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: 508b9f70346fa359f82b02e9b848fe174ff414461fdaf3b2a8390e589f5cf7e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Fri, 28 Jan 2022 09:43:53 GMT
Server: nginx
ETag: "61f3bad9-4ede"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 20190
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1258571_9148c3ae26.jpg
zn3.gnezdo.ru/img/280x217/571/ 9 KB
10 KB 62ms
62ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/280x217/571/1258571_9148c3ae26.jpg
Requested by: Host: zn3.gnezdo.news
URL: http://zn3.gnezdo.news/js/new_lenta_colors13.js
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: 72ac1a3023bd9018cd49555ee1344e42bcce2de4424f79312e073ab828fd672e

Request headers

Referer: http://fcgi4.gnezdo.ru/
Origin: http://fcgi4.gnezdo.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Sun, 23 Jan 2022 06:31:28 GMT
Server: nginx
ETag: "61ecf640-25a1"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 9633
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1261677_8d5f8678fb.jpg
zn3.gnezdo.ru/img/280x217/677/ 15 KB
15 KB 48ms
47ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/280x217/677/1261677_8d5f8678fb.jpg
Requested by: Host: zn3.gnezdo.news
URL: http://zn3.gnezdo.news/js/new_lenta_colors13.js
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: 9c4b4089331bd5f296455e9156253fb83529de8c4e1eb8a813429a2088ebe134

Request headers

Referer: http://fcgi4.gnezdo.ru/
Origin: http://fcgi4.gnezdo.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Mon, 31 Jan 2022 16:08:35 GMT
Server: nginx
ETag: "61f80983-3b25"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 15141
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1261632_e02ddcb489.jpg
zn3.gnezdo.ru/img/300x300/632/ 18 KB
19 KB 44ms
43ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/300x300/632/1261632_e02ddcb489.jpg
Requested by: Host: zn3.gnezdo.news
URL: http://zn3.gnezdo.news/js/new_lenta_colors13.js
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: 83007740c643e335124a35bdd3c1046b159bcba223fc1ca5535eb93387eefa55

Request headers

Referer: http://fcgi4.gnezdo.ru/
Origin: http://fcgi4.gnezdo.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Mon, 31 Jan 2022 15:31:18 GMT
Server: nginx
ETag: "61f800c6-49b3"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 18867
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1176077_bd9ca1c03a.jpg
zn3.gnezdo.ru/img/280x217/077/ 12 KB
12 KB 53ms
53ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/280x217/077/1176077_bd9ca1c03a.jpg
Requested by: Host: zn3.gnezdo.news
URL: http://zn3.gnezdo.news/js/new_lenta_colors13.js
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: a89891e7e562f60f4b10ad28524b1fe90756f739d2d366d71780bc5b4cd240ab

Request headers

Referer: http://fcgi4.gnezdo.ru/
Origin: http://fcgi4.gnezdo.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Mon, 09 Aug 2021 20:19:36 GMT
Server: nginx
ETag: "61118dd8-2fe0"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 12256
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1260651_fa4b49c957.jpg
zn3.gnezdo.ru/img/300x300/651/ 15 KB
15 KB 63ms
63ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/300x300/651/1260651_fa4b49c957.jpg
Requested by: Host: zn3.gnezdo.news
URL: http://zn3.gnezdo.news/js/new_lenta_colors13.js
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: 8c4cb57bcef9234ea1979989d14eac156bad9fcc541cefce24dd82e7aaca6820

Request headers

Referer: http://fcgi4.gnezdo.ru/
Origin: http://fcgi4.gnezdo.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Fri, 28 Jan 2022 09:53:04 GMT
Server: nginx
ETag: "61f3bd00-3be4"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 15332
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1260409_225e6c2d6f.jpg
zn3.gnezdo.ru/img/280x217/409/ 17 KB
17 KB 64ms
64ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/280x217/409/1260409_225e6c2d6f.jpg
Requested by: Host: zn3.gnezdo.news
URL: http://zn3.gnezdo.news/js/new_lenta_colors13.js
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: 809ee9115973286d13457325e837937830c3e4daf9b26bf7c0c9c76aae6fb950

Request headers

Referer: http://fcgi4.gnezdo.ru/
Origin: http://fcgi4.gnezdo.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Thu, 27 Jan 2022 13:46:44 GMT
Server: nginx
ETag: "61f2a244-4277"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 17015
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1197626_6cf4829feb.jpg
zn3.gnezdo.ru/img/280x217/626/ 16 KB
16 KB 68ms
68ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/280x217/626/1197626_6cf4829feb.jpg
Requested by: Host: zn3.gnezdo.news
URL: http://zn3.gnezdo.news/js/new_lenta_colors13.js
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: e2d60a0969a075149d683449336699a403225fcf2d8ecdb705f002948553f6bc

Request headers

Referer: http://fcgi4.gnezdo.ru/
Origin: http://fcgi4.gnezdo.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Tue, 14 Sep 2021 13:42:57 GMT
Server: nginx
ETag: "6140a6e1-3f08"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 16136
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1261794_c1b6912be6.jpg
zn3.gnezdo.ru/img/280x217/794/ 9 KB
10 KB 59ms
59ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/280x217/794/1261794_c1b6912be6.jpg
Requested by: Host: zn3.gnezdo.news
URL: http://zn3.gnezdo.news/js/new_lenta_colors13.js
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: fbd2ebf90bc7af58ae56a34f5cda45bd20bb098d6c650517ffd3811828055577

Request headers

Referer: http://fcgi4.gnezdo.ru/
Origin: http://fcgi4.gnezdo.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Mon, 31 Jan 2022 19:27:01 GMT
Server: nginx
ETag: "61f83805-247f"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 9343
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1261811_9388a28071.jpg
zn3.gnezdo.ru/img/280x217/811/ 10 KB
11 KB 62ms
61ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/280x217/811/1261811_9388a28071.jpg
Requested by: Host: zn3.gnezdo.news
URL: http://zn3.gnezdo.news/js/new_lenta_colors13.js
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: 9e3ad624df3ca68fece29724157b45b2ca17eb45664636042e8d72346f703912

Request headers

Referer: http://fcgi4.gnezdo.ru/
Origin: http://fcgi4.gnezdo.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Mon, 31 Jan 2022 19:50:08 GMT
Server: nginx
ETag: "61f83d70-29ce"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 10702
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1261791_bf2a0c9a11.jpg
zn3.gnezdo.ru/img/300x300/791/ 12 KB
13 KB 66ms
66ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/300x300/791/1261791_bf2a0c9a11.jpg
Requested by: Host: zn3.gnezdo.news
URL: http://zn3.gnezdo.news/js/new_lenta_colors13.js
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: c7b40819e5bd52c3db3f1d6eb304a6ae939a4ef75c6e2f48c08ea769cfabb835

Request headers

Referer: http://fcgi4.gnezdo.ru/
Origin: http://fcgi4.gnezdo.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Mon, 31 Jan 2022 19:24:42 GMT
Server: nginx
ETag: "61f8377a-310c"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 12556
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1261636_fc5d189007.jpg
zn3.gnezdo.ru/img/280x217/636/ 12 KB
13 KB 68ms
68ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/280x217/636/1261636_fc5d189007.jpg
Requested by: Host: zn3.gnezdo.news
URL: http://zn3.gnezdo.news/js/new_lenta_colors13.js
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: 96a03d88ce4b7fd8ef497936921db22b109a5995cb79dff5aa2178f288922a23

Request headers

Referer: http://fcgi4.gnezdo.ru/
Origin: http://fcgi4.gnezdo.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Mon, 31 Jan 2022 15:33:26 GMT
Server: nginx
ETag: "61f80146-309d"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 12445
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1176076_072502e168.jpg
zn3.gnezdo.ru/img/280x217/076/ 10 KB
10 KB 66ms
66ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/280x217/076/1176076_072502e168.jpg
Requested by: Host: zn3.gnezdo.news
URL: http://zn3.gnezdo.news/js/new_lenta_colors13.js
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: 2a40ef5ba1aa15ca49e6ec56a56b7ee872ba5a61b0e52c083eb0aadcfb51b47e

Request headers

Referer: http://fcgi4.gnezdo.ru/
Origin: http://fcgi4.gnezdo.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Mon, 09 Aug 2021 20:15:34 GMT
Server: nginx
ETag: "61118ce6-26a9"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 9897
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1260643_96a159e29d.jpg
zn3.gnezdo.ru/img/300x300/643/ 20 KB
20 KB 72ms
71ms Image
image/jpeg 185.148.37.26
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://zn3.gnezdo.ru/img/300x300/643/1260643_96a159e29d.jpg
Requested by: Host: zn3.gnezdo.news
URL: http://zn3.gnezdo.news/js/new_lenta_colors13.js
Protocol: HTTP/1.1
Server: 185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: 508b9f70346fa359f82b02e9b848fe174ff414461fdaf3b2a8390e589f5cf7e3

Request headers

Referer: http://fcgi4.gnezdo.ru/
Origin: http://fcgi4.gnezdo.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Last-Modified: Fri, 28 Jan 2022 09:43:53 GMT
Server: nginx
ETag: "61f3bad9-4ede"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 20190
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6630794980d82c4763b6.js Show response
yastatic.net/partner-code-bundles/53502/ 13 KB
5 KB 134ms
43ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/53502/6630794980d82c4763b6.js

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

65fc0b52ea1baca746fde9197b90b0635e63caebc714a3074f8c078fa7907673

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://fcgi4.gnezdo.ru/
Origin: http://fcgi4.gnezdo.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:17:52 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4453
last-modified: Mon, 31 Jan 2022 15:52:27 GMT
server: nginx/1.17.9
etag: "01b0a249f0b67bd4c3df460ceb456cdb"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2052 17:53:49 GMT

GET
H2 200 42cfdd8ca1b4f3fae947.js Show response
yastatic.net/partner-code-bundles/53502/ 80 KB
17 KB 170ms
80ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/53502/42cfdd8ca1b4f3fae947.js

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ac0bd998475e33fb2adeed894b6eb40af2e4a34a2d1a4ce464bb4157ce04d9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://fcgi4.gnezdo.ru/
Origin: http://fcgi4.gnezdo.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:17:52 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 17003
last-modified: Mon, 31 Jan 2022 15:52:27 GMT
server: nginx/1.17.9
etag: "d99675dd9787d8e0af8c80476e64c862"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2052 17:53:47 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 237ms
147ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://fcgi4.gnezdo.ru/
Origin: http://fcgi4.gnezdo.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:17:52 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2052 17:49:49 GMT

GET
H2 404 320977 Show response
an.yandex.ru/meta/ 29 B
447 B 182ms
102ms XHR
text/html 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/320977?target-ref=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&charset=utf-8&pcode-test-ids=503304%2C0%2C75%3B466938%2C0%2C50%3B496141%2C0%2C18%3B487925%2C0%2C8%3B499585%2C0%2C2%3B493917%2C0%2C42%3B488525%2C0%2C30%3B406668%2C0%2C9%3B503342%2C0%2C19&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22473613%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%221%22%2C%22testId%22%3A%22473626%22%7D%5D%2C%22IGNORE_DESIRED_BITRATE_INAPP%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22479145%22%7D%5D%2C%22PCODE_DISABLE_VIDEO_IN_COMBO_BUTTON_DUPLICATION%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22483906%22%7D%5D%2C%22ENABLE_ACTION_PANEL_WITH_ARROW%22%3A%5B%7B%22value%22%3A%22EVERYWHERE%22%2C%22testId%22%3A%22483906%22%7D%5D%2C%22VAS_ENABLE_AD_LABEL_OF_YANDEX_DIRECT%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22496222%22%7D%5D%2C%22VAS_OPEN_AD_INSTEAD_OF_AD_SYSTEM_BY_LABEL_CLICK%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22496222%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22500850%22%2C%22testId%22%3A%22502915%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%2C257448%5D%2C%22testId%22%3A%22479101%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22472957%22%7D%5D%2C%22NEW_ADBLOCK_LOG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487621%22%7D%5D%2C%22COUNT_TO_XHR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487824%22%7D%5D%2C%22HTTPS_FOR_ADAPTERS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22496411%22%7D%5D%2C%22HIDE_VIDEO_IN_COMBO_ACTION_BUTTON_IF_THERE_ARE_CLICKABLE_ASSETS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22497916%22%7D%5D%2C%22VAS_LOAD_GR_ON_SMALL_PERCENT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22503304%22%7D%5D%2C%22VAS_ENABLE_HONEYPOT_ON_SMALL_PERCENT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22466938%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22487925%22%7D%5D%2C%22HIDE_VIDEO_IN_COMBO_PACKSHOT_BUTTON_IF_THERE_ARE_CLICKABLE_ASSETS%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22499585%22%7D%5D%2C%22YANDEX_RU_DOMAIN%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22493917%22%7D%5D%2C%22PP_INTENT_URL%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22488525%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2253502%22%2C%22testId%22%3A%22503342%22%7D%5D%7D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=c73WyUkVpLRQax2yE4iGzVmKefzHfJ%2BWuXpkgCFcAVlx8ZDJWO4ZXuvdcgFamUuydxnzrRVDaueWzMq60qdWvYfG2uE%3D&duid=MTY0MzcxNDI3MzE2MzQxMDc0Mw%3D%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=139689516335106&ad-session-id=1382691643714272675&target-id=90491521&tga-with-creatives=1&top-ancestor=http%3A%2F%2Ffcgi4.gnezdo.ru&top-ancestor-undetermined=0&pcode-version=53502&pcodever=53502&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A801.125%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A639%2C%22top%22%3A1091%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=32&grab=dEduZXpkby5ydQoz0KLQldCh0KIgCg%3D%3D&uniformat=true&callback=Ya%5B1180117585595%5D

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

fddb6fcfd2c86ef930d5427c3e664c6243d0fe3e9fda457e47a8bc5a852e0fc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://fcgi4.gnezdo.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:52 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 11:17:52 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1643714272804186-955661935273518793700279-production-app-host-sas-pcode-243
strict-transport-security: max-age=31536000
content-type: text/html; charset=windows-1251
access-control-allow-origin: http://fcgi4.gnezdo.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 01 Feb 2022 11:17:52 GMT

GET
H2 200 9af820eaac7a84ca7569.js Show response
yastatic.net/partner-code-bundles/53502/ 590 KB
121 KB 173ms
103ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/53502/9af820eaac7a84ca7569.js

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

42a4e6557614a0652ee3ee01f8bac962f1a765c1edc7260125fcba99a8d727ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://fcgi4.gnezdo.ru/
Origin: http://fcgi4.gnezdo.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:17:52 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 123229
last-modified: Mon, 31 Jan 2022 15:52:27 GMT
server: nginx/1.17.9
etag: "47d89ac467c89f605a715fe57f0002ba"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2052 17:53:49 GMT

GET
H/1.1 200
OK weborama.js Show response
p.crm4d.com/sync/ Frame BAF4 4 KB
2 KB 101ms
20ms Script
text/javascript 51.38.250.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://p.crm4d.com/sync/weborama.js?r=6466785178747351107&gdpr=&gdpr_consent=
Requested by: Host: ds.frontend.weborama.fr
URL: https://ds.frontend.weborama.fr/cj?key=graphinium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.38.250.94 , France, ASN16276 (OVH, FR),
Reverse DNS: ip94.ip-51-38-250.eu
Software: /
Resource Hash: 9723d3b4739b4479c707ca62252f55f096956028fb47fb18767daf11d3f96a90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Content-Encoding: gzip
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

GET
H2

200

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9536.dwLDHnr2WO90sDKgtGNgj2xn_uUQZFcP2FZcnLiMBd8CjmI6RBccB_YfbTsXKWeV.YJBS7PHfDFNl6Moyz3rVXbbFVmk%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=9536.H9h4yo7r2wI-jygC7Vtb0VeaE2HnSn2qNb8IkWmrSarm1pvq3pE-qwEw6ewL_Q1KQU_D7hVJBLviBtfLyZbn92x3vhyJYydOWSPC_Zp-diI%2C.AGAZNaWJu1TgubIO24vY0adfJb...

43 B
383 B

83ms
83ms

Image
image/gif

154.47.36.52
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=9536.H9h4yo7r2wI-jygC7Vtb0VeaE2HnSn2qNb8IkWmrSarm1pvq3pE-qwEw6ewL_Q1KQU_D7hVJBLviBtfLyZbn92x3vhyJYydOWSPC_Zp-diI%2C.AGAZNaWJu1TgubIO24vY0adfJb8%2C

Requested by

Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/

Protocol

Server

154.47.36.52 , United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:17:53 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=9536.H9h4yo7r2wI-jygC7Vtb0VeaE2HnSn2qNb8IkWmrSarm1pvq3pE-qwEw6ewL_Q1KQU_D7hVJBLviBtfLyZbn92x3vhyJYydOWSPC_Zp-diI%2C.AGAZNaWJu1TgubIO24vY0adfJb8%2C
date: Tue, 01 Feb 2022 11:17:52 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

POST
H2 200 1
mc.yandex.ru/watch/11859022/ 43 B
73 B 39ms
38ms Ping
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/11859022/1?page-url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&charset=utf-8&ut=noindex&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Agqny5s7eipge77xa7z%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A1%3Als%3A723878806500%3Ahid%3A831632843%3Az%3A0%3Ai%3A20220201111752%3Aet%3A1643714273%3Ac%3A1%3Arn%3A449810117%3Arqn%3A2%3Au%3A1643714273163410743%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1643714272009%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643714273&t=gdpr(14)mc(p-1)aw(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%221382691643714272675%22%7D%7D

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://fcgi4.gnezdo.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:52 GMT
last-modified: Tue, 01-Feb-2022 11:17:52 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://fcgi4.gnezdo.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 01-Feb-2022 11:17:52 GMT

GET
H/1.1 200
OK match
p.crm4d.com/sync/weborama/ Frame BAF4 42 B
545 B 19ms
19ms Image
image/gif 51.38.250.94
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.crm4d.com/sync/weborama/match?uid=S4Hcq9tJXAIkjPIlAJx0IO
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=fcgi4.gnezdo.ru&site=485736
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.38.250.94 , France, ASN16276 (OVH, FR),
Reverse DNS: ip94.ip-51-38-250.eu
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

GET
H/1.1

200
OK

s.gif
p.crm4d.com/sync/appnexus/ Frame BAF4
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fp.crm4d.com%2Fsync%2Fappnexus%2Fs.gif%3Fbounce%3D1%26uid%3D%24UID
https://p.crm4d.com/sync/appnexus/s.gif?bounce=1&uid=7650361545882356358

42 B
561 B

31ms
31ms

Image
image/gif

51.38.250.94
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.crm4d.com/sync/appnexus/s.gif?bounce=1&uid=7650361545882356358
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=fcgi4.gnezdo.ru&site=485736
Protocol: HTTP/1.1
Server: 51.38.250.94 , France, ASN16276 (OVH, FR),
Reverse DNS: ip94.ip-51-38-250.eu
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 11:17:52 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

Redirect headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 11:17:52 GMT
X-Proxy-Origin: 217.64.151.4; 217.64.151.4; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3356df45-5821-4038-802a-0a6019a0b6cf
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://p.crm4d.com/sync/appnexus/s.gif?bounce=1&uid=7650361545882356358
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame BAF4
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?url=https://p.crm4d.com/sync/sas/s.gif?bounce=1&uid=[sas_uid]&cklb=1

0
75 B

33ms
33ms

Image
text/plain

185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://p.crm4d.com/sync/sas/s.gif?bounce=1&uid=[sas_uid]&cklb=1
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=fcgi4.gnezdo.ru&site=485736
Protocol: HTTP/1.1
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:17:52 GMT
content-length: 0

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://p.crm4d.com/sync/sas/s.gif?bounce=1&uid=[sas_uid]&cklb=1
pragma: no-cache
date: Tue, 01 Feb 2022 11:17:52 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 320977 Show response
mc.yandex.ru/watch/ 295 B
423 B 60ms
59ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/320977?wmode=7&page-url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7eipge77xa7z%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A3%3Adp%3A1%3Als%3A200366082681%3Ahid%3A831632843%3Az%3A0%3Ai%3A20220201111752%3Aet%3A1643714273%3Ac%3A1%3Arn%3A236825369%3Au%3A1643714273163410743%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1643714272009%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643714273%3At%3AGnezdo.ru&t=gdpr(14)mc(p-1)aw(1)ti(2)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

ed477c02e0c4926f6c31cf91982e6247d90ded8a3504e216f4b245e28e1e5738

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 01-Feb-2022 11:17:53 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://fcgi4.gnezdo.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 295
x-xss-protection: 1; mode=block
expires: Tue, 01-Feb-2022 11:17:53 GMT

POST
H2 200 1
mc.yandex.ru/watch/320977/ 43 B
73 B 54ms
54ms Ping
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/320977/1?page-url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Agqny5s7eipge77xa7z%3Afp%3A413%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A3%3Adp%3A1%3Als%3A200366082681%3Ahid%3A831632843%3Az%3A0%3Ai%3A20220201111753%3Aet%3A1643714273%3Ac%3A1%3Arn%3A1014590241%3Arqn%3A1%3Au%3A1643714273163410743%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1643714272009%3Ads%3A54%2C56%2C76%2C1%2C0%2C0%2C%2C277%2C4%2C%2C%2C%2C466%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643714273&t=gdpr(14)mc(p-2-h-1)aw(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%221382691643714272675%22%7D%7D

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://fcgi4.gnezdo.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:53 GMT
last-modified: Tue, 01-Feb-2022 11:17:53 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://fcgi4.gnezdo.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 01-Feb-2022 11:17:53 GMT

GET
H2 200 320977 Show response
mc.yandex.ru/watch/ 43 B
73 B 54ms
54ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/320977?page-url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Agqny5s7eipge77xa7z%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A3%3Adp%3A1%3Als%3A200366082681%3Ahid%3A831632843%3Az%3A0%3Ai%3A20220201111753%3Aet%3A1643714273%3Ac%3A1%3Arn%3A857217898%3Arqn%3A2%3Au%3A1643714273163410743%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1643714272009%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643714273%3At%3AGnezdo.ru&t=gdpr(14)mc(p-2-h-1)aw(1)ti(2)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:53 GMT
last-modified: Tue, 01-Feb-2022 11:17:53 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://fcgi4.gnezdo.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 01-Feb-2022 11:17:53 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/ 284 KB
103 KB 37ms
36ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5828883634660773&plah=fcgi4.gnezdo.ru

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

631485082735bf548eeeaef58fb409fefed685432666d06baaf1da7a60a0ae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:17:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104642
x-xss-protection: 0
server: cafe
etag: 16263154745089440287
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 11:17:53 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 213 B
642 B 40ms
16ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=fcgi4.gnezdo.ru&callback=_gfp_s_&client=ca-pub-5828883634660773

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5828883634660773&plah=fcgi4.gnezdo.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

476c0ef6a7f2d9728dfe5c7de994ff1b1b8e6755b77fb16b5f49e22b059b73fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:17:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 40ms
17ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fcgi4.gnezdo.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 11:17:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 38ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fcgi4.gnezdo.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 11:17:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 80BA 21 KB
10 KB 674ms
659ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5828883634660773&output=html&h=280&slotname=7606796442&adk=1514590946&adf=896644619&pi=t.ma~as.7606796442&w=500&fwrn=4&fwrnh=100&lmt=1643714273&rafmt=1&psa=0&format=500x280&url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1643714273393&bpp=6&bdt=1194&idt=74&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=4219661926728&frm=20&pv=2&ga_vid=750922036.1643714272&ga_sid=1643714273&ga_hid=859503021&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1050&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31063221&oid=2&pvsid=3939480840175519&pem=164&tmod=1173121754&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=CHXCMUGY9K&p=http%3A//fcgi4.gnezdo.ru&dtd=87

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ac03a9d9c297754d5b1308087b51447cd939026e6aa49e33659bf682c3136c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 01 Feb 2022 11:17:54 GMT
server: cafe
content-length: 10395
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 42ms
27ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220126&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

208da77308fdcb58f26c14362feaecaafc3e528a23982460b058ce1be7c32152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 11:17:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9173
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DDAC 0
16 B 20ms
18ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5828883634660773&output=html&adk=1812271804&adf=3025194257&lmt=1643714273&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&ea=0&flash=0&pra=7&wgl=1&dt=1643714273399&bpp=1&bdt=1200&idt=89&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&prev_fmts=500x280&nras=1&correlator=4219661926728&frm=20&pv=1&ga_vid=750922036.1643714272&ga_sid=1643714273&ga_hid=859503021&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31063221&oid=2&pvsid=3939480840175519&pem=164&tmod=1173121754&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=94

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 01 Feb 2022 11:17:53 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 96ms
74ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:17:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Feb 2022 11:17:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6D11 13 KB
5 KB 25ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Feb 2022 11:17:44 GMT
expires: Wed, 01 Feb 2023 11:17:44 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2B67 783 B
535 B 34ms
16ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1118801aab06d50927cbc9a255f2017a37d6ac0ae2fc2aa80f570e0c422a0f5c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OqcvIXIjAMt7CzKQGUy9eQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 01 Feb 2022 11:17:53 GMT
date: Tue, 01 Feb 2022 11:17:53 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-OqcvIXIjAMt7CzKQGUy9eQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Show response
pagead2.googlesyndication.com/bg/ Frame 6D11 35 KB
13 KB 8ms
7ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 10:12:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13575
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Feb 2023 10:12:34 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2B67 0
0 60ms
60ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220126&jk=3939480840175519&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET generate_204
tpc.googlesyndication.com/ Frame 6D11 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 66ms
66ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220126&jk=3939480840175519&bg=!9Pel97PNAAY6OBv_Ojg7ACkAdvg8WnOQVwK1JJXlPtwlddSXl--VRcOjb09emOqC4wq8y5e_EeDsAgIAAABJUgAAAAJoAQcKAHQ4hW1cEgDi97DBKNHrAcis-O84AyuSFH7HGRrZ05VvHicgl_YzWMJfhrNkXWzkR4ys6IqSv5ujo8s_uA_qtvwiOQXoTud-cMLefi-dW87BjYxFh2nserK_6F3IgrjUVWv6n6XCYxqRrb9hpmrGxaNL2R4iKZkClKi6maRvGgen3YfJQQ5Cqq23SKy4FBtcUhpcVUPWxLppV4MGgVsiDxZMKeLn-CepZAV4zru8Ca6r0UV1UVBTpGgZ3eirgsrwUNejz7kb541qhod4izPJgcUAq-nHGPw-VWlaE_GCZboZRqB-ilfBBaVFOG3rO74PhgHhltVrxiaSdAeja1p2Wk7ELlT1lvNK-jdJzU2dsnlOTAo1nHw3Ezw6hp1srYwGpGdmCcxaITQUo7a530jGfyq-nLwVLqxl6sqm3JCr78wHK6iaWlte9Lqxo2XMAow9bZiKOGHVmcmeT_qRgmYaSuZjhdwlJyEwvz_g6Mdn2CQYFYKdYLT2AC5SCh-IRQZNyXyYUQ8tQyrFvdMOdoD0_NhWl7N9A1tNxzZNiLPSJxaBTGaSjpjjX65w6H_a63BBpTUrbkCUpnNTFCLYbVC4OI6c1PkeYnBDY3ieeWK22Db-u5cmSRXfnImiKDSzuootO39uymB2BSaR27aVfDULq_3qSqnIiffrfOlK5uPFfDH7m1Tgti0Fs7acsTKyU7r_P_A3pLp6AbLhJC8kAxnh_Kf5zX5ViPB71hWUiSmbng0U3HhE3693sFEAErq38Re1whRBZNDXXVXtnVZcHn_hx1fIqDVlnAmuYxfEIguZYvyPyHfTOwLsDLmKnSuZywFhdqAskyhOUBSmXrxCu3FcUZOe-t3DSRewNrtWRSgVQH7YY_r2Q-dSTH_rorPeaV-KHKNw52ybVaIyzeB86vp_QLOq2ccnjTuVhyJVVrYw5eXBxuIFVXfY7GRYXdwb9HVaSTt4wsKP71yKBrEHJJ5uyWoIDjVJNSNyn-wvvJ3rMIW4-hgGnsG2uhmcH0YLCY9ZMf055zB7jlvxNFLCvg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fcgi4.gnezdo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9940 624 B
297 B 18ms
17ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYnaKFvgEwAQ&v=APEucNW_ZFyXIxMtHqmJRMaviwdt5F6Vgg2MhRssbPadX2wkZoZDsNT9sKzgtGER6jUYjzw-01jQ4PboyJKX0B8sajfdOfLu52_oafIh3Hh6bDViZ1PRy5lvRkn-4EQsvTUpNJ3ds9X6rryRCm3gC4yyQPXcz6qe8F0n5f8tdW7Me9P2SvPrrXY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5828883634660773&output=html&h=280&slotname=7606796442&adk=1514590946&adf=896644619&pi=t.ma~as.7606796442&w=500&fwrn=4&fwrnh=100&lmt=1643714273&rafmt=1&psa=0&format=500x280&url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1643714273393&bpp=6&bdt=1194&idt=74&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=4219661926728&frm=20&pv=2&ga_vid=750922036.1643714272&ga_sid=1643714273&ga_hid=859503021&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1050&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31063221&oid=2&pvsid=3939480840175519&pem=164&tmod=1173121754&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=CHXCMUGY9K&p=http%3A//fcgi4.gnezdo.ru&dtd=87

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5828883634660773&output=html&h=280&slotname=7606796442&adk=1514590946&adf=896644619&pi=t.ma~as.7606796442&w=500&fwrn=4&fwrnh=100&lmt=1643714273&rafmt=1&psa=0&format=500x280&url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1643714273393&bpp=6&bdt=1194&idt=74&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=4219661926728&frm=20&pv=2&ga_vid=750922036.1643714272&ga_sid=1643714273&ga_hid=859503021&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1050&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31063221&oid=2&pvsid=3939480840175519&pem=164&tmod=1173121754&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=CHXCMUGY9K&p=http%3A//fcgi4.gnezdo.ru&dtd=87

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 01 Feb 2022 11:17:54 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 11A9 82 KB
33 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ck4Fz0zbQPFvBOwPJtMU82-k4njvak2PrrsOEZcjvY9YgyzGGi3AmjhsE2a6Y7YhfwqrZuRG2a7jOQF4KPArYKTf3L1cPegGl6YaTVKLJKS780pjYmraNlpwUZEqD_U3iuw-c2P7e9gcgAK3LnxFr08dwQLw&dbm_d=AKAmf-Dma8v-LWyUUeuSWLOG7YYY97zxHczHrCXZwriQejR2WjaTBMr1J-lcdP4vfRlrY-s3nNOjtK48hpkI9Ae00vyFEv5CoV5KDGcF1eshJb9QZ4eKHY50Ktw_AR5xNt5bGAkoJyNfURAk2UJTWKC-64J6CLgujZJWnO-nkOxYh9eiz175WEl1zAwNx7KCq6OJl4lPPB8KdeZotaSVcRSdtG0n5KPdxupsds5NVRyG5ZqO8hGWeEM1zfUh-CGl7pUZQnSaOQhfzbk6zcbTbgmb0howoVq2MWwqLrz6UJEZi7d_HJY1VCgHkCxjd4XibFiFvnFdAWd7FvWuTDzSbqcmgyoAqtZ_ugOL9AjnwU8H0-o9b5Jw7AJ7ijwEqBaBNhzFQnO9X2qSykvKTi1ONtcf630Y_MhkqxqTpHMoZxwZKkpN2fbAdwgPHDW-6aEqN6fAw0B5KRMIY8iMaCM52qnxwGMr5HHiRANmzl-4LDwAUS2uT4JdBKA0eCa02VWxFCViVnw0QTQoFerZPtlHS1VILLu8uqul1YJ3x0zIHdFI_9-TG1IYPqi0JtwdrLub8MdlPZwetWxeArgL-_FsPcA5c8zN6r1d5BMR1_3mDbvwXlM2SzLfOQXR4tgYIJR2l-h6Qa4Cctv2rE46hTkOaP8LhjSrXoZOG_b4yvmu5AUwr5LwfR9Z0eM0_defAW91GQPImE1vmoYT6NMqFLi_OxVBpOvMn3zU3fDkf1EUAAyyeIN6WTkHXXym2xFWmhUR-3txJiDOIvxtSx3F003hVHT6DxnEc6vTA7UXnWXvwqmLGvKGdvnbvUuCKY4N7RZpzuzI2WxNXZugXEiguGFoVo545vvKYyQ23JS2FHXfbNwMZmSlIWyz4uffktVcIDcNjdvrW2GxTpxe0N5pYatZMCvNehygP6iWwbM7yxwN3Ye8IVCgIN_06m8NJKBfk7tlymtlhChnEWoXsjZCmV94zAFhzRPGrmxN8EGX5-99J13x13sfz47f40f0KYOSqzKy7j9F_-BcSnRMlh4wUQdPKu15m3OnFJw-QcJJA2swdo3lMVYuAlQEvdunYJmQ3Ej-Eo_63ay9vVbITNQO_dXivS_XnU5mF_BnVnZ-_lSGSjY1RFljh1R5OZTPLwgKytODjuiSVko_FeEJQYJcVaYZvWyrxcWBmBosb5xT0aElfQBKtpQwERVbx6XHsUYq5kDAEwK0nJHgm4eRUYSxg1LNE1v_G0Xu8o5FGVLFY0QYWN7-55_3STpP89IZ4Moo7eIARN2pBjaGneiJwyHOuHek3C4UQBSPJqit8QcYeRvCora5mNfOVR0AIKo9yGCVo6_DmFwtetRovCNFo2G50IV4ZTEGNHSZZbMx4GGFF3npHLtGcIh_dKCQu68VESJ5Wwzb2LYO6oW_b8xvFJytlQ0O7q-IA81JKIeFuQBg7NrSc1nGRTxjMmcBs4_Bkv4SSAbWT6IKX5KDOckZxbEU4l45FubBzGcL9FtHJ3jr7sIehuX1F65vd7RLYGQTIzeb_FlOMsZs5XSS7QTqQcaEsOtjmNkbmvXPrZcsQ_WBzLLEkbyj0Dnc5Nop542VeY7knR-Nz23QMMo064_5u1dqLA5R1WM-Oy-DA7X5BJxW8Dil-Qjy6grkXqlIhcIc7tazfZHrZGUEV27d_sxuWuQcUbWLLqEJJ89i9uhKNdI_CnaM69v3H8BEN3JbYmeCKgaoSntCIOav2MuL4MOHSxcvgnEXrSxfN6zIpYdh0S9w_7UrR6TpBu3LXVqemo2TXLEYyQjtCYiJ55NBsf-gGQWDq6le03FYoerRY8MD804jcurYceOxn4OvTAdPQhRSZAg2QwrnRf2lgLtjvt3BGO1y3th982U-XH_oPIXgcXBj66cHM5gfH98tgqnX9HF_ZG4VJgG4rUMnLn-8LA6HIic2AwZpRWK4Y7ckVKR-3CnKqu0Yd_dVZbKORybqNas-AljMImW8iUZ6YfGI9avIu5Sd6wwvGfz-t5lcwKvIjVd9xsnQWDtYDTdrjamTTJVMg_l-PncqNA2xRdfDkup05WOauUdCNZmx86JtAD7D6z39nTK_zCBNereyTI25pZ3KqBE7Yv0DynxCQvCTa1upNdcWQpADvphrw9Fe3JJmaDA8g_rLFNP9_nkq8itin_4kSnJRLwp4KUY9-NJXdGVaRJ6r6BphbXw4kFMY7rWQ3Wshf6jJEQW7OHpGIO9INbHUEvPToFS4ypSZpAqpcjSu1aTF23jgPBY-7Oc2B5zlGgLzCAp1qnwIyhOrPNj39EACW2iUsTqxXob7BnutHgwgPqRoce-MCCCDVOHu3M1xDxxaVnIfU1Xa_aa1mK2IutEMI4UXBtc_4RkAkOD0UQJM-YYIt6Cd5TJg5rbM5xQZrGOtcGrJroujbbTwZ96d_fvtdSGYICbCQ9_Djibha1ma8lMKy5jLY32LEzoowsqPhcVmBRm29-TaEA1muhwotEQq_LVwlGwDNmGp4sZbSESNrBd0tLcj9l7epa91EyEICkeaJICys_xco5xHyFaVT050nNC88Dql0cK72hw0yG1X_mM-eItc0ry_5h2ol7i4WEPlPPpYyA-G3ooKBP_SuJyL0n3Fkm85-Jka721wKzdTA3_2-QNSBuH6Mfvf-2FQAFV4kZ3_WKTIlcDuP2th5KYlMsRQ_7HBCjqjzVO6veMHMUa4oz8PeKVgFCJn0NTLAHGyGutgbllubGXEphkOQTMlYuS0m9bqkcKYn0_nKtVotGCKxBnE1Wl-o6av8XWefgrupbVTbDSGplTiz0GDasAU8D_wIg3d7sxCOBZMP-O3nvREItWxPFnzKcAJ7A87uQtoJmIob4il65-HBxJUFMlVqI8FAGdkIO_AYXpw6G2M1C0Mg7MAOaH2kxXsXcaeyg7rl5MBhAuYoVboxbyZCRCBhwLtoIalslt7SGYi6EiWTBh_0wPcsR2DNtlbQkXTLJGar39ZT2w5UsnukIIyC5-P5Qfi9EIAY0Fsj5gtG6Y3G49xbNpbq1aQiYeDdhoOIWMROv6ynsaefBDfk67yFVIc0nty8cTIVJ32eDEIht0TxopJ00nbhkpTq8vKOCamU-fgf7J_6FRGdUDIuJcooxAQEsqnM913UaZ37C3w-NTKd5vxT6-BxCCK18TrWszb5-ejKvCuuI1pw-PgJACwkR0T4t9sjwxJPFYgM8BOnB5_dn10DqLpWZjxb-q6kTrBVgkoQNTEJni06037bPQ9pwvGuJB0XkbKlXclLA5vof0vLp6507M6j19EsWg4_WXoUWiE9YeSkj654WDoQI1uwEJ_kLPkarexm8ukYaXT-y5xiV52ppm-02ZTrKrYyb5ZAkGwtR7iM1E12FlUVC2F03NUUuxH0-7QUJRajT95P5wQ&cid=CAASEuRopRhdVToLHfkeIZh7_D8lqA&rfl=2%2Chttp%253A%252F%252Ffcgi4.gnezdo.ru%252F%240

Requested by

Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e95f247d4c2d357f3f4d3431a93989d7e0c9d3ec68420e47981041536468a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5828883634660773&output=html&h=280&slotname=7606796442&adk=1514590946&adf=896644619&pi=t.ma~as.7606796442&w=500&fwrn=4&fwrnh=100&lmt=1643714273&rafmt=1&psa=0&format=500x280&url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1643714273393&bpp=6&bdt=1194&idt=74&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=4219661926728&frm=20&pv=2&ga_vid=750922036.1643714272&ga_sid=1643714273&ga_hid=859503021&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1050&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31063221&oid=2&pvsid=3939480840175519&pem=164&tmod=1173121754&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=CHXCMUGY9K&p=http%3A//fcgi4.gnezdo.ru&dtd=87
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33786
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 11A9 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 11:17:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 11A9 123 KB
38 KB 120ms
97ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:17:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38373
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643632328463892"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 01 Feb 2022 11:17:54 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 11A9 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:15:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 11:15:04 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 11A9 0
0 15ms
15ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS0KbkncY2HuRqThifZNNQ5Pvcxe4ViyO_zupKmbcD7SSTm7O5PSPJgQdcRPpNVnFUpDKvx7ZiB_AgbG_f7fmjuzmm6Jg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5828883634660773&output=html&h=280&slotname=7606796442&adk=1514590946&adf=896644619&pi=t.ma~as.7606796442&w=500&fwrn=4&fwrnh=100&lmt=1643714273&rafmt=1&psa=0&format=500x280&url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1643714273393&bpp=6&bdt=1194&idt=74&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=4219661926728&frm=20&pv=2&ga_vid=750922036.1643714272&ga_sid=1643714273&ga_hid=859503021&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1050&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31063221&oid=2&pvsid=3939480840175519&pem=164&tmod=1173121754&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=CHXCMUGY9K&p=http%3A//fcgi4.gnezdo.ru&dtd=87
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 11A9 42 B
63 B 39ms
39ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DcD6kQhltno4rIQ9ru8jTP2wrijdSWYivoXho6o3scqNyRRGJivx89kNSheEPG5zQ1Cs128tww9Cr2oLzBvHyU5E7OhLeWpJef-wRxaV9kJdwoQCw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9940
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENoyGDpRSUBrWLKSIwM71SI&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENoyGDpRSUBrWLKSIwM71SI&google_cver=1&C=1

43 B
1014 B

27ms
27ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENoyGDpRSUBrWLKSIwM71SI&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYnaKFvgEwAQ&v=APEucNW_ZFyXIxMtHqmJRMaviwdt5F6Vgg2MhRssbPadX2wkZoZDsNT9sKzgtGER6jUYjzw-01jQ4PboyJKX0B8sajfdOfLu52_oafIh3Hh6bDViZ1PRy5lvRkn-4EQsvTUpNJ3ds9X6rryRCm3gC4yyQPXcz6qe8F0n5f8tdW7Me9P2SvPrrXY
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 11:17:54 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 01 Feb 2022 11:17:54 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 11:17:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENoyGDpRSUBrWLKSIwM71SI&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Tue, 01 Feb 2022 11:17:54 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9940
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfkW4pe0nYggmmAmxH6qBQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENoyGDpRSUBrWLKSIwM71SI&google_cver=1

43 B
894 B

36ms
35ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENoyGDpRSUBrWLKSIwM71SI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYnaKFvgEwAQ&v=APEucNW_ZFyXIxMtHqmJRMaviwdt5F6Vgg2MhRssbPadX2wkZoZDsNT9sKzgtGER6jUYjzw-01jQ4PboyJKX0B8sajfdOfLu52_oafIh3Hh6bDViZ1PRy5lvRkn-4EQsvTUpNJ3ds9X6rryRCm3gC4yyQPXcz6qe8F0n5f8tdW7Me9P2SvPrrXY
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 11:17:54 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 01 Feb 2022 11:17:54 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENoyGDpRSUBrWLKSIwM71SI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 9940
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIzBz0UNZiaf0iwioHKautc&google_cver=1

43 B
1002 B

18ms
18ms

Image
image/gif

185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIzBz0UNZiaf0iwioHKautc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYnaKFvgEwAQ&v=APEucNW_ZFyXIxMtHqmJRMaviwdt5F6Vgg2MhRssbPadX2wkZoZDsNT9sKzgtGER6jUYjzw-01jQ4PboyJKX0B8sajfdOfLu52_oafIh3Hh6bDViZ1PRy5lvRkn-4EQsvTUpNJ3ds9X6rryRCm3gC4yyQPXcz6qe8F0n5f8tdW7Me9P2SvPrrXY

Protocol

HTTP/1.1

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 11:17:54 GMT
X-Proxy-Origin: 217.64.151.4; 217.64.151.4; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 76878385-0acf-4de8-bc0a-fda35521571d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIzBz0UNZiaf0iwioHKautc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9940
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY1MDM2MTU0NTg4MjM1NjM1OA%3D%3D

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY1MDM2MTU0NTg4MjM1NjM1OA%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 11:17:54 GMT
X-Proxy-Origin: 217.64.151.4; 217.64.151.4; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c909fa5b-4546-468c-bee4-c87c319a46bc
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY1MDM2MTU0NTg4MjM1NjM1OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/912962/59461380/ Frame 11A9 231 KB
77 KB 137ms
59ms Script
application/javascript 34.250.206.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/912962/59461380/skeleton.js?ias_dspID=3&ias_campId=26029340&ias_pubId=pub-5828883634660773&ias_chanId=1&ias_placementId=15845895118&bidurl=http://fcgi4.gnezdo.ru/&ias_dealId=
Requested by: Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.206.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-206-93.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dba009fc8fd19810d1f1c5e9ef1db7f61b9547e11b06661fe5210881b442b6ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:54 GMT
content-encoding: gzip
x-server-name: app05.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 11A9 106 KB
38 KB 40ms
6ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 10:21:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3358
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Feb 2022 10:21:56 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/ Frame 11A9 8 KB
3 KB 8ms
8ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ck4Fz0zbQPFvBOwPJtMU82-k4njvak2PrrsOEZcjvY9YgyzGGi3AmjhsE2a6Y7YhfwqrZuRG2a7jOQF4KPArYKTf3L1cPegGl6YaTVKLJKS780pjYmraNlpwUZEqD_U3iuw-c2P7e9gcgAK3LnxFr08dwQLw&dbm_d=AKAmf-Dma8v-LWyUUeuSWLOG7YYY97zxHczHrCXZwriQejR2WjaTBMr1J-lcdP4vfRlrY-s3nNOjtK48hpkI9Ae00vyFEv5CoV5KDGcF1eshJb9QZ4eKHY50Ktw_AR5xNt5bGAkoJyNfURAk2UJTWKC-64J6CLgujZJWnO-nkOxYh9eiz175WEl1zAwNx7KCq6OJl4lPPB8KdeZotaSVcRSdtG0n5KPdxupsds5NVRyG5ZqO8hGWeEM1zfUh-CGl7pUZQnSaOQhfzbk6zcbTbgmb0howoVq2MWwqLrz6UJEZi7d_HJY1VCgHkCxjd4XibFiFvnFdAWd7FvWuTDzSbqcmgyoAqtZ_ugOL9AjnwU8H0-o9b5Jw7AJ7ijwEqBaBNhzFQnO9X2qSykvKTi1ONtcf630Y_MhkqxqTpHMoZxwZKkpN2fbAdwgPHDW-6aEqN6fAw0B5KRMIY8iMaCM52qnxwGMr5HHiRANmzl-4LDwAUS2uT4JdBKA0eCa02VWxFCViVnw0QTQoFerZPtlHS1VILLu8uqul1YJ3x0zIHdFI_9-TG1IYPqi0JtwdrLub8MdlPZwetWxeArgL-_FsPcA5c8zN6r1d5BMR1_3mDbvwXlM2SzLfOQXR4tgYIJR2l-h6Qa4Cctv2rE46hTkOaP8LhjSrXoZOG_b4yvmu5AUwr5LwfR9Z0eM0_defAW91GQPImE1vmoYT6NMqFLi_OxVBpOvMn3zU3fDkf1EUAAyyeIN6WTkHXXym2xFWmhUR-3txJiDOIvxtSx3F003hVHT6DxnEc6vTA7UXnWXvwqmLGvKGdvnbvUuCKY4N7RZpzuzI2WxNXZugXEiguGFoVo545vvKYyQ23JS2FHXfbNwMZmSlIWyz4uffktVcIDcNjdvrW2GxTpxe0N5pYatZMCvNehygP6iWwbM7yxwN3Ye8IVCgIN_06m8NJKBfk7tlymtlhChnEWoXsjZCmV94zAFhzRPGrmxN8EGX5-99J13x13sfz47f40f0KYOSqzKy7j9F_-BcSnRMlh4wUQdPKu15m3OnFJw-QcJJA2swdo3lMVYuAlQEvdunYJmQ3Ej-Eo_63ay9vVbITNQO_dXivS_XnU5mF_BnVnZ-_lSGSjY1RFljh1R5OZTPLwgKytODjuiSVko_FeEJQYJcVaYZvWyrxcWBmBosb5xT0aElfQBKtpQwERVbx6XHsUYq5kDAEwK0nJHgm4eRUYSxg1LNE1v_G0Xu8o5FGVLFY0QYWN7-55_3STpP89IZ4Moo7eIARN2pBjaGneiJwyHOuHek3C4UQBSPJqit8QcYeRvCora5mNfOVR0AIKo9yGCVo6_DmFwtetRovCNFo2G50IV4ZTEGNHSZZbMx4GGFF3npHLtGcIh_dKCQu68VESJ5Wwzb2LYO6oW_b8xvFJytlQ0O7q-IA81JKIeFuQBg7NrSc1nGRTxjMmcBs4_Bkv4SSAbWT6IKX5KDOckZxbEU4l45FubBzGcL9FtHJ3jr7sIehuX1F65vd7RLYGQTIzeb_FlOMsZs5XSS7QTqQcaEsOtjmNkbmvXPrZcsQ_WBzLLEkbyj0Dnc5Nop542VeY7knR-Nz23QMMo064_5u1dqLA5R1WM-Oy-DA7X5BJxW8Dil-Qjy6grkXqlIhcIc7tazfZHrZGUEV27d_sxuWuQcUbWLLqEJJ89i9uhKNdI_CnaM69v3H8BEN3JbYmeCKgaoSntCIOav2MuL4MOHSxcvgnEXrSxfN6zIpYdh0S9w_7UrR6TpBu3LXVqemo2TXLEYyQjtCYiJ55NBsf-gGQWDq6le03FYoerRY8MD804jcurYceOxn4OvTAdPQhRSZAg2QwrnRf2lgLtjvt3BGO1y3th982U-XH_oPIXgcXBj66cHM5gfH98tgqnX9HF_ZG4VJgG4rUMnLn-8LA6HIic2AwZpRWK4Y7ckVKR-3CnKqu0Yd_dVZbKORybqNas-AljMImW8iUZ6YfGI9avIu5Sd6wwvGfz-t5lcwKvIjVd9xsnQWDtYDTdrjamTTJVMg_l-PncqNA2xRdfDkup05WOauUdCNZmx86JtAD7D6z39nTK_zCBNereyTI25pZ3KqBE7Yv0DynxCQvCTa1upNdcWQpADvphrw9Fe3JJmaDA8g_rLFNP9_nkq8itin_4kSnJRLwp4KUY9-NJXdGVaRJ6r6BphbXw4kFMY7rWQ3Wshf6jJEQW7OHpGIO9INbHUEvPToFS4ypSZpAqpcjSu1aTF23jgPBY-7Oc2B5zlGgLzCAp1qnwIyhOrPNj39EACW2iUsTqxXob7BnutHgwgPqRoce-MCCCDVOHu3M1xDxxaVnIfU1Xa_aa1mK2IutEMI4UXBtc_4RkAkOD0UQJM-YYIt6Cd5TJg5rbM5xQZrGOtcGrJroujbbTwZ96d_fvtdSGYICbCQ9_Djibha1ma8lMKy5jLY32LEzoowsqPhcVmBRm29-TaEA1muhwotEQq_LVwlGwDNmGp4sZbSESNrBd0tLcj9l7epa91EyEICkeaJICys_xco5xHyFaVT050nNC88Dql0cK72hw0yG1X_mM-eItc0ry_5h2ol7i4WEPlPPpYyA-G3ooKBP_SuJyL0n3Fkm85-Jka721wKzdTA3_2-QNSBuH6Mfvf-2FQAFV4kZ3_WKTIlcDuP2th5KYlMsRQ_7HBCjqjzVO6veMHMUa4oz8PeKVgFCJn0NTLAHGyGutgbllubGXEphkOQTMlYuS0m9bqkcKYn0_nKtVotGCKxBnE1Wl-o6av8XWefgrupbVTbDSGplTiz0GDasAU8D_wIg3d7sxCOBZMP-O3nvREItWxPFnzKcAJ7A87uQtoJmIob4il65-HBxJUFMlVqI8FAGdkIO_AYXpw6G2M1C0Mg7MAOaH2kxXsXcaeyg7rl5MBhAuYoVboxbyZCRCBhwLtoIalslt7SGYi6EiWTBh_0wPcsR2DNtlbQkXTLJGar39ZT2w5UsnukIIyC5-P5Qfi9EIAY0Fsj5gtG6Y3G49xbNpbq1aQiYeDdhoOIWMROv6ynsaefBDfk67yFVIc0nty8cTIVJ32eDEIht0TxopJ00nbhkpTq8vKOCamU-fgf7J_6FRGdUDIuJcooxAQEsqnM913UaZ37C3w-NTKd5vxT6-BxCCK18TrWszb5-ejKvCuuI1pw-PgJACwkR0T4t9sjwxJPFYgM8BOnB5_dn10DqLpWZjxb-q6kTrBVgkoQNTEJni06037bPQ9pwvGuJB0XkbKlXclLA5vof0vLp6507M6j19EsWg4_WXoUWiE9YeSkj654WDoQI1uwEJ_kLPkarexm8ukYaXT-y5xiV52ppm-02ZTrKrYyb5ZAkGwtR7iM1E12FlUVC2F03NUUuxH0-7QUJRajT95P5wQ&cid=CAASEuRopRhdVToLHfkeIZh7_D8lqA&rfl=2%2Chttp%253A%252F%252Ffcgi4.gnezdo.ru%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:13:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 11:13:36 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 11A9 23 KB
9 KB 7ms
7ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9288
x-xss-protection: 0
server: cafe
etag: 5602277676122011250
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Feb 2022 11:14:59 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 11A9 41 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135155
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Jan 2023 21:45:19 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6C01 1 KB
749 B 9ms
8ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Mon, 31 Jan 2022 13:26:12 GMT
expires: Tue, 01 Feb 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 78702
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0B32 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Jan 2022 17:31:54 GMT
expires: Sun, 29 Jan 2023 17:31:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 236760
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame 6C01 35 B
463 B 29ms
8ms Image
image/gif 2620:116:800d:21:3175:5196:e3fd:8c1d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEnaA70Jv0RBlpmmmvd9yGg&google_cver=1&google_push=AYg5qPJ0NwIsitbaqUeCu5la7ZM7Kn3Y-5JxBWK6KIs69_C3Px7ms9E-zGlJrVpDxax1aTOhNDVO4y2xl8fqH8JjT5XahGiw2jJHcg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C01
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIhgWjQj-hxt9MQND8W_3fXHw9Z8P2P4MhTOVx...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWZrVzRnQUFBUXNRd1ZMRQ&google_push=AYg5qPIhgWjQj-hxt9MQND8W_3fXHw9Z8P2P4MhTOVxeBS-x11tlPm95nNyIqEvvkl3sV2_qFsNdExcFWMroDszkYlEvg-w_Yr...

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWZrVzRnQUFBUXNRd1ZMRQ&google_push=AYg5qPIhgWjQj-hxt9MQND8W_3fXHw9Z8P2P4MhTOVxeBS-x11tlPm95nNyIqEvvkl3sV2_qFsNdExcFWMroDszkYlEvg-w_YrgP-w

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWZrVzRnQUFBUXNRd1ZMRQ&google_push=AYg5qPIhgWjQj-hxt9MQND8W_3fXHw9Z8P2P4MhTOVxeBS-x11tlPm95nNyIqEvvkl3sV2_qFsNdExcFWMroDszkYlEvg-w_YrgP-w
Date: Tue, 01 Feb 2022 11:17:54 GMT
Server: Apache
Connection: keep-alive
Content-Length: 393
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C01
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEAPVoXN0UbG3GxXL5xmO6Qs&google_cver=1&google_push=AYg5qPI38HSKAhlj8B5NOChgk1TMg1YvXswjM9RgPvySSgVdogJKP_hLyZdxmZ1OAHF284cwYXjQugSqj26wSQKXddvUQkMJpi3Y
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPI38HSKAhlj8B5NOChgk1TMg1YvXswjM9RgPvySSgVdogJKP_hLyZdxmZ1OAHF284cwYXjQugSqj26wSQKXddvUQkMJpi3Y&google_hm=Q0FFU0VBUFZvWE4wVWJHM...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPI38HSKAhlj8B5NOChgk1TMg1YvXswjM9RgPvySSgVdogJKP_hLyZdxmZ1OAHF284cwYXjQugSqj26wSQKXddvUQkMJpi3Y&google_hm=Q0FFU0VBUFZvWE4wVWJHM0d4WEw1eG1PNlFz

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 01 Feb 2022 11:17:53 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPI38HSKAhlj8B5NOChgk1TMg1YvXswjM9RgPvySSgVdogJKP_hLyZdxmZ1OAHF284cwYXjQugSqj26wSQKXddvUQkMJpi3Y&google_hm=Q0FFU0VBUFZvWE4wVWJHM0d4WEw1eG1PNlFz
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C01
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLRpv6sVNHEpLn5Uut5O3c_QImxs45JjhuZlugBAnunj9rLVJyYyxM-d9wDPmckuLBREL8QsRyiqo2ZWtacMhgJumzdZrq-Gg&google_gid=CAESEJ1SVKz5sQ4skM5LD-ZE1s4&g...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwaFI2SHhKZUZKSU90VmJKMkR3Y0xPMWlZQjJDOFJNUU01bEFMQTJuLWREaw==&google_push

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwaFI2SHhKZUZKSU90VmJKMkR3Y0xPMWlZQjJDOFJNUU01bEFMQTJuLWREaw==&google_push

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 01 Feb 2022 11:17:54 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwaFI2SHhKZUZKSU90VmJKMkR3Y0xPMWlZQjJDOFJNUU01bEFMQTJuLWREaw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 6C01 43 B
351 B 34ms
15ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEAYnfqmVHpjWBIYcDIUqmcU&google_cver=1&google_push=AYg5qPIk8uX6RlgLpMJ90E2BF-QD7FF9qbveauWT4iZDf4pw0RZjMOagO_dbELA_5i1OHfJGTTfP4MF5cJoDCKGr_E82uV3uayk3
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5828883634660773&output=html&h=280&slotname=7606796442&adk=1514590946&adf=896644619&pi=t.ma~as.7606796442&w=500&fwrn=4&fwrnh=100&lmt=1643714273&rafmt=1&psa=0&format=500x280&url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1643714273393&bpp=6&bdt=1194&idt=74&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=4219661926728&frm=20&pv=2&ga_vid=750922036.1643714272&ga_sid=1643714273&ga_hid=859503021&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1050&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31063221&oid=2&pvsid=3939480840175519&pem=164&tmod=1173121754&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=CHXCMUGY9K&p=http%3A//fcgi4.gnezdo.ru&dtd=87
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:53 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 9mhjjpd1qakhg8egenpu2jq98ticm28g

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C01
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zaaBX-fYRICX7eAONpx4iQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zaaBX-fYRICX7eAONpx4iQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLeRQLT-Tt6C9gEDzvx6yySjIVuvstWERusszBAdx6UHw2xpInnauQaFTMDhvQ4O29h4m3LuVMm435Xjb0oOJP0sk4Y6zYH

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zaaBX-fYRICX7eAONpx4iQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLeRQLT-Tt6C9gEDzvx6yySjIVuvstWERusszBAdx6UHw2xpInnauQaFTMDhvQ4O29h4m3LuVMm435Xjb0oOJP0sk4Y6zYH
date: Tue, 01 Feb 2022 11:17:53 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6C01
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELHg6OSCMHPGRMLjBuPx9Rc&google_cver=1&google_push=AYg5qPKXOjihJTM7a3Go2ARvSAB1K2ExucSmNChlELOc21lsrjHn1hlAL89EwzVlwJ79J_3QImz...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o0MTFGS0wtMTgtNVM0Qw==&google_push=AYg5qPKXOjihJTM7a3Go2ARvSAB1K2ExucSmNChlELOc21lsrjHn1hlAL89EwzVlwJ79J_3QImzjURKi6thrO8Vc-utwS92XvMGvNg

170 B
188 B

20ms
20ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o0MTFGS0wtMTgtNVM0Qw==&google_push=AYg5qPKXOjihJTM7a3Go2ARvSAB1K2ExucSmNChlELOc21lsrjHn1hlAL89EwzVlwJ79J_3QImzjURKi6thrO8Vc-utwS92XvMGvNg

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o0MTFGS0wtMTgtNVM0Qw==&google_push=AYg5qPKXOjihJTM7a3Go2ARvSAB1K2ExucSmNChlELOc21lsrjHn1hlAL89EwzVlwJ79J_3QImzjURKi6thrO8Vc-utwS92XvMGvNg
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 750589468d5634b7e99830971becaf64
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6C01 0
12 B 16ms
15ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LhBWPYX_4BX9ao2tXXkIw1rtGmma_YnFic_tlQTHc1F-bTq8ygXvGm3FilV9F5h9J68Pqe

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:17:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13730119597208835797/ Frame 32D5 136 KB
22 KB 21ms
7ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13730119597208835797/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b003e8de5793232ac8aea83c9bcf7bcb8328f69e00803dcc18a450e1fd4d7b29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 22273
date: Wed, 26 Jan 2022 12:56:48 GMT
expires: Thu, 26 Jan 2023 12:56:48 GMT
cache-control: public, max-age=31536000
age: 512466
last-modified: Wed, 01 Dec 2021 07:58:53 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 11A9 0
571 B 87ms
52ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsueaJiNbXcuheVB-V5t6Gpt_1e3uFFuCP479ohuYgFbEe8WBNHviQwm1DdFTf1aNjedKbs7n8qXIAkLhN1LXILVwG6OKNGEbrAttDGF6XvzhAn6nZX2W30xrN8kqcJyktRFvxYsnJi7cYCgzFf8pCU4iFCxSfiizN242dSMw80syTvHhAxDq60zKnBPoJkwvkf1BhSCe-s2vIxY61Xak1gcBzaWacAKNT5FKagHz9R9RFqq-_pXAJMxegWYFSGj9gkmu2AN38NaPNXIndB9bM70AWWUXWHSS2jHA2HC1QZuPAGqlpUQzeiG1r8t9n9mkmkZ6oZ_r4Z6bo6t-ocfsaI82do2ujugJQhlahyLFFHGSh7Tjfqh1v3LsGUXkjyQylaE9U5zmLNDKwiRBhiEhgAXUc3_D2o5SF0kN4X-6hlG-AAe6tmeRqXS_1pxA7EVdxXsp4bb1G9_PAGmmwC0B8ys317He7BkQeAVMgDXR4G9vIYhF2Fh3K5Pq8HoxpGuLwWNKaB3tp8iEFEoIad8NlTNiWZnv-3nDj4R_xQVT5UAG0a8BdBjUAA7UARbM9jMY4hC9Yi0KehS30_XZOP3nBgvUdXo1jgHJ6DKJBdEsNG7X4AjXdc04EImn9zibB7DUZGZFnr-uFJdT2thLHzpdEt-sWM3hX020L95g-kM5o05uykVYVv_cU7WSgo5g2Y95MiV2YkAezOrJ5EYIH_lWXdIn_6NZ09MuYTQEYx0MTtoYlvUG6fB_2CuIWoF9LuTBlpwrNrCiGsst4RYn0w4JyYvMJuOcTFpTF38y6QTrs-lpQxrSAyfwO6tRYvka_YpQ_KvBHfiZ-xXQo4QG0f24e-eD8vr4k2qfYyhwxrvBRLp-IYPukApZwgsnrzmYAATbf_m30okB9lnEvU1DDD13aObW93Wav_6V1otXtVIh2O3-8J0CUFdwG_NzLZwBEJEiEsU01HS2DXjp2OCM3eIa2jXAtZ70uPkC6OCJEgxF4wyWr7U_X6zr1W-EepgjoUs_zRGxpuIKg_qw2sPsPacVD6fM_so1vhplzN8oI8vHpNbqwTnPbucDXOf4hWJd4U-4NjNgO3g4NHYQTbDPWlYOvPKuohRqLJxY3K5NEack2pU62VKBvvHCRXPwbwX3vvwlDP8u0FyNF_Zl7mnBj3ts-IGdBPdW9c7-JQIOHkBelZ6&sai=AMfl-YQm5hmiR_4RtzXttnT66oyeDDUzaaGkrtseKvxcsbCDSKoMO_wVk-D3RTCC2zGhEPC1byd9s-aoMUIdkVZ8pXcPM7Ol9B7iwGvmkswaLfSV8KxytKhupluXAHpGLT6DA_ztb2RNdqcjJj98JCddQakjl-N7Uw&sig=Cg0ArKJSzAPNEtv70VAHEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=64&cbvp=1&cstd=62&cisv=r20220126.36304&adurl=

Requested by

Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 01 Feb 2022 11:17:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 11A9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34d588c1624ca9355ab920fa38493d6fe7172e653cb8942047cabb97679242fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 32D5 29 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13730119597208835797/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13730119597208835797/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 13:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77232
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Feb 2022 13:50:42 GMT

GET
H3 200 mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Show response
pagead2.googlesyndication.com/bg/ Frame 0B32 35 KB
13 KB 9ms
9ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 10:12:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13575
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Feb 2023 10:12:34 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 11A9 0
60 B 44ms
44ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: fcgi4.gnezdo.ru
URL: http://fcgi4.gnezdo.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 01 Feb 2022 11:17:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 32D5 6 KB
2 KB 8ms
8ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13730119597208835797/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:08:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Feb 2022 11:23:52 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 32D5 2 KB
1 KB 8ms
8ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/cta_jetzt_buchen.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9f7ca92ac484587069e344faf7ecd9f82c53739d5008d5adcfafa7e705d9ba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13730119597208835797/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 529
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 998
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 10:03:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Feb 2022 11:24:05 GMT

GET
H3 200 txt_flex.svg
s0.2mdn.net/creatives/assets/4372121/ Frame 32D5 2 KB
1 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4372121/txt_flex.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3293ad8919d2d0564a38afe9b8a6cf876c94b041fabaeb1cfd38dd73806132b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13730119597208835797/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 528
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1140
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 11:47:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Feb 2022 11:24:06 GMT

GET
H3 200 icon_plus.svg
s0.2mdn.net/creatives/assets/4372121/ Frame 32D5 677 B
385 B 9ms
9ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4372121/icon_plus.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c585d566dc826dd3d02e5054bab18f7d72db6e6610f11f22a9d96c5661454dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13730119597208835797/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 529
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 357
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 11:45:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Feb 2022 11:24:05 GMT

GET
H3 200 txt_300x250_head.svg
s0.2mdn.net/creatives/assets/4372121/ Frame 32D5 8 KB
3 KB 10ms
10ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4372121/txt_300x250_head.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

216403a8e25717fdb6e890b60c6b56989dd0f219ace3d85d381f7b6a3a8b2ab8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13730119597208835797/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 529
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3082
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 12:06:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Feb 2022 11:24:05 GMT

GET
H3 200 300x250_radiant_ret.svg
s0.2mdn.net/creatives/assets/4302518/ Frame 32D5 4 KB
1 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4302518/300x250_radiant_ret.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b4eb7dc14fea146b8351d309e8996440d08e02b9c58e3c1e94efa4d845a31d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13730119597208835797/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:09:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1016
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 15:55:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Feb 2022 11:24:27 GMT

GET
H3 200 300x250_gradiant_ret.svg
s0.2mdn.net/creatives/assets/4372121/ Frame 32D5 740 B
412 B 11ms
11ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4372121/300x250_gradiant_ret.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41dfb3634c0905e1abdc656c7e375b20975fcae3283a61eb91b02b5021f47ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13730119597208835797/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:09:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 493
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 384
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 11:36:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Feb 2022 11:24:41 GMT

GET
H3 200 300x250_kv.jpg
s0.2mdn.net/creatives/assets/4372121/ Frame 32D5 17 KB
17 KB 11ms
11ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4372121/300x250_kv.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7aaa66663eb5c08abc6b05d2846a7704e7d152107b7ceedeb64f67aee664b1b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13730119597208835797/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:14:56 GMT
x-content-type-options: nosniff
age: 178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16922
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 11:31:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Feb 2022 11:29:56 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 11A9
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/912962/59461380/4.js?ias_dspID=3&ias_campId=26029340&ias_pubId=pub-5828883634660773&ias_chanId=1&ias_placementId=15845895118&bidurl=http://fcgi4.gnezdo.ru/&ias...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

16ms
15ms

Script
application/javascript

2600:9000:224a:e600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5828883634660773&output=html&h=280&slotname=7606796442&adk=1514590946&adf=896644619&pi=t.ma~as.7606796442&w=500&fwrn=4&fwrnh=100&lmt=1643714273&rafmt=1&psa=0&format=500x280&url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1643714273393&bpp=6&bdt=1194&idt=74&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=4219661926728&frm=20&pv=2&ga_vid=750922036.1643714272&ga_sid=1643714273&ga_hid=859503021&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1050&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31063221&oid=2&pvsid=3939480840175519&pem=164&tmod=1173121754&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=CHXCMUGY9K&p=http%3A//fcgi4.gnezdo.ru&dtd=87
Protocol: H2
Server: 2600:9000:224a:e600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:52:02 GMT
content-encoding: gzip
age: 498352
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 26 Jan 2022 16:51:51 GMT
server: AmazonS3
etag: W/"96e16e7453ae2e6952bc6d2a20ea29f7"
vary: Accept-Encoding
x-amz-version-id: TI7Wu8.c3shY9Kbc25ps.McAaw9Y1JrB
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: DUS51-P1
content-type: application/javascript
x-amz-cf-id: 6oe1JjwEBXcFENB6QjDx7qEM_fZgxzJiH7znNK-R9-v-r13Mu8Q63w==

Redirect headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:54 GMT
x-server-name: app32.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame AC81 80 KB
21 KB 49ms
14ms Script
application/javascript 2600:9000:224a:e600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5828883634660773&output=html&h=280&slotname=7606796442&adk=1514590946&adf=896644619&pi=t.ma~as.7606796442&w=500&fwrn=4&fwrnh=100&lmt=1643714273&rafmt=1&psa=0&format=500x280&url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1643714273393&bpp=6&bdt=1194&idt=74&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=4219661926728&frm=20&pv=2&ga_vid=750922036.1643714272&ga_sid=1643714273&ga_hid=859503021&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1050&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31063221&oid=2&pvsid=3939480840175519&pem=164&tmod=1173121754&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=CHXCMUGY9K&p=http%3A//fcgi4.gnezdo.ru&dtd=87
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:e600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 10:01:19 GMT
content-encoding: gzip
age: 5966196
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-type: application/javascript
x-amz-cf-id: xNxfP2Z3vnMzbzKT_VWjmIPSkrxMu39H1MUOo9m-dZpHxNMBj4lKew==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 11A9 43 B
215 B 479ms
157ms Image
image/gif 44.231.243.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=912962&asId=bf568979-99bb-c315-7587-9045b8adcc4a&tv=%7Bc:2Y0XtX,pingTime:-3,time:55,type:v,im:%7BpBlk:32%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:15%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:55,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B50~0%5D,as:%5B50~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sWbDAfc+11%7C12%7C131*.912962-59461380%7C1311%7C1312%7C13131%7C1314%7C14%7C15,idMap:131*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5828883634660773&output=html&h=280&slotname=7606796442&adk=1514590946&adf=896644619&pi=t.ma~as.7606796442&w=500&fwrn=4&fwrnh=100&lmt=1643714273&rafmt=1&psa=0&format=500x280&url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1643714273393&bpp=6&bdt=1194&idt=74&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=4219661926728&frm=20&pv=2&ga_vid=750922036.1643714272&ga_sid=1643714273&ga_hid=859503021&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1050&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31063221&oid=2&pvsid=3939480840175519&pem=164&tmod=1173121754&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=CHXCMUGY9K&p=http%3A//fcgi4.gnezdo.ru&dtd=87
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.231.243.74 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-231-243-74.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:54 GMT
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 11A9 43 B
215 B 627ms
308ms Image
image/gif 44.231.243.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=912962&asId=bf568979-99bb-c315-7587-9045b8adcc4a&tv=%7Bc:2Y0XtY,pingTime:-6,time:56,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:56,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B51~0%5D,as:%5B51~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sWbDAfc+11%7C12%7C131*.912962-59461380%7C1311%7C1312%7C13131%7C1314%7C14%7C15,idMap:131*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:fcgi4.gnezdo.ru%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5828883634660773&output=html&h=280&slotname=7606796442&adk=1514590946&adf=896644619&pi=t.ma~as.7606796442&w=500&fwrn=4&fwrnh=100&lmt=1643714273&rafmt=1&psa=0&format=500x280&url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1643714273393&bpp=6&bdt=1194&idt=74&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=4219661926728&frm=20&pv=2&ga_vid=750922036.1643714272&ga_sid=1643714273&ga_hid=859503021&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1050&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31063221&oid=2&pvsid=3939480840175519&pem=164&tmod=1173121754&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=CHXCMUGY9K&p=http%3A//fcgi4.gnezdo.ru&dtd=87
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.231.243.74 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-231-243-74.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:54 GMT
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 11A9 43 B
215 B 468ms
158ms Image
image/gif 44.231.243.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=912962&asId=bf568979-99bb-c315-7587-9045b8adcc4a&tv=%7Bc:2Y0Xu9,pingTime:-2,time:67,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:256,beZ:257,mfA:258,cmA:259,inA:260,inZ:263,prA:263,prZ:267,si:271,poA:272,bl:288,poZ:288,cmZ:288,mfZ:288,loA:312,loZ:314,ltA:322,ltZ:322%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:15%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:67,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B62~0%5D,as:%5B62~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sWbDAfc+11%7C12%7C131*.912962-59461380%7C1311%7C1312%7C13131%7C1314%7C14%7C15,idMap:131*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,sinceFw:50,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5828883634660773&output=html&h=280&slotname=7606796442&adk=1514590946&adf=896644619&pi=t.ma~as.7606796442&w=500&fwrn=4&fwrnh=100&lmt=1643714273&rafmt=1&psa=0&format=500x280&url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1643714273393&bpp=6&bdt=1194&idt=74&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=4219661926728&frm=20&pv=2&ga_vid=750922036.1643714272&ga_sid=1643714273&ga_hid=859503021&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1050&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31063221&oid=2&pvsid=3939480840175519&pem=164&tmod=1173121754&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=CHXCMUGY9K&p=http%3A//fcgi4.gnezdo.ru&dtd=87
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.231.243.74 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-231-243-74.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:54 GMT
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B32 0
20 B 43ms
43ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzTbH4hb5Yfi8C4SylQeEsa3gCAAAAAA4AeAEAg&bg=!paalpuLNAAY6OBv_Ojg7ACkAdvg8WoljhpIq6IovnoH2ssfprW1I2Xhr9w21w8P50Ov34s90kaqotgIAAACZUgAAAAJoAQeZAyHwRWnnnE78T-4uEJ_sZzmuSDK3wh8hOBblIi7YqQh9-wUr5-2rrKyX8GYYU9PbhCz1SMGfqECIze6c1CD1KXv_slFMkHWNSublwEZFoAxXVB5vRJ_WWsLsU7fBQDTIXAukGDHpYlIX2F1bRv-o72Fh1RQ18vMV4Y-BHxn7xfupuUBxXHWQNXAe7VwTSc8RNoW5PN1gHxJuTVJ-2Cq3Tm-osAf5VYz_TTXEkvZ-RUsrbz0LVpHQLuLy9ZUd43RFmMV2pME1s1WZHOrfNmtyzBad5rFOZU2uit0CsXYwvDJ56ZSXmf2uqs3TwQhYci0a9z172F75Dv9Z5r83wPNfz_EkwdecDVp0qtryzjNpU_z3TyPMsoFmlEv32TFKn_As28oFSFfGRL6Uzgj_0F5GwHb3UTEbRMWm71tD-BIhbU8ZX5TTCnH7C45dVz75zZP2rvsBIRBhL_E6ljTIBIGtXuu8t96RTQuYprxhrm8GmNvZxkubL_YF7hs6ON7ZWOqmcW_PQh9j05auHQ_7PqfpE8dWEN4dJRM7TvHTLzv3P0HqQ-BNP7Fu1n7ybqgOz-bxh3835D6v91rUuzzr5w7R-HVn_xZk3o016d-5aRyOflrPTOKdew3CWS91j4X2y635NjLFwevRERfPGrL9INn8upWTi9tT7hr5Gt1BbpR8flRjui8vi2ob1WLGUNF0npG8-oIdChVpLvZMwpBT9KsVgMkDzOj4KOide9doj-WY4NijDvoJBDFJjQzWivjk6G9cEmCpivSuuOXAPE9mlcwp0SQL1r78yzXpDRBemdyCODoBACX1pAhSWJUiq0_icONuqSZTqqVxiHmw1D4-_2Tjl6ikZ7g38XNPPrfktfsO_N2d9Nk9-5Mxt_-lf2xfdAGn1RMzcFKgiIMNXyH7vR9EMEJWelaUiMYxjv64-HBI0__3LdzTVFvCkwGVET1WUYsT3Y7Y4oTzBfHLRqyP4tVZdvkziOLIMdrxFkkFEJhHVP6MF59zqmpvv70EeHvv408f9TuAfDek3iDxuow9ex-kRzumXpD7OlbwgcR3h80ssFdXopo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 11A9 43 B
216 B 381ms
156ms Image
image/gif 44.231.243.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=912962&asId=bf568979-99bb-c315-7587-9045b8adcc4a&tv=%7Bc:2Y0Xvw,time:153,type:e,im:%7BpWait:9%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:153,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B148~0%5D,as:%5B148~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sWbDAfc+11%7C12%7C131*.912962-59461380%7C1311%7C1312%7C13131%7C1314%7C14%7C15,idMap:131*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5828883634660773&output=html&h=280&slotname=7606796442&adk=1514590946&adf=896644619&pi=t.ma~as.7606796442&w=500&fwrn=4&fwrnh=100&lmt=1643714273&rafmt=1&psa=0&format=500x280&url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1643714273393&bpp=6&bdt=1194&idt=74&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=4219661926728&frm=20&pv=2&ga_vid=750922036.1643714272&ga_sid=1643714273&ga_hid=859503021&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1050&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31063221&oid=2&pvsid=3939480840175519&pem=164&tmod=1173121754&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=CHXCMUGY9K&p=http%3A//fcgi4.gnezdo.ru&dtd=87
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.231.243.74 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-231-243-74.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:54 GMT
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 11A9 43 B
215 B 158ms
157ms Image
image/gif 44.231.243.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=912962&asId=bf568979-99bb-c315-7587-9045b8adcc4a&tv=%7Bc:2Y0Xz7,pingTime:-10,time:375,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ny4wLjQ2OTIuNzEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000002002220000022220200000222200022020002022022022222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022202220020222202000220000222202222202222000002002002222222202220022202200022002220202202,asp:1643714274797%7C%7C7bdbed48824612cb1aa49e4670601031%7C%7C8866308252d63f9bf74b74e606896148%7C%7Cc653260cadc70794018f785b031adadf%7C%7Cb632520a5b31505caf8230b17b46dffe%7C%7C8f289024e1ce0752c4c246a778a82d87%7C%7C2e3f9cc46111c4e9574afedc4885c176%7C%7C3e81920e2279f9385c269fd8878b725d%7C%7C1629390669%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5828883634660773&output=html&h=280&slotname=7606796442&adk=1514590946&adf=896644619&pi=t.ma~as.7606796442&w=500&fwrn=4&fwrnh=100&lmt=1643714273&rafmt=1&psa=0&format=500x280&url=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1643714273393&bpp=6&bdt=1194&idt=74&shv=r20220126&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&correlator=4219661926728&frm=20&pv=2&ga_vid=750922036.1643714272&ga_sid=1643714273&ga_hid=859503021&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1050&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31063221&oid=2&pvsid=3939480840175519&pem=164&tmod=1173121754&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=CHXCMUGY9K&p=http%3A//fcgi4.gnezdo.ru&dtd=87
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.231.243.74 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-231-243-74.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:54 GMT
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 11A9 43 B
215 B 155ms
155ms Image
image/gif 44.231.243.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=912962&asId=bf568979-99bb-c315-7587-9045b8adcc4a&tv=%7Bc:2Y0XEF,time:719,type:e,im:%7Bpci:%7Btdr:677%7D,pLoad:689%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:719,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B714~0%5D,as:%5B714~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:631,fm:sWbDAfc+11%7C12%7C131*.912962-59461380%7C1311%7C1312%7C13131%7C1314%7C14%7C15,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.231.243.74 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-231-243-74.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:55 GMT
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 11A9 42 B
64 B 48ms
48ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsseHuPeHGGEUdLc1Pe__F4s5aqRtfnugFigpot7V9bhRDuhXgdGI1HrpVMUzP6Djp_apq_vwVM0aDr_euDH4pToO-i6-0y296LF2T-gROQtr5rNT0GpfQ&sai=AMfl-YQkqzGnl9XpplSvRS2Lparmj-Da7x0S4pelGoTdp9Gz-D9VvI7xx4zthPRQr_rcQT19AsD_Q8C8uR971BYqmBKnQEjOeaLvHt0&sig=Cg0ArKJSzDXjK-D0AOJQEAE&cid=CAASEuRopRhdVToLHfkeIZh7_D8lqA&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220131&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1514590946&rs=2&la=0&cr=0&vs=4&r=v&rst=1643714274167&rpt=253&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 11A9 43 B
215 B 156ms
155ms Image
image/gif 44.231.243.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=912962&asId=bf568979-99bb-c315-7587-9045b8adcc4a&tv=%7Bc:2Y0XKh,pingTime:0,time:1067,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:15%7D,%7Bpiv:100,vs:i,r:,t:1067%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1,o:1066,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1062~0,1~100%5D,as:%5B1063~300.250%5D%7D%7D,%7Bsl:i,t:1066,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1062~0,1~100%5D,as:%5B1063~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:157,fm:sWbDAfc+11%7C12%7C131*.912962-59461380%7C1311%7C1312%7C13131%7C1314%7C14%7C15,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.231.243.74 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-231-243-74.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:55 GMT
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 11A9 43 B
215 B 160ms
160ms Image
image/gif 44.231.243.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=912962&asId=bf568979-99bb-c315-7587-9045b8adcc4a&tv=%7Bc:2Y0Y0q,pingTime:1,time:2069,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:15%7D,%7Bpiv:100,vs:i,r:,t:1067%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1003,o:1066,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1062~0,1~100%5D,as:%5B1063~300.250%5D%7D%7D,%7Bsl:i,t:1066,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:159,fm:sWbDAfc+11%7C12%7C131*.912962-59461380%7C1311%7C1312%7C13131%7C1314%7C14%7C15,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.231.243.74 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-231-243-74.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:56 GMT
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 11A9 43 B
215 B 161ms
160ms Image
image/gif 44.231.243.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=912962&asId=bf568979-99bb-c315-7587-9045b8adcc4a&tv=%7Bc:2Y0Y0r,pingTime:1,time:2069,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:15%7D,%7Bpiv:100,vs:i,r:,t:1067%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1003,o:1066,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1062~0,1~100%5D,as:%5B1063~300.250%5D%7D%7D,%7Bsl:i,t:1066,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:159,fm:sWbDAfc+11%7C12%7C131*.912962-59461380%7C1311%7C1312%7C13131%7C1314%7C14%7C15,idMap:131*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.231.243.74 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-231-243-74.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 11:17:56 GMT
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?VkeVDg

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

55 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gnezdo.ru/	1970-01-20 18:06:26	Name: _ga Value: GA1.2.750922036.1643714272
.gnezdo.ru/	1970-01-20 00:36:40	Name: _gid Value: GA1.2.1230858319.1643714272
.gnezdo.ru/	1970-01-20 00:35:14	Name: _gat Value: 1
.weborama.com/	1970-01-20 10:06:55	Name: wui Value: E6E2E8B1-A5E7-4296-B6C7-7A3E61397865
.gnezdo.ru/	1970-01-20 09:20:50	Name: _ym_uid Value: 1643714273163410743
.gnezdo.ru/	1970-01-20 09:20:50	Name: _ym_d Value: 1643714273
.weborama.fr/	1970-01-20 10:06:55	Name: AFFICHE_W Value: LqX8k8vdY4su45
.weborama.fr/	1970-01-20 00:35:16	Name: wbo_temps_reel Value: NDg1NzM2
.gnezdoruanalytics.solution.weborama.fr/	1970-01-20 01:34:12	Name: _wrvur Value: AgKbaai
.gnezdoruanalytics.solution.weborama.fr/	1970-01-20 01:34:12	Name: _wrvusr Value: AgKbaaeaaG
.weborama.com/	1970-01-20 00:45:19	Name: wam-sync Value: ok
.gnezdo.ru/	1970-01-25 20:05:16	Name: uid Value: XV9kdWH5FuBqsxAhPT9NAg==
cstatic.weborama.fr/	1970-01-20 00:38:52	Name: _xttrk2_all Value: 1
cstatic.weborama.fr/	1970-01-20 00:38:52	Name: _xttrk2_ids Value: 1
cstatic.weborama.fr/	1970-01-20 00:38:52	Name: _xttrk2 Value: 1
cstatic.weborama.fr/	1970-01-20 00:38:52	Name: _xttrk2_mpub Value: 1
cstatic.weborama.fr/	1970-01-20 00:38:52	Name: _xttrk2_uk Value: 1
.tapad.com/	1970-01-20 02:01:38	Name: TapAd_TS Value: 1643714272658
.tapad.com/	1970-01-20 02:01:38	Name: TapAd_DID Value: 3cf02ca3-9da0-4d11-85bd-c6a32c9e3aab
.yandex.ru/	1970-01-20 09:20:50	Name: ymex Value: 1675250272.yrts.1643714272#1675250272.yrtsi.1643714272
.yandex.ru/	1970-01-20 09:20:50	Name: yandexuid Value: 6306469971643714272
.yandex.ru/	1970-01-20 09:20:50	Name: yuidss Value: 6306469971643714272
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1174261251643714272
.yandex.ru/	1970-01-23 16:11:14	Name: i Value: RD01LafHKPqbcp67+r1CyolLkuddqmJinIJe2o7W/N4U8DwiiFR6on0nHE6KwMShtxhYAiyFNVGJ4T6hKdB696V3vm4=
.adnxs.com/	1970-01-20 02:44:50	Name: uuid2 Value: 7650361545882356358
.criteo.com/	1970-01-20 09:56:50	Name: uid Value: 226a9252-c1a2-4d1f-83a7-40966c557937
.gnezdo.ru/	1970-01-20 00:36:26	Name: _ym_isad Value: 2
.tapad.com/	1970-01-20 02:01:38	Name: TapAd_3WAY_SYNCS Value:
.doubleclick.net/	1970-01-20 09:56:50	Name: IDE Value: AHWqTUnqXeqgMGq8FXaPjqIe2NJL3rndDczzTfD54mNwhjo5ymRl2nArKZ8qrX-12w0
.gnezdo.ru/	1970-01-20 00:35:16	Name: _ym_visorc Value: w
.crm4d.com/	1970-01-20 07:47:14	Name: c4d Value: wGr5Rx5OuIBWfDzk00DxDM8Tk5bsRLgttH5NdHraAG1zI5A1AkbJTLKgGe
p.crm4d.com/	1970-01-20 00:36:40	Name: ls Value: 1643714272
.amazon-adsystem.com/	1970-01-20 06:23:43	Name: ad-id Value: A_eYkFEP7EtKkw20Jd2s2k4
.amazon-adsystem.com/	1970-01-21 21:49:38	Name: ad-privacy Value: 0
.mc.webvisor.org/	1970-01-20 00:35:14	Name: sync_cookie_csrf Value: 1577740940fake
p.crm4d.com/	1970-01-20 07:47:14	Name: css Value: weborama:456587,appnexus:456587
.mc.yandex.ru/	1970-01-20 00:35:14	Name: sync_cookie_csrf Value: 4147505472fake
.webvisor.org/	1970-01-27 07:47:14	Name: yandexuid Value: 6306469971643714272
.webvisor.org/	1970-01-27 07:47:14	Name: yuidss Value: 6306469971643714272
.mc.webvisor.org/	1970-01-20 00:36:40	Name: sync_cookie_ok Value: synced
.pubmatic.com/	1970-01-20 00:36:40	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 02:44:50	Name: KADUSERCOOKIE Value: CDA6815F-E7D8-4480-97ED-E00E369C7889
.gnezdo.ru/	1970-01-20 09:56:50	Name: __gads Value: ID=85b0090ace724a54-22273fdf2ccd0044:T=1643714273:RT=1643714273:S=ALNI_MaAn1l5l2zCfURFrcmOTMpfMHchiw
.adnxs.com/	1970-01-20 02:44:50	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?au82X0!]tbPl1M>e)ZlrFUfJ+tGXxoTTzIw9[-eQ=D`bWuL#SiKKDK<]_K@9G>awenbpRzqF1`b`ezKKlm
.casalemedia.com/	1970-01-20 02:44:50	Name: CMPS Value: 5198
.rlcdn.com/	1970-01-20 09:20:50	Name: rlas3 Value: OLQRPpSSJzWnY3zazJ4l6+BH2L19217P+fG6U/lah5s=
.rlcdn.com/	1970-01-20 02:01:38	Name: pxrc Value: COKt5I8GEgYI6d0qEAA=
.quantserve.com/	1970-01-20 02:44:50	Name: d Value: EBYBCQGrJYEA
.quantserve.com/	1970-01-20 10:05:28	Name: mc Value: 61f916e2-4c30d-eb2c4-7923d
.casalemedia.com/	1970-01-20 00:36:40	Name: CMST Value: YfkW4mH5FuIA
.agkn.com/	1970-01-20 09:20:50	Name: ab Value: 0001%3ApbB0jEKvi8EpvETrDHXck%2Fd0A9%2B%2B4a2t
.agkn.com/	1970-01-20 09:20:50	Name: u Value: C\|0CEApi9NiKYvTYgAAAAAAAQ13AQCAAQpAAAAAAA
.casalemedia.com/	1970-01-20 09:20:50	Name: CMID Value: YfkW4jqQLK6rDwbBCKXlXQAA
.casalemedia.com/	1970-01-20 02:44:50	Name: CMPRO Value: 1179
.casalemedia.com/	1970-01-20 09:20:50	Name: CMRUM3 Value: 2d61f916e22760CAESENoyGDpRSUBrWLKSIwM71SI

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://zn3.gnezdo.news/src/enter_ad.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://an.yandex.ru/meta/320977?target-ref=http%3A%2F%2Ffcgi4.gnezdo.ru%2F&charset=utf-8&pcode-test-ids=503304%2C0%2C75%3B466938%2C0%2C50%3B496141%2C0%2C18%3B487925%2C0%2C8%3B499585%2C0%2C2%3B493917%2C0%2C42%3B488525%2C0%2C30%3B406668%2C0%2C9%3B503342%2C0%2C19&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22473613%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%221%22%2C%22testId%22%3A%22473626%22%7D%5D%2C%22IGNORE_DESIRED_BITRATE_INAPP%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22479145%22%7D%5D%2C%22PCODE_DISABLE_VIDEO_IN_COMBO_BUTTON_DUPLICATION%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22483906%22%7D%5D%2C%22ENABLE_ACTION_PANEL_WITH_ARROW%22%3A%5B%7B%22value%22%3A%22EVERYWHERE%22%2C%22testId%22%3A%22483906%22%7D%5D%2C%22VAS_ENABLE_AD_LABEL_OF_YANDEX_DIRECT%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22496222%22%7D%5D%2C%22VAS_OPEN_AD_INSTEAD_OF_AD_SYSTEM_BY_LABEL_CLICK%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22496222%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22500850%22%2C%22testId%22%3A%22502915%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%2C257448%5D%2C%22testId%22%3A%22479101%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22472957%22%7D%5D%2C%22NEW_ADBLOCK_LOG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487621%22%7D%5D%2C%22COUNT_TO_XHR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487824%22%7D%5D%2C%22HTTPS_FOR_ADAPTERS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22496411%22%7D%5D%2C%22HIDE_VIDEO_IN_COMBO_ACTION_BUTTON_IF_THERE_ARE_CLICKABLE_ASSETS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22497916%22%7D%5D%2C%22VAS_LOAD_GR_ON_SMALL_PERCENT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22503304%22%7D%5D%2C%22VAS_ENABLE_HONEYPOT_ON_SMALL_PERCENT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22466938%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22487925%22%7D%5D%2C%22HIDE_VIDEO_IN_COMBO_PACKSHOT_BUTTON_IF_THERE_ARE_CLICKABLE_ASSETS%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22499585%22%7D%5D%2C%22YANDEX_RU_DOMAIN%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22493917%22%7D%5D%2C%22PP_INTENT_URL%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22488525%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2253502%22%2C%22testId%22%3A%22503342%22%7D%5D%7D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=c73WyUkVpLRQax2yE4iGzVmKefzHfJ%2BWuXpkgCFcAVlx8ZDJWO4ZXuvdcgFamUuydxnzrRVDaueWzMq60qdWvYfG2uE%3D&duid=MTY0MzcxNDI3MzE2MzQxMDc0Mw%3D%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=139689516335106&ad-session-id=1382691643714272675&target-id=90491521&tga-with-creatives=1&top-ancestor=http%3A%2F%2Ffcgi4.gnezdo.ru&top-ancestor-undetermined=0&pcode-version=53502&pcodever=53502&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A801.125%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A639%2C%22top%22%3A1091%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=32&grab=dEduZXpkby5ydQoz0KLQldCh0KIgCg%3D%3D&uniformat=true&callback=Ya%5B1180117585595%5D Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
adservice.google.com
adservice.google.de
an.yandex.ru
bsd.frontend.weborama.fr
cdn.jsdelivr.net
cm.g.doubleclick.net
cms.quantserve.com
cstatic.weborama.fr
d.agkn.com
ds.frontend.weborama.fr
dsum-sec.casalemedia.com
dt.adsafeprotected.com
dx.frontend.weborama.com
fcgi4.gnezdo.ru
fcgi5.2xclick.ru
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gnezdoruanalytics.solution.weborama.fr
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id.rlcdn.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
image6.pubmatic.com
mc.webvisor.org
mc.yandex.ru
news.gnezdo.ru
p.crm4d.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
pixel.tapad.com
rd.frontend.weborama.fr
rtb.openx.net
s0.2mdn.net
secure.adnxs.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync.smartadserver.com
tpc.googlesyndication.com
wam-google.solution.weborama.fr
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
yastatic.net
zn3.gnezdo.news
zn3.gnezdo.ru
tpc.googlesyndication.com
142.250.186.130
154.47.36.52
172.217.16.130
18.196.159.27
185.148.37.26
185.148.37.79
185.33.220.241
185.33.221.52
185.86.139.115
192.82.242.209
2.18.234.21
216.58.212.130
2600:9000:224a:e600:8:48e:53c0:93a1
2606:4700::6810:5714
2620:116:800d:21:3175:5196:e3fd:8c1d
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2002
2a00:1450:400c:c08::9d
2a02:2638:1::13
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::90
34.117.231.160
34.250.206.93
35.186.253.211
35.190.16.14
35.201.80.102
35.201.81.244
35.227.225.140
35.227.248.159
35.244.174.68
44.231.243.74
51.38.250.94
52.210.63.97
52.94.223.37
8.39.36.142
91.216.195.7
93.184.221.133
93.95.100.117
93.95.102.105
01266b002c3a5fd944f5d5a6c9a7bcedf1274ea6c9baef3d2f14457d364014da
029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
0b6cc2293aed13859bd06a4b20b671fcc33542ca66d0be2366b16f2c2a27f6a5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c585d566dc826dd3d02e5054bab18f7d72db6e6610f11f22a9d96c5661454dc
1111cb13044e3b2c0285c76295838befa1a5d8886d05e445b787d18ade5f1555
1118801aab06d50927cbc9a255f2017a37d6ac0ae2fc2aa80f570e0c422a0f5c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1c38153acac347bda02a24b09e16db230167f0a51d6d1974ff1e505c1282bdd6
2000088bd3f7c3f2e79a03f37aa25962e438f3398b7f325de3adba601c0c8612
208da77308fdcb58f26c14362feaecaafc3e528a23982460b058ce1be7c32152
216403a8e25717fdb6e890b60c6b56989dd0f219ace3d85d381f7b6a3a8b2ab8
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a40ef5ba1aa15ca49e6ec56a56b7ee872ba5a61b0e52c083eb0aadcfb51b47e
2ab7a0be2299e70dae873007443bb9faaf90ba9d96d40c54eb96d3ba8498f556
2cf8641392056053e3215d7a4e2db96a09b436e20a41240940e488129e30c175
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
34d588c1624ca9355ab920fa38493d6fe7172e653cb8942047cabb97679242fe
36c8c7dd5f7044c81da19a118ae75a5a06ec143a67484848a4fde29d12e70093
3e1dac2792ab6c6adeef95c5e0d28ad832c837d58922fa4ceafa0ed3bd0f96a7
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
42a4e6557614a0652ee3ee01f8bac962f1a765c1edc7260125fcba99a8d727ca
460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
476c0ef6a7f2d9728dfe5c7de994ff1b1b8e6755b77fb16b5f49e22b059b73fd
4ac03a9d9c297754d5b1308087b51447cd939026e6aa49e33659bf682c3136c1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef17c125b27ad5467de4544755c36c1e90b78b5e0b06df16b7e299af0c247a7
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
508b9f70346fa359f82b02e9b848fe174ff414461fdaf3b2a8390e589f5cf7e3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
631485082735bf548eeeaef58fb409fefed685432666d06baaf1da7a60a0ae1e
65fc0b52ea1baca746fde9197b90b0635e63caebc714a3074f8c078fa7907673
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
72ac1a3023bd9018cd49555ee1344e42bcce2de4424f79312e073ab828fd672e
73ed8ffacf61ee887fff9b9a19498c48458f1a3c895ef3d56112301b3f300e2b
7aaa66663eb5c08abc6b05d2846a7704e7d152107b7ceedeb64f67aee664b1b1
7b4eb7dc14fea146b8351d309e8996440d08e02b9c58e3c1e94efa4d845a31d1
7d1e13a4eec0756cefd892bee8e8e4eef1b10793f42c42c221b46569e3f3d10f
809ee9115973286d13457325e837937830c3e4daf9b26bf7c0c9c76aae6fb950
83007740c643e335124a35bdd3c1046b159bcba223fc1ca5535eb93387eefa55
840f575220d6b42197251483e8b3b486bce6f7c4c4bddfff022580d3bb39ce4b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474
8c4cb57bcef9234ea1979989d14eac156bad9fcc541cefce24dd82e7aaca6820
8e95f247d4c2d357f3f4d3431a93989d7e0c9d3ec68420e47981041536468a66
91a23159638a846a426eb990ec53821e49518e78924d10f45ee5178ba44de83b
95f9f7d5fc896cddb14ac87de2c177488da4249aa25c977a620cf99463d615d4
96a03d88ce4b7fd8ef497936921db22b109a5995cb79dff5aa2178f288922a23
9723d3b4739b4479c707ca62252f55f096956028fb47fb18767daf11d3f96a90
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b6b5e0c551bac6ccde502c3bf5c75d1efe6b1da975c0d251a4a17b8adcc74a5
9c4b4089331bd5f296455e9156253fb83529de8c4e1eb8a813429a2088ebe134
9e3ad624df3ca68fece29724157b45b2ca17eb45664636042e8d72346f703912
9eea995b6d3ddb2eaa870035369180477ad2d7504161280fe04a74cd01372215
9f7aaf7e2713e5a2cf7323ecfc1b88ea245e3defe5c039b52ae7f1862cbab3ff
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0839fc7fbf5cde0c50106c2fa7377d4027fd6acfc87bc092dc6525b0b6bae3c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a599e9cd40ca22eb73a9a32e4e99571b5b30cb28775192c7579ab3432c68462f
a89891e7e562f60f4b10ad28524b1fe90756f739d2d366d71780bc5b4cd240ab
ac0bd998475e33fb2adeed894b6eb40af2e4a34a2d1a4ce464bb4157ce04d9d6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b003e8de5793232ac8aea83c9bcf7bcb8328f69e00803dcc18a450e1fd4d7b29
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b41dfb3634c0905e1abdc656c7e375b20975fcae3283a61eb91b02b5021f47ff
b59d5d931ece7fab4c2378e6e3979c793f6e52e8a1bc6e7c1fa569e03d96f49f
bddd7c9debeee9bccc8d6a0f0990743d3db200fe23fc08dbad9e60a007e52919
c16afed35ac4a95d169faf4ccb81da55881c502468851f3167affd597442a9cc
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4ef2cb2d61a18fcca1482ea8ae1f594e205b4519a67cd2b785e9ca9e96119c7
c7b40819e5bd52c3db3f1d6eb304a6ae939a4ef75c6e2f48c08ea769cfabb835
cbf1544f55aa8b34556f941d2f74157aab9c3bcaa17268d2d058e3e4b883219a
cf248f8ca5d3dd1153442c4386c2255ca3b1450b34cf9af811be28a919cf4101
cf65ca9324ee6c4b4e24d2a1a92673a6580918ccf11cf6185af44a7797d2eb82
d05d4d69100284cb991eb0227b0859cc2942030d0ba419eee2e4aa55293b96db
d236cb469df8bc6b81611b44a6af1e440879de6752c00f36e7d46d07c037ece0
dba009fc8fd19810d1f1c5e9ef1db7f61b9547e11b06661fe5210881b442b6ed
e2d60a0969a075149d683449336699a403225fcf2d8ecdb705f002948553f6bc
e3293ad8919d2d0564a38afe9b8a6cf876c94b041fabaeb1cfd38dd73806132b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e510c56f460ca07e55523ceaecf37639a5e9e2e66940bddce9cfafc1db6cc44c
ec7f4f1a331faf9a8fc76540e49f0a0241d4fec69c1b1fd0f4621c0746422452
ed477c02e0c4926f6c31cf91982e6247d90ded8a3504e216f4b245e28e1e5738
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d3d5e79c6c3971916ebb40d8f16c3d584efe53669023273eeca33928178bfe
f661f7f09892c08c77dbfb81de5def5e9c1db313472f2f79c715955a193a0115
f9f7ca92ac484587069e344faf7ecd9f82c53739d5008d5adcfafa7e705d9ba9
fbd2ebf90bc7af58ae56a34f5cda45bd20bb098d6c650517ffd3811828055577
fddb6fcfd2c86ef930d5427c3e664c6243d0fe3e9fda457e47a8bc5a852e0fc9

fcgi4.gnezdo.ru Open in urlscan Pro 93.95.102.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

166 Requests

49 %HTTPS

40 %IPv6

34 Domains

53 Subdomains

44 IPs

8 Countries

1566 kBTransfer

3440 kBSize

55 Cookies

8 Outgoing links

Redirected requests

166 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fcgi4.gnezdo.ru Open in urlscan Pro
93.95.102.105 Public Scan

Screenshot
Live screenshot

Full Image

166
Requests

49 %
HTTPS

40 %
IPv6

34
Domains

53
Subdomains

44
IPs

8
Countries

1566 kB
Transfer

3440 kB
Size

55
Cookies

166 HTTP transactions
1 data transactions